Antivira Av.. please help

View previous topic View next topic Go down

Antivira Av.. please help

Post by soconfused on Thu Feb 10, 2011 9:56 am

I got infected with this yesterday and I looked it up on my phone (since my internet wasn't working) and I followed the instructions that were listed on this site for dealing with this thing (remove Antivira Av post). I downloaded malwarebytes and it got rid of all the infected files but whenever I got back on my computer that Antivira thing would keep popping up. Please help me, thanks.

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Thu Feb 10, 2011 6:58 pm

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Fri Feb 11, 2011 8:32 am

The first is the OTL.Txt


OTL logfile created on: 2/11/2011 8:17:23 AM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Vista\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.34 Gb Total Space | 54.85 Gb Free Space | 39.08% Space Free | Partition Type: NTFS

Computer Name: VISTA-PC | User Name: Vista | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/11 08:15:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Vista\Downloads\OTL Oldtimer 컴퓨터 고치는거.exe
PRC - [2010/06/28 09:31:26 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/02/11 08:15:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Vista\Downloads\OTL Oldtimer 컴퓨터 고치는거.exe
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2008/01/20 21:24:53 | 000,545,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IME\imekr8\imkrtip.dll
MOD - [2008/01/20 21:24:36 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IME\shared\IMJKAPI.DLL
MOD - [2008/01/20 21:24:27 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IME\shared\IMETIP.DLL
MOD - [2008/01/20 21:24:10 | 000,113,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IME\imekr8\imkrapi.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/06/26 07:25:38 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/06/24 13:34:52 | 000,091,456 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/04/01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/02/05 08:53:30 | 000,628,176 | ---- | M] (Vision Power co., Ltd.) [Auto | Stopped] -- C:\Program Files\Yahoo!\AntiSpyWare\PZServiceNT.pze -- (YahooAntiSpyware_PZSrv)
SRV - [2008/07/18 23:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/28 18:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 02:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 18:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/02/06 16:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/03 20:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 18:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/11/14 03:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2008/09/24 13:13:34 | 000,014,848 | ---- | M] (Vision Power co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Yahoo!\AntiSpyWare\PZDrvNT.sys -- (PZDrvNT_YahooAntiSpyware)
DRV - [2008/07/28 18:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/18 21:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/06/12 21:43:16 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/04/28 19:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 20:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/15 12:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/09 21:00:04 | 002,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/02 19:26:08 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/18 11:22:00 | 000,009,216 | ---- | M] (Inventec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\sysprep\PEDRV.SYS -- (SVRPEDRV)
DRV - [2007/12/14 14:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/12/06 21:12:48 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/09 17:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/03/27 17:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 16:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:18810

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://naver.com/"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:7
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {3E9B658A-4BE2-4185-84CC-CAC954011664}:1.9.1
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/27 08:06:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/02 15:07:23 | 000,000,000 | ---D | M]

[2009/04/05 11:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\mozilla\Extensions
[2010/12/13 14:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\mozilla\Firefox\Profiles\e7lif9lb.default\extensions
[2009/09/07 10:15:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Vista\AppData\Roaming\mozilla\Firefox\Profiles\e7lif9lb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/17 17:00:26 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Users\Vista\AppData\Roaming\mozilla\Firefox\Profiles\e7lif9lb.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2009/04/05 11:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/23 21:53:58 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\VISTA\APPDATA\LOCAL\{3E9B658A-4BE2-4185-84CC-CAC954011664}
[2009/08/06 20:22:17 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\VISTA\APPDATA\ROAMING\MOVE NETWORKS

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (야후! 툴바) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [jswtrayutil] File not found
O4 - HKLM..\Run: [MaAgent] C:\Program Files\MarkAny\ContentSAFER\MaAgent.exe ((주)마크애니)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YahooAntiSpyware] C:\Program Files\Yahoo!\AntiSpyware\PZUpdate.exe (Vision Power co., Ltd.)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [MRDaemon.exe] File not found
O4 - HKCU..\Run: [ndhydqqm] C:\Users\Vista\AppData\Local\Temp\vqnddwvsr\lpmhsoqsika.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_06)
O16 - DPF: {8C165CC2-E50D-4D99-9D32-DAF6AB15AA32} [You must be registered and logged in to see this link.] (MnetHelper6 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} [You must be registered and logged in to see this link.] (Daum ActiveX manager Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_06)
O16 - DPF: {DFBBCB52-4D9F-4D0E-BF4A-A51223FC2541} [You must be registered and logged in to see this link.] (NSAppHelperWizrd Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Vista\Pictures\vintage;unique\추억이란.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vista\Pictures\vintage;unique\추억이란.jpg
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files\MarkAny\ContentSAFER\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{414f6435-aeba-11df-beac-001e3396d325}\Shell - "" = AutoRun
O33 - MountPoints2\{414f6435-aeba-11df-beac-001e3396d325}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{5a74ad24-0655-11de-a842-001e3396d325}\Shell\AutoRun\command - "" = rkw2ci.cmd
O33 - MountPoints2\{5a74ad24-0655-11de-a842-001e3396d325}\Shell\open\Command - "" = rkw2ci.cmd
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/09 17:35:03 | 000,000,000 | ---D | C] -- C:\Users\Vista\AppData\Roaming\Malwarebytes
[2011/02/09 17:34:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/02/09 17:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/09 17:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/09 17:34:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/02/09 17:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/27 09:48:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2007/03/12 10:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 11:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/11 08:02:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/10 11:41:12 | 000,001,356 | ---- | M] () -- C:\Users\Vista\AppData\Local\d3d9caps.dat
[2011/02/10 09:16:38 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/10 09:16:38 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/10 09:16:35 | 000,000,854 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/02/10 09:13:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/09 18:57:45 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/02/09 17:34:55 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/09 17:13:47 | 000,003,066 | ---- | M] () -- C:\Users\Vista\AppData\Local\etafulor.dll
[2011/02/09 16:55:41 | 000,003,066 | ---- | M] () -- C:\Users\Vista\AppData\Local\ayefevinuyoz.dll
[2011/02/09 16:41:27 | 000,006,662 | ---- | M] () -- C:\Users\Vista\Documents\0 2.9.11 NOTES.rtf
[2011/02/09 16:31:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B9FFFEFD-3619-4B9E-AD84-5296EEADD5A5}.job
[2011/02/09 16:09:37 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\alozucowopoze.dll
[2011/02/09 16:07:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/09 15:53:33 | 000,000,120 | ---- | M] () -- C:\Users\Vista\AppData\Local\Ewosokogikew.dat
[2011/02/09 14:07:38 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ilawemowe.dll
[2011/02/09 12:05:38 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ipemogudorayeher.dll
[2011/02/09 10:03:38 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\agazekud.dll
[2011/02/09 09:10:42 | 000,000,000 | ---- | M] () -- C:\Users\Vista\AppData\Local\Ibanofum.bin
[2011/02/08 19:01:49 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\uzikiriyijikere.dll
[2011/02/08 18:57:47 | 000,244,224 | ---- | M] () -- C:\Users\Vista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/08 16:59:46 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\axiduqiyaloqetu.dll
[2011/02/08 14:58:37 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\iwomexiz.dll
[2011/02/08 14:52:14 | 000,123,154 | ---- | M] () -- C:\Users\Vista\Documents\난 그대의...가사 (듣죠 그대를 melody).rtf
[2011/02/08 12:55:47 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\iwofaneroko.dll
[2011/02/08 10:54:48 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\emerulazexizux.dll
[2011/02/08 00:42:31 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\edatoxolibugid.dll
[2011/02/07 22:40:32 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ukibumeru.dll
[2011/02/07 20:38:32 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ojumasiv.dll
[2011/02/07 18:48:31 | 000,002,616 | ---- | M] () -- C:\Users\Vista\Documents\강추곡) You.. really don't know me.rtf
[2011/02/07 18:37:33 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\apaqurej.dll
[2011/02/07 16:34:32 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\abinamanewoh.dll
[2011/02/07 14:21:09 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\aponimifi.dll
[2011/02/07 13:10:47 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\anigomusige.dll
[2011/02/07 11:08:49 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ifiyovuzikagu.dll
[2011/02/07 09:06:48 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ikulipizuluf.dll
[2011/02/07 07:04:48 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\etuhuvilitac.dll
[2011/02/07 05:02:48 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ixaqatar.dll
[2011/02/07 03:00:49 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\afejepuritucivi.dll
[2011/02/07 00:58:50 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ogokulad.dll
[2011/02/06 22:56:50 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\edigezorije.dll
[2011/02/06 13:45:30 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ovelikol.dll
[2011/02/06 11:43:30 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\opokapak.dll
[2011/02/06 08:31:35 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\agopewukuwupomu.dll
[2011/02/06 06:30:37 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\opokadik.dll
[2011/02/06 04:27:36 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ekurayapeva.dll
[2011/02/06 02:25:36 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\abomocinexilah.dll
[2011/02/06 00:23:37 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\egisuqikuwafonut.dll
[2011/02/05 22:21:37 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\oyifuzacanuv.dll
[2011/02/05 20:19:37 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\akatakobiloba.dll
[2011/02/05 18:17:38 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\azabowin.dll
[2011/02/05 16:15:38 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\oqayaqogunewucob.dll
[2011/02/05 14:09:44 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\unuretubediday.dll
[2011/02/04 11:09:00 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\awosicuz.dll
[2011/02/04 09:07:00 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ovisatox.dll
[2011/02/04 02:44:24 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\uropuyuqiyuk.dll
[2011/02/04 00:42:25 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\idodinig.dll
[2011/02/03 22:40:25 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\usaxewugona.dll
[2011/02/03 22:29:39 | 000,013,569 | ---- | M] () -- C:\Users\Vista\Documents\난 너의 연예인.rtf
[2011/02/03 09:46:21 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ogeqazaqesuhele.dll
[2011/02/03 01:14:03 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ubudomipusovo.dll
[2011/02/02 23:12:03 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\oqijepopepacu.dll
[2011/02/02 21:10:04 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\iwuwefok.dll
[2011/02/02 19:08:09 | 000,002,609 | ---- | M] () -- C:\Users\Vista\Desktop\Microsoft Office Word 2003.lnk
[2011/02/02 19:08:04 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ilorujiqigisohun.dll
[2011/02/02 17:08:07 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\uhasuwaqiqamalan.dll
[2011/02/02 15:04:05 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\esimanew.dll
[2011/02/02 13:02:06 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\itiboxagijo.dll
[2011/02/02 01:50:27 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\iquzizuf.dll
[2011/02/01 23:48:28 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ewaforaw.dll
[2011/02/01 21:46:48 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\obuqoboxebodamu.dll
[2011/02/01 19:56:29 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\eheraqesa.dll
[2011/02/01 17:54:29 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ulifirawaxozuvov.dll
[2011/02/01 15:52:29 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\izogubix.dll
[2011/02/01 13:50:30 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ojivisidubadi.dll
[2011/02/01 11:48:30 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\awitaludeje.dll
[2011/02/01 04:10:53 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ocimuduti.dll
[2011/02/01 02:08:53 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\eqegeyabeguyo.dll
[2011/02/01 00:06:54 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\eweboxebo.dll
[2011/01/31 22:04:54 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ikegipam.dll
[2011/01/31 21:15:19 | 000,001,470 | ---- | M] () -- C:\Users\Vista\Desktop\HANNAM DEMO REPORT.rtf
[2011/01/31 10:44:19 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ohequqofolininoz.dll
[2011/01/31 10:42:21 | 000,608,448 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/31 10:42:21 | 000,108,294 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/31 08:42:19 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ufunevif.dll
[2011/01/31 00:07:42 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\izexetedabe.dll
[2011/01/30 22:05:42 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ekizipahal.dll
[2011/01/30 08:40:21 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ewojupiliyojo.dll
[2011/01/30 04:32:53 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\opogovitogolopu.dll
[2011/01/30 02:30:54 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ezidevac.dll
[2011/01/30 00:28:54 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\avavamebopevu.dll
[2011/01/29 22:26:54 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ayobodamu.dll
[2011/01/29 06:03:56 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ukevegubelix.dll
[2011/01/29 04:01:56 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\azodinig.dll
[2011/01/29 01:59:57 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\uqexewugonajero.dll
[2011/01/28 23:58:59 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\uqutewis.dll
[2011/01/28 21:55:58 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ulagesif.dll
[2011/01/28 00:10:33 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\axoyoqanejob.dll
[2011/01/27 22:08:35 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\uxevepas.dll
[2011/01/27 20:06:36 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\apelijefed.dll
[2011/01/27 18:04:36 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\irorereweril.dll
[2011/01/27 16:17:24 | 000,002,641 | ---- | M] () -- C:\Users\Vista\Documents\POKEMON WHITE.rtf
[2011/01/27 16:02:35 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\iyehixusoya.dll
[2011/01/27 14:00:38 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ujomikux.dll
[2011/01/27 11:58:40 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\utimiyaparohi.dll
[2011/01/27 10:40:47 | 000,025,399 | ---- | M] () -- C:\Users\Vista\Documents\강추곡) 내가 못 지켜주니까.rtf
[2011/01/27 09:56:54 | 000,001,813 | ---- | M] () -- C:\Users\Vista\AppData\Local\epefureqijoloz.dll
[2011/01/27 08:47:11 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\uwucasicuzo.dll
[2011/01/26 10:33:12 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\akezevuladiw.dll
[2011/01/26 03:42:19 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ufozerazurow.dll
[2011/01/26 01:40:19 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\itibibidovug.dll
[2011/01/25 23:38:20 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\onitohekafomohu.dll
[2011/01/25 21:36:21 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ilugulukacegala.dll
[2011/01/25 14:30:43 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ojohanofowac.dll
[2011/01/25 12:28:44 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\axukuwafonut.dll
[2011/01/25 10:26:44 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\igajigulukacega.dll
[2011/01/25 00:41:36 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ayifexemexiz.dll
[2011/01/24 22:39:37 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\oqagomukedomigiv.dll
[2011/01/24 12:04:23 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\elujubetovapuz.dll
[2011/01/24 10:02:23 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\esavudam.dll
[2011/01/24 08:00:24 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\egimuhif.dll
[2011/01/21 23:39:08 | 000,001,813 | ---- | M] () -- C:\Users\Vista\AppData\Local\otetupek.dll
[2011/01/21 22:09:52 | 000,005,932 | ---- | M] () -- C:\Users\Vista\Documents\강추곡) In This Room, 이별 아니기를.rtf
[2011/01/21 21:46:43 | 000,001,901 | ---- | M] () -- C:\Users\Vista\AppData\Local\ipodohaq.dll
[2011/01/21 08:14:23 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\utozofuq.dll
[2011/01/20 16:30:02 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ureqejej.dll
[2011/01/20 14:28:03 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ejajovanile.dll
[2011/01/20 12:26:03 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\eyarayeheridub.dll
[2011/01/20 10:26:07 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\ozikiriy.dll
[2011/01/19 17:28:11 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\iveduyeviwepa.dll
[2011/01/19 15:26:11 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ubegatekudat.dll
[2011/01/19 13:24:14 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\upuviwepa.dll
[2011/01/19 11:22:12 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\oxexofip.dll
[2011/01/19 09:20:13 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ixixekoc.dll
[2011/01/18 23:34:03 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ulawulaqocu.dll
[2011/01/18 21:32:03 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\igehucucaqi.dll
[2011/01/18 19:30:04 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\oxicuficawa.dll
[2011/01/18 17:29:05 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\ufehavona.dll
[2011/01/18 15:26:04 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\uwivokom.dll
[2011/01/18 13:24:04 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ujadurayapeva.dll
[2011/01/18 11:22:05 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ilixoqoya.dll
[2011/01/18 09:20:05 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\iguvezuy.dll
[2011/01/18 03:49:56 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\amomocar.dll
[2011/01/18 01:48:07 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\efugoforeqonofa.dll
[2011/01/17 23:45:57 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\adehogajim.dll
[2011/01/17 21:43:58 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\emazupijafer.dll
[2011/01/17 19:41:58 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\otaqutunagecag.dll
[2011/01/17 17:39:58 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\eyivahub.dll
[2011/01/17 15:39:00 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\ibamufoy.dll
[2011/01/17 13:35:59 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\eguweseb.dll
[2011/01/17 11:34:05 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ulehukoz.dll
[2011/01/16 04:45:17 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\uqukocon.dll
[2011/01/16 02:43:18 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ajedafuga.dll
[2011/01/16 00:41:18 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\uxefinos.dll
[2011/01/15 09:14:25 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\evonodusexuyo.dll
[2011/01/13 14:54:07 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\icikesiko.dll
[2011/01/13 12:52:07 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ixeqegepazopesi.dll
[2011/01/13 00:10:02 | 000,012,664 | ---- | M] () -- C:\Users\Vista\Documents\Pokemon Adventures.rtf
[2011/01/12 23:45:25 | 000,001,231 | ---- | M] () -- C:\Users\Vista\Documents\0 INTERNET EXPLORER TAB 1월11일.rtf
[2011/01/12 18:42:56 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\epirezat.dll
[2011/01/12 16:41:57 | 000,001,949 | ---- | M] () -- C:\Users\Vista\AppData\Local\uhiluwaruyum.dll
[2011/01/12 14:38:57 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\ifefedawevev.dll
[2011/01/12 12:36:57 | 000,001,861 | ---- | M] () -- C:\Users\Vista\AppData\Local\erewulevefi.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]



soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Fri Feb 11, 2011 8:33 am

========== Files Created - No Company Name ==========

[2011/02/09 17:34:55 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/09 17:13:46 | 000,003,066 | ---- | C] () -- C:\Users\Vista\AppData\Local\etafulor.dll
[2011/02/09 16:55:41 | 000,003,066 | ---- | C] () -- C:\Users\Vista\AppData\Local\ayefevinuyoz.dll
[2011/02/09 16:41:26 | 000,006,662 | ---- | C] () -- C:\Users\Vista\Documents\0 2.9.11 NOTES.rtf
[2011/02/09 16:09:37 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\alozucowopoze.dll
[2011/02/09 14:07:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ilawemowe.dll
[2011/02/09 12:05:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ipemogudorayeher.dll
[2011/02/09 10:03:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\agazekud.dll
[2011/02/08 19:01:49 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uzikiriyijikere.dll
[2011/02/08 16:59:46 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\axiduqiyaloqetu.dll
[2011/02/08 14:58:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iwomexiz.dll
[2011/02/08 12:55:47 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iwofaneroko.dll
[2011/02/08 10:54:48 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\emerulazexizux.dll
[2011/02/08 00:42:31 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\edatoxolibugid.dll
[2011/02/07 22:40:31 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ukibumeru.dll
[2011/02/07 20:38:32 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ojumasiv.dll
[2011/02/07 18:48:31 | 000,002,616 | ---- | C] () -- C:\Users\Vista\Documents\강추곡) You.. really don't know me.rtf
[2011/02/07 18:37:33 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\apaqurej.dll
[2011/02/07 16:34:32 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\abinamanewoh.dll
[2011/02/07 14:21:09 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\aponimifi.dll
[2011/02/07 13:10:47 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\anigomusige.dll
[2011/02/07 11:08:49 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ifiyovuzikagu.dll
[2011/02/07 09:06:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ikulipizuluf.dll
[2011/02/07 07:04:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\etuhuvilitac.dll
[2011/02/07 05:02:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ixaqatar.dll
[2011/02/07 03:00:49 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\afejepuritucivi.dll
[2011/02/07 00:58:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ogokulad.dll
[2011/02/06 22:56:49 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\edigezorije.dll
[2011/02/06 13:45:30 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ovelikol.dll
[2011/02/06 11:43:30 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\opokapak.dll
[2011/02/06 08:31:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\agopewukuwupomu.dll
[2011/02/06 06:30:37 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\opokadik.dll
[2011/02/06 04:27:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ekurayapeva.dll
[2011/02/06 02:25:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\abomocinexilah.dll
[2011/02/06 00:23:37 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\egisuqikuwafonut.dll
[2011/02/05 22:21:37 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oyifuzacanuv.dll
[2011/02/05 20:19:37 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\akatakobiloba.dll
[2011/02/05 18:17:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\azabowin.dll
[2011/02/05 16:15:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oqayaqogunewucob.dll
[2011/02/05 14:09:44 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\unuretubediday.dll
[2011/02/04 11:09:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\awosicuz.dll
[2011/02/04 09:07:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ovisatox.dll
[2011/02/04 02:44:24 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uropuyuqiyuk.dll
[2011/02/04 00:42:25 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\idodinig.dll
[2011/02/03 22:40:25 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\usaxewugona.dll
[2011/02/03 22:28:56 | 000,013,569 | ---- | C] () -- C:\Users\Vista\Documents\난 너의 연예인.rtf
[2011/02/03 09:46:21 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ogeqazaqesuhele.dll
[2011/02/03 01:14:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ubudomipusovo.dll
[2011/02/02 23:12:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oqijepopepacu.dll
[2011/02/02 21:10:04 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iwuwefok.dll
[2011/02/02 19:08:04 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ilorujiqigisohun.dll
[2011/02/02 17:08:07 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\uhasuwaqiqamalan.dll
[2011/02/02 15:04:05 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\esimanew.dll
[2011/02/02 13:02:06 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\itiboxagijo.dll
[2011/02/02 01:50:27 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\iquzizuf.dll
[2011/02/01 23:48:28 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ewaforaw.dll
[2011/02/01 21:46:48 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\obuqoboxebodamu.dll
[2011/02/01 19:56:29 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\eheraqesa.dll
[2011/02/01 17:54:29 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ulifirawaxozuvov.dll
[2011/02/01 15:52:29 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\izogubix.dll
[2011/02/01 13:50:30 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ojivisidubadi.dll
[2011/02/01 11:48:30 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\awitaludeje.dll
[2011/02/01 04:10:53 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ocimuduti.dll
[2011/02/01 02:08:53 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\eqegeyabeguyo.dll
[2011/02/01 00:06:54 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\eweboxebo.dll
[2011/01/31 22:04:54 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ikegipam.dll
[2011/01/31 21:15:19 | 000,001,470 | ---- | C] () -- C:\Users\Vista\Desktop\HANNAM DEMO REPORT.rtf
[2011/01/31 10:44:19 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ohequqofolininoz.dll
[2011/01/31 08:42:19 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ufunevif.dll
[2011/01/31 00:07:42 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\izexetedabe.dll
[2011/01/30 22:05:42 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ekizipahal.dll
[2011/01/30 08:40:21 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ewojupiliyojo.dll
[2011/01/30 04:32:53 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\opogovitogolopu.dll
[2011/01/30 02:30:54 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ezidevac.dll
[2011/01/30 00:28:54 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\avavamebopevu.dll
[2011/01/29 22:26:54 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ayobodamu.dll
[2011/01/29 06:03:56 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ukevegubelix.dll
[2011/01/29 04:01:56 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\azodinig.dll
[2011/01/29 01:59:57 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\uqexewugonajero.dll
[2011/01/28 23:58:59 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\uqutewis.dll
[2011/01/28 21:55:58 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ulagesif.dll
[2011/01/28 00:10:33 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\axoyoqanejob.dll
[2011/01/27 22:08:35 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\uxevepas.dll
[2011/01/27 20:06:36 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\apelijefed.dll
[2011/01/27 18:04:36 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\irorereweril.dll
[2011/01/27 16:08:12 | 000,002,641 | ---- | C] () -- C:\Users\Vista\Documents\POKEMON WHITE.rtf
[2011/01/27 16:02:35 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\iyehixusoya.dll
[2011/01/27 14:00:38 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ujomikux.dll
[2011/01/27 11:58:40 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\utimiyaparohi.dll
[2011/01/27 09:56:54 | 000,001,813 | ---- | C] () -- C:\Users\Vista\AppData\Local\epefureqijoloz.dll
[2011/01/27 08:47:11 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\uwucasicuzo.dll
[2011/01/26 10:33:12 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\akezevuladiw.dll
[2011/01/26 03:42:19 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ufozerazurow.dll
[2011/01/26 01:40:19 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\itibibidovug.dll
[2011/01/25 23:38:20 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\onitohekafomohu.dll
[2011/01/25 21:36:21 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ilugulukacegala.dll
[2011/01/25 14:30:43 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ojohanofowac.dll
[2011/01/25 12:28:44 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\axukuwafonut.dll
[2011/01/25 10:26:44 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\igajigulukacega.dll
[2011/01/25 00:41:36 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ayifexemexiz.dll
[2011/01/24 22:39:37 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\oqagomukedomigiv.dll
[2011/01/24 12:04:23 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\elujubetovapuz.dll
[2011/01/24 10:02:23 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\esavudam.dll
[2011/01/24 08:00:24 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\egimuhif.dll
[2011/01/21 23:39:08 | 000,001,813 | ---- | C] () -- C:\Users\Vista\AppData\Local\otetupek.dll
[2011/01/21 22:09:51 | 000,005,932 | ---- | C] () -- C:\Users\Vista\Documents\강추곡) In This Room, 이별 아니기를.rtf
[2011/01/21 21:46:43 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ipodohaq.dll
[2011/01/21 08:14:23 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\utozofuq.dll
[2011/01/20 16:30:02 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ureqejej.dll
[2011/01/20 14:28:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ejajovanile.dll
[2011/01/20 12:26:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eyarayeheridub.dll
[2011/01/20 10:26:07 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ozikiriy.dll
[2011/01/19 17:28:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iveduyeviwepa.dll
[2011/01/19 15:26:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ubegatekudat.dll
[2011/01/19 13:24:12 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\upuviwepa.dll
[2011/01/19 11:22:12 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oxexofip.dll
[2011/01/19 09:20:12 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ixixekoc.dll
[2011/01/18 23:34:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ulawulaqocu.dll
[2011/01/18 21:32:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\igehucucaqi.dll
[2011/01/18 19:30:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oxicuficawa.dll
[2011/01/18 17:29:05 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ufehavona.dll
[2011/01/18 15:26:04 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uwivokom.dll
[2011/01/18 13:24:04 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ujadurayapeva.dll
[2011/01/18 11:22:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ilixoqoya.dll
[2011/01/18 09:20:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iguvezuy.dll
[2011/01/18 03:49:56 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\amomocar.dll
[2011/01/18 01:48:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\efugoforeqonofa.dll
[2011/01/17 23:45:57 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\adehogajim.dll
[2011/01/17 21:43:58 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\emazupijafer.dll
[2011/01/17 19:41:58 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\otaqutunagecag.dll
[2011/01/17 17:39:58 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eyivahub.dll
[2011/01/17 15:39:00 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ibamufoy.dll
[2011/01/17 13:35:59 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eguweseb.dll
[2011/01/17 11:34:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ulehukoz.dll
[2011/01/16 04:45:17 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uqukocon.dll
[2011/01/16 02:43:18 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ajedafuga.dll
[2011/01/16 00:41:18 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uxefinos.dll
[2011/01/15 09:14:25 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\evonodusexuyo.dll
[2011/01/13 14:54:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\icikesiko.dll
[2011/01/13 12:52:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ixeqegepazopesi.dll
[2011/01/12 18:42:56 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\epirezat.dll
[2011/01/12 16:41:57 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\uhiluwaruyum.dll
[2011/01/12 14:38:57 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ifefedawevev.dll
[2011/01/12 12:36:57 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\erewulevefi.dll
[2011/01/12 01:39:04 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oxavigul.dll
[2011/01/11 23:37:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\arifusiz.dll
[2011/01/11 21:35:01 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\izesebevax.dll
[2011/01/11 19:33:01 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oqitedap.dll
[2011/01/11 17:31:02 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iyigugav.dll
[2011/01/11 15:29:02 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ecuqesuhelehizu.dll
[2011/01/11 13:27:02 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ecihuwonez.dll
[2011/01/11 11:25:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\inacodeneqehex.dll
[2011/01/11 09:23:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\efegasuti.dll
[2011/01/11 04:32:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ajoheridub.dll
[2011/01/11 02:30:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\asusamoq.dll
[2011/01/11 00:28:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ihugoqora.dll
[2011/01/10 16:01:26 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ujiziresoxiwuvur.dll
[2011/01/10 13:59:26 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ipoleriweso.dll
[2011/01/10 11:56:25 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\uqetahixowe.dll
[2011/01/10 09:54:25 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\oqogalajuna.dll
[2011/01/09 09:15:04 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ujafuxujabo.dll
[2011/01/09 01:48:35 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ucotucejaqapeju.dll
[2011/01/08 23:46:36 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ehojufanerokowu.dll
[2011/01/08 21:44:36 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ufoceyiqamabim.dll
[2011/01/08 08:34:37 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\eqiridasib.dll
[2011/01/07 23:22:41 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\udeziguq.dll
[2011/01/07 00:03:06 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\epuqaxuwibiqo.dll
[2011/01/06 19:59:09 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\esixufapif.dll
[2011/01/06 17:58:08 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\upovabup.dll
[2011/01/06 15:56:16 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\usowukatiyuwa.dll
[2011/01/06 13:54:09 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ecelamut.dll
[2011/01/06 11:51:08 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ifuvetecofirujiq.dll
[2011/01/06 07:18:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\acodokezez.dll
[2011/01/06 05:16:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\exenoxozoq.dll
[2011/01/06 00:11:10 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\okegemidaribiy.dll
[2011/01/05 22:09:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oyohiheha.dll
[2011/01/05 20:07:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ijaculihiweke.dll
[2011/01/05 18:05:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\usitanab.dll
[2011/01/05 14:07:28 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oribezaxe.dll
[2011/01/05 12:05:28 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\enuyecoxewugo.dll
[2011/01/04 15:04:46 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\egiviwece.dll
[2011/01/04 13:02:47 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\azegewusuya.dll
[2011/01/04 11:00:47 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\amunuper.dll
[2011/01/04 08:58:47 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\afucuzozec.dll
[2011/01/04 01:42:19 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\aqaxacumiruxeca.dll
[2011/01/03 20:04:49 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ekisuzupijaferoc.dll
[2011/01/03 18:04:54 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\igegobeyeyo.dll
[2011/01/03 16:00:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uniboduyevi.dll
[2011/01/03 13:59:52 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\asiyagasuti.dll
[2011/01/03 11:56:51 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ubigunewucobuh.dll
[2011/01/03 09:54:52 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ewenafazeqeqal.dll
[2011/01/03 03:01:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\edelasihi.dll
[2011/01/03 00:59:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ahefixipu.dll
[2011/01/02 22:57:51 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\enawafon.dll
[2011/01/02 20:55:51 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\otoximib.dll
[2011/01/02 18:53:58 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\umozakob.dll
[2011/01/02 16:51:55 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\imapiguy.dll
[2011/01/02 14:51:59 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\oduferosulo.dll
[2011/01/02 12:48:54 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\axasafuz.dll
[2011/01/02 10:45:53 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ovexehiz.dll
[2011/01/02 08:43:53 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\idebukukaseg.dll
[2011/01/01 22:20:29 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\avopomukimupewu.dll
[2011/01/01 20:18:29 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\idilaquv.dll
[2011/01/01 18:15:29 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ibohapax.dll
[2011/01/01 16:13:29 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\usinesan.dll
[2011/01/01 14:11:29 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\upehoxaj.dll
[2011/01/01 12:09:29 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\anocobojebuq.dll
[2010/12/31 22:53:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uconujanecatev.dll
[2010/12/31 20:51:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\exacufotizici.dll
[2010/12/31 18:49:49 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iqiquhet.dll
[2010/12/31 16:47:49 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\omesuleboduyevi.dll
[2010/12/31 14:45:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ukozelagar.dll
[2010/12/31 12:43:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ukumufoyemuy.dll
[2010/12/31 10:41:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\abecaval.dll
[2010/12/31 03:20:09 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\idajedab.dll
[2010/12/31 01:18:09 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\acubomuredi.dll
[2010/12/30 23:16:10 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ufonegifo.dll
[2010/12/30 21:14:10 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ecacejalafoqipof.dll
[2010/12/30 19:12:12 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iholifip.dll
[2010/12/30 17:10:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ahogesavadebib.dll
[2010/12/30 15:08:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iyajigoki.dll
[2010/12/30 13:06:15 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ehuhuqer.dll
[2010/12/30 11:04:12 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ozufutoc.dll
[2010/12/30 09:02:14 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ahocajuh.dll
[2010/12/30 03:25:04 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\obapijov.dll
[2010/12/30 01:23:04 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ewozetij.dll
[2010/12/29 23:21:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eyevifoh.dll
[2010/12/29 21:20:06 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\adalasej.dll
[2010/12/29 19:17:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\atogunewuc.dll
[2010/12/29 17:15:06 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\elibewah.dll
[2010/12/29 15:13:06 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\etategigusobo.dll
[2010/12/29 13:11:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iheqefameteqa.dll
[2010/12/29 11:09:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uvaqejivul.dll
[2010/12/29 02:02:18 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\inilijos.dll
[2010/12/28 23:58:56 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\onifepovaxesak.dll
[2010/12/28 21:56:56 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\izefopawuqe.dll
[2010/12/28 19:54:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\izeroxaziv.dll
[2010/12/28 17:52:50 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ademeroko.dll
[2010/12/28 11:34:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\alafoqipofevinuy.dll
[2010/12/28 09:32:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\otifasocukexu.dll
[2010/12/28 01:20:08 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\exocibisovuniwu.dll
[2010/12/27 23:18:09 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ewuneburimuquj.dll
[2010/12/27 21:16:09 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\emaziful.dll
[2010/12/27 19:14:10 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ivomoled.dll
[2010/12/27 17:12:10 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ewimikuxiyay.dll
[2010/12/27 15:10:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\itariyovuzikagu.dll
[2010/12/27 13:08:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uyohehuc.dll
[2010/12/27 11:06:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\isanucijenonu.dll
[2010/12/27 00:27:24 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\usigofudo.dll
[2010/12/26 22:25:25 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ixipoxul.dll
[2010/12/26 20:23:25 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\afohediqad.dll
[2010/12/26 18:21:25 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\utisequpal.dll
[2010/12/26 16:19:25 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\enononuc.dll
[2010/12/26 14:17:26 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ivikepemiyuvacas.dll
[2010/12/26 12:16:27 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\onolayotevokomas.dll
[2010/12/26 10:13:26 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\unoduligejope.dll
[2010/12/26 00:44:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\egafisequp.dll
[2010/12/25 22:42:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\edezijuqumofut.dll
[2010/12/25 20:41:06 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ecasevegukoge.dll
[2010/12/25 18:38:06 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ohugavim.dll
[2010/12/25 16:36:06 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\epayetasoyuyebi.dll
[2010/12/25 14:34:06 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oqeyemamerihesog.dll
[2010/12/25 12:32:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\evaqeniware.dll
[2010/12/25 10:30:07 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iqijikeregu.dll
[2010/12/24 19:55:34 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uqusaxogapoga.dll
[2010/12/24 17:53:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\abiluqizevax.dll
[2010/12/24 16:38:31 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oxowesebebebagu.dll
[2010/12/24 14:36:31 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uzeqayis.dll
[2010/12/24 12:34:32 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\acejojul.dll
[2010/12/24 10:32:32 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\atucefuw.dll
[2010/12/24 01:17:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\elofasuf.dll
[2010/12/23 23:15:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\utamaquden.dll
[2010/12/23 21:13:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\igudolequfir.dll
[2010/12/23 19:11:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ayegozuxecuguve.dll
[2010/12/23 17:09:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\aqubacax.dll
[2010/12/23 15:07:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\icuzahuyuruw.dll
[2010/12/23 13:05:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\irotagac.dll
[2010/12/23 11:03:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\egipojehu.dll
[2010/12/23 09:03:42 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\amopawogep.dll
[2010/12/22 07:19:37 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\oromimesu.dll
[2010/12/22 01:49:41 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\obaperulazexizux.dll
[2010/12/21 23:47:41 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\udakotadoqevoyox.dll
[2010/12/21 21:45:41 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ezavenup.dll
[2010/12/21 19:43:30 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\evamibah.dll
[2010/12/21 17:41:31 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\agiqemaqawe.dll
[2010/12/21 15:39:31 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ekelulinet.dll
[2010/12/21 13:37:32 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ujebeyitame.dll
[2010/12/21 11:37:57 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\uwoketom.dll
[2010/12/20 11:01:22 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\exogurinaz.dll
[2010/12/20 05:28:36 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\ubamimesu.dll
[2010/12/20 03:24:33 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ixagupis.dll
[2010/12/20 01:22:33 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\udiwusuya.dll
[2010/12/19 23:20:34 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\icisexuy.dll
[2010/12/19 21:18:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\avezacufo.dll
[2010/12/19 19:16:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\iqajataz.dll
[2010/12/19 17:14:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\upocukexugu.dll
[2010/12/19 15:12:35 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ezulobakamo.dll
[2010/12/19 13:10:36 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uvabetovapuz.dll
[2010/12/19 11:09:37 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\onerulipizuluf.dll
[2010/12/19 05:03:19 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eyapiqiy.dll
[2010/12/19 03:01:19 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\izadusib.dll
[2010/12/19 00:59:20 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ubukafomohuxe.dll
[2010/12/18 22:57:20 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\urimufavele.dll
[2010/12/18 20:55:20 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\esugepazopesiqa.dll
[2010/12/18 18:54:22 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\amolijefed.dll
[2010/12/18 16:51:21 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ajotemek.dll
[2010/12/18 14:49:22 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\utayonoxuxabibid.dll
[2010/12/18 12:47:22 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\opimikuxiyayidad.dll
[2010/12/18 10:45:22 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uwojoxuc.dll
[2010/12/18 04:19:28 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\obajadazayuju.dll
[2010/12/18 02:17:28 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\itevisidu.dll
[2010/12/18 00:15:29 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\upulicakenakohod.dll
[2010/12/17 22:13:29 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\egexifokelodasod.dll
[2010/12/17 20:11:29 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ubofoqip.dll
[2010/12/17 18:09:30 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uzelineter.dll
[2010/12/17 16:07:30 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\udolemunajazeti.dll
[2010/12/17 00:13:28 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ageporer.dll
[2010/12/16 23:57:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\aquhiqijoyi.dll
[2010/12/16 21:55:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\evoyesubaseb.dll
[2010/12/16 07:10:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\etetahefozuj.dll
[2010/12/15 23:42:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ihumavabow.dll
[2010/12/15 21:40:48 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\atuciduwatonudo.dll
[2010/12/14 21:43:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ugimuhifopa.dll
[2010/12/14 21:33:15 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\avuwahazuyos.dll
[2010/12/13 15:46:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\izehogeh.dll
[2010/12/13 13:44:00 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eyuqojuneho.dll
[2010/12/13 11:42:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ehixusoyaqo.dll
[2010/12/13 05:08:09 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oyifureqij.dll
[2010/12/13 03:06:10 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oluzoquqisefac.dll
[2010/12/13 01:04:10 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ulimiyumihoy.dll
[2010/12/12 23:02:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\itigefimifetelag.dll
[2010/12/12 21:00:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\omebopit.dll
[2010/12/12 18:58:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ozahezusuqik.dll
[2010/12/12 16:56:11 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oduqotiwuvu.dll
[2010/12/12 14:54:12 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\icanuperamiyapa.dll
[2010/12/12 12:52:12 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\agaqejak.dll
[2010/12/12 07:42:37 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\urawixorigeg.dll
[2010/12/12 05:40:37 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eyuvozerazurow.dll
[2010/12/12 03:38:37 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\edorebanupera.dll
[2010/12/12 01:36:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ugoludeje.dll
[2010/12/11 23:34:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ujovilitaciwiman.dll
[2010/12/11 21:32:38 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ofeyamuz.dll
[2010/12/11 19:30:40 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eqamepoz.dll
[2010/12/11 17:28:39 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ewugoyin.dll
[2010/12/11 15:26:39 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\etijekafiya.dll
[2010/12/11 13:24:40 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\umicirisohahoz.dll
[2010/12/11 11:22:40 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\aquhalev.dll
[2010/12/10 23:46:03 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\emarowovoxados.dll
[2010/12/10 21:43:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ezuwapanuv.dll
[2010/12/10 19:41:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\oxululineteriw.dll
[2010/12/10 17:39:03 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\aquvubeq.dll
[2010/12/09 08:50:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ejicejalafoq.dll
[2010/12/08 08:26:37 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\axusuyegan.dll
[2010/12/07 07:31:27 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\ubonoxozoquqis.dll
[2010/12/07 03:48:15 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uviqiqej.dll
[2010/12/07 01:46:15 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\uguledunumulo.dll
[2010/12/06 17:33:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\eselukigatek.dll
[2010/12/06 15:31:05 | 000,001,861 | ---- | C] () -- C:\Users\Vista\AppData\Local\onibiweyifeg.dll
[2010/12/06 13:31:25 | 000,001,949 | ---- | C] () -- C:\Users\Vista\AppData\Local\alakoqat.dll
[2010/12/06 12:15:39 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\uqubabab.dll
[2010/12/06 10:13:39 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ipozomuf.dll
[2010/12/06 00:16:53 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\educewekifenifi.dll
[2010/12/05 22:14:54 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\okohilono.dll
[2010/12/05 20:12:54 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\uvezayujupi.dll
[2010/12/05 18:10:55 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\esamewig.dll
[2010/12/05 16:08:55 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\awofapoyowuka.dll
[2010/12/05 12:04:56 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\awoqugaroro.dll
[2010/12/05 10:02:56 | 000,001,901 | ---- | C] () -- C:\Users\Vista\AppData\Local\ayehonev.dll
[2010/09/23 21:53:59 | 000,000,120 | ---- | C] () -- C:\Users\Vista\AppData\Local\Ewosokogikew.dat
[2010/09/23 21:53:59 | 000,000,000 | ---- | C] () -- C:\Users\Vista\AppData\Local\Ibanofum.bin
[2010/07/29 21:17:17 | 000,001,356 | ---- | C] () -- C:\Users\Vista\AppData\Local\d3d9caps.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/25 09:22:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DAUMCRYPT.DLL
[2009/03/01 21:41:18 | 000,244,224 | ---- | C] () -- C:\Users\Vista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/25 18:33:50 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/02/25 18:31:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\EAL32.INI
[2009/02/25 18:28:55 | 000,000,044 | ---- | C] () -- C:\Windows\EPCX6000.ini
[2009/02/17 15:29:50 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/02/17 15:22:10 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2009/02/17 15:22:08 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2009/01/16 00:42:24 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/01/16 00:42:24 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/01/16 00:42:24 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/01/16 00:42:24 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/08/18 13:36:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/08/18 13:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/08/18 13:07:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/08/18 13:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/08/18 13:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/08/18 13:07:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/08/18 13:07:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/06/12 21:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 12:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/12/15 06:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004/02/27 15:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

< End of report >

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Fri Feb 11, 2011 8:34 am

This the the Extras.Txt.



OTL Extras logfile created on: 2/11/2011 8:17:23 AM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Vista\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.34 Gb Total Space | 54.85 Gb Free Space | 39.08% Space Free | Partition Type: NTFS

Computer Name: VISTA-PC | User Name: Vista | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6CDB74FD-D573-484B-8F3E-96AD66252FB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B7D3DB57-7C9B-40A1-9CB3-6CCEF8C7D479}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CA4CAB51-F525-441D-A7A6-0B3EBA9E235F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A172861-924D-416E-BB83-8F85CF362E57}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{130FA2F2-4BD8-45CB-97AC-8465FC683FA0}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{33C1FD2B-FF38-427C-AAAF-C1B6360681E8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{4BA9A211-4D8B-4D0B-A121-216097B42845}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{637EB3DA-D316-4477-847B-0AE07DB6CE55}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{66715C5F-BE06-47A3-9E30-E77EB0CF8F26}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{681A3794-F21E-4041-A088-735C07A9FC1B}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{69556624-E0E6-427B-84D6-4A0A4E9EC743}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{71407D4E-D645-4BB2-9FCF-1346457F1465}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{76E9C8AC-B5E2-40F7-9D50-D3276E974BCC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{9CD020BF-CB73-4BC1-B111-4CD4C48F4246}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AEECA754-EDCC-4877-819B-41CC0243F035}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AF040423-CE0D-4C39-AF8B-C8A5612E160D}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{B208D2C1-60B0-41E7-BB5B-4E52E84F030F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DE629976-34F0-4D04-A15B-95964C60B5A2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F5FA6DDE-B6C3-4D3D-8D4D-85232937D236}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F8993209-7F48-4839-96B4-312229066141}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C643154-0ADF-4B4C-AF17-E315C946A54B}" = MotoConnect
"{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}" = EPSON Stylus CX6000 Scanner Driver Update
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A2E758A-028B-46BB-A11D-0608AB5A4ED3}" = Daum ActiveX 컨트롤 - Daum 음악 플레이어
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}" = Adobe Flash Player 9 ActiveX
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E1E56B8A-1AAF-422A-91DB-625059FB9863}" = TOSHIBA Desktop Links
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_6" = AIM 6
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Cakewalk VST Adapter 4" = Cakewalk VST Adapter 4
"DreamStation DXi2" = DreamStation DXi2
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"GOM Player" = GOM Player
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"Picasa 3" = Picasa 3
"Silent Package Run-Time Sample" = EPSON CX6000 Series User's Guide
"Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar
"SONAR LE" = SONAR LE
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = 야후! 툴바
"YahooAntiSpyware" = 야후! 실시간 무료백신

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FutureStream Client" = FutureStream Client
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/10/2011 9:34:22 AM | Computer Name = Vista-PC | Source = EventSystem | ID = 4609
Description =

Error - 2/10/2011 9:34:35 AM | Computer Name = Vista-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/10/2011 10:00:52 AM | Computer Name = Vista-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/10/2011 10:05:07 AM | Computer Name = Vista-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/10/2011 10:05:10 AM | Computer Name = Vista-PC | Source = EventSystem | ID = 4609
Description =

Error - 2/10/2011 10:13:49 AM | Computer Name = Vista-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/10/2011 10:18:35 AM | Computer Name = Vista-PC | Source = EventSystem | ID = 4609
Description =

Error - 2/10/2011 10:18:48 AM | Computer Name = Vista-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/11/2011 9:03:20 AM | Computer Name = Vista-PC | Source = EventSystem | ID = 4609
Description =

Error - 2/11/2011 9:03:28 AM | Computer Name = Vista-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 8/6/2009 9:21:51 PM | Computer Name = Vista-PC | Source = DCOM | ID = 10016
Description =

Error - 8/6/2009 9:22:17 PM | Computer Name = Vista-PC | Source = DCOM | ID = 10000
Description =

Error - 8/6/2009 9:25:32 PM | Computer Name = Vista-PC | Source = BROWSER | ID = 8032
Description =

Error - 8/7/2009 8:59:47 AM | Computer Name = Vista-PC | Source = HTTP | ID = 15016
Description =

Error - 8/7/2009 7:22:51 PM | Computer Name = Vista-PC | Source = bowser | ID = 8003
Description =

Error - 8/7/2009 7:49:44 PM | Computer Name = Vista-PC | Source = BROWSER | ID = 8032
Description =

Error - 8/8/2009 8:42:55 AM | Computer Name = Vista-PC | Source = HTTP | ID = 15016
Description =

Error - 8/8/2009 9:15:59 AM | Computer Name = Vista-PC | Source = BROWSER | ID = 8032
Description =

Error - 8/9/2009 4:53:55 AM | Computer Name = Vista-PC | Source = HTTP | ID = 15016
Description =

Error - 8/9/2009 7:19:52 PM | Computer Name = Vista-PC | Source = HTTP | ID = 15016
Description =


< End of report >

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Fri Feb 11, 2011 1:32 pm

Hello.

Remove the Proxy setting in Internet Explorer and/or in FireFox.

    In Internet Explorer
  1. Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    In Firefox
  1. Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection > Choose "No Proxy"
  2. Click the apply button and restart that computer in normal mode.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O4 - HKCU..\Run: [ndhydqqm] C:\Users\Vista\AppData\Local\Temp\vqnddwvsr\lpmhsoqsika.exe ()
    O33 - MountPoints2\{5a74ad24-0655-11de-a842-001e3396d325}\Shell\AutoRun\command - "" = rkw2ci.cmd
    O33 - MountPoints2\{5a74ad24-0655-11de-a842-001e3396d325}\Shell\open\Command - "" = rkw2ci.cmd

    :files
    C:\Users\Vista\AppData\Local\*.dll

    :commands
    [emptytemp]
    [reboot]


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Sat Feb 12, 2011 7:59 am

Question - I'm not good with computers.. Will rebooting the computer erase all my files? If so, should I save my important files onto a usb port before I reboot them?

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Sat Feb 12, 2011 7:20 pm

No, rebooting just makes it reboot, shuts it down and starts again. I can't explain it any clearer than that. Goofy


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Sun Feb 13, 2011 10:46 am

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ndhydqqm deleted successfully.
C:\Users\Vista\AppData\Local\Temp\vqnddwvsr\lpmhsoqsika.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a74ad24-0655-11de-a842-001e3396d325}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a74ad24-0655-11de-a842-001e3396d325}\ not found.
File rkw2ci.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a74ad24-0655-11de-a842-001e3396d325}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a74ad24-0655-11de-a842-001e3396d325}\ not found.
File rkw2ci.cmd not found.
========== FILES ==========
C:\Users\Vista\AppData\Local\abecaval.dll moved successfully.
C:\Users\Vista\AppData\Local\abiluqizevax.dll moved successfully.
C:\Users\Vista\AppData\Local\abinamanewoh.dll moved successfully.
C:\Users\Vista\AppData\Local\abomocinexilah.dll moved successfully.
C:\Users\Vista\AppData\Local\acejojul.dll moved successfully.
C:\Users\Vista\AppData\Local\acodokezez.dll moved successfully.
C:\Users\Vista\AppData\Local\acubomuredi.dll moved successfully.
C:\Users\Vista\AppData\Local\adalasej.dll moved successfully.
C:\Users\Vista\AppData\Local\adehogajim.dll moved successfully.
C:\Users\Vista\AppData\Local\ademeroko.dll moved successfully.
C:\Users\Vista\AppData\Local\afejepuritucivi.dll moved successfully.
C:\Users\Vista\AppData\Local\afohediqad.dll moved successfully.
C:\Users\Vista\AppData\Local\afucuzozec.dll moved successfully.
C:\Users\Vista\AppData\Local\agaqejak.dll moved successfully.
C:\Users\Vista\AppData\Local\agazekud.dll moved successfully.
C:\Users\Vista\AppData\Local\ageporer.dll moved successfully.
C:\Users\Vista\AppData\Local\agiqemaqawe.dll moved successfully.
C:\Users\Vista\AppData\Local\agopewukuwupomu.dll moved successfully.
C:\Users\Vista\AppData\Local\ahefixipu.dll moved successfully.
C:\Users\Vista\AppData\Local\ahocajuh.dll moved successfully.
C:\Users\Vista\AppData\Local\ahogesavadebib.dll moved successfully.
C:\Users\Vista\AppData\Local\ajedafuga.dll moved successfully.
C:\Users\Vista\AppData\Local\ajoheridub.dll moved successfully.
C:\Users\Vista\AppData\Local\ajotemek.dll moved successfully.
C:\Users\Vista\AppData\Local\akatakobiloba.dll moved successfully.
C:\Users\Vista\AppData\Local\akezevuladiw.dll moved successfully.
C:\Users\Vista\AppData\Local\alafoqipofevinuy.dll moved successfully.
C:\Users\Vista\AppData\Local\alakoqat.dll moved successfully.
C:\Users\Vista\AppData\Local\alozucowopoze.dll moved successfully.
C:\Users\Vista\AppData\Local\amolijefed.dll moved successfully.
C:\Users\Vista\AppData\Local\amomocar.dll moved successfully.
C:\Users\Vista\AppData\Local\amopawogep.dll moved successfully.
C:\Users\Vista\AppData\Local\amunuper.dll moved successfully.
C:\Users\Vista\AppData\Local\anigomusige.dll moved successfully.
C:\Users\Vista\AppData\Local\anocobojebuq.dll moved successfully.
C:\Users\Vista\AppData\Local\apaqurej.dll moved successfully.
C:\Users\Vista\AppData\Local\apelijefed.dll moved successfully.
C:\Users\Vista\AppData\Local\aponimifi.dll moved successfully.
C:\Users\Vista\AppData\Local\aqaxacumiruxeca.dll moved successfully.
C:\Users\Vista\AppData\Local\aqubacax.dll moved successfully.
C:\Users\Vista\AppData\Local\aquhalev.dll moved successfully.
C:\Users\Vista\AppData\Local\aquhiqijoyi.dll moved successfully.
C:\Users\Vista\AppData\Local\aquvubeq.dll moved successfully.
C:\Users\Vista\AppData\Local\arifusiz.dll moved successfully.
C:\Users\Vista\AppData\Local\asiyagasuti.dll moved successfully.
C:\Users\Vista\AppData\Local\asusamoq.dll moved successfully.
C:\Users\Vista\AppData\Local\atogunewuc.dll moved successfully.
C:\Users\Vista\AppData\Local\atucefuw.dll moved successfully.
C:\Users\Vista\AppData\Local\atuciduwatonudo.dll moved successfully.
C:\Users\Vista\AppData\Local\avavamebopevu.dll moved successfully.
C:\Users\Vista\AppData\Local\avezacufo.dll moved successfully.
C:\Users\Vista\AppData\Local\avopomukimupewu.dll moved successfully.
C:\Users\Vista\AppData\Local\avuwahazuyos.dll moved successfully.
C:\Users\Vista\AppData\Local\awitaludeje.dll moved successfully.
C:\Users\Vista\AppData\Local\awofapoyowuka.dll moved successfully.
C:\Users\Vista\AppData\Local\awoqugaroro.dll moved successfully.
C:\Users\Vista\AppData\Local\awosicuz.dll moved successfully.
C:\Users\Vista\AppData\Local\axasafuz.dll moved successfully.
C:\Users\Vista\AppData\Local\axiduqiyaloqetu.dll moved successfully.
C:\Users\Vista\AppData\Local\axoyoqanejob.dll moved successfully.
C:\Users\Vista\AppData\Local\axukuwafonut.dll moved successfully.
C:\Users\Vista\AppData\Local\axusuyegan.dll moved successfully.
C:\Users\Vista\AppData\Local\ayefevinuyoz.dll moved successfully.
C:\Users\Vista\AppData\Local\ayegozuxecuguve.dll moved successfully.
C:\Users\Vista\AppData\Local\ayehonev.dll moved successfully.
C:\Users\Vista\AppData\Local\ayifexemexiz.dll moved successfully.
C:\Users\Vista\AppData\Local\ayobodamu.dll moved successfully.
C:\Users\Vista\AppData\Local\azabowin.dll moved successfully.
C:\Users\Vista\AppData\Local\azegewusuya.dll moved successfully.
C:\Users\Vista\AppData\Local\azodinig.dll moved successfully.
C:\Users\Vista\AppData\Local\ecacejalafoqipof.dll moved successfully.
C:\Users\Vista\AppData\Local\ecasevegukoge.dll moved successfully.
C:\Users\Vista\AppData\Local\ecelamut.dll moved successfully.
C:\Users\Vista\AppData\Local\ecihuwonez.dll moved successfully.
C:\Users\Vista\AppData\Local\ecuqesuhelehizu.dll moved successfully.
C:\Users\Vista\AppData\Local\edatoxolibugid.dll moved successfully.
C:\Users\Vista\AppData\Local\edelasihi.dll moved successfully.
C:\Users\Vista\AppData\Local\edezijuqumofut.dll moved successfully.
C:\Users\Vista\AppData\Local\edigezorije.dll moved successfully.
C:\Users\Vista\AppData\Local\edorebanupera.dll moved successfully.
C:\Users\Vista\AppData\Local\educewekifenifi.dll moved successfully.
C:\Users\Vista\AppData\Local\efegasuti.dll moved successfully.
C:\Users\Vista\AppData\Local\efugoforeqonofa.dll moved successfully.
C:\Users\Vista\AppData\Local\egafisequp.dll moved successfully.
C:\Users\Vista\AppData\Local\egexifokelodasod.dll moved successfully.
C:\Users\Vista\AppData\Local\egimuhif.dll moved successfully.
C:\Users\Vista\AppData\Local\egipojehu.dll moved successfully.
C:\Users\Vista\AppData\Local\egisuqikuwafonut.dll moved successfully.
C:\Users\Vista\AppData\Local\egiviwece.dll moved successfully.
C:\Users\Vista\AppData\Local\eguweseb.dll moved successfully.
C:\Users\Vista\AppData\Local\eheraqesa.dll moved successfully.
C:\Users\Vista\AppData\Local\ehixusoyaqo.dll moved successfully.
C:\Users\Vista\AppData\Local\ehojufanerokowu.dll moved successfully.
C:\Users\Vista\AppData\Local\ehuhuqer.dll moved successfully.
C:\Users\Vista\AppData\Local\ejajovanile.dll moved successfully.
C:\Users\Vista\AppData\Local\ejicejalafoq.dll moved successfully.
C:\Users\Vista\AppData\Local\ekelulinet.dll moved successfully.
C:\Users\Vista\AppData\Local\ekisuzupijaferoc.dll moved successfully.
C:\Users\Vista\AppData\Local\ekizipahal.dll moved successfully.
C:\Users\Vista\AppData\Local\ekurayapeva.dll moved successfully.
C:\Users\Vista\AppData\Local\elibewah.dll moved successfully.
C:\Users\Vista\AppData\Local\elofasuf.dll moved successfully.
C:\Users\Vista\AppData\Local\elujubetovapuz.dll moved successfully.
C:\Users\Vista\AppData\Local\emarowovoxados.dll moved successfully.
C:\Users\Vista\AppData\Local\emaziful.dll moved successfully.
C:\Users\Vista\AppData\Local\emazupijafer.dll moved successfully.
C:\Users\Vista\AppData\Local\emerulazexizux.dll moved successfully.
C:\Users\Vista\AppData\Local\enawafon.dll moved successfully.
C:\Users\Vista\AppData\Local\enononuc.dll moved successfully.
C:\Users\Vista\AppData\Local\enuyecoxewugo.dll moved successfully.
C:\Users\Vista\AppData\Local\epayetasoyuyebi.dll moved successfully.
C:\Users\Vista\AppData\Local\epefureqijoloz.dll moved successfully.
C:\Users\Vista\AppData\Local\epirezat.dll moved successfully.
C:\Users\Vista\AppData\Local\epuqaxuwibiqo.dll moved successfully.
C:\Users\Vista\AppData\Local\eqamepoz.dll moved successfully.
C:\Users\Vista\AppData\Local\eqegeyabeguyo.dll moved successfully.
C:\Users\Vista\AppData\Local\eqiridasib.dll moved successfully.
C:\Users\Vista\AppData\Local\erewulevefi.dll moved successfully.
C:\Users\Vista\AppData\Local\esamewig.dll moved successfully.
C:\Users\Vista\AppData\Local\esavudam.dll moved successfully.
C:\Users\Vista\AppData\Local\eselukigatek.dll moved successfully.
C:\Users\Vista\AppData\Local\esimanew.dll moved successfully.
C:\Users\Vista\AppData\Local\esixufapif.dll moved successfully.
C:\Users\Vista\AppData\Local\esugepazopesiqa.dll moved successfully.
C:\Users\Vista\AppData\Local\etafulor.dll moved successfully.
C:\Users\Vista\AppData\Local\etategigusobo.dll moved successfully.
C:\Users\Vista\AppData\Local\etetahefozuj.dll moved successfully.
C:\Users\Vista\AppData\Local\etijekafiya.dll moved successfully.
C:\Users\Vista\AppData\Local\etuhuvilitac.dll moved successfully.
C:\Users\Vista\AppData\Local\evamibah.dll moved successfully.
C:\Users\Vista\AppData\Local\evaqeniware.dll moved successfully.
C:\Users\Vista\AppData\Local\evonodusexuyo.dll moved successfully.
C:\Users\Vista\AppData\Local\evoyesubaseb.dll moved successfully.
C:\Users\Vista\AppData\Local\ewaforaw.dll moved successfully.
C:\Users\Vista\AppData\Local\eweboxebo.dll moved successfully.
C:\Users\Vista\AppData\Local\ewenafazeqeqal.dll moved successfully.
C:\Users\Vista\AppData\Local\ewimikuxiyay.dll moved successfully.
C:\Users\Vista\AppData\Local\ewojupiliyojo.dll moved successfully.
C:\Users\Vista\AppData\Local\ewozetij.dll moved successfully.
C:\Users\Vista\AppData\Local\ewugoyin.dll moved successfully.
C:\Users\Vista\AppData\Local\ewuneburimuquj.dll moved successfully.
C:\Users\Vista\AppData\Local\exacufotizici.dll moved successfully.
C:\Users\Vista\AppData\Local\exenoxozoq.dll moved successfully.
C:\Users\Vista\AppData\Local\exocibisovuniwu.dll moved successfully.
C:\Users\Vista\AppData\Local\exogurinaz.dll moved successfully.
C:\Users\Vista\AppData\Local\eyapiqiy.dll moved successfully.
C:\Users\Vista\AppData\Local\eyarayeheridub.dll moved successfully.
C:\Users\Vista\AppData\Local\eyevifoh.dll moved successfully.
C:\Users\Vista\AppData\Local\eyivahub.dll moved successfully.
C:\Users\Vista\AppData\Local\eyuqojuneho.dll moved successfully.
C:\Users\Vista\AppData\Local\eyuvozerazurow.dll moved successfully.
C:\Users\Vista\AppData\Local\ezavenup.dll moved successfully.
C:\Users\Vista\AppData\Local\ezidevac.dll moved successfully.
C:\Users\Vista\AppData\Local\ezulobakamo.dll moved successfully.
C:\Users\Vista\AppData\Local\ezuwapanuv.dll moved successfully.
C:\Users\Vista\AppData\Local\ibamufoy.dll moved successfully.
C:\Users\Vista\AppData\Local\ibohapax.dll moved successfully.
C:\Users\Vista\AppData\Local\icanuperamiyapa.dll moved successfully.
C:\Users\Vista\AppData\Local\icikesiko.dll moved successfully.
C:\Users\Vista\AppData\Local\icisexuy.dll moved successfully.
C:\Users\Vista\AppData\Local\icuzahuyuruw.dll moved successfully.
C:\Users\Vista\AppData\Local\idajedab.dll moved successfully.
C:\Users\Vista\AppData\Local\idebukukaseg.dll moved successfully.
C:\Users\Vista\AppData\Local\idilaquv.dll moved successfully.
C:\Users\Vista\AppData\Local\idodinig.dll moved successfully.
C:\Users\Vista\AppData\Local\ifefedawevev.dll moved successfully.
C:\Users\Vista\AppData\Local\ifiyovuzikagu.dll moved successfully.
C:\Users\Vista\AppData\Local\ifuvetecofirujiq.dll moved successfully.
C:\Users\Vista\AppData\Local\igajigulukacega.dll moved successfully.
C:\Users\Vista\AppData\Local\igegobeyeyo.dll moved successfully.
C:\Users\Vista\AppData\Local\igehucucaqi.dll moved successfully.
C:\Users\Vista\AppData\Local\igudolequfir.dll moved successfully.
C:\Users\Vista\AppData\Local\iguvezuy.dll moved successfully.
C:\Users\Vista\AppData\Local\iheqefameteqa.dll moved successfully.
C:\Users\Vista\AppData\Local\iholifip.dll moved successfully.
C:\Users\Vista\AppData\Local\ihugoqora.dll moved successfully.
C:\Users\Vista\AppData\Local\ihumavabow.dll moved successfully.
C:\Users\Vista\AppData\Local\ijaculihiweke.dll moved successfully.
C:\Users\Vista\AppData\Local\ikegipam.dll moved successfully.
C:\Users\Vista\AppData\Local\ikulipizuluf.dll moved successfully.
C:\Users\Vista\AppData\Local\ilawemowe.dll moved successfully.
C:\Users\Vista\AppData\Local\ilixoqoya.dll moved successfully.
C:\Users\Vista\AppData\Local\ilorujiqigisohun.dll moved successfully.
C:\Users\Vista\AppData\Local\ilugulukacegala.dll moved successfully.
C:\Users\Vista\AppData\Local\imapiguy.dll moved successfully.
C:\Users\Vista\AppData\Local\inacodeneqehex.dll moved successfully.
C:\Users\Vista\AppData\Local\inilijos.dll moved successfully.
C:\Users\Vista\AppData\Local\ipemogudorayeher.dll moved successfully.
C:\Users\Vista\AppData\Local\ipodohaq.dll moved successfully.
C:\Users\Vista\AppData\Local\ipoleriweso.dll moved successfully.
C:\Users\Vista\AppData\Local\ipozomuf.dll moved successfully.
C:\Users\Vista\AppData\Local\iqajataz.dll moved successfully.
C:\Users\Vista\AppData\Local\iqijikeregu.dll moved successfully.
C:\Users\Vista\AppData\Local\iqiquhet.dll moved successfully.
C:\Users\Vista\AppData\Local\iquzizuf.dll moved successfully.
C:\Users\Vista\AppData\Local\irorereweril.dll moved successfully.
C:\Users\Vista\AppData\Local\irotagac.dll moved successfully.
C:\Users\Vista\AppData\Local\isanucijenonu.dll moved successfully.
C:\Users\Vista\AppData\Local\itariyovuzikagu.dll moved successfully.
C:\Users\Vista\AppData\Local\itevisidu.dll moved successfully.
C:\Users\Vista\AppData\Local\itibibidovug.dll moved successfully.
C:\Users\Vista\AppData\Local\itiboxagijo.dll moved successfully.
C:\Users\Vista\AppData\Local\itigefimifetelag.dll moved successfully.
C:\Users\Vista\AppData\Local\iveduyeviwepa.dll moved successfully.
C:\Users\Vista\AppData\Local\ivikepemiyuvacas.dll moved successfully.
C:\Users\Vista\AppData\Local\ivomoled.dll moved successfully.
C:\Users\Vista\AppData\Local\iwofaneroko.dll moved successfully.
C:\Users\Vista\AppData\Local\iwomexiz.dll moved successfully.
C:\Users\Vista\AppData\Local\iwuwefok.dll moved successfully.
C:\Users\Vista\AppData\Local\ixagupis.dll moved successfully.
C:\Users\Vista\AppData\Local\ixaqatar.dll moved successfully.
C:\Users\Vista\AppData\Local\ixeqegepazopesi.dll moved successfully.
C:\Users\Vista\AppData\Local\ixipoxul.dll moved successfully.
C:\Users\Vista\AppData\Local\ixixekoc.dll moved successfully.
C:\Users\Vista\AppData\Local\iyajigoki.dll moved successfully.
C:\Users\Vista\AppData\Local\iyehixusoya.dll moved successfully.
C:\Users\Vista\AppData\Local\iyigugav.dll moved successfully.
C:\Users\Vista\AppData\Local\izadusib.dll moved successfully.
C:\Users\Vista\AppData\Local\izefopawuqe.dll moved successfully.
C:\Users\Vista\AppData\Local\izehogeh.dll moved successfully.
C:\Users\Vista\AppData\Local\izeroxaziv.dll moved successfully.
C:\Users\Vista\AppData\Local\izesebevax.dll moved successfully.
C:\Users\Vista\AppData\Local\izexetedabe.dll moved successfully.
C:\Users\Vista\AppData\Local\izogubix.dll moved successfully.
C:\Users\Vista\AppData\Local\obajadazayuju.dll moved successfully.
C:\Users\Vista\AppData\Local\obaperulazexizux.dll moved successfully.
C:\Users\Vista\AppData\Local\obapijov.dll moved successfully.
C:\Users\Vista\AppData\Local\obuqoboxebodamu.dll moved successfully.
C:\Users\Vista\AppData\Local\ocimuduti.dll moved successfully.
C:\Users\Vista\AppData\Local\oduferosulo.dll moved successfully.
C:\Users\Vista\AppData\Local\oduqotiwuvu.dll moved successfully.
C:\Users\Vista\AppData\Local\ofeyamuz.dll moved successfully.
C:\Users\Vista\AppData\Local\ogeqazaqesuhele.dll moved successfully.
C:\Users\Vista\AppData\Local\ogokulad.dll moved successfully.
C:\Users\Vista\AppData\Local\ohequqofolininoz.dll moved successfully.
C:\Users\Vista\AppData\Local\ohugavim.dll moved successfully.
C:\Users\Vista\AppData\Local\ojivisidubadi.dll moved successfully.
C:\Users\Vista\AppData\Local\ojohanofowac.dll moved successfully.
C:\Users\Vista\AppData\Local\ojumasiv.dll moved successfully.
C:\Users\Vista\AppData\Local\okegemidaribiy.dll moved successfully.
C:\Users\Vista\AppData\Local\okohilono.dll moved successfully.
C:\Users\Vista\AppData\Local\oluzoquqisefac.dll moved successfully.
C:\Users\Vista\AppData\Local\omebopit.dll moved successfully.
C:\Users\Vista\AppData\Local\omesuleboduyevi.dll moved successfully.
C:\Users\Vista\AppData\Local\onerulipizuluf.dll moved successfully.
C:\Users\Vista\AppData\Local\onibiweyifeg.dll moved successfully.
C:\Users\Vista\AppData\Local\onifepovaxesak.dll moved successfully.
C:\Users\Vista\AppData\Local\onitohekafomohu.dll moved successfully.
C:\Users\Vista\AppData\Local\onolayotevokomas.dll moved successfully.
C:\Users\Vista\AppData\Local\opimikuxiyayidad.dll moved successfully.
C:\Users\Vista\AppData\Local\opogovitogolopu.dll moved successfully.
C:\Users\Vista\AppData\Local\opokadik.dll moved successfully.
C:\Users\Vista\AppData\Local\opokapak.dll moved successfully.
C:\Users\Vista\AppData\Local\oqagomukedomigiv.dll moved successfully.
C:\Users\Vista\AppData\Local\oqayaqogunewucob.dll moved successfully.
C:\Users\Vista\AppData\Local\oqeyemamerihesog.dll moved successfully.
C:\Users\Vista\AppData\Local\oqijepopepacu.dll moved successfully.
C:\Users\Vista\AppData\Local\oqitedap.dll moved successfully.
C:\Users\Vista\AppData\Local\oqogalajuna.dll moved successfully.
C:\Users\Vista\AppData\Local\oribezaxe.dll moved successfully.
C:\Users\Vista\AppData\Local\oromimesu.dll moved successfully.
C:\Users\Vista\AppData\Local\otaqutunagecag.dll moved successfully.
C:\Users\Vista\AppData\Local\otetupek.dll moved successfully.
C:\Users\Vista\AppData\Local\otifasocukexu.dll moved successfully.
C:\Users\Vista\AppData\Local\otoximib.dll moved successfully.
C:\Users\Vista\AppData\Local\ovelikol.dll moved successfully.
C:\Users\Vista\AppData\Local\ovexehiz.dll moved successfully.
C:\Users\Vista\AppData\Local\ovisatox.dll moved successfully.
C:\Users\Vista\AppData\Local\oxavigul.dll moved successfully.
C:\Users\Vista\AppData\Local\oxexofip.dll moved successfully.
C:\Users\Vista\AppData\Local\oxicuficawa.dll moved successfully.
C:\Users\Vista\AppData\Local\oxowesebebebagu.dll moved successfully.
C:\Users\Vista\AppData\Local\oxululineteriw.dll moved successfully.
C:\Users\Vista\AppData\Local\oyifureqij.dll moved successfully.
C:\Users\Vista\AppData\Local\oyifuzacanuv.dll moved successfully.
C:\Users\Vista\AppData\Local\oyohiheha.dll moved successfully.
C:\Users\Vista\AppData\Local\ozahezusuqik.dll moved successfully.
C:\Users\Vista\AppData\Local\ozikiriy.dll moved successfully.
C:\Users\Vista\AppData\Local\ozufutoc.dll moved successfully.
C:\Users\Vista\AppData\Local\ubamimesu.dll moved successfully.
C:\Users\Vista\AppData\Local\ubegatekudat.dll moved successfully.
C:\Users\Vista\AppData\Local\ubigunewucobuh.dll moved successfully.
C:\Users\Vista\AppData\Local\ubofoqip.dll moved successfully.
C:\Users\Vista\AppData\Local\ubonoxozoquqis.dll moved successfully.
C:\Users\Vista\AppData\Local\ubudomipusovo.dll moved successfully.
C:\Users\Vista\AppData\Local\ubukafomohuxe.dll moved successfully.
C:\Users\Vista\AppData\Local\uconujanecatev.dll moved successfully.
C:\Users\Vista\AppData\Local\ucotucejaqapeju.dll moved successfully.
C:\Users\Vista\AppData\Local\udakotadoqevoyox.dll moved successfully.
C:\Users\Vista\AppData\Local\udeziguq.dll moved successfully.
C:\Users\Vista\AppData\Local\udiwusuya.dll moved successfully.
C:\Users\Vista\AppData\Local\udolemunajazeti.dll moved successfully.
C:\Users\Vista\AppData\Local\ufehavona.dll moved successfully.
C:\Users\Vista\AppData\Local\ufoceyiqamabim.dll moved successfully.
C:\Users\Vista\AppData\Local\ufonegifo.dll moved successfully.
C:\Users\Vista\AppData\Local\ufozerazurow.dll moved successfully.
C:\Users\Vista\AppData\Local\ufunevif.dll moved successfully.
C:\Users\Vista\AppData\Local\ugimuhifopa.dll moved successfully.
C:\Users\Vista\AppData\Local\ugoludeje.dll moved successfully.
C:\Users\Vista\AppData\Local\uguledunumulo.dll moved successfully.
C:\Users\Vista\AppData\Local\uhasuwaqiqamalan.dll moved successfully.
C:\Users\Vista\AppData\Local\uhiluwaruyum.dll moved successfully.
C:\Users\Vista\AppData\Local\ujadurayapeva.dll moved successfully.
C:\Users\Vista\AppData\Local\ujafuxujabo.dll moved successfully.
C:\Users\Vista\AppData\Local\ujebeyitame.dll moved successfully.
C:\Users\Vista\AppData\Local\ujiziresoxiwuvur.dll moved successfully.
C:\Users\Vista\AppData\Local\ujomikux.dll moved successfully.
C:\Users\Vista\AppData\Local\ujovilitaciwiman.dll moved successfully.
C:\Users\Vista\AppData\Local\ukevegubelix.dll moved successfully.
C:\Users\Vista\AppData\Local\ukibumeru.dll moved successfully.
C:\Users\Vista\AppData\Local\ukozelagar.dll moved successfully.
C:\Users\Vista\AppData\Local\ukumufoyemuy.dll moved successfully.
C:\Users\Vista\AppData\Local\ulagesif.dll moved successfully.
C:\Users\Vista\AppData\Local\ulawulaqocu.dll moved successfully.
C:\Users\Vista\AppData\Local\ulehukoz.dll moved successfully.
C:\Users\Vista\AppData\Local\ulifirawaxozuvov.dll moved successfully.
C:\Users\Vista\AppData\Local\ulimiyumihoy.dll moved successfully.
C:\Users\Vista\AppData\Local\umicirisohahoz.dll moved successfully.
C:\Users\Vista\AppData\Local\umozakob.dll moved successfully.
C:\Users\Vista\AppData\Local\uniboduyevi.dll moved successfully.
C:\Users\Vista\AppData\Local\unoduligejope.dll moved successfully.
C:\Users\Vista\AppData\Local\unuretubediday.dll moved successfully.
C:\Users\Vista\AppData\Local\upehoxaj.dll moved successfully.
C:\Users\Vista\AppData\Local\upocukexugu.dll moved successfully.
C:\Users\Vista\AppData\Local\upovabup.dll moved successfully.
C:\Users\Vista\AppData\Local\upulicakenakohod.dll moved successfully.
C:\Users\Vista\AppData\Local\upuviwepa.dll moved successfully.
C:\Users\Vista\AppData\Local\uqetahixowe.dll moved successfully.
C:\Users\Vista\AppData\Local\uqexewugonajero.dll moved successfully.
C:\Users\Vista\AppData\Local\uqubabab.dll moved successfully.
C:\Users\Vista\AppData\Local\uqukocon.dll moved successfully.
C:\Users\Vista\AppData\Local\uqusaxogapoga.dll moved successfully.
C:\Users\Vista\AppData\Local\uqutewis.dll moved successfully.
C:\Users\Vista\AppData\Local\urawixorigeg.dll moved successfully.
C:\Users\Vista\AppData\Local\ureqejej.dll moved successfully.
C:\Users\Vista\AppData\Local\urimufavele.dll moved successfully.
C:\Users\Vista\AppData\Local\uropuyuqiyuk.dll moved successfully.
C:\Users\Vista\AppData\Local\usaxewugona.dll moved successfully.
C:\Users\Vista\AppData\Local\usigofudo.dll moved successfully.
C:\Users\Vista\AppData\Local\usinesan.dll moved successfully.
C:\Users\Vista\AppData\Local\usitanab.dll moved successfully.
C:\Users\Vista\AppData\Local\usowukatiyuwa.dll moved successfully.
C:\Users\Vista\AppData\Local\utamaquden.dll moved successfully.
C:\Users\Vista\AppData\Local\utayonoxuxabibid.dll moved successfully.
C:\Users\Vista\AppData\Local\utimiyaparohi.dll moved successfully.
C:\Users\Vista\AppData\Local\utisequpal.dll moved successfully.
C:\Users\Vista\AppData\Local\utozofuq.dll moved successfully.
C:\Users\Vista\AppData\Local\uvabetovapuz.dll moved successfully.
C:\Users\Vista\AppData\Local\uvaqejivul.dll moved successfully.
C:\Users\Vista\AppData\Local\uvezayujupi.dll moved successfully.
C:\Users\Vista\AppData\Local\uviqiqej.dll moved successfully.
C:\Users\Vista\AppData\Local\uwivokom.dll moved successfully.
C:\Users\Vista\AppData\Local\uwojoxuc.dll moved successfully.
C:\Users\Vista\AppData\Local\uwoketom.dll moved successfully.
C:\Users\Vista\AppData\Local\uwucasicuzo.dll moved successfully.
C:\Users\Vista\AppData\Local\uxefinos.dll moved successfully.
C:\Users\Vista\AppData\Local\uxevepas.dll moved successfully.
C:\Users\Vista\AppData\Local\uyohehuc.dll moved successfully.
C:\Users\Vista\AppData\Local\uzelineter.dll moved successfully.
C:\Users\Vista\AppData\Local\uzeqayis.dll moved successfully.
C:\Users\Vista\AppData\Local\uzikiriyijikere.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Vista
->Temp folder emptied: 327442675 bytes
->Temporary Internet Files folder emptied: 59977062 bytes
->Java cache emptied: 2697031 bytes
->FireFox cache emptied: 46338882 bytes
->Flash cache emptied: 619139 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9494995 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 48580 bytes

Total Files Cleaned = 426.00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02132011_103536

Files\Folders moved on Reboot...
File\Folder C:\Users\Vista\AppData\Local\Temp\~DFFBB7.tmp not found!
File\Folder C:\Users\Vista\AppData\Local\Temp\~DFFBBC.tmp not found!
File\Folder C:\Users\Vista\AppData\Local\Temp\~DFFC07.tmp not found!
File\Folder C:\Users\Vista\AppData\Local\Temp\~DFFC0C.tmp not found!
File\Folder C:\Users\Vista\AppData\Local\Temp\~DFFC3E.tmp not found!
File\Folder C:\Users\Vista\AppData\Local\Temp\~DFFC43.tmp not found!
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XANOUWLB\index[2].htm not found!
C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XANOUWLB\smilies[1].htm moved successfully.
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQX2E3MW\post[1].htm not found!
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MKRGZ2Q8\like[1].htm not found!
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MKRGZ2Q8\like[2].htm not found!
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MKRGZ2Q8\search[2].htm not found!
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MKRGZ2Q8\search[3].htm not found!
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JV5M29CP\getSegment[1].htm not found!
File\Folder C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JV5M29CP\maxx-finds[1].htm not found!
C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JV5M29CP\reatcmp_101130.html[1].htm moved successfully.
C:\Users\Vista\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHONDFGB\getSegment[1].htm moved successfully.

Registry entries deleted on Reboot...

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Sun Feb 13, 2011 9:31 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Mon Feb 14, 2011 8:42 am

Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 5725

Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.6001.18999

2/14/2011 8:33:40 AM
mbam-log-2011-02-14 (08-33-40).txt

Scan type: Quick scan
Objects scanned: 149834
Time elapsed: 5 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Mon Feb 14, 2011 8:21 pm

Hello.

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Tue Feb 15, 2011 8:51 am

I downloaded the ComboFix.exe and renamed it like you asked, but when it came to disabling the AntiVirus applications, I had a problem. I scrolled down cause it didn't say anything about Malwarebytes but then found something but the person said it was only for those who had Malwarebytes registered(?). I copied the command onto start but nothing happened too..

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Tue Feb 15, 2011 8:25 pm

Hmm, try running it by just double clicking it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Thu Feb 17, 2011 8:49 am

ComboFix 11-02-14.02 - Vista 7/2011 Thu 8:37.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.949.82.1033.18.1915.1491 [GMT -5:00]
Running from: c:\users\Vista\Downloads\commy.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Desktop
c:\users\Vista\AppData\Local\{3E9B658A-4BE2-4185-84CC-CAC954011664}
c:\users\Vista\AppData\Local\{3E9B658A-4BE2-4185-84CC-CAC954011664}\chrome.manifest
c:\users\Vista\AppData\Local\{3E9B658A-4BE2-4185-84CC-CAC954011664}\chrome\content\_cfg.js
c:\users\Vista\AppData\Local\{3E9B658A-4BE2-4185-84CC-CAC954011664}\chrome\content\overlay.xul
c:\users\Vista\AppData\Local\{3E9B658A-4BE2-4185-84CC-CAC954011664}\install.rdf

.
((((((((((((((((((((((((( Files Created from 2011-01-17 to 2011-02-17 )))))))))))))))))))))))))))))))
.

2011-02-17 13:42 . 2011-02-17 13:43 -------- d-----w- c:\users\Vista\AppData\Local\temp
2011-02-17 13:42 . 2011-02-17 13:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-15 13:41 . 2011-02-15 13:42 -------- d-----w- C:\commy
2011-02-13 15:35 . 2011-02-13 15:35 -------- d-----w- C:\_OTL
2011-02-09 22:35 . 2011-02-09 22:35 -------- d-----w- c:\users\Vista\AppData\Roaming\Malwarebytes
2011-02-09 22:34 . 2011-02-09 22:34 -------- d-----w- c:\programdata\Malwarebytes
2011-02-09 22:34 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-09 22:34 . 2011-02-09 22:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-09 22:34 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 14:10 . 2010-09-24 02:53 0 ----a-w- c:\users\Vista\AppData\Local\Ibanofum.bin
2010-12-28 14:57 . 2011-01-12 04:18 409600 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 15:49 . 2011-01-12 04:18 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-06-26 12:25 . 2009-11-12 23:20 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 22:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-29 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-16 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
"NDSTray.exe"="NDSTray.exe" [BU]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-04-01 1283384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-26 30192]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"YahooAntiSpyware"="c:\program files\Yahoo!\AntiSpyware\PZUpdate.exe" [2009-02-05 58832]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-29 122368]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"MaAgent"="c:\program files\MarkAny\ContentSAFER\MaAgent.exe" [2008-12-02 66896]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456]
R2 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-04-01 62776]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 YahooAntiSpyware_PZSrv;YahooAntiSpyware_PZSrv;c:\program files\Yahoo!\AntiSpyware\PZServiceNt.pze [2009-02-05 628176]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
R3 IO_Memory;IO_Memory;c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-04-16 954368]
R3 PZDrvNT_YahooAntiSpyware;PZDrvNT_YahooAntiSpyware;c:\program files\Yahoo!\AntiSpyware\PZDrvNT.sys [2008-09-24 14848]
R3 SVRPEDRV;SVRPEDRV;c:\windows\System32\sysprep\PEDrv.sys [2008-01-18 9216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-04-29 20384]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]

.
Contents of the 'Scheduled Tasks' folder

2011-02-13 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-18 18:36]

2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 12:29]

2011-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 12:29]

2011-02-09 c:\windows\Tasks\User_Feed_Synchronization-{B9FFFEFD-3619-4B9E-AD84-5296EEADD5A5}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = http=127.0.0.1:18810
uInternet Settings,ProxyOverride =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {8C165CC2-E50D-4D99-9D32-DAF6AB15AA32} - [You must be registered and logged in to see this link.]
DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} - [You must be registered and logged in to see this link.]
DPF: {DFBBCB52-4D9F-4D0E-BF4A-A51223FC2541} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Vista\AppData\Roaming\Mozilla\Firefox\Profiles\e7lif9lb.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Move Media Player: [You must be registered and logged in to see this link.] - c:\users\Vista\AppData\Roaming\Move Networks
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Aim6 - (no file)
HKCU-Run-MRDaemon.exe - c:\program files\Mnet\QuickManager2\MRDaemon.exe
HKLM-Run-jswtrayutil - c:\program files\Jumpstart\jswtrayutil.exe
HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
HKLM-RunOnce- - (no file)
AddRemove-LAME for Audacity_is1 - c:\program files\Lame for Audacity\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-02-17 08:43
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i???????? ?m??h?????????????????

scanning hidden files ...


c:\users\Vista\AppData\Local\Temp\catchme.dll 53248 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\YahooAntiSpyware_PZSrv]
"ImagePath"="c:\program files\Yahoo!\AntiSpyware\PZServiceNt.pze"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2011-02-17 08:44:37
ComboFix-quarantined-files.txt 2011-02-17 13:44

Pre-Run: 58,899,439,616 bytes free
Post-Run: 59,963,408,384 bytes free

- - End Of File - - 975772E6E24697F71DFE128B502C7FCB

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Thu Feb 17, 2011 7:19 pm

Hello.

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:
    Code:

    File::
    c:\users\Vista\AppData\Local\Ibanofum.bin

    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "GrpConv"=-

    DDS::
    uInternet Settings,ProxyServer = http=127.0.0.1:18810
    uInternet Settings,ProxyOverride =
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Fri Feb 18, 2011 8:43 am

ComboFix 11-02-14.02 - Vista 8/2011 Fri 8:34.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.949.82.1033.18.1915.1451 [GMT -5:00]
Running from: c:\users\Vista\Desktop\commy.exe
Command switches used :: c:\users\Vista\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\users\Vista\AppData\Local\Ibanofum.bin"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Vista\AppData\Local\Ibanofum.bin

.
((((((((((((((((((((((((( Files Created from 2011-01-18 to 2011-02-18 )))))))))))))))))))))))))))))))
.

2011-02-18 13:40 . 2011-02-18 13:41 -------- d-----w- c:\users\Vista\AppData\Local\temp
2011-02-18 13:40 . 2011-02-18 13:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-15 13:41 . 2011-02-15 13:42 -------- d-----w- C:\commy
2011-02-13 15:35 . 2011-02-13 15:35 -------- d-----w- C:\_OTL
2011-02-09 22:35 . 2011-02-09 22:35 -------- d-----w- c:\users\Vista\AppData\Roaming\Malwarebytes
2011-02-09 22:34 . 2011-02-09 22:34 -------- d-----w- c:\programdata\Malwarebytes
2011-02-09 22:34 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-09 22:34 . 2011-02-09 22:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-09 22:34 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-28 14:57 . 2011-01-12 04:18 409600 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 15:49 . 2011-01-12 04:18 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-06-26 12:25 . 2009-11-12 23:20 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 22:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-29 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-16 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
"NDSTray.exe"="NDSTray.exe" [BU]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-04-01 1283384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-26 30192]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"YahooAntiSpyware"="c:\program files\Yahoo!\AntiSpyware\PZUpdate.exe" [2009-02-05 58832]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-29 122368]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"MaAgent"="c:\program files\MarkAny\ContentSAFER\MaAgent.exe" [2008-12-02 66896]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456]
R2 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-04-01 62776]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 YahooAntiSpyware_PZSrv;YahooAntiSpyware_PZSrv;c:\program files\Yahoo!\AntiSpyware\PZServiceNt.pze [2009-02-05 628176]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
R3 IO_Memory;IO_Memory;c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-04-16 954368]
R3 PZDrvNT_YahooAntiSpyware;PZDrvNT_YahooAntiSpyware;c:\program files\Yahoo!\AntiSpyware\PZDrvNT.sys [2008-09-24 14848]
R3 SVRPEDRV;SVRPEDRV;c:\windows\System32\sysprep\PEDrv.sys [2008-01-18 9216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-04-29 20384]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]

.
Contents of the 'Scheduled Tasks' folder

2011-02-13 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-18 18:36]

2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 12:29]

2011-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 12:29]

2011-02-09 c:\windows\Tasks\User_Feed_Synchronization-{B9FFFEFD-3619-4B9E-AD84-5296EEADD5A5}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {8C165CC2-E50D-4D99-9D32-DAF6AB15AA32} - [You must be registered and logged in to see this link.]
DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} - [You must be registered and logged in to see this link.]
DPF: {DFBBCB52-4D9F-4D0E-BF4A-A51223FC2541} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Vista\AppData\Roaming\Mozilla\Firefox\Profiles\e7lif9lb.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Move Media Player: [You must be registered and logged in to see this link.] - c:\users\Vista\AppData\Roaming\Move Networks
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
.
- - - - ORPHANS REMOVED - - - -

HKLM-RunOnce- - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-02-18 08:41
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i???????? ?m??h?????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\YahooAntiSpyware_PZSrv]
"ImagePath"="c:\program files\Yahoo!\AntiSpyware\PZServiceNt.pze"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2011-02-18 08:42:23
ComboFix-quarantined-files.txt 2011-02-18 13:42
ComboFix2.txt 2011-02-17 13:44

Pre-Run: 60,070,027,264 bytes free
Post-Run: 59,876,458,496 bytes free

- - End Of File - - 756A17D4C5BB7AC45678E0F7CD383D9E

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Fri Feb 18, 2011 8:40 pm

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Sat Feb 19, 2011 11:59 am

It finished the scan and removed two infected files, but there was no log..

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Sat Feb 19, 2011 9:23 pm

Hello.

  • Click Start >> Control Panel.
  • Under the Programs click Uninstall a Program
  • Highlight the following:

    Adobe Reader 8.1.2
    Java(TM) 6 Update 6
    Viewpoint Media Player

  • Click on the Uninstall/Change button at the top.

Updating Java:

  • Download the latest version of [You must be registered and logged in to see this link.].
  • Click the "Download JRE" button to the right.
  • In the Window that opens, select your platform, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-6u24-windows-i586.exe that you downloaded to install the newest version.

Then download and install [You must be registered and logged in to see this link.]

Please download [You must be registered and logged in to see this link.] and install it. It will install over version 3.0 you currently have installed, so you won't lose any bookmarked websites.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Sun Feb 20, 2011 9:54 am

I uninstalled Viewpoint Media Player with no problem, but when it came to deleting Adobe Reader 8.1.2 and Java(TM) 6 Update 6, it says:

'The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.'


-EDIT-

When I tried to install the Java SE Runtime Environment (JRE) 6 Update 24 it said, 'The Windows Installer service is not accessible in Safe Mode. Please try again when your computer is not in Safe Mode or you can use System Restore to return your machine to a previous good state.'

It says 'The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.' for Adobe Reader X as well.

But I had no problem downloading Firefox..;;;


-EDIT AGAIN!!!-

I checked my computer the Antivira thing doesn't seem to be there and I am currently uninstalling Adobe Reader 8.1.2 (not in Safe Mode) and I'm planning to uninstall the other things you told me to uninstall. But I want to know is it safe for me to uninstall Adobe Flash Player 9 ActiveX, Adobe Flash Player 10 ActiveX and Adobe Flash Player10 Plugin.

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Sun Feb 20, 2011 6:51 pm

No, leave the flash player, just remove the Adobe Reader.

Were you in Safe Mode when removing/installing both Java versions? if so, that's why, just do it in normal mode and see how it goes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Mon Feb 21, 2011 10:56 am

I downloaded Java with no problem but when I tried to download Adobe this came up,

'Error 1321. The installer has insufficient privileges to modify the file C:\Program Files\Adobe\Reader 10.0\Reader\AcroBroker.exe.'

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Mon Feb 21, 2011 8:28 pm

Is that when you tried to run the installer?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Wed Feb 23, 2011 7:13 pm

Yes, and the icons next to the 'start' buttom disappeared too. Like the 'show desktop', 'internet explorer' icon..

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Wed Feb 23, 2011 8:54 pm

Quick Launch?

Right click on your Taskbar, go to Toolbars and open that menu, and tick "Quick Launch"

Did that bring back the icons next to the start button?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Thu Feb 24, 2011 8:01 am

Yes it did. Thank you! (: What should I do with the Java?

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by Belahzur on Thu Feb 24, 2011 8:07 pm

You mean Adobe? your post above, you said Java worked fine?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivira Av.. please help

Post by soconfused on Fri Feb 25, 2011 10:52 am

Sorry, I meant Adobe.

soconfused
Novice
Novice

Posts Posts : 16
Joined Joined : 2011-02-10
OS OS : Windows Vista
Points Points : 21498
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum