Author Topic: computer lockout (Read 8890 times)

JHADD · « **on:** July 24, 2012, 11:46:56 AM »

This afternoon while on the internet the internet shut down i got the message your computer as been locked out because ive been downloading pirate software or child porn.
I have never done any of these things and think i am the potential victim of a scam.
I can't do anything with the computer now as soon as i reboot this window opens saying my computer as been locked out by Manchester police , ineed to type in a UKASH code and pay £100 pounds to unlock my computer.
The O/S is WIN XP.
My internet provider is btyahoo.
any help would be much appreciated jhadd

DaveLembke · « **Reply #1 on:** July 24, 2012, 01:00:11 PM »

Your comment has been removed. Please do not post malware advice, or post here in the malware forum, unless you need help. If you want to help, please go here. Superdave.

SuperDave · « **Reply #2 on:** July 24, 2012, 01:28:39 PM »

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
First, try to boot in Safe Mode. If you can please let me know. There are some tools we can use in Safe mode that will work. If you can't boot in Safe mode then you will need to create this rescue disk.

We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.

Place a blank CD-R disc in to your CD burning drive.
Download OTLPEStd.exe and double-click on it to burn to a CD using an ISO Burner. One can be found here.
Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
Your system should now display a REATOGO-X-PE desktop.
Double-click on the OTLPE icon.
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start. Change the following settings
Change Drivers to Non-Microsoft
Press Run Scan to start the scan.
When finished, the file will be saved in drive C:\_OTL\MovedFiles
Copy this file to your USB drive if you do not have internet connection on this system
Please post the contents of the OTL.txt file in your reply.

JHADD · « **Reply #3 on:** July 24, 2012, 02:54:16 PM »

Ive followed your instructions but when i get to the copy and paste files im unable to paste them to the usb drive the paste feature is greyed out.
Also when you say select non-microsoft drivers in the drivers area it gives me 3 options NONE, USESAFELIST OR all i selected none it doesn't mention Microsoft.
Thanks again for your help jhadd

SuperDave · « **Reply #4 on:** July 24, 2012, 04:24:26 PM »

Did you try CTRL+A to select, CTRL+C to copy and CTRL+V to paste.

JHADD · « **Reply #5 on:** July 25, 2012, 04:38:35 AM »

Ive tried several times using the shortcut keys and using the mouse pressing ctr+a selects the text but pressing ctrl+c doesn't seem to be copying the text as when i go to paste it to the memory stick paste is greyed out.
Ive tried creating a folder and pasting it in there but it is still greyed out.
Thanks again jhadd

JHADD · « **Reply #6 on:** July 25, 2012, 06:12:44 AM »

I think i have managed to copy and paste it.

OTL logfile created on: 7/25/2012 2:06:09 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): l:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 203.32 Gb Total Space | 140.51 Gb Free Space | 69.11% Space Free | Partition Type: NTFS
Drive D: | 1.84 Gb Total Space | 0.71 Gb Free Space | 38.76% Space Free | Partition Type: FAT
Drive H: | 203.31 Gb Total Space | 152.28 Gb Free Space | 74.90% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2012/07/18 15:02:19 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/12 13:51:25 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/19 03:21:16 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/03/20 08:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto] -- C:\WINDOWS\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 08:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2012/03/20 08:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2011/01/27 14:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 14:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 14:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 14:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 14:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 14:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/11/14 08:12:57 | 000,028,766 | ---- | M] (IWON) [Auto] -- C:\Program Files\IWONGIE\bar\1.bin\vrbarsvc.exe -- (IWONGIEService)
SRV - [2010/03/04 18:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2007/01/31 09:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/04/06 12:03:28 | 000,110,592 | ---- | M] () [Auto] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2003/05/19 11:07:38 | 000,086,016 | ---- | M] (Yahoo! Inc.) [On_Demand] -- C:\WINDOWS\system32\YPcservice.exe -- (YPCService)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/cs/*http://uk.docs.yahoo.com/info/bt_side.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

IE - HKU\john.JOHN-156F461E3D.001_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btyahoo.com/
IE - HKU\john.JOHN-156F461E3D.001_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - File not found
IE - HKU\john.JOHN-156F461E3D.001_ON_C\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\john.JOHN-156F461E3D.001_ON_C\..\URLSearchHook: {2ad11eb6-a327-4dfe-88bf-c6071e09f05b} - C:\Program Files\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
IE - HKU\john.JOHN-156F461E3D.001_ON_C\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
IE - HKU\john.JOHN-156F461E3D.001_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\john.JOHN-156F461E3D.001_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

IE - HKU\LocalService.NT_AUTHORITY.001_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZVxdm180YYGB&ptb=CD56E561-1B9A-4CCC-BCF1-712B0368B385
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Owner_ON_C\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\Owner_ON_C\..\URLSearchHook: {2ad11eb6-a327-4dfe-88bf-c6071e09f05b} - C:\Program Files\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginen ame: "Ask.com"
FF - prefs.js..browser.search.defaultthis.en gineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "btyahoo.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - prefs.js..extensions.enabledItems: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e}:3.6.0.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.20.00
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0
FF - prefs.js..extensions.netassistant.keywo rd.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={C8948DA2-AD9E-4F4D-8A89-2300B5F101CA}&Version=3.6.5&Vintage=20120206&Defaultbrowserid=27&Productid=2723&Vendorid=6384&Offerid=16934&searchterm="
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.CieoNetUtilities_0e.com/Plugin: C:\Program Files\CieoNetUtilities_0eEI\Installr\3.bin\NP0eEISb.dll (CieoNet Utilities)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: C:\Program Files\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\NPMcFFPlg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll ( )
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\john.JOHN-156F461E3D.001\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\john.JOHN-156F461E3D.001\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: L:\Program Files\McAfee\SiteAdvisor [2012/07/17 06:58:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: L:\Program Files\Common Files\McAfee\SystemCore [2012/07/24 15:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: L:\Program Files\Mozilla Firefox\components [2012/07/18 15:02:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: L:\Program Files\Mozilla Firefox\plugins [2012/05/28 08:16:42 | 000,000,000 | ---D | M]

[2011/11/30 13:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Extensions
[2012/07/24 07:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions
[2012/07/17 15:58:02 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/07/17 15:58:04 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/12/02 08:52:33 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011/12/02 08:52:23 | 000,000,000 | ---D | M] (Elf 1.15 Community Toolbar) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e}(2)
[2012/07/17 15:58:06 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/12/02 08:57:43 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012/07/24 07:18:35 | 000,000,000 | ---D | M] ("I Want This") -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\[email protected]
[2011/12/02 08:52:41 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\ffxtlbr@babylon(2).com
[2012/04/19 16:00:07 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\[email protected]
[2011/12/22 13:57:23 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\extensions\[email protected]
[2011/11/17 15:25:44 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\searchplugins\askcom.xml
[2012/03/07 07:46:52 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\searchplugins\conduit.xml
[2011/04/20 12:09:22 | 000,002,292 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\searchplugins\inbox-search.xml
[2011/11/30 13:41:46 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\searchplugins\Search_Results.xml
[2011/11/28 10:14:41 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Mozilla\Firefox\Profiles\ze5jqdwo.default\searchplugins\sweetim.xml
[2012/02/18 05:54:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/02/18 05:49:16 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/07/17 06:58:58 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/07/18 15:02:20 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 09:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012/02/18 05:49:15 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/23 18:41:45 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/11/30 10:52:05 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/06/23 18:41:45 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/23 18:41:45 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/09/21 07:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2012/06/23 18:41:45 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/04/12 15:55:25 | 000,002,126 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml
[2011/11/30 13:41:46 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/06/23 18:41:45 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/23 18:41:45 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll (215 Apps)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120623224402.dll (McAfee, Inc.)
O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files\alotappbar\bin\BHO\ALOTHelperBHO.dll (Vertro)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O2 - BHO: (Toolbar BHO) - {d6995d07-cd9b-4cc0-a22a-9e14684d6d64} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O2 - BHO: (Search Assistant BHO) - {f0f3f55e-edfc-4ed4-affb-bcaf081ddeba} - C:\Program Files\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
O2 - BHO: (SearchElf 1.2 Toolbar) - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (IWON) - {43a3055a-6ff3-4aa5-90e6-18a10297cb53} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files\alotappbar\bin\alothelper.dll (Vertro)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKLM\..\Toolbar: (SearchElf 1.2 Toolbar) - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\ShellBrowser: (IWON) - {43A3055A-6FF3-4AA5-90E6-18A10297CB53} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\ShellBrowser: (SearchElf 1.2 Toolbar) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\WebBrowser: (SearchElf 1.2 Toolbar) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (IWON) - {43A3055A-6FF3-4AA5-90E6-18A10297CB53} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (SearchElf 1.2 Toolbar) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users.WINDOWS\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [ApnUpdater] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IWONGIE Browser Plugin Loader] C:\Program Files\IWONGIE\bar\1.bin\vrbrmon.exe (IWON)
O4 - HKLM..\Run: [jtfdkccgxcwvalw] C:\Documents and Settings\All Users.WINDOWS\Application Data\jtfdkccg.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [sgdhxvpiwfajial] C:\Documents and Settings\All Users.WINDOWS\Application Data\sgdhxvpi.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [jtfdkccgxcwvalw] C:\Documents and Settings\All Users.WINDOWS\Application Data\jtfdkccg.exe ()
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [sgdhxvpiwfajial] C:\Documents and Settings\All Users.WINDOWS\Application Data\sgdhxvpi.exe ()
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [uTorrent] File not found
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe ()
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [Ziidaric] C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Roecex\liqe.exe ()
O4 - HKU\Owner_ON_C..\Run: [eyeBeam SIP Client] C:\Program Files\BT Broadband Talk Softphone\BTSoftphone.exe ()
O4 - HKU\Owner_ON_C..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe ()
O4 - HKU\Owner_ON_C..\RunOnce: [FlashPlayerUpdate] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BT Broadband Desktop Help.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe (Ulead Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://L:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/22 12:28:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/22 12:28:05 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{45d6ae0c-1843-11e0-a44f-101111111111}\Shell\Auto\command - "" = F:\RavMon.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/07/24 09:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\igvlspkoxxpuhlr
[2012/07/24 09:40:55 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2012/07/24 09:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/07/24 09:34:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/07/24 09:34:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/07/24 09:34:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/07/24 09:34:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/07/24 09:34:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/07/24 09:34:54 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/07/24 09:34:54 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/07/24 09:34:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/07/24 09:34:52 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/07/24 09:34:52 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/07/24 09:34:52 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/07/24 09:34:46 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/07/24 09:34:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/07/24 09:34:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/07/24 09:34:44 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/07/24 09:34:44 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/07/24 09:34:44 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/07/24 09:34:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/07/24 09:34:44 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/07/24 09:34:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/07/24 09:34:43 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/07/24 09:34:43 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/07/24 09:34:41 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/07/24 09:34:39 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/07/24 09:34:39 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/07/24 09:34:39 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/07/24 09:34:39 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/07/24 09:34:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/07/24 09:34:39 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/07/24 09:34:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/07/24 09:34:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/07/24 09:34:38 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/07/24 09:34:38 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/07/24 09:34:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/07/24 09:34:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/07/24 09:34:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/07/24 09:34:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/07/24 09:34:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/07/24 09:34:37 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/07/24 09:34:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/07/24 09:34:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/07/24 09:34:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/07/24 09:34:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/07/24 09:34:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/07/24 09:34:37 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/07/24 09:34:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/07/24 09:34:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/07/24 09:34:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/07/24 09:34:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/07/24 09:34:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/07/24 09:34:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/07/24 09:34:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/07/24 09:34:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/07/24 09:34:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/07/24 09:34:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/07/24 09:34:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/07/24 09:34:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/07/24 09:34:30 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/07/24 09:34:30 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/07/24 09:34:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/07/24 09:34:28 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/07/24 09:34:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/07/24 09:34:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/07/24 09:34:26 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/07/24 09:34:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/07/24 09:34:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/07/24 09:34:24 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/07/24 09:34:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/07/24 09:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/07/24 09:34:23 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/07/24 09:34:23 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/07/24 09:34:23 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/07/24 09:34:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/07/24 09:34:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/07/24 09:34:22 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/07/24 09:34:22 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/07/24 09:34:22 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/07/24 09:34:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/07/24 09:34:19 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/07/24 09:34:16 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/07/24 09:34:15 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/07/24 09:34:12 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/07/24 09:34:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/07/24 09:34:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/07/24 09:34:06 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/07/24 09:34:06 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/07/24 09:34:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/07/24 09:34:05 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/07/24 09:34:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/07/24 09:34:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/07/24 09:34:02 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/07/24 09:34:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/07/24 09:34:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/07/24 09:34:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/07/24 09:34:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/07/24 09:34:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/07/24 09:34:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/07/24 09:34:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/07/24 09:34:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/07/24 09:34:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/07/24 09:34:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/07/24 09:34:00 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/07/24 09:34:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/07/24 09:34:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/07/24 09:34:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/07/24 09:34:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/07/24 09:34:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/07/24 09:34:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/07/24 09:33:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/07/24 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/07/24 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/07/24 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/07/24 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/07/24 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/07/24 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/07/24 09:33:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/07/24 09:33:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/07/24 09:33:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/07/24 09:33:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/07/24 09:33:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/07/24 09:33:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/07/24 09:33:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/07/24 09:33:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/07/24 09:33:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/07/24 09:33:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/07/24 09:33:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/07/24 09:33:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/07/24 09:33:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/07/24 09:33:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/07/24 09:33:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012/07/24 09:33:55 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/07/24 09:33:55 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/07/24 09:33:55 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/07/24 09:33:55 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/07/24 09:33:54 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/07/24 09:33:54 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/07/24 09:33:54 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/07/24 09:33:54 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/07/24 09:33:54 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/07/24 09:33:54 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/07/24 09:33:54 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/07/24 09:33:54 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/07/24 09:33:54 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/07/24 09:33:53 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/07/24 09:33:53 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/07/24 09:33:53 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/07/24 09:33:53 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/07/24 09:33:53 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/07/24 09:33:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/07/24 09:33:53 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/07/24 09:33:53 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/07/24 09:33:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/07/24 09:33:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/07/24 09:33:49 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/07/24 09:33:45 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/07/24 09:33:43 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/07/24 09:33:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/07/24 09:33:41 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/07/24 09:33:41 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/07/24 09:33:41 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/07/24 09:33:40 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/07/24 09:33:40 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/07/24 09:33:40 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/07/24 09:33:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/07/24 09:33:40 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/07/24 09:33:40 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/07/24 09:33:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/07/24 09:33:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/07/24 09:33:40 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/07/24 09:33:40 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/07/24 09:33:40 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/07/24 09:33:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/07/24 09:33:40 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/07/24 09:33:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/07/24 09:33:39 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/07/24 09:33:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/07/24 09:33:39 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/07/24 09:33:39 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/07/24 09:33:39 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/07/24 09:33:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/07/24 09:33:38 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/07/24 09:33:38 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/07/24 09:33:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/07/24 09:33:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/07/24 09:33:37 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/07/24 09:33:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/07/24 09:33:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/07/24 09:33:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/07/24 09:33:36 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/07/24 09:33:36 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/07/24 09:33:36 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/07/24 09:33:36 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/07/24 09:33:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/07/24 09:33:29 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/07/24 09:33:29 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/07/24 09:33:27 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/07/24 09:33:27 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/07/24 09:33:27 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/07/24 09:33:27 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/07/24 09:33:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/07/24 09:33:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/07/24 09:33:26 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/07/24 09:33:26 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/07/24 09:33:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/07/24 09:33:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/07/24 09:33:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/07/24 09:33:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/07/24 09:33:24 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/07/24 09:33:24 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/07/24 09:33:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/07/24 09:33:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/07/24 09:33:10 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/07/24 09:33:10 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/07/24 09:33:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/07/24 09:33:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/07/24 09:33:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/07/24 09:33:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/07/24 09:33:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/07/24 09:33:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/07/24 09:33:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/07/24 09:33:00 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012/07/24 09:33:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/07/24 09:32:59 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012/07/24 09:32:59 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012/07/24 09:32:56 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/07/24 09:32:56 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/07/24 09:32:56 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012/07/24 09:32:56 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/07/24 09:32:56 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/07/24 09:32:56 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/07/24 09:32:55 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/07/24 09:32:55 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/07/24 09:32:55 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/07/24 09:32:55 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/07/24 09:32:55 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/07/24 09:32:55 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/07/24 09:32:55 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/07/24 09:32:55 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/07/24 09:32:55 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/07/24 09:32:55 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/07/24 09:32:54 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/07/24 09:32:54 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012/07/24 09:32:54 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012/07/24 09:32:53 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012/07/24 09:32:50 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012/07/24 09:31:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/07/24 09:05:21 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/07/24 09:05:21 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/07/24 09:05:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/07/24 09:05:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/07/24 07:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\McAfee
[2012/07/24 07:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\rttpfmxqwatitwg
[2012/07/17 13:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Desktop\temp
[2012/07/12 14:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Ymel
[2012/07/12 14:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Roecex
[2012/07/12 14:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Enwo
[2012/07/03 17:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Serif
[2012/07/03 17:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Serif Applications
[2012/07/03 16:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Serif
[2011/12/07 15:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2010/12/29 13:40:05 | 000,018,120 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/24 15:44:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/24 15:36:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/24 13:51:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/24 13:49:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-854245398-839522115-1004UA.job
[2012/07/24 12:49:00 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-854245398-839522115-1004Core.job
[2012/07/24 12:47:42 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/24 12:47:42 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1004336348-854245398-839522115-1003.job
[2012/07/24 12:47:42 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1004336348-854245398-839522115-1004.job
[2012/07/24 09:41:08 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\lyrcluitpoyvgiz
[2012/07/24 09:40:51 | 000,711,850 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/24 09:40:51 | 000,142,458 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/24 09:40:27 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/24 09:37:19 | 000,204,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/24 09:35:22 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/07/24 09:32:46 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Administrative Tools
[2012/07/24 09:32:42 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/07/24 09:32:42 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/07/24 09:32:42 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/07/24 09:32:32 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/07/24 09:31:44 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Windows Movie Maker.lnk
[2012/07/24 09:30:46 | 000,022,780 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/07/24 09:30:05 | 000,000,609 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Windows Messenger.lnk
[2012/07/24 07:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\McAfee
[2012/07/24 07:21:03 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ulpgunvvonyjoxo
[2012/07/24 07:20:51 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\sgdhxvpi.exe
[2012/07/24 07:20:51 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\jtfdkccg.exe
[2012/07/24 07:20:51 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\0.7678802632780086.exe
[2012/07/23 13:00:00 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC Registration3.job
[2012/07/23 13:00:00 | 000,000,442 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2012/07/22 10:01:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
[2012/07/22 08:37:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1004336348-854245398-839522115-1003.job
[2012/07/18 13:15:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1004336348-854245398-839522115-1004.job
[2012/07/18 12:51:49 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/18 08:39:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
[2012/07/18 08:12:01 | 000,055,397 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2012/07/16 16:48:28 | 000,002,479 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Microsoft Word.lnk
[2012/07/13 07:46:16 | 000,002,430 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Desktop\Google Chrome.lnk
[2012/07/13 07:46:16 | 000,002,408 | ---- | M] () -- C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/12 13:51:24 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/07/12 13:51:24 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/11 18:52:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/03 17:00:53 | 000,001,649 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Serif PagePlus 9.0.lnk
[2012/07/03 17:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Serif Applications
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/24 09:41:06 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\jtfdkccg.exe
[2012/07/24 09:40:53 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\lyrcluitpoyvgiz
[2012/07/24 09:34:23 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/07/24 09:34:02 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/07/24 09:33:55 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/07/24 09:33:54 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/07/24 09:33:52 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/07/24 09:33:47 | 013,463,552 | ---- | C] () -- C:\WINDOWS\Syst

SuperDave · « **Reply #7 on:** July 25, 2012, 05:17:47 PM »

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL

IE - HKU\john.JOHN-156F461E3D.001_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} -  File not found
IE - HKU\john.JOHN-156F461E3D.001_ON_C\..\URLSearchHook: {2ad11eb6-a327-4dfe-88bf-c6071e09f05b} - C:\Program Files\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
IE - HKU\john.JOHN-156F461E3D.001_ON_C\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
IE - HKU\Owner_ON_C\..\URLSearchHook: {2ad11eb6-a327-4dfe-88bf-c6071e09f05b} - C:\Program Files\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll (215 Apps)
O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files\alotappbar\bin\BHO\ALOTHelperBHO.dll (Vertro)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} -  File not found
O2 - BHO: (Toolbar BHO) - {d6995d07-cd9b-4cc0-a22a-9e14684d6d64} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O2 - BHO: (Search Assistant BHO) - {f0f3f55e-edfc-4ed4-affb-bcaf081ddeba} - C:\Program Files\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
O2 - BHO: (SearchElf 1.2 Toolbar) - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IWON) - {43a3055a-6ff3-4aa5-90e6-18a10297cb53} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files\alotappbar\bin\alothelper.dll (Vertro)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} -  File not found
O3 - HKLM\..\Toolbar: (SearchElf 1.2 Toolbar) - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\ShellBrowser: (IWON) - {43A3055A-6FF3-4AA5-90E6-18A10297CB53} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\ShellBrowser: (SearchElf 1.2 Toolbar) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} -  File not found
O3 - HKU\john.JOHN-156F461E3D.001_ON_C\..\Toolbar\WebBrowser: (SearchElf 1.2 Toolbar) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (IWON) - {43A3055A-6FF3-4AA5-90E6-18A10297CB53} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll (IWON)
O3 - HKU\Owner_ON_C\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} -  File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} -  File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (SearchElf 1.2 Toolbar) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - C:\Program Files\SearchElf_1.2\prxtbSea0.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater]  File not found
O4 - HKLM..\Run: [IWONGIE Browser Plugin Loader] C:\Program Files\IWONGIE\bar\1.bin\vrbrmon.exe (IWON)
O4 - HKLM..\Run: [jtfdkccgxcwvalw] C:\Documents and Settings\All Users.WINDOWS\Application Data\jtfdkccg.exe O4 - HKLM..\Run: [sgdhxvpiwfajial] C:\Documents and Settings\All Users.WINDOWS\Application Data\sgdhxvpi.exe 
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [jtfdkccgxcwvalw] C:\Documents and Settings\All Users.WINDOWS\Application Data\jtfdkccg.exe ()
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [sgdhxvpiwfajial] C:\Documents and Settings\All Users.WINDOWS\Application Data\sgdhxvpi.exe ()
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [uTorrent]  File not found
O4 - HKU\john.JOHN-156F461E3D.001_ON_C..\Run: [Ziidaric] C:\Documents and Settings\john.JOHN-156F461E3D.001\Application Data\Roecex\liqe.exe 
C:\Documents and Settings\All Users.WINDOWS\Application Data\igvlspkoxxpuhlr

:folders 

C:\Program Files\IWONGIE
C:\Program Files\alotappbar
C:\Program Files\SearchElf_1.2

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.

Try to boot your computer now and let me know how it goes.

JHADD · « **Reply #8 on:** July 26, 2012, 04:26:53 AM »

When click on run fix i get the message no fix has been provided, do you want to load it from a file.
When i click yes it opens a box in mydocuments with the file name FIX>TXT in the open box when i click open nothing happens.
Thanks again jhadd this is very much appreciated.

SuperDave · « **Reply #9 on:** July 26, 2012, 04:10:40 PM »

Quote from: JHADD on July 26, 2012, 04:26:53 AM

When click on run fix i get the message no fix has been provided, do you want to load it from a file.
When i click yes it opens a box in mydocuments with the file name FIX>TXT in the open box when i click open nothing happens.
Thanks again jhadd this is very much appreciated.

Did you copy and paste as per the instructions?

JHADD · « **Reply #10 on:** July 28, 2012, 02:40:10 AM »

Im sorry for the delay in replying but ive been trying to run the fix as you say but when i try to click on the document i copied and pasted in the documents file i get the message unable to open the file.
When i run the first scan i had difficulty copying and pasting it i don't really know how i did it.
I would hope to solve it this way but if the worst came to the worst would i solve the problem by formatting the drive and reinstalling windows.
Thanks for your patience jhadd

SuperDave · « **Reply #11 on:** July 28, 2012, 04:51:58 PM »

You should boot using the OTLOEStd disk and save all your important to an external hard drive or DVD's. If you can't get this fix to work you will have to reformat and reinstall your OS.
Please try this other tool but not before you save your data.

Go to this link to create a Rescue CD or to this site to create a Rescue USB. Carefully follow all the instructions for whichever method you choose.

JHADD · « **Reply #12 on:** July 30, 2012, 04:22:56 AM »

I tried to use the rescue disc wasn't sure what to do so i resorted to formatting the drive and reinstalling windows.
Ive only relised i missed the the reply were i should have copied and pasted from the reply into otl i thought that was the end of what i pasted in my reply.
Thankyou very much for all your help and patience i will try and learn more about the rescue disc jhadd

SuperDave · « **Reply #13 on:** July 30, 2012, 04:26:40 PM »

The OTLPE disk will allow your computer to boot from the disk. From there, you can get into all the documents on your computer and save whatever you wish. I will lock this thread. If you need any more help, please send me a pm.

Computer Hope Forum

News:

Author Topic: computer lockout (Read 8890 times)

JHADD

computer lockout

DaveLembke

Re: computer lockout

SuperDave

Re: computer lockout

JHADD

Re: computer lockout

SuperDave

Re: computer lockout

JHADD

Re: computer lockout

JHADD

Re: computer lockout

SuperDave

Re: computer lockout

JHADD

Re: computer lockout

SuperDave

Re: computer lockout

JHADD

Re: computer lockout

SuperDave

Re: computer lockout

JHADD

Re: computer lockout

SuperDave

Re: computer lockout