GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Cant run Malwarebytes HELP!!!

View previous topic View next topic Go down

Re: Cant run Malwarebytes HELP!!!

Post by Belahzur on Fri Dec 18, 2009 10:58 am

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :OTL
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [You must be registered and logged in to see this link.]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
    IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {46245B5A-9FDE-4F66-B0F4-E686C8637D62} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
    O4 - HKCU..\Run: [Xbox Generator.exe] C:\Users\palma\AppData\Local\Microsoft\Windows\Explorer\Xbox Generator.exe File not found
    O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - Reg Error: Key error. File not found

    :reg
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESQULserv.sys]
    [-HK_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4615349C-1B6D-E59F-27CC-6550D5E167DE}]


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by techno4229 on Fri Dec 18, 2009 8:52 pm

========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{46245B5A-9FDE-4F66-B0F4-E686C8637D62} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46245B5A-9FDE-4F66-B0F4-E686C8637D62}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Xbox Generator.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tbr\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}\ deleted successfully.
File {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - Reg Error: Key error. File not found not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESQULserv.sys\ not found.
Registry key HK_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4615349C-1B6D-E59F-27CC-6550D5E167DE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4615349C-1B6D-E59F-27CC-6550D5E167DE}\ not found.

OTL by OldTimer - Version 3.1.17.0 log created on 12182009_122029

techno4229
Intermediate
Intermediate

Status :
Online
Offline

Posts : 54
Joined : 2009-12-16
Gender : Male
OS : Windows 7 Ultamite
Points : 25968
# Likes : 0

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by Belahzur on Fri Dec 18, 2009 10:38 pm

Hello.
Can you run Combofix now?
[You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by techno4229 on Fri Dec 18, 2009 11:55 pm

ok ran it now what?
ComboFix 09-12-16.05 - palma 12/18/2009 13:59:20.1.2 - x86
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.1.1033.18.3069.2109 [GMT -8:00]
Running from: c:\users\palma\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1400113804-1914402855-3429530994-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-1001
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-1002
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-1006
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-1010
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-1011
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-1012
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-500
c:\$recycle.bin\S-1-5-21-281787401-1428321093-735530139-501
c:\programdata\Microsoft\Windows\Start Menu\Programs\PC_Antispyware2010
c:\programdata\Microsoft\Windows\Start Menu\Programs\PC_Antispyware2010\Uninstall.lnk
c:\users\palma\AppData\Local\Downloaded Installations\{5B00B6A7-3352-415F-A7C2-ABCCCEC5383E}
c:\users\palma\AppData\Local\Downloaded Installations\{5B00B6A7-3352-415F-A7C2-ABCCCEC5383E}\rserv33.msi
c:\users\Public\autorun.inf
c:\users\Public\Install.exe
c:\windows\10045virus967z.exe
c:\windows\10053not-a-vi5usez9.exe
c:\windows\10054z9o542a.exe
c:\windows\1011downzoa9er1958.exe
c:\windows\10155not-5-virzs991.cpl
c:\windows\1058threat2z3929.ocx
c:\windows\10639ot5z-virus778.ocx
c:\windows\1069threat151z1.exe
c:\windows\10928spzmbo910c5.exe
c:\windows\10955ot-a-vzrus980.ocx
c:\windows\109809zt-a-viru549b.exe
c:\windows\10992viruz453.bin
c:\windows\10z2bac95oor68.cpl
c:\windows\10z5vir5s489.ocx
c:\windows\11409wzrm54d.ocx
c:\windows\11z20spam9ot51f.exe
c:\windows\120349pzm5ot4c5.ocx
c:\windows\1212zpar9e5179.cpl
c:\windows\12214hackzool7859.exe
c:\windows\124579zrus346.cpl
c:\windows\124zs9ambot6505.cpl
c:\windows\13157hackt5oz59.exe
c:\windows\13527t9oj29ez.dll
c:\windows\1357zs59mbot656.bin
c:\windows\13efspywar9559z.exe
c:\windows\143baddwzr95167.ocx
c:\windows\149415pyz.cpl
c:\windows\15068v5rzs79d.bin
c:\windows\1519viz2782.ocx
c:\windows\15455s9z356.cpl
c:\windows\154ddownloazer983.ocx
c:\windows\1552nzt-a-virus5a59.bin
c:\windows\1552z5ot-a9virus589.ocx
c:\windows\15692spz9f.ocx
c:\windows\1572659zus465.cpl
c:\windows\15757s5a9bot5z4.dll
c:\windows\1579addw9re2847z.ocx
c:\windows\15934z59j646.dll
c:\windows\15999tr5jze.cpl
c:\windows\159cthzeat9365.cpl
c:\windows\15e9thzef2555.bin
c:\windows\15z96tro937c5.cpl
c:\windows\16184not-a-v5ru9ze6.ocx
c:\windows\16190ha5ktozl4f0.ocx
c:\windows\16215wo9m5za.bin
c:\windows\16268spamb5t1z9.dll
c:\windows\16321spam9ot5az.dll
c:\windows\1639zt95j7fd.cpl
c:\windows\16e49zdware1065.dll
c:\windows\17256viru59ze.bin
c:\windows\17265not-a-vzrus39d5.exe
c:\windows\174209ozm51c.dll
c:\windows\1747t9ief53z5.dll
c:\windows\17573zacktool4389.dll
c:\windows\18056spy9dz.dll
c:\windows\1840addwzr93556.bin
c:\windows\189z99a5ktool248.dll
c:\windows\19089h5c9zool71.exe
c:\windows\19145notza-virus2ae.dll
c:\windows\19290s5azbot675.exe
c:\windows\193z0w59m101.ocx
c:\windows\1952zhief5579.dll
c:\windows\19553troj159z.exe
c:\windows\19569not-a-vzrus20d.cpl
c:\windows\1956sparsz1599.bin
c:\windows\195z1troj736.dll
c:\windows\196z9t59j72.ocx
c:\windows\19719hacktozl6b5.cpl
c:\windows\1990ha9k5ool7cz.cpl
c:\windows\1997sp5rse286z.bin
c:\windows\19z53not-a-5irus53f.exe
c:\windows\1a14thief9175z.ocx
c:\windows\1e49bac5zoor1523.exe
c:\windows\1f859arse3z76.exe
c:\windows\1z098tro55d79.dll
c:\windows\1z443vi5us995.exe
c:\windows\1z5299p544a.cpl
c:\windows\1za9addware6195.exe
c:\windows\1zf6a5d9are2031.exe
c:\windows\2049vi951z.bin
c:\windows\20501zroj359.dll
c:\windows\20599hacktzol55.bin
c:\windows\20726zp9mbo51fe.exe
c:\windows\20793not-5-vizus13e9.dll
c:\windows\21388zir5s795.exe
c:\windows\21624sp9mbotzea5.cpl
c:\windows\2167spzm59t620.dll
c:\windows\21972zroj7ca5.ocx
c:\windows\21z679p5163.bin
c:\windows\21z89sp5mbot77d9.bin
c:\windows\22045hre9z8237.dll
c:\windows\22243spam5o95z5.ocx
c:\windows\22265not-a9virusz2c.dll
c:\windows\22493z95m628.bin
c:\windows\22565s5ambo91e8z.cpl
c:\windows\2309ztro5529.cpl
c:\windows\23201not-z-5irus590.bin
c:\windows\23518hack9ooz5f65.cpl
c:\windows\2359sz52e4.cpl
c:\windows\236945ormza3.cpl
c:\windows\239z5vi9us75b.exe
c:\windows\24032s5y4z99.dll
c:\windows\2479b5ckzoor2192.bin
c:\windows\24899zpa5bot4b6.exe
c:\windows\249z29r5j5e7.bin
c:\windows\25147worm4z69.dll
c:\windows\2519vir9535z.bin
c:\windows\25341no5-a-9izus47b.cpl
c:\windows\25411hackt9oz55d.cpl
c:\windows\255z3spy934.dll
c:\windows\2569sp9z94.dll
c:\windows\25781not-azvirus599.ocx
c:\windows\25938troj9z.bin
c:\windows\259z19py53c.dll
c:\windows\26112not-a-9irusz085.ocx
c:\windows\26259tea5z345.ocx
c:\windows\26432zroj59e.dll
c:\windows\2649spar9e225z.bin
c:\windows\2657tr59113z.cpl
c:\windows\26765worz579.dll
c:\windows\269c5pyw9re30z3.dll
c:\windows\269downloazer5295.ocx
c:\windows\26a2zpyware595.bin
c:\windows\26z79sp5461.exe
c:\windows\270875acktool3z89.bin
c:\windows\2778spyz95.bin
c:\windows\2789s5amboz196.exe
c:\windows\28525tr9z1ea.exe
c:\windows\28576trz9259.cpl
c:\windows\28c9teal3135z.exe
c:\windows\29001zorm5bc.bin
c:\windows\2957viruz416.ocx
c:\windows\295z2wo9m2ab5.exe
c:\windows\297385pambotz24.exe
c:\windows\2974sp5rse14z1.cpl
c:\windows\2975thief14z5.dll
c:\windows\29849nzt-a-v5rus7b7.bin
c:\windows\29950sz94695.bin
c:\windows\29eaba5kdoor2z419.bin
c:\windows\2b18sp9rse1z05.bin
c:\windows\2e6abackzoor2795.cpl
c:\windows\2f7ab9ckzoor653.bin
c:\windows\2z018not5a-vir9s26d.exe
c:\windows\2z359hacktool9aa5.exe
c:\windows\2z78sp5rse309.cpl
c:\windows\3015zha95tool299.dll
c:\windows\30344hackz9ol5ed.bin
c:\windows\30559azkdoor286.dll
c:\windows\316495ozmd1.dll
c:\windows\3170bzckdoor20905.dll
c:\windows\3174spz595.dll
c:\windows\31d6vir1952z.exe
c:\windows\3230back9oor55z7.ocx
c:\windows\32345t9zj571.ocx
c:\windows\3295not-9-vi5zs249.ocx
c:\windows\32eca5dwar9208z.bin
c:\windows\33705tezl9015.ocx
c:\windows\3409zhreat200095.exe
c:\windows\34d89ackdo5r1286z.cpl
c:\windows\3507azd9are2188.bin
c:\windows\35432szy69d.bin
c:\windows\355athreat5z99.cpl
c:\windows\3569hacktzol77b.cpl
c:\windows\3599troj20z.ocx
c:\windows\359edoznloade5956.dll
c:\windows\35a2z5yware1549.ocx
c:\windows\3775tzoj6939.dll
c:\windows\391cthr9at3895z.dll
c:\windows\393b5ir29z9.dll
c:\windows\3995spazse16465.cpl
c:\windows\39f6t5ief2040z.dll
c:\windows\39z45ir906.bin
c:\windows\3b9dspazse935.bin
c:\windows\3bbbazkdo952455.cpl
c:\windows\3c05tzreat93078.cpl
c:\windows\3c69s5eal1701z.exe
c:\windows\3c795hreatz2730.exe
c:\windows\3cz0s59al1211.ocx
c:\windows\3d1b9zief21985.exe
c:\windows\3e95zhief1989.dll
c:\windows\3z09not-a-viru5224.bin
c:\windows\3z25spy6915.bin
c:\windows\3z95s9eal1256.bin
c:\windows\4057vir99z.dll
c:\windows\4065sp59z4.bin
c:\windows\4091th5ef17z7.cpl
c:\windows\4323haczto9l445.bin
c:\windows\459bzir20.dll
c:\windows\45dcthrezt198729.ocx
c:\windows\45f59pzware1191.cpl
c:\windows\468295azse1584.dll
c:\windows\46a6szar5e9092.ocx
c:\windows\47z1add5ar92555.cpl
c:\windows\48dethz9f645.exe
c:\windows\495bvz5595.exe
c:\windows\49b9sp5wzre2659.bin
c:\windows\49thi5z1202.cpl
c:\windows\4a9zt9i5f1915.cpl
c:\windows\4b599dzware516.ocx
c:\windows\4c97doznloader5692.cpl
c:\windows\4e57tzreat503049.bin
c:\windows\4fdedow9lo5der2z46.ocx
c:\windows\4z45tr9j60d5.exe
c:\windows\4z50th9eat32445.ocx
c:\windows\4z589pars5227.bin
c:\windows\50378spam9zt209.bin
c:\windows\5047zpam5ot29f.ocx
c:\windows\50d59ownloader4z9.ocx
c:\windows\51015hreat2z791.exe
c:\windows\510bazkd59r1110.ocx
c:\windows\517z9ownloader2519.cpl
c:\windows\51z5v9r5055.bin
c:\windows\5251hackzoo94655.bin
c:\windows\52c2spywarez509.ocx
c:\windows\52c4dowzload5r1980.ocx
c:\windows\52z6vi59405.bin
c:\windows\5330vir9s1d0z.ocx
c:\windows\537229roj7z3.dll
c:\windows\53759py2z8.dll
c:\windows\5385threat193z09.dll
c:\windows\541029ot-a-vizus47c.bin
c:\windows\54185roj2b9z.exe
c:\windows\5455vzr957.bin
c:\windows\5495threaz5729.bin
c:\windows\549aba5kdozr1113.dll
c:\windows\550zthreat8959.ocx
c:\windows\5534zi53917.dll
c:\windows\5554z9y53e.bin
c:\windows\5568t5ie9947z.dll
c:\windows\556z99orm55c.exe
c:\windows\557ds9arsz3113.cpl
c:\windows\5599zownloader2556.dll
c:\windows\559spy9are1238z.exe
c:\windows\55b1z9dware905.bin
c:\windows\569csparze645.cpl
c:\windows\569hackzool29f.dll
c:\windows\5748zte591852.bin
c:\windows\5749sp9z08.ocx
c:\windows\576669iruz7e4.cpl
c:\windows\57721wozm9a.exe
c:\windows\5782wz5m6819.dll
c:\windows\57ee9zr2467.cpl
c:\windows\580z7spy2df9.dll
c:\windows\58556trzj5dc9.ocx
c:\windows\58acspa5ze9703.exe
c:\windows\58c6vir5989z.exe
c:\windows\58e69zarse1889.dll
c:\windows\58z9spyware922.bin
c:\windows\591a5ackdoor683z.cpl
c:\windows\5972steaz1099.cpl
c:\windows\59asparsz150.bin
c:\windows\59e5sparse3z95.exe
c:\windows\59z7wo9m5595.exe
c:\windows\5b3adow5loaderz039.ocx
c:\windows\5bdbste593237z.exe
c:\windows\5c89threat351z9.exe
c:\windows\5c9cthzef7899.ocx
c:\windows\5cf3backdzor1779.bin
c:\windows\5cz9threat4526.dll
c:\windows\5d89vi9965z.dll
c:\windows\5dfct9reaz16955.bin
c:\windows\5e75sparse3z93.ocx
c:\windows\5easpyw9re241z.cpl
c:\windows\5f57addware9561z.exe
c:\windows\5z06sparse9356.bin
c:\windows\5z829not-a-vi9us1c3.cpl
c:\windows\5z9threat22075.bin
c:\windows\5zc3v9r355.exe
c:\windows\5ze5spy5a9e856.bin
c:\windows\6053sparsz9789.dll
c:\windows\60c5spywaze2749.exe
c:\windows\60e59zdware2638.exe
c:\windows\617dow9loade5198z.dll
c:\windows\61e5zhie92889.bin
c:\windows\630zspy955.dll
c:\windows\6339dozn59ader306.bin
c:\windows\6343spywa59746z.ocx
c:\windows\6484spar5z290.cpl
c:\windows\6491adzw5re2809.cpl
c:\windows\650zorm795.cpl
c:\windows\655fthr9az18993.bin
c:\windows\6591th5eat9z28.cpl
c:\windows\659athreatz78369.exe
c:\windows\6905vi5us7zb.dll
c:\windows\6909sz9al5520.cpl
c:\windows\6922zownlo5der504.ocx
c:\windows\6947tzoj503.ocx
c:\windows\6975tzief1945.cpl
c:\windows\6c15threz931879.ocx
c:\windows\6c2at95zf1155.bin
c:\windows\6d53vir2980z.cpl
c:\windows\6e05z9kdoor2833.dll
c:\windows\6e95thiefz53.cpl
c:\windows\6f8zthrea929535.cpl
c:\windows\6z195ackdoor2939.cpl
c:\windows\6zb8threa59260.dll
c:\windows\709dv5rz95.ocx
c:\windows\71375pamb9tz73.bin
c:\windows\7249zi5us698.exe
c:\windows\72889tealz335.dll
c:\windows\73919hie5z55.dll
c:\windows\73f9addware5z29.dll
c:\windows\749zsteal1055.dll
c:\windows\758dzhr9at2486.exe
c:\windows\7592sparsz1152.cpl
c:\windows\75z6spyware919.dll
c:\windows\762z5parse15319.cpl
c:\windows\7688wor9485z.dll
c:\windows\77z9th9e5t8159.bin
c:\windows\7849szy5are2834.ocx
c:\windows\796cth5eat31z30.cpl
c:\windows\79e7vir15z75.cpl
c:\windows\79efdownloade599z9.exe
c:\windows\79zspa5se2784.bin
c:\windows\79zvir665.bin
c:\windows\7b29bac5zoor1325.dll
c:\windows\7czv95453.bin
c:\windows\7e34ad9wa5e11z6.ocx
c:\windows\7eczaddwa5e2589.bin
c:\windows\7z90spyware7095.bin
c:\windows\7zebbackdoor9125.exe
c:\windows\81369pambot5zf.bin
c:\windows\88159zoj551.bin
c:\windows\8c0azdware5629.ocx
c:\windows\8d8t5ief20z9.ocx
c:\windows\90229vzr5s76b.bin
c:\windows\90515virzs5e6.ocx
c:\windows\905bbackd5or2137z.ocx
c:\windows\9084spamzot75c5.ocx
c:\windows\91264wor52z1.exe
c:\windows\9179spyz45.bin
c:\windows\92456spa5bot19z.cpl
c:\windows\92559zorm6ce5.bin
c:\windows\94665hacktool5ze.bin
c:\windows\94c5hreatz789.bin
c:\windows\95025spzmbot8c.dll
c:\windows\95046szy795.exe
c:\windows\95665ormzb0.bin
c:\windows\9572virz82.dll
c:\windows\95837not-a-v5rus37z.ocx
c:\windows\95f4backzoor2951.ocx
c:\windows\9758spywarz5505.dll
c:\windows\975backdoor9z16.exe
c:\windows\9769tro52z2.dll
c:\windows\97azthreat15990.ocx
c:\windows\98a9threzt51115.exe
c:\windows\98bbz5r2871.bin
c:\windows\98d8thief25z05.ocx
c:\windows\9925zir148.bin
c:\windows\9950hacktozl20b.bin
c:\windows\9953downloader203z.bin
c:\windows\9976b5czdoor2766.cpl
c:\windows\99z35hacktool3e.dll
c:\windows\9ee9zparse1835.cpl
c:\windows\9z51hack5ool795.ocx
c:\windows\9z57sp5155.exe
c:\windows\9z905hacktool625.cpl
c:\windows\b6cvirz9759.exe
c:\windows\c3bz95rse923.cpl
c:\windows\df5bac59oor2z75.cpl
c:\windows\qywyrozoqy._sy
c:\windows\system32\1045zwor9253.exe
c:\windows\system32\10zathi9f2532.ocx
c:\windows\system32\110z15o9-a-virus438.exe
c:\windows\system32\11799virus50ez.exe
c:\windows\system32\12394spa5z9t535.cpl
c:\windows\system32\1269hack5zol1d2.ocx
c:\windows\system32\1293a9zware1256.dll
c:\windows\system32\129bt9re5tz666.ocx
c:\windows\system32\13059not-a-5zrus722.ocx
c:\windows\system32\13998tz5j2a4.cpl
c:\windows\system32\14701sp9mbot1z05.cpl
c:\windows\system32\14847hzcktoo955e.dll
c:\windows\system32\15016hack59ol1b6z.cpl
c:\windows\system32\154zdownloader9377.cpl
c:\windows\system32\155709ro539z.bin
c:\windows\system32\155dspazse9368.exe
c:\windows\system32\15810vzrus298.bin
c:\windows\system32\159265oz9353.dll
c:\windows\system32\15933h59kzool193.dll
c:\windows\system32\15fasza9se2583.ocx
c:\windows\system32\15z09tro93ad.bin
c:\windows\system32\16158no5-a-zirus9d7.exe
c:\windows\system32\16459not-a-z9rus5d5.cpl
c:\windows\system32\16682s5y96z.bin
c:\windows\system32\17471not-a-zi59s592.exe
c:\windows\system32\18009t5oj4ez.dll
c:\windows\system32\182985z9us3c2.cpl
c:\windows\system32\185zba5kdoor981.exe
c:\windows\system32\18845hacztool97.cpl
c:\windows\system32\1887v5r9752z.cpl
c:\windows\system32\1932no5za-virus7b8.exe
c:\windows\system32\193335ot-a-virus461z.cpl
c:\windows\system32\19359zro53c3.exe
c:\windows\system32\19468worm50z5.ocx
c:\windows\system32\19529s5zmbot57.ocx
c:\windows\system32\19583notza-v9rus3d8.cpl
c:\windows\system32\19653hacktool7z89.cpl
c:\windows\system32\1985zdware896.bin
c:\windows\system32\1994wzrm64f5.cpl
c:\windows\system32\199565zambot33a.cpl
c:\windows\system32\1aacst5al1298z.exe
c:\windows\system32\1b55dowz5oader1979.cpl
c:\windows\system32\1c67d9wnloadzr2555.bin
c:\windows\system32\1ca3vzr11995.exe
c:\windows\system32\1cd5addwarez905.cpl
c:\windows\system32\1cec9ir2z50.ocx
c:\windows\system32\1e95thiefz038.cpl
c:\windows\system32\1z523w9r56a9.ocx
c:\windows\system32\1z557n9t-a-virus7e2.bin
c:\windows\system32\1z92sp5rse3152.exe
c:\windows\system32\20358h9c5tozl161.ocx
c:\windows\system32\2053backdo9r65z.dll
c:\windows\system32\20f5zddwar98445.ocx
c:\windows\system32\20zas9yw5re231.ocx
c:\windows\system32\21097sp55a1z.cpl
c:\windows\system32\2116zs95mbot1da.bin
c:\windows\system32\21261haczt95l5f9.dll
c:\windows\system32\213s9y50z.exe
c:\windows\system32\21987zroj95b.exe
c:\windows\system32\22089worm55z.cpl
c:\windows\system32\221bt95ef31z2.dll
c:\windows\system32\22353szy792.dll
c:\windows\system32\224539r5jz4.cpl
c:\windows\system32\22949hiez27775.exe
c:\windows\system32\22z19spam5ot3a5.ocx
c:\windows\system32\2326sze5l9383.exe
c:\windows\system32\23970tr5j90z.exe
c:\windows\system32\24225not-z9vir5s657.ocx
c:\windows\system32\245159py2d9z.ocx
c:\windows\system32\24603hack5oolzc69.ocx
c:\windows\system32\2511zh5cktool19.dll
c:\windows\system32\251worm489z.ocx
c:\windows\system32\252zad9ware30945.exe
c:\windows\system32\25592virus97z5.ocx
c:\windows\system32\258bth9zat28367.dll
c:\windows\system32\25990vizus5c0.exe
c:\windows\system32\25994worm45z5.bin
c:\windows\system32\26559wozm9a1.bin
c:\windows\system32\271thie59748z.exe
c:\windows\system32\2721s9yzare1852.cpl
c:\windows\system32\273179pazbo54e6.ocx
c:\windows\system32\27878spam5ot3z9.dll
c:\windows\system32\2799zspambo56f5.bin
c:\windows\system32\284025pambotza9.bin
c:\windows\system32\28463
c:\windows\system32\28463\TKIU.001
c:\windows\system32\28463\TKIU.002
c:\windows\system32\28463\TKIU.002.tmp
c:\windows\system32\28463\TKIU.006
c:\windows\system32\28463\TKIU.007
c:\windows\system32\28551spam9otzd6.bin
c:\windows\system32\28822tr9z3d5.dll
c:\windows\system32\28z995ambot6df.cpl
c:\windows\system32\2934z5y299.cpl
c:\windows\system32\29543w9zm155.cpl
c:\windows\system32\295z8spa9bot775.bin
c:\windows\system32\29640vir5z234.dll
c:\windows\system32\29682trojz05.exe
c:\windows\system32\298z5spy252.exe
c:\windows\system32\2997spambotf5z.exe
c:\windows\system32\29z21no9-a-5irus371.dll
c:\windows\system32\29z59worm709.bin
c:\windows\system32\2a8s5ezl749.bin
c:\windows\system32\2bb9zackdoor15535.bin
c:\windows\system32\2be4do9nloader5746z.ocx
c:\windows\system32\2bz1thief21395.exe
c:\windows\system32\2c09spyzare2953.ocx
c:\windows\system32\2d555ir9452z.dll
c:\windows\system32\2dcd9hzeat25229.dll
c:\windows\system32\2e09sp5rs9z18.ocx
c:\windows\system32\2e199tea5255z.ocx
c:\windows\system32\2eb5t9r5at18z35.bin
c:\windows\system32\2f49thief115z5.bin
c:\windows\system32\2f60s5eal9z93.exe
c:\windows\system32\2z49steal2950.bin
c:\windows\system32\30514s9zmbot1e1.dll
c:\windows\system32\30549vz5us4d5.bin
c:\windows\system32\30z00t59j445.cpl
c:\windows\system32\31093not5z-virus34b.bin
c:\windows\system32\31396nzt-a5vir9s37.bin
c:\windows\system32\314129pamb5z62e.bin
c:\windows\system32\315z7virus459.cpl
c:\windows\system32\32039zackt5ol4ed.bin
c:\windows\system32\32640h59ktool1bz.ocx
c:\windows\system32\32665teal199z.bin
c:\windows\system32\33b2spzwa9e2925.dll
c:\windows\system32\33e5bac9door51z7.dll
c:\windows\system32\347fvz91753.cpl
c:\windows\system32\34b2t9reat590z5.dll
c:\windows\system32\35053not-a-vizus60e9.exe
c:\windows\system32\355z1no9-a-virus785.bin
c:\windows\system32\3595threa52663z.exe
c:\windows\system32\35d6th9ez1719.cpl
c:\windows\system32\36a1ad9warz5932.cpl
c:\windows\system32\3705hzcktool739.dll
c:\windows\system32\37969hief59z.cpl
c:\windows\system32\38ze5ownloader1249.exe
c:\windows\system32\394zpa5se1697.exe
c:\windows\system32\39bdthre5z11745.exe
c:\windows\system32\3az9v5r2544.bin
c:\windows\system32\3b03a5dwzre9095.dll
c:\windows\system32\3cdzs5ywa9e3192.dll
c:\windows\system32\3z1do9n5oader2814.exe
c:\windows\system32\409759dzare2616.dll
c:\windows\system32\4159v9rz460.bin
c:\windows\system32\424zvirus1519.exe
c:\windows\system32\42ecs5ywa9e4z0.exe
c:\windows\system32\4302thrza591020.ocx
c:\windows\system32\430fdownl5adez9919.exe
c:\windows\system32\44279hreatz589.cpl
c:\windows\system32\4460threat951z2.bin
c:\windows\system32\4499viru5534z.cpl
c:\windows\system32\45fdthreat2z5399.bin
c:\windows\system32\488b5h9zf2248.dll
c:\windows\system32\4895doznloader1559.bin
c:\windows\system32\4925back5ooz1898.dll
c:\windows\system32\4928backdoo52517z.dll
c:\windows\system32\493zthi5f2116.dll
c:\windows\system32\497d5parse1z35.ocx
c:\windows\system32\49az9ac5door589.exe
c:\windows\system32\4b64down5oa9erz47.dll
c:\windows\system32\4f5aspzrse9170.bin
c:\windows\system32\4f89tzreat53080.exe
c:\windows\system32\4fcath9e5t410z.ocx
c:\windows\system32\4z9bba5kdoor2940.bin
c:\windows\system32\50407sp95c9z.exe
c:\windows\system32\50a5downlozd5r1969.bin
c:\windows\system32\50f2threzt17291.dll
c:\windows\system32\5160spambzt159.ocx
c:\windows\system32\51636sp924z.dll
c:\windows\system32\51dzpyw95e2133.ocx
c:\windows\system32\5205sparsz429.dll
c:\windows\system32\52a9zddware9225.exe
c:\windows\system32\52c9vir31z3.ocx
c:\windows\system32\53756not-a-v9rusz9.exe
c:\windows\system32\5456spywaze24699.dll
c:\windows\system32\55909spambz9529.exe
c:\windows\system32\559cbaczdoor9772.bin
c:\windows\system32\55d8sparse193z.exe
c:\windows\system32\55zbvir9306.exe
c:\windows\system32\563ft5z9at31091.dll
c:\windows\system32\56aethiez9718.ocx
c:\windows\system32\56bzspa5se9938.ocx
c:\windows\system32\56c19h5ezt19538.bin
c:\windows\system32\570aste5l1z9.dll
c:\windows\system32\570ethrea52z991.cpl
c:\windows\system32\5736tz9j448.exe
c:\windows\system32\574cszywar52789.bin
c:\windows\system32\5760a5d9arez251.exe
c:\windows\system32\5780s59ware1086z.ocx
c:\windows\system32\57zfvir9918.dll
c:\windows\system32\5879t95eaz24493.bin
c:\windows\system32\5896stz5l155.exe
c:\windows\system32\58cdsp9rse3z39.dll
c:\windows\system32\5923d9wzloader5155.ocx
c:\windows\system32\595spzm5ot905.ocx
c:\windows\system32\5987z9roj326.ocx
c:\windows\system32\59e55tezl9399.exe
c:\windows\system32\59e9z5eal1272.ocx
c:\windows\system32\59efthreat7z98.cpl
c:\windows\system32\5a50v9z1678.exe
c:\windows\system32\5a58thief11z95.dll
c:\windows\system32\5aa7down59ader1951z.ocx
c:\windows\system32\5bc8adzware79.exe
c:\windows\system32\5bd5bazkdo9r1927.exe
c:\windows\system32\5bf9vir98z35.ocx
c:\windows\system32\5bz89hief2528.dll
c:\windows\system32\5c1ct5iefz598.dll
c:\windows\system32\5c629ddwzre1588.cpl
c:\windows\system32\5d6bzi93210.exe
c:\windows\system32\5ed9addwarz8379.dll
c:\windows\system32\5ee5downl9adzr1520.cpl
c:\windows\system32\5fb5zh9eat15605.cpl
c:\windows\system32\5z4bd9wnload5r983.ocx
c:\windows\system32\5z829o5m537.cpl
c:\windows\system32\5zevi52994.bin
c:\windows\system32\609vi5us9f6z.dll
c:\windows\system32\6105thrz9514988.exe
c:\windows\system32\6156vi957z.dll
c:\windows\system32\6285hzef23459.dll
c:\windows\system32\62b05i92706z.dll
c:\windows\system32\62d095eaz628.exe
c:\windows\system32\636e9iz5049.dll
c:\windows\system32\63c19tezl1950.dll
c:\windows\system32\64b5zhief1299.bin
c:\windows\system32\650bs9y5arez126.bin
c:\windows\system32\6583t9zef225.ocx
c:\windows\system32\6589szywar91433.dll
c:\windows\system32\6598steal26z8.bin
c:\windows\system32\65c29p5warez871.dll
c:\windows\system32\65ffdownl9ade524z7.exe
c:\windows\system32\6653tr9z4ba.ocx
c:\windows\system32\6715stea92918z.cpl
c:\windows\system32\675baddwa5ez490.exe
c:\windows\system32\67f5backdo9rz26.cpl
c:\windows\system32\6855thzea98539.exe
c:\windows\system32\6951spazse2230.cpl
c:\windows\system32\695fz5yware2624.bin
c:\windows\system32\699adownloader3591z.dll
c:\windows\system32\6d5ca9dware2z77.cpl
c:\windows\system32\6d8fspy5ar927z9.ocx
c:\windows\system32\6d99stz5l2407.cpl
c:\windows\system32\6dc9thi9f83z5.bin
c:\windows\system32\6z99spambo53c6.cpl
c:\windows\system32\6zd5spyware10739.cpl
c:\windows\system32\7039z5oj73c.ocx
c:\windows\system32\70419iruz2e35.cpl
c:\windows\system32\7199down5zader2709.bin
c:\windows\system32\71f6do9nlzader2576.dll
c:\windows\system32\725edown9oader1z67.bin
c:\windows\system32\7319zr57d7.bin
c:\windows\system32\7401backdo9rz549.ocx
c:\windows\system32\74ezs5yware1913.ocx
c:\windows\system32\75e7szarse9036.cpl
c:\windows\system32\75z0st5al13309.exe
c:\windows\system32\75z2stea91529.ocx
c:\windows\system32\75z9s5eal2137.ocx
c:\windows\system32\7793spywar51394z.bin
c:\windows\system32\77a7thi5f229z.exe
c:\windows\system32\77f8a5dwzr92208.exe
c:\windows\system32\7938spamb5z406.exe
c:\windows\system32\7966ba5kdoor17z5.bin
c:\windows\system32\7d6a5own9oadzr683.dll
c:\windows\system32\7d78s9arsz537.dll
c:\windows\system32\7ddfs5y9arz2082.ocx
c:\windows\system32\7e70vir9351z.dll
c:\windows\system32\7eadd9are146z5.exe
c:\windows\system32\7z25virus9c2.bin
c:\windows\system32\7z79steal145.bin
c:\windows\system32\8270zp53409.exe
c:\windows\system32\84939pambotz9f5.bin
c:\windows\system32\8d9thrzat84595.cpl
c:\windows\system32\9005h9cktool51az.bin
c:\windows\system32\905adz59re2584.cpl
c:\windows\system32\9219s5amb9t60cz.exe
c:\windows\system32\924spa5bzt7b4.cpl
c:\windows\system32\9353spam5otz1.exe
c:\windows\system32\93595orm5ze.ocx
c:\windows\system32\9465spam9zt7e5.cpl
c:\windows\system32\94847tro560z.exe
c:\windows\system32\94f6downloz5er1575.bin
c:\windows\system32\94z05acktool57b.exe
c:\windows\system32\951zownloa9er2046.exe
c:\windows\system32\953abackdoor32z7.ocx
c:\windows\system32\954zworm27e.dll
c:\windows\system32\95853worm17z.bin
c:\windows\system32\975csparse9z5.dll
c:\windows\system32\99085ot-a-viruszb6.dll
c:\windows\system32\995faddw5re19z.cpl
c:\windows\system32\997fzh5ef1736.dll
c:\windows\system32\9a75vzr529.dll
c:\windows\system32\9ccfa5dware289z.bin
c:\windows\system32\9dfbthiez20035.bin
c:\windows\system32\9ed5s5eal2091z.bin
c:\windows\system32\9f18thief320z5.dll
c:\windows\system32\9f755iz1996.ocx
c:\windows\system32\9z44sp5f9.ocx
c:\windows\system32\9z92sp5992.exe
c:\windows\system32\a129hi5f1z15.bin
c:\windows\system32\b5bthie928z9.dll
c:\windows\system32\c50bzck9oor468.dll
c:\windows\system32\c5bvirz595.bin
c:\windows\system32\d5zvir1897.cpl
c:\windows\system32\ddavi521z9.exe
c:\windows\system32\drivers\ESQULxcvndrwpdgqnpbbrxeoxmbpfxnvliqsv.sys
c:\windows\system32\e7asz9rse24355.dll
c:\windows\system32\e9backdoor166z5.cpl
c:\windows\system32\ebfz9ckdoor5895.bin
c:\windows\system32\ESQULxpjsieveymjkmpubwkhtabqrbuoliajt.dll
c:\windows\system32\mi2.exe
c:\windows\system32\SIntf16.dll
c:\windows\system32\z1565spa9bot695.exe
c:\windows\system32\z1753spy3cf9.cpl
c:\windows\system32\z1957ha5ktool16d.bin
c:\windows\system32\z19aspywar527399.cpl
c:\windows\system32\z1b3add9ar5262.dll
c:\windows\system32\z1fed5wnloade93185.dll
c:\windows\system32\z2837tr9j695.ocx
c:\windows\system32\z301s95al2315.dll
c:\windows\system32\z34929o5m221.dll
c:\windows\system32\z35a95r2905.bin
c:\windows\system32\z3ecspywa9581.exe
c:\windows\system32\z459thi5f1433.dll
c:\windows\system32\z4972spam9o511b.bin
c:\windows\system32\z499tro57f9.cpl
c:\windows\system32\z4e5spar9e544.bin
c:\windows\system32\z5c1spars91449.bin
c:\windows\system32\z6119ownlo5der424.bin
c:\windows\system32\z626tro59f2.bin
c:\windows\system32\z6bbv5r19449.exe
c:\windows\system32\z7997ha5k9ool4a.exe
c:\windows\system32\z7e3vi910455.exe
c:\windows\system32\z822hackt9ol295.bin
c:\windows\system32\z9456not-9-virusf.dll
c:\windows\system32\z9508wor976d.exe
c:\windows\system32\z951ste9l2637.cpl
c:\windows\system32\z953sp9165.ocx
c:\windows\system32\z9929t5oj188.dll
c:\windows\system32\zb9195eal1960.bin
c:\windows\system32\ze09parse3544.dll
c:\windows\uhigan.scr
c:\windows\z0784virus1589.cpl
c:\windows\z09b9ddware1555.bin
c:\windows\z3647hack5ool3689.bin
c:\windows\z3fbspyware2395.ocx
c:\windows\z54bspar9e68.bin
c:\windows\z5639not5a-virus585.dll
c:\windows\z58vi95s59.bin
c:\windows\z596downl9ader2520.bin
c:\windows\z60139pam5ot173.cpl
c:\windows\z6b6s9arse1535.bin
c:\windows\z8f3stea528949.ocx
c:\windows\z9526vir5s49e.exe
c:\windows\z99daddware2594.bin
c:\windows\z9bdspa9s52544.dll
c:\windows\z9be9a5kdoor2598.dll
c:\windows\za0bd5wn9oader2406.bin
c:\windows\zb21backdo951263.ocx
c:\windows\zbe5spyware3759.dll
c:\windows\zc1vir7539.bin
c:\windows\zce9t9reat6854.exe
c:\windows\ze7a5ac9door1355.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}


((((((((((((((((((((((((( Files Created from 2009-11-18 to 2009-12-18 )))))))))))))))))))))))))))))))
.

2100-01-01 05:38 . 2009-06-15 06:12 -------- d-----w- c:\users\palma\AppData\Roaming\MAGIX
2100-01-01 05:35 . 2007-04-27 18:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2100-01-01 05:35 . 2009-08-19 03:27 -------- d-----w- c:\windows\system32\MAGIX
2100-01-01 05:35 . 2008-04-16 00:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll
2099-05-21 23:40 . 2009-12-12 18:57 -------- d-----w- c:\users\Public\Starcraft
2009-12-18 19:51 . 2009-12-18 19:51 -------- d-----w- C:\_OTL
2009-12-18 03:34 . 2009-12-18 03:34 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2009-12-18 02:11 . 2009-11-03 04:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-18 01:58 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-12-18 01:58 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-12-18 01:58 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-12-18 01:58 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-12-18 01:58 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-12-18 01:58 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-12-18 01:58 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-12-18 01:58 . 2009-08-07 03:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-12-18 01:58 . 2009-08-07 02:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-12-17 20:23 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-17 20:23 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-17 20:23 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-17 20:23 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-17 20:23 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-17 20:23 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-17 20:23 . 2009-11-24 23:49 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-12-16 21:54 . 2009-12-17 19:51 -------- d-----w- c:\users\Public\Malwarebytes' Anti-Malware
2009-12-16 21:49 . 2009-12-04 00:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 21:49 . 2009-12-16 21:49 -------- d-----w- c:\programdata\Malwarebytes
2009-12-16 21:49 . 2009-12-04 00:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 21:24 . 2009-12-17 19:59 -------- d-----w- c:\users\palma\AppData\Local\staimy
2009-12-16 21:24 . 2009-12-17 19:59 -------- d-----w- c:\users\palma\AppData\Local\kqxkye
2009-12-16 21:24 . 2009-12-17 19:59 -------- d-----w- c:\users\palma\AppData\Local\nxiyyh
2009-12-16 05:16 . 2009-12-16 05:16 -------- d-----w- c:\program files\Rockstar Games
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\Readme
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\DirectX
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\CRACK
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\Bin
2009-12-16 05:07 . 2009-12-16 05:07 -------- d-----w- c:\users\Public\audio
2009-12-16 02:11 . 2009-12-16 02:31 -------- d-----w- c:\program files\Magic Translator
2009-12-14 03:08 . 2009-12-14 03:08 -------- d-----w- c:\program files\Common Files\xing shared
2009-12-14 03:07 . 2009-12-14 03:07 -------- d-----w- c:\program files\Real
2009-12-14 03:07 . 2009-12-14 03:08 -------- d-----w- c:\program files\Common Files\Real
2009-12-14 01:29 . 2009-12-14 01:29 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-12-14 01:28 . 2009-12-14 01:28 -------- d-----w- c:\users\palma\AppData\Roaming\AVG8
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\program files\Gravity
2009-12-13 01:17 . 2009-12-13 01:17 -------- d-----w- c:\users\palma\AppData\Roaming\Acoustica
2009-12-13 01:17 . 2007-08-07 19:32 57344 ----a-w- c:\windows\system32\Wnaspint.dll
2009-12-13 01:17 . 2009-12-13 01:19 -------- d-----w- c:\program files\Acoustica Shared Effects
2009-12-13 01:17 . 2009-12-13 01:17 -------- d-----w- c:\programdata\Acoustica
2009-12-12 02:25 . 2009-12-12 02:25 -------- d-----w- c:\users\palma\AppData\Local\PackageAware
2009-12-07 03:06 . 2009-12-07 03:06 -------- d-----w- c:\users\palma\AppData\Roaming\SystemRequirementsLab
2009-12-06 03:14 . 2009-12-11 05:18 76197 ----a-w- c:\windows\War3Unin.dat
2009-12-06 03:14 . 2009-12-06 03:15 2829 ----a-w- c:\windows\War3Unin.pif
2009-12-06 03:14 . 2009-12-06 03:15 139264 ----a-w- c:\windows\War3Unin.exe
2009-12-06 03:12 . 2009-12-14 04:08 -------- d-----w- c:\users\Public\Warcraft III
2009-12-01 00:42 . 2009-12-01 00:42 22 ----a-w- c:\users\palma\Pictures.zip
2009-11-30 19:33 . 2009-11-30 19:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-29 19:53 . 2009-11-29 19:53 -------- d-----w- c:\program files\Rapid Express
2009-11-29 19:37 . 2009-11-29 19:37 -------- d-----w- c:\program files\Technitium
2009-11-26 02:47 . 2009-11-26 02:47 -------- d-----w- c:\programdata\LogMeIn
2009-11-21 08:46 . 2009-11-21 08:46 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-21 01:39 . 2009-11-21 01:39 -------- d-----w- c:\users\palma\AppData\Local\assembly
2009-11-21 01:39 . 2009-11-21 03:51 -------- d-----w- c:\program files\NCSoft
2009-11-19 00:20 . 2009-11-19 00:20 -------- d-----w- c:\program files\MagicDisc
2009-11-19 00:20 . 2009-02-25 02:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2009-11-19 00:19 . 2009-11-19 00:19 -------- d-----w- c:\program files\MagicISO

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-18 22:27 . 2009-11-17 04:32 -------- d-----w- c:\users\palma\AppData\Roaming\uTorrent
2009-12-18 22:26 . 2009-10-15 03:15 -------- d-----w- c:\program files\Curse
2009-12-18 21:09 . 1989-05-14 23:43 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-18 20:39 . 2009-09-27 07:29 -------- d-----w- c:\program files\uTorrent
2009-12-18 19:40 . 2009-04-12 06:12 -------- d-----w- c:\program files\LogMeIn
2009-12-18 03:35 . 2007-06-20 06:03 -------- d-----w- c:\program files\Microsoft SQL Server
2009-12-18 00:01 . 2008-01-25 23:18 -------- d-----w- c:\program files\LimeWire
2009-12-17 20:23 . 2009-04-18 23:27 -------- d-----w- c:\program files\Alwil Software
2009-12-17 00:01 . 2007-05-21 01:19 -------- d-----w- c:\program files\Dl_cats
2009-12-16 23:54 . 2008-02-26 20:20 6892 ----a-w- c:\users\palma\AppData\Local\d3d9caps.dat
2009-12-16 20:52 . 2007-05-08 21:03 361576 ----a-w- c:\users\palma\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-16 05:16 . 2007-04-05 13:59 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-15 03:48 . 2007-07-22 02:13 -------- d-----w- c:\users\palma\AppData\Roaming\Xfire
2009-12-14 00:47 . 2008-01-25 23:19 -------- d-----w- c:\users\palma\AppData\Roaming\LimeWire
2009-12-13 18:25 . 2009-10-14 02:58 -------- d-----w- c:\program files\ZD Soft
2009-12-13 01:17 . 2009-09-19 04:24 -------- d-----w- c:\program files\VstPlugins
2009-12-12 00:28 . 2007-07-22 02:13 -------- d-----w- c:\programdata\Xfire
2009-12-07 23:07 . 2009-11-16 04:04 -------- d-----w- c:\programdata\NOS
2009-12-06 21:28 . 2007-07-22 02:13 -------- d-----w- c:\program files\Xfire
2009-12-02 20:52 . 2009-12-02 20:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-12-01 04:01 . 2007-11-04 07:06 -------- d-----w- c:\users\palma\AppData\Roaming\GetRightToGo
2009-11-24 04:44 . 2009-11-14 06:41 -------- d-----w- c:\users\palma\AppData\Roaming\Any Video Converter
2009-11-24 04:42 . 2009-11-14 06:41 -------- d-----w- c:\program files\Any Video Converter
2009-11-18 04:10 . 2009-11-18 03:32 -------- d-----w- c:\programdata\NFS Underground
2009-11-18 03:03 . 2009-11-17 04:59 -------- d-----w- c:\users\palma\AppData\Roaming\DAEMON Tools Lite
2009-11-17 04:59 . 2009-11-17 04:59 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-17 04:59 . 2009-11-17 04:59 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-16 04:04 . 2009-11-16 04:04 -------- d-----w- c:\program files\NOS
2009-11-13 04:00 . 2009-11-13 04:00 -------- d-----w- c:\program files\YouTube Downloader
2009-11-13 02:30 . 2009-11-13 02:30 -------- d-----w- c:\users\Techno\AppData\Roaming\Yahoo!
2009-11-13 02:24 . 2009-11-13 02:24 359376 ----a-w- c:\users\Techno\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-13 02:16 . 2009-11-13 02:16 -------- d-----w- c:\users\Techno\AppData\Roaming\Subversion
2009-11-13 02:16 . 2009-11-13 02:16 -------- d-----w- c:\program files\Web Publish
2009-11-13 01:28 . 2007-12-09 22:54 -------- d-----w- c:\users\palma\AppData\Roaming\Hamachi
2009-11-13 01:05 . 2007-11-30 00:44 -------- d-----w- c:\users\palma\AppData\Roaming\Apple Computer
2009-11-12 22:48 . 2009-11-12 22:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-10-30 22:56 . 2009-10-30 22:56 -------- d-----w- c:\program files\Free WMA to MP3 Converter
2009-10-30 03:40 . 2007-05-24 05:54 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-10-30 02:09 . 2009-10-30 02:09 -------- d-----w- c:\program files\Common Files\Xara
2009-10-30 02:09 . 2009-10-30 02:09 -------- d-----w- c:\program files\Xara
2009-10-30 02:09 . 2007-04-05 13:59 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-08 00:20 . 2007-05-20 21:18 9356 ----a-w- c:\users\palma\AppData\Roaming\wklnhst.dat
2009-08-22 20:26 . 2009-08-22 20:26 11908 ----a-w- c:\program files\Common Files\cidixek.scr
2009-08-21 22:55 . 2009-08-21 22:55 16971 ----a-w- c:\program files\Common Files\mesuhan.bin
2009-08-21 22:55 . 2009-08-21 22:55 16290 ----a-w- c:\program files\Common Files\qareq.com
2009-08-21 22:55 . 2009-08-21 22:55 14581 ----a-w- c:\program files\Common Files\neluje.lib
2009-08-21 22:55 . 2009-08-21 22:55 13293 ----a-w- c:\program files\Common Files\ozuwuhedat.dl
2009-08-21 22:55 . 2009-08-21 22:55 12213 ----a-w- c:\program files\Common Files\witewifag.dat
2007-04-05 21:49 . 2007-04-05 21:48 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CurseClient"="c:\program files\Curse\CurseClient.exe" [2009-06-08 1934336]
"Uniblue RegistryBooster 2009"="c:\program files\uniblue\registrybooster\StartRegistryBooster.exe" [2008-08-26 99624]
"Steam"="c:\users\public\steam\steam.exe" [2009-10-24 1217808]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-18 289584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLCQCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLCQtime.dll" [2006-10-16 106496]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-14 198160]
"Malwarebytes' Anti-Malware"="c:\users\Public\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-12-04 429392]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]

c:\users\palma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-11-18 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\Spyware Terminator\sp_rsdel.exe \??\c:\progra~2\Spyware

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DynDNS Updater Tray Icon.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
backup=c:\windows\pss\DynDNS Updater Tray Icon.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Registration Tool.lnk]
backup=c:\windows\pss\Run Registration Tool.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^palma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WoW Glider.1.8.0.exe]
backup=c:\windows\pss\WoW Glider.1.8.0.exe.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^palma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdjamon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Antispyware
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Performance Center
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TKIU Agent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{08B6B52F-0438-6B96-0307-070101060807}

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 10:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
2009-05-19 05:23 49968 ----a-w- c:\program files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader]
2007-12-21 14:39 50520 ----a-w- c:\users\palma\AppData\Roaming\mjusbsp\cdloader2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLCQCATS]
2006-10-16 05:31 106496 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\dlcqtime.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlcqmon.exe]
2006-12-12 08:22 291720 ----a-w- c:\program files\Dell Photo AIO Printer 966\dlcqmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2006-12-12 08:22 312200 ----a-w- c:\program files\Dell PC Fax\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 23:09 20480 ----a-w- c:\windows\FixCamera.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashIcon]
2004-12-15 06:57 49152 ----a-w- c:\program files\GENERIC\USB Card Reader Driver v2.3\FlashIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-02-09 18:32 106496 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-09-29 17:39 151552 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-02-09 18:32 98304 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 16:35 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 21:20 290088 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2008-07-25 01:46 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCI USB Safe]
2004-05-21 22:39 34816 ----a-w- c:\windows\System32\usbsafe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
2006-12-12 08:22 304008 ----a-w- c:\program files\Dell Photo AIO Printer 966\memcard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-05-27 04:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-02-09 18:32 81920 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 23:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-09-28 23:32 344064 ----a-w- c:\windows\vsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-24 06:31 1217808 ----a-w- c:\users\Public\steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 11:27 144784 ----a-w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-12-20 01:08 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2007-05-12 18:19 270336 ----a-w- c:\windows\tsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
2008-08-26 16:48 99624 ----a-w- c:\program files\Uniblue\RegistryBooster\StartRegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [12/17/2009 12:23 PM 114768]
R1 hwinterface;hwinterface;c:\windows\System32\drivers\hwinterface.sys [3/4/2009 5:46 PM 3026]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [5/15/2009 7:23 PM 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [12/17/2009 12:23 PM 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [12/17/2009 12:23 PM 53328]
R2 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [6/23/2008 11:04 AM 65536]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [7/24/2008 5:46 PM 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [4/11/2009 10:13 PM 47640]
R2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe -service --> c:\windows\system32\lxbccoms.exe -service [?]
R2 MBAMService;MBAMService;c:\users\Public\Malwarebytes' Anti-Malware\mbamservice.exe [12/16/2009 1:54 PM 276816]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/26/2009 10:12 PM 24652]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [12/16/2009 1:49 PM 19160]
R3 tenCapture;tenCapture;c:\windows\System32\drivers\tenCapture.sys [4/21/2007 6:15 AM 9344]
S2 Seekeen Service;Seekeen Service; [x]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 9:31 PM 29263712]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [1/25/2008 1:12 AM 25088]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 4:28 PM 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\System32\drivers\RsFx0103.sys [3/30/2009 2:09 AM 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [3/30/2009 2:23 AM 366936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
------- Supplementary Scan -------
.
uStart Page =
uDefault_Search_URL =
mStart Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Crawler Search - tbr:iemenu
FF - ProfilePath - c:\users\palma\AppData\Roaming\Mozilla\Firefox\Profiles\900xdqll.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{46245B5A-9FDE-4F66-B0F4-E686C8637D62} - (no file)
ShellIconOverlayIdentifiers-{02696AD5-FF96-454b-9E00-81DA8B79B678} - (no file)
MSConfigStartUp-Fling - c:\program files\NCH Software\Fling\fling.exe
MSConfigStartUp-HostManager - c:\program files\Common Files\AOL\1179446061\ee\AOLSoftware.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-MskAgentexe - c:\program files\McAfee\MSK\MskAgent.exe
MSConfigStartUp-MsnMsgr - c:\program files\MSN Messenger\msnmsgr.exe
MSConfigStartUp-SigmatelSysTrayApp - sttray.exe
MSConfigStartUp-SpywareTerminatorUpdate - c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
AddRemove-Virtual DJ - Atomix Productions - c:\progra~1\VirtualDJ\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-12-18 14:28
Windows 6.0.6001 Service Pack 1 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCQCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys sprg.sys hal.dll >>UNKNOWN [0x862DB938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x8b9a7322
\Driver\ACPI -> acpi.sys @ 0x8b1b4d4c
\Driver\iaStor -> iastor.sys @ 0x8b297f90
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\palma\AppData\Local\Temp\LTXFEC.tmp"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\S-1-5-21-281787401-1428321093-735530139-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4615349C-1B6D-E59F-27CC-6550D5E167DE}*]
"haeeebiacmlmjbhh"=hex:6b,61,6c,68,6e,69,62,6e,63,69,6d,6b,70,6c,63,70,69,63,
63,6b,6c,6d,00,00
"iakebhiecgbamcjjig"=hex:6b,61,6c,68,6b,69,6d,6e,70,67,68,6a,62,70,65,66,68,69,
69,6e,69,61,00,00

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(972)
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\windows\System32\NLSData0009.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\System32\LEXBCES.EXE
c:\windows\System32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dlcqcoms.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\windows\system32\lxbccoms.exe
c:\windows\system32\lxdjcoms.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2009-12-18 14:40:48 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-18 22:40

Pre-Run: 52,762,828,800 bytes free
Post-Run: 63,978,180,608 bytes free

- - End Of File - - 3F2C83AC892812533D93C1763F8C3C42

techno4229
Intermediate
Intermediate

Status :
Online
Offline

Posts : 54
Joined : 2009-12-16
Gender : Male
OS : Windows 7 Ultamite
Points : 25968
# Likes : 0

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by Belahzur on Sat Dec 19, 2009 12:17 am


  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:

    KILLALL::

    File::
    C:\program files\Common Files\cidixek.scr
    c:\program files\Common Files\mesuhan.bin
    c:\program files\Common Files\qareq.com
    c:\program files\Common Files\neluje.lib
    c:\program files\Common Files\ozuwuhedat.dl
    c:\program files\Common Files\witewifag.dat

    Folder::
    c:\users\palma\AppData\Roaming\uTorrent
    c:\program files\uTorrent
    c:\program files\LimeWire
    c:\users\palma\AppData\Roaming\LimeWire

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "uTorrent"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Antispyware]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Performance Center]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{08B6B52F-0438-6B96-0307-070101060807}]

    RegNull::
    [HKEY_USERS\S-1-5-21-281787401-1428321093-735530139-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4615349C-1B6D-E59F-27CC-6550D5E167DE}*]

    RegLock::
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    DDS::
    uStart Page =
    uDefault_Search_URL =
    mSearch Bar = [You must be registered and logged in to see this link.]

    Driver::
    Viewpoint Manager Service
    Seekeen Service
    npggsvc
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by techno4229 on Sat Dec 19, 2009 1:46 am

ComboFix 09-12-16.05 - palma 12/18/2009 16:12:00.3.2 - x86
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.1.1033.18.3069.1911 [GMT -8:00]
Running from: c:\users\palma\Desktop\Combo-Fix.exe
Command switches used :: c:\users\palma\Desktop\CFScript.txt

FILE ::
"c:\program files\Common Files\cidixek.scr"
"c:\program files\Common Files\mesuhan.bin"
"c:\program files\Common Files\neluje.lib"
"c:\program files\Common Files\ozuwuhedat.dl"
"c:\program files\Common Files\qareq.com"
"c:\program files\Common Files\witewifag.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\cidixek.scr
c:\program files\Common Files\mesuhan.bin
c:\program files\Common Files\neluje.lib
c:\program files\Common Files\ozuwuhedat.dl
c:\program files\Common Files\qareq.com
c:\program files\Common Files\witewifag.dat
c:\program files\LimeWire
c:\program files\LimeWire\commons-httpclient.jar.tmp
c:\program files\LimeWire\commons-pool.jar.tmp
c:\program files\LimeWire\httpcore-nio.jar.tmp
c:\program files\LimeWire\httpcore.jar.tmp
c:\program files\LimeWire\id3v2.jar.tmp
c:\program files\LimeWire\lib\additional_resources.jar
c:\program files\LimeWire\lib\aopalliance.jar
c:\program files\LimeWire\lib\AppFramework.jar
c:\program files\LimeWire\lib\base64-2.2.2.jar
c:\program files\LimeWire\lib\clink.jar
c:\program files\LimeWire\lib\commons-codec-1.3.jar
c:\program files\LimeWire\lib\commons-logging.jar
c:\program files\LimeWire\lib\commons-math-1.2.jar
c:\program files\LimeWire\lib\daap.jar
c:\program files\LimeWire\lib\dnsjava-2.0.6.jar
c:\program files\LimeWire\lib\EventBus-1.2b.jar
c:\program files\LimeWire\lib\gettext-commons.jar
c:\program files\LimeWire\lib\glazedlists-1.7.0_java15.jar
c:\program files\LimeWire\lib\guice-assistedinject-snapshot.jar
c:\program files\LimeWire\lib\guice-snapshot.jar
c:\program files\LimeWire\lib\hashes
c:\program files\LimeWire\lib\hsqldb.jar
c:\program files\LimeWire\lib\httpclient-4.0-beta1.jar
c:\program files\LimeWire\lib\httpcore-4.0-beta2.jar
c:\program files\LimeWire\lib\httpcore-nio-4.0-beta2.jar
c:\program files\LimeWire\lib\icu4j.jar
c:\program files\LimeWire\lib\iTunes-0.0.1.jar
c:\program files\LimeWire\lib\jacob-1.14.1-x64.dll
c:\program files\LimeWire\lib\jacob-1.14.1-x86.dll
c:\program files\LimeWire\lib\jacob-1.14.1.jar
c:\program files\LimeWire\lib\jaudiotagger.jar
c:\program files\LimeWire\lib\jcip-annotations.jar
c:\program files\LimeWire\lib\jcraft.jar
c:\program files\LimeWire\lib\jdic.jar
c:\program files\LimeWire\lib\jdic_stub.jar
c:\program files\LimeWire\lib\jflac.jar
c:\program files\LimeWire\lib\jl.jar
c:\program files\LimeWire\lib\jmdns.jar
c:\program files\LimeWire\lib\jna.jar
c:\program files\LimeWire\lib\jogg.jar
c:\program files\LimeWire\lib\jorbis.jar
c:\program files\LimeWire\lib\jxlayer.jar
c:\program files\LimeWire\lib\log4j.jar
c:\program files\LimeWire\lib\messages.jar
c:\program files\LimeWire\lib\miglayout.jar
c:\program files\LimeWire\lib\mozdom4java.jar
c:\program files\LimeWire\lib\MozillaGlue-1.9.jar
c:\program files\LimeWire\lib\MozillaInterfaces-1.9.jar
c:\program files\LimeWire\lib\mozswing.jar
c:\program files\LimeWire\lib\mp3spi.jar
c:\program files\LimeWire\lib\onion-common.jar
c:\program files\LimeWire\lib\onion-fec.jar
c:\program files\LimeWire\lib\smack.jar
c:\program files\LimeWire\lib\smackx-debug.jar
c:\program files\LimeWire\lib\smackx.jar
c:\program files\LimeWire\lib\swing-worker-1.1.jar
c:\program files\LimeWire\lib\swingx-0.9.4.jar
c:\program files\LimeWire\lib\tritonus.jar
c:\program files\LimeWire\lib\unpackedJars.tmp
c:\program files\LimeWire\lib\vorbisspi.jar
c:\program files\uTorrent
c:\program files\uTorrent\16667-utorrent.4168.dmp
c:\program files\uTorrent\16667-utorrent.e58f.dmp
c:\program files\uTorrent\uTorrent.exe
c:\users\palma\AppData\Roaming\LimeWire
c:\users\palma\AppData\Roaming\LimeWire\active.mojito
c:\users\palma\AppData\Roaming\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\branding.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\classic.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\comm.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\alerts.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\auth.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\caps.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\chardet.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\chrome.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\composer.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\content_base.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\content_html.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\cookie.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\directory.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\downloads.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\editor.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\extensions.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\feeds.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\find.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\gfx.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\inspector.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\intl.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\jar.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\locale.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\oji.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pipboot.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pipnss.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pippki.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pippki.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\places.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\plugin.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\pref.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\profile.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\rdf.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\satchel.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\shistory.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\storage.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\transformiix.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\uconv.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\update.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\widget.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\windowds.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\xulutil.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.ini
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\dependentlibs.list
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\freebl3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\greprefs\all.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\javaxpcom.jar
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\js3250.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\LICENSE
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\debug.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\Microformats.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\utils.js
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\mozctl.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\mozctlx.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\msvcr71.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\nspr4.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\nss3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\nssckbi.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\nssdbm3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\nssutil3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\platform.ini
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\plc4.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\plds4.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\README.txt
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\arrow.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\arrowd.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\broken-image.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\charsetData.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\contenteditable.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\designmode.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\forms.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\grabber.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\html.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\html\folder.png
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\langGroups.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\language.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\loading-image.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\mathml.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\quirk.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\svg.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\ua.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\viewsource.css
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\res\wincharset.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\smime3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\softokn3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\sqlite3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\ssl3.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\version.properties
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xpcom.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xul.dll
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\users\palma\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
c:\users\palma\AppData\Roaming\LimeWire\bugs.data
c:\users\palma\AppData\Roaming\LimeWire\certificate\limewire.keystore
c:\users\palma\AppData\Roaming\LimeWire\createtimes.cache
c:\users\palma\AppData\Roaming\LimeWire\downloads.dat
c:\users\palma\AppData\Roaming\LimeWire\fileurns.cache
c:\users\palma\AppData\Roaming\LimeWire\filters.props
c:\users\palma\AppData\Roaming\LimeWire\gnutella.net
c:\users\palma\AppData\Roaming\LimeWire\installation.props
c:\users\palma\AppData\Roaming\LimeWire\library.dat
c:\users\palma\AppData\Roaming\LimeWire\library5.dat
c:\users\palma\AppData\Roaming\LimeWire\limewire.props
c:\users\palma\AppData\Roaming\LimeWire\lock
c:\users\palma\AppData\Roaming\LimeWire\mojito.props
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\.autoreg
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\7BCC79A5d01
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\AE98BDE5d01
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\BAFF9A9Bd01
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\BB25F3C2d01
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\Cache\CEC59CF8d01
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\cert8.db
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\compreg.dat
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\cookies.sqlite
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\downloads.sqlite
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\extensions.cache
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\extensions.ini
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\history.dat
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\key3.db
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\permissions.sqlite
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\places.sqlite-journal
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\places.sqlite
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\pluginreg.dat
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\prefs.js
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\secmod.db
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\XPC.mfl
c:\users\palma\AppData\Roaming\LimeWire\mozilla-profile\xpti.dat
c:\users\palma\AppData\Roaming\LimeWire\player.props
c:\users\palma\AppData\Roaming\LimeWire\promotion\promodb.backup
c:\users\palma\AppData\Roaming\LimeWire\promotion\promodb.data
c:\users\palma\AppData\Roaming\LimeWire\promotion\promodb.lck
c:\users\palma\AppData\Roaming\LimeWire\promotion\promodb.properties
c:\users\palma\AppData\Roaming\LimeWire\promotion\promodb.script
c:\users\palma\AppData\Roaming\LimeWire\questions.props
c:\users\palma\AppData\Roaming\LimeWire\responses.cache
c:\users\palma\AppData\Roaming\LimeWire\simpp.xml
c:\users\palma\AppData\Roaming\LimeWire\spam.dat
c:\users\palma\AppData\Roaming\LimeWire\tables.props
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme.lwtp
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\01_star.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\02_star.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\03_star.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\04_star.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\05_star.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\chat.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\forward_dn.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\forward_up.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\kill.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\kill_on.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\logo.png
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\notsearching.png
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\pause_dn.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\pause_up.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\play_dn.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\play_up.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\question.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\rewind_dn.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\rewind_up.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\searching.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\stop_dn.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\stop_up.gif
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\theme.txt
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\version.txt
c:\users\palma\AppData\Roaming\LimeWire\themes\windows_theme\warning.gif
c:\users\palma\AppData\Roaming\LimeWire\ttdata.cache
c:\users\palma\AppData\Roaming\LimeWire\ttrees.cache
c:\users\palma\AppData\Roaming\LimeWire\ttroot.cache
c:\users\palma\AppData\Roaming\LimeWire\version.xml
c:\users\palma\AppData\Roaming\LimeWire\versions.props
c:\users\palma\AppData\Roaming\LimeWire\xml\data\audio.sxml2
c:\users\palma\AppData\Roaming\LimeWire\xml\data\audio.sxml3
c:\users\palma\AppData\Roaming\LimeWire\xml\data\video.sxml3
c:\users\palma\AppData\Roaming\uTorrent
c:\users\palma\AppData\Roaming\uTorrent\Call.Of.Duty.World.At.War-RELOADED.torrent
c:\users\palma\AppData\Roaming\uTorrent\dht.dat
c:\users\palma\AppData\Roaming\uTorrent\dht.dat.old
c:\users\palma\AppData\Roaming\uTorrent\resume.dat
c:\users\palma\AppData\Roaming\uTorrent\resume.dat.old
c:\users\palma\AppData\Roaming\uTorrent\rss.dat
c:\users\palma\AppData\Roaming\uTorrent\rss.dat.old
c:\users\palma\AppData\Roaming\uTorrent\settings.dat
c:\users\palma\AppData\Roaming\uTorrent\settings.dat.old

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_npggsvc
-------\Service_Seekeen Service
-------\Service_Viewpoint Manager Service


((((((((((((((((((((((((( Files Created from 2009-11-19 to 2009-12-19 )))))))))))))))))))))))))))))))
.

2100-01-01 05:38 . 2009-06-15 06:12 -------- d-----w- c:\users\palma\AppData\Roaming\MAGIX
2100-01-01 05:35 . 2007-04-27 18:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2100-01-01 05:35 . 2009-08-19 03:27 -------- d-----w- c:\windows\system32\MAGIX
2100-01-01 05:35 . 2008-04-16 00:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll
2099-05-21 23:40 . 2009-12-12 18:57 -------- d-----w- c:\users\Public\Starcraft
2009-12-19 00:28 . 2009-12-19 00:30 -------- d-----w- c:\users\palma\AppData\Local\temp
2009-12-19 00:28 . 2009-12-19 00:28 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2009-12-19 00:28 . 2009-12-19 00:28 -------- d-----w- c:\users\Techno\AppData\Local\temp
2009-12-19 00:28 . 2009-12-19 00:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-19 00:28 . 2009-12-19 00:28 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
2009-12-19 00:28 . 2009-12-19 00:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-19 00:28 . 2009-12-19 00:28 -------- d-----w- c:\users\asrfeg\AppData\Local\temp
2009-12-18 19:51 . 2009-12-18 19:51 -------- d-----w- C:\_OTL
2009-12-18 03:34 . 2009-12-18 03:34 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2009-12-18 02:11 . 2009-11-03 04:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-18 01:58 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-12-18 01:58 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-12-18 01:58 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-12-18 01:58 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-12-18 01:58 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-12-18 01:58 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-12-18 01:58 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-12-18 01:58 . 2009-08-07 03:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-12-18 01:58 . 2009-08-07 02:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-12-17 20:23 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-17 20:23 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-17 20:23 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-17 20:23 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-17 20:23 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-17 20:23 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-17 20:23 . 2009-11-24 23:49 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-12-16 21:54 . 2009-12-17 19:51 -------- d-----w- c:\users\Public\Malwarebytes' Anti-Malware
2009-12-16 21:49 . 2009-12-04 00:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 21:49 . 2009-12-16 21:49 -------- d-----w- c:\programdata\Malwarebytes
2009-12-16 21:49 . 2009-12-04 00:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 21:24 . 2009-12-17 19:59 -------- d-----w- c:\users\palma\AppData\Local\staimy
2009-12-16 21:24 . 2009-12-17 19:59 -------- d-----w- c:\users\palma\AppData\Local\kqxkye
2009-12-16 21:24 . 2009-12-17 19:59 -------- d-----w- c:\users\palma\AppData\Local\nxiyyh
2009-12-16 05:16 . 2009-12-16 05:16 -------- d-----w- c:\program files\Rockstar Games
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\Readme
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\DirectX
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\CRACK
2009-12-16 05:08 . 2009-12-16 05:08 -------- d-----w- c:\users\Public\Bin
2009-12-16 05:07 . 2009-12-16 05:07 -------- d-----w- c:\users\Public\audio
2009-12-16 02:11 . 2009-12-16 02:31 -------- d-----w- c:\program files\Magic Translator
2009-12-14 03:08 . 2009-12-14 03:08 -------- d-----w- c:\program files\Common Files\xing shared
2009-12-14 03:07 . 2009-12-14 03:07 -------- d-----w- c:\program files\Real
2009-12-14 03:07 . 2009-12-14 03:08 -------- d-----w- c:\program files\Common Files\Real
2009-12-14 01:29 . 2009-12-14 01:29 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-12-14 01:28 . 2009-12-14 01:28 -------- d-----w- c:\users\palma\AppData\Roaming\AVG8
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\program files\Gravity
2009-12-13 01:17 . 2009-12-13 01:17 -------- d-----w- c:\users\palma\AppData\Roaming\Acoustica
2009-12-13 01:17 . 2007-08-07 19:32 57344 ----a-w- c:\windows\system32\Wnaspint.dll
2009-12-13 01:17 . 2009-12-13 01:19 -------- d-----w- c:\program files\Acoustica Shared Effects
2009-12-13 01:17 . 2009-12-13 01:17 -------- d-----w- c:\programdata\Acoustica
2009-12-12 02:25 . 2009-12-12 02:25 -------- d-----w- c:\users\palma\AppData\Local\PackageAware
2009-12-07 03:06 . 2009-12-07 03:06 -------- d-----w- c:\users\palma\AppData\Roaming\SystemRequirementsLab
2009-12-06 03:14 . 2009-12-11 05:18 76197 ----a-w- c:\windows\War3Unin.dat
2009-12-06 03:14 . 2009-12-06 03:15 2829 ----a-w- c:\windows\War3Unin.pif
2009-12-06 03:14 . 2009-12-06 03:15 139264 ----a-w- c:\windows\War3Unin.exe
2009-12-06 03:12 . 2009-12-14 04:08 -------- d-----w- c:\users\Public\Warcraft III
2009-12-01 00:42 . 2009-12-01 00:42 22 ----a-w- c:\users\palma\Pictures.zip
2009-11-30 19:33 . 2009-11-30 19:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-29 19:53 . 2009-11-29 19:53 -------- d-----w- c:\program files\Rapid Express
2009-11-29 19:37 . 2009-11-29 19:37 -------- d-----w- c:\program files\Technitium
2009-11-26 02:47 . 2009-11-26 02:47 -------- d-----w- c:\programdata\LogMeIn
2009-11-21 08:46 . 2009-11-21 08:46 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-21 01:39 . 2009-11-21 01:39 -------- d-----w- c:\users\palma\AppData\Local\assembly
2009-11-21 01:39 . 2009-11-21 03:51 -------- d-----w- c:\program files\NCSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 00:11 . 2009-10-15 03:15 -------- d-----w- c:\program files\Curse
2009-12-18 21:09 . 1989-05-14 23:43 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-18 19:40 . 2009-04-12 06:12 -------- d-----w- c:\program files\LogMeIn
2009-12-18 03:35 . 2007-06-20 06:03 -------- d-----w- c:\program files\Microsoft SQL Server
2009-12-17 20:23 . 2009-04-18 23:27 -------- d-----w- c:\program files\Alwil Software
2009-12-17 00:01 . 2007-05-21 01:19 -------- d-----w- c:\program files\Dl_cats
2009-12-16 23:54 . 2008-02-26 20:20 6892 ----a-w- c:\users\palma\AppData\Local\d3d9caps.dat
2009-12-16 20:52 . 2007-05-08 21:03 361576 ----a-w- c:\users\palma\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-16 05:16 . 2007-04-05 13:59 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-15 03:48 . 2007-07-22 02:13 -------- d-----w- c:\users\palma\AppData\Roaming\Xfire
2009-12-13 18:25 . 2009-10-14 02:58 -------- d-----w- c:\program files\ZD Soft
2009-12-13 01:17 . 2009-09-19 04:24 -------- d-----w- c:\program files\VstPlugins
2009-12-12 00:28 . 2007-07-22 02:13 -------- d-----w- c:\programdata\Xfire
2009-12-07 23:07 . 2009-11-16 04:04 -------- d-----w- c:\programdata\NOS
2009-12-06 21:28 . 2007-07-22 02:13 -------- d-----w- c:\program files\Xfire
2009-12-02 20:52 . 2009-12-02 20:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-12-01 04:01 . 2007-11-04 07:06 -------- d-----w- c:\users\palma\AppData\Roaming\GetRightToGo
2009-11-24 04:44 . 2009-11-14 06:41 -------- d-----w- c:\users\palma\AppData\Roaming\Any Video Converter
2009-11-24 04:42 . 2009-11-14 06:41 -------- d-----w- c:\program files\Any Video Converter
2009-11-19 00:20 . 2009-11-19 00:20 -------- d-----w- c:\program files\MagicDisc
2009-11-19 00:19 . 2009-11-19 00:19 -------- d-----w- c:\program files\MagicISO
2009-11-18 04:10 . 2009-11-18 03:32 -------- d-----w- c:\programdata\NFS Underground
2009-11-18 03:03 . 2009-11-17 04:59 -------- d-----w- c:\users\palma\AppData\Roaming\DAEMON Tools Lite
2009-11-17 04:59 . 2009-11-17 04:59 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-17 04:59 . 2009-11-17 04:59 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-16 04:04 . 2009-11-16 04:04 -------- d-----w- c:\program files\NOS
2009-11-13 04:00 . 2009-11-13 04:00 -------- d-----w- c:\program files\YouTube Downloader
2009-11-13 02:30 . 2009-11-13 02:30 -------- d-----w- c:\users\Techno\AppData\Roaming\Yahoo!
2009-11-13 02:24 . 2009-11-13 02:24 359376 ----a-w- c:\users\Techno\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-13 02:16 . 2009-11-13 02:16 -------- d-----w- c:\users\Techno\AppData\Roaming\Subversion
2009-11-13 02:16 . 2009-11-13 02:16 -------- d-----w- c:\program files\Web Publish
2009-11-13 01:28 . 2007-12-09 22:54 -------- d-----w- c:\users\palma\AppData\Roaming\Hamachi
2009-11-13 01:05 . 2007-11-30 00:44 -------- d-----w- c:\users\palma\AppData\Roaming\Apple Computer
2009-11-12 22:48 . 2009-11-12 22:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-10-30 22:56 . 2009-10-30 22:56 -------- d-----w- c:\program files\Free WMA to MP3 Converter
2009-10-30 03:40 . 2007-05-24 05:54 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-10-30 02:09 . 2009-10-30 02:09 -------- d-----w- c:\program files\Common Files\Xara
2009-10-30 02:09 . 2009-10-30 02:09 -------- d-----w- c:\program files\Xara
2009-10-30 02:09 . 2007-04-05 13:59 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-08 00:20 . 2007-05-20 21:18 9356 ----a-w- c:\users\palma\AppData\Roaming\wklnhst.dat
2007-04-05 21:49 . 2007-04-05 21:48 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

techno4229
Intermediate
Intermediate

Status :
Online
Offline

Posts : 54
Joined : 2009-12-16
Gender : Male
OS : Windows 7 Ultamite
Points : 25968
# Likes : 0

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by techno4229 on Sat Dec 19, 2009 1:46 am

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-04 16:13 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CurseClient"="c:\program files\Curse\CurseClient.exe" [2009-06-08 1934336]
"Uniblue RegistryBooster 2009"="c:\program files\uniblue\registrybooster\StartRegistryBooster.exe" [2008-08-26 99624]
"Steam"="c:\users\public\steam\steam.exe" [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLCQCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLCQtime.dll" [2006-10-16 106496]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-14 198160]
"Malwarebytes' Anti-Malware"="c:\users\Public\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-12-04 429392]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]

c:\users\palma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-11-18 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\Spyware Terminator\sp_rsdel.exe \??\c:\progra~2\Spyware

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DynDNS Updater Tray Icon.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
backup=c:\windows\pss\DynDNS Updater Tray Icon.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Registration Tool.lnk]
backup=c:\windows\pss\Run Registration Tool.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^palma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WoW Glider.1.8.0.exe]
backup=c:\windows\pss\WoW Glider.1.8.0.exe.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^palma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 10:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
2009-05-19 05:23 49968 ----a-w- c:\program files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader]
2007-12-21 14:39 50520 ----a-w- c:\users\palma\AppData\Roaming\mjusbsp\cdloader2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLCQCATS]
2006-10-16 05:31 106496 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\dlcqtime.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlcqmon.exe]
2006-12-12 08:22 291720 ----a-w- c:\program files\Dell Photo AIO Printer 966\dlcqmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2006-12-12 08:22 312200 ----a-w- c:\program files\Dell PC Fax\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 23:09 20480 ----a-w- c:\windows\FixCamera.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashIcon]
2004-12-15 06:57 49152 ----a-w- c:\program files\GENERIC\USB Card Reader Driver v2.3\FlashIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-02-09 18:32 106496 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-09-29 17:39 151552 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-02-09 18:32 98304 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 16:35 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 21:20 290088 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2008-07-25 01:46 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCI USB Safe]
2004-05-21 22:39 34816 ----a-w- c:\windows\System32\usbsafe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
2006-12-12 08:22 304008 ----a-w- c:\program files\Dell Photo AIO Printer 966\memcard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-05-27 04:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-02-09 18:32 81920 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 23:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-09-28 23:32 344064 ----a-w- c:\windows\vsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-24 06:31 1217808 ----a-w- c:\users\Public\steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 11:27 144784 ----a-w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-12-20 01:08 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2007-05-12 18:19 270336 ----a-w- c:\windows\tsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
2008-08-26 16:48 99624 ----a-w- c:\program files\Uniblue\RegistryBooster\StartRegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [12/17/2009 12:23 PM 114768]
R1 hwinterface;hwinterface;c:\windows\System32\drivers\hwinterface.sys [3/4/2009 5:46 PM 3026]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [5/15/2009 7:23 PM 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [12/17/2009 12:23 PM 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [12/17/2009 12:23 PM 53328]
R2 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [6/23/2008 11:04 AM 65536]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [7/24/2008 5:46 PM 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [4/11/2009 10:13 PM 47640]
R2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe -service --> c:\windows\system32\lxbccoms.exe -service [?]
R2 MBAMService;MBAMService;c:\users\Public\Malwarebytes' Anti-Malware\mbamservice.exe [12/16/2009 1:54 PM 276816]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [12/16/2009 1:49 PM 19160]
R3 tenCapture;tenCapture;c:\windows\System32\drivers\tenCapture.sys [4/21/2007 6:15 AM 9344]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 9:31 PM 29263712]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [1/25/2008 1:12 AM 25088]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 4:28 PM 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\System32\drivers\RsFx0103.sys [3/30/2009 2:09 AM 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [3/30/2009 2:23 AM 366936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
------- Supplementary Scan -------
.
mStart Page = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Crawler Search - tbr:iemenu
FF - ProfilePath - c:\users\palma\AppData\Roaming\Mozilla\Firefox\Profiles\900xdqll.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

AddRemove-uTorrent - c:\program files\uTorrent\uTorrent.exe



**************************************************************************
scanning hȋdden processes ...

scanning hȋdden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCQCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hȋdden files ...

scan completed successfully
hȋdden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\palma\AppData\Local\Temp\LTXFEC.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3296)
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\System32\LEXBCES.EXE
c:\windows\System32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dlcqcoms.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\windows\system32\lxbccoms.exe
c:\windows\system32\lxdjcoms.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2009-12-18 16:42:34 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-19 00:42
ComboFix2.txt 2009-12-18 22:40

Pre-Run: 63,358,382,080 bytes free
Post-Run: 63,168,528,384 bytes free

- - End Of File - - D58BF2DEB5A28A96DC75DC9DD5A01586

techno4229
Intermediate
Intermediate

Status :
Online
Offline

Posts : 54
Joined : 2009-12-16
Gender : Male
OS : Windows 7 Ultamite
Points : 25968
# Likes : 0

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by Belahzur on Sat Dec 19, 2009 2:04 am

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by techno4229 on Sat Dec 19, 2009 2:17 am

OMG I LOVE YOU NO MORE ERRORS!!! THANK YOU Belahzur Smile and what you think of my signature? Big Grin



techno4229
Intermediate
Intermediate

Status :
Online
Offline

Posts : 54
Joined : 2009-12-16
Gender : Male
OS : Windows 7 Ultamite
Points : 25968
# Likes : 0

View user profile

Back to top Go down

Re: Cant run Malwarebytes HELP!!!

Post by Belahzur on Sat Dec 19, 2009 3:43 pm

Not bad. Goofy

Now your in the trainee area, I suggest you spend a lot of time reading when your not doing much. Learn as much as you can, as fast as you can.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum