Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

very slow many problems including printer driver fault

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

very slow many problems including printer driver fault

Unread postby tropics » May 8th, 2008, 11:19 am

Hi
could you please help as I spent last week full time try to solve pc problems and indeed got successful at few of them but still need some basic function to work properly.
I have several problem and run Avast anti virus, Adaware, spybot search and destroy, regcure, fixwelch. fixed few things and have set aside Avast infected Trojan files (the ones the program found).

Problem experienced are as follows:

Slow start up (20 minutes),

chose to exclude start up items(for speed) but when I reboot the pc overrun my request and start as normal.

Printer had to be unistalled/reinstalled but the installation cannot complete as I get message 1 RPC service unavailable and error ISO28 SetupFaxPrinterDriver -1 missing.
I tryed the Control Panel?administrative tools/Services and the RPC is there however is set on Automatic and even if I wanted to change it and start it manually I couldnt. In the box shows Automatic but is shaded and not a choice.

Internet explorer will not start sometimes and the icon for the shortcut on my desktop is not an E symbol but rather a white sqare with a bluebar at the top

I had an intruder on one member website as I found password changed although this was before installing Avast on my pc
Thanks a million for your time and effort.
the log file I get is as follow

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:25:00, on 08/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\eMule\eMule.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = iLLUSiON
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.onspeed.com/pac/?id=08410bbf ... 6097b4b4f4
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {31986DA1-9A69-4A10-96D7-380CF1AE77CB} - C:\WINDOWS\system32\xxyawXNE.dll (file missing)
O2 - BHO: (no name) - {3CAB59B4-55A3-4737-9FD5-B93C6430BF75} - C:\WINDOWS\system32\iudhahnm.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BMaf1a58b6] Rundll32.exe "C:\WINDOWS\system32\xtrlwxcn.dll",s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Installation Diagnostics] "C:\Program Files\Brother\Brmfl05a\Brinstck.exe" /I MFC-215C USB
O4 - HKLM\..\RunOnce: [Brother MFC-215C USB] C:\Program Files\Brother\Brmfl05a\BrWiEvRg.exe /R /M="Brother MFC-215C USB" /A="ControlCenter2.0"
O4 - HKCU\..\Run: [InternetCalls] "C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1659004503-2052111302-839522115-500\..\Run: [InternetCalls] "C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?cd97e40d676a44c8a254f15f23d38585
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?cd97e40d676a44c8a254f15f23d38585
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02AA9E0F-B4EB-4BE9-A769-FD09543FEEC2} (UniInstaller Class) - http://webcamnow.com/fs5/voice/voice-installer.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by103fd.bay103.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 6687767295
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6687740826
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com/fs5/ax/ActiveXWebCam.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinoclassic.microgaming.com/c ... lashAX.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Intel Corporation - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 9642 bytes
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am
Advertisement
Register to Remove

Re: very slow many problems including printer driver fault

Unread postby Katana » May 11th, 2008, 9:59 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

----------------------------------------------------------------------------------------

Hi Tropics,

It sounds like you are having some trouble there, :shock:
I'm not sure if we can sort all your problems, but there are signs of infection in your log so let's get you clean first and then see what is left after that.


IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

eMule

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Also available here.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).
Please note: you must NOT use this whilst we are cleaning your machine.




Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial




Installed Programs

Please could you give me a list of the programs that are installed.
  • Start HijackThis
  • Click on the Misc Tools button
  • Click on the Open Uninstall Manager button.
You will see a list with the programs installed in your computer.
Click on save list button and specify where you would like to save this file.
When you press Save button a notepad will open with the contents of that file.
Simply copy and paste the contents of that notepad into your next post.



Fix With HJT

Close all other windows and then start HiJack This
Click Do A System Scan Only
When it has finished scanning put a check next to the following lines IF still present
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {31986DA1-9A69-4A10-96D7-380CF1AE77CB} - C:\WINDOWS\system32\xxyawXNE.dll (file missing)
O2 - BHO: (no name) - {3CAB59B4-55A3-4737-9FD5-B93C6430BF75} - C:\WINDOWS\system32\iudhahnm.dll
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - (no file)

O4 - HKLM\..\Run: [BMaf1a58b6] Rundll32.exe "C:\WINDOWS\system32\xtrlwxcn.dll",s

- Close ALL open windows (especially Internet Explorer!)-
Now click Fix checked
Click yes to any prompts
Close HijackThis


Logs/Information to Post in Reply
Please post the following logs/Information in your reply
  • ComboFix Log
  • A Fresh HJT log
  • Installed Programs list
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: very slow many problems including printer driver fault

Unread postby tropics » May 11th, 2008, 2:36 pm

hi
thank you very much for your response
I enclose the log in this order
1 hajackthis log after error fixed
2 program on my desktop list
3 fix log result(done bfore anything else)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:49, on 11/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Elantech\ktp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Administrator\Program Files\BitTorrent_DNA\dna.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live Toolbar\msn_sl.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE V-Gear TalkCam 1.1
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ac296b2a] rundll32.exe "C:\WINDOWS\system32\rkdtvwat.dll",b
O4 - HKCU\..\Run: [Voipwise] "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [InternetCalls] "C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [DNA] "C:\Documents and Settings\Administrator\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: QuickTV6.lnk = C:\Program Files\AVerTV 6.0\AVerQT.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?cd97e40d676a44c8a254f15f23d38585
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?cd97e40d676a44c8a254f15f23d38585
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02AA9E0F-B4EB-4BE9-A769-FD09543FEEC2} (UniInstaller Class) - http://webcamnow.com/fs5/voice/voice-installer.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by103fd.bay103.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 6687767295
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6687740826
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com/fs5/ax/ActiveXWebCam.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinoclassic.microgaming.com/c ... lashAX.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Intel Corporation - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 10837 bytes

2programs list

3CX Phone
ACDSee 8
Active@ KillDisk FREE Suite
Ad-Aware 2007
Adobe Acrobat 5.0
Adobe Acrobat 7.0 Professional
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0.5
Adobe Stock Photos 1.0
Alias DirectConnect 2.0
Alt-Tab Task Switcher Powertoy for Windows XP
Apple Mobile Device Support
Apple Software Update
Auto Gordian Knot 2.40
avast! Antivirus
AVerMedia DVB-T BDA Video Capture(A800)
AVerMedia DVB-T BDA Video Capture(A800) 5.4.10.12
AVerTV 6.0
AviSynth 2.5
Aztec Riches Casino
Bluetooth Stack for Windows
Brother MFL-Pro Suite
Bug Doctor 3.0.3.8
Camera Plus
CDBurnerXP Pro 3
Compatibility Pack for the 2007 Office system
Cucusoft MPEG/MOV/RM/AVI to DVD/VCD/SVCD/MPEG Converter Pro 6.2
Documents To Go
Driver Detective
Dual Mode Digital Camera 5.0M
DVD Decrypter (Remove Only)
eMule Plus 1.2c
Final Draft 7
Form Fill (Windows Live Toolbar)
Golden Palace Casino
Google Earth
Google Video Player
HijackThis 2.0.2
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB915865)
IBM ViaVoice Pro 10.5 - US English
Intel(R) Graphics Media Accelerator Driver for Mobile
InternetCalls
iTunes
J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 2
Java(TM) SE Runtime Environment 6 Update 1
KTP Ware PS/2-WDM 5.0.1.2
Launch Manager
Map Button (Windows Live Toolbar)
Mavis Beacon Teaches Typing 16
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Office Converter Pack
Microsoft Office Professional Edition 2003
Microsoft Protection Service
Microsoft Windows Live OneCare Resources v1.6.2111.30
Microsoft Windows OneCare Live AntiSpyware and AntiVirus
Microsoft Windows OneCare Live v1.6.2111.30
Microsoft Windows OneCare Live v1.6.2111.30 Idcrl Install
Mozilla Firefox (2.0.0.14)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Music Visualizer Library 1.4.00
OneCare Advisor (Windows Live Toolbar)
OnlineCasino.com
OpenMG Limited Patch 3.1-02-10-22-01
OpenMG Limited Patch 3.1-02-10-22-02
OpenMG Limited Patch 3.1-02-12-04-01
OpenMG Secure Module 3.1
palmOne
Parashara's Light 6.1
PFConfig 1.0.142
Photo DVD 2.0 SE
PL-2303 USB-to-Serial
Popup Blocker (Windows Live Toolbar)
Power E*TRADE Pro
PowerDVD
PX Engine
QuickTime
RealPlayer
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Sentinel System Driver
Smart Menus (Windows Live Toolbar)
Spybot - Search & Destroy 1.4
Tabbed Browsing (Windows Live Toolbar)
Tele Hypnosis Pro (Shareware Version)
Tele Hypnosis Pro De Luxe Multisession 4
TeleChart 2005
The Rosetta Stone
TradingSolutions 3.1
Tweak UI
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB914882)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Vegas Casino Online
V-Gear BEE
V-Gear TalkCam 1.1
Virtual DJ - Atomix Productions
VobSub v2.23 (Remove Only)
Voipwise
WebcamNow Broadcaster 5
Winamp
Windows Installer 3.1 (KB893803)
Windows Live Favorites for Windows Live Toolbar
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10 Hotfix - KB894476
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
XviD MPEG4 Video Codec (remove only)
ZoneAlarm

COMBOFIX LOG

ComboFix 08-05-09.1 - Administrator 2008-05-11 16:23:44.1 - FAT32x86

Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\ENXwayxx.ini
C:\WINDOWS\system32\ENXwayxx.ini2
C:\WINDOWS\system32\helper.dll
C:\WINDOWS\system32\kxgxsfqy.ini
C:\WINDOWS\system32\riygfqsx.ini
C:\WINDOWS\system32\tawvtdkr.ini

.
((((((((((((((((((((((((( Files Created from 2008-04-11 to 2008-05-11 )))))))))))))))))))))))))))))))
.

2008-05-11 12:55 . 2008-05-11 12:55 <DIR> d--hs---- C:\FOUND.000
2008-05-10 10:04 . 2008-05-10 10:04 <DIR> d-------- C:\printer
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Program Files\PC Drivers HeadQuarters
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-05-08 15:19 . 2008-05-08 15:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Program Files\Brother
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Brother
2008-05-07 08:15 . 2004-12-03 01:26 188,416 --------- C:\WINDOWS\system32\PDRVINST.DLL
2008-05-07 08:15 . 2005-04-08 01:01 122,880 --------- C:\WINDOWS\system32\BrfxD05a.dll
2008-05-07 08:15 . 2002-10-31 01:09 81,920 --------- C:\WINDOWS\system32\BrWebIns.dll
2008-05-07 08:15 . 2003-07-03 01:08 65,536 --------- C:\WINDOWS\system32\BRWEBUP.EXE
2008-05-07 08:15 . 2001-11-15 01:00 6,224 --------- C:\WINDOWS\CVRPAGE.BMP
2008-05-07 08:15 . 2003-11-28 18:57 0 --------- C:\WINDOWS\brdfxspd.dat
2008-05-06 22:06 . 2008-05-07 19:19 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-06 22:06 . 2008-05-06 22:06 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-04 11:04 . 2007-07-09 14:09 584,192 --------- C:\WINDOWS\system32\DllCache\rpcrt4.dll
2008-05-03 17:22 . 2008-05-03 17:22 <DIR> d-------- C:\Program Files\Alwil Software
2008-05-03 12:46 . 2008-05-03 12:46 <DIR> d-------- C:\8f93310bbecffc52bbf2ae251ecb5a25
2008-05-03 12:37 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-03 12:35 . 2008-05-03 12:35 <DIR> d-------- C:\15e22707b0a164cc76175b22cc5d
2008-05-03 10:50 . 2008-05-03 10:50 <DIR> d-------- C:\7ea8b241a65fa63ddd3fb08d1dec16
2008-05-03 01:05 . 2008-05-03 01:05 53,312 --a------ C:\WINDOWS\system32\ipgwvmmm.dll
2008-05-02 20:09 . 2008-05-02 20:09 <DIR> d-------- C:\WCH.CN
2008-05-02 20:09 . 2006-10-25 00:00 36,080 --a------ C:\WINDOWS\system32\drivers\CH341SER.SYS
2008-05-02 20:09 . 2005-07-30 00:00 6,712 --a------ C:\WINDOWS\system32\CH341PT.DLL
2008-05-02 11:31 . 2008-05-02 11:31 53,312 --a------ C:\WINDOWS\system32\pjdcefan.dll
2008-05-02 11:31 . 2008-05-02 11:36 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\Program Files\Zone Labs
2008-05-02 11:28 . 2008-05-11 16:34 31,767 --ah----- C:\WINDOWS\system32\vsconfig.xml
2008-05-02 11:25 . 2008-05-02 11:26 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-05-01 11:26 . 2008-05-05 11:27 109,738 --a------ C:\WINDOWS\BMaf1a58b6.xml
2008-05-01 11:25 . 2008-05-01 11:25 53,312 --a------ C:\WINDOWS\system32\ahwgbbtp.dll
2008-04-30 11:15 . 2008-05-02 13:19 37,376 -ra------ C:\WINDOWS\mrofinu1535.exe
2008-04-17 15:17 . 2008-04-17 15:17 <DIR> d-------- C:\Program Files\iPod
2008-04-16 20:24 . 2003-07-16 14:27 43,264 --------- C:\WINDOWS\system32\drivers\ser2pl.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-17 05:44 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\DllCache\win32k.sys
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\DllCache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\DllCache\dnsrslvr.dll
2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\DllCache\dnsapi.dll
2008-02-16 22:29 3,059,712 ------w C:\WINDOWS\system32\DllCache\mshtml.dll
2008-02-15 09:23 18,432 ------w C:\WINDOWS\system32\DllCache\iedw.exe
2004-12-18 23:38 260 ----a-w C:\Program Files\slot.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31986DA1-9A69-4A10-96D7-380CF1AE77CB}]
C:\WINDOWS\system32\xxyawXNE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Voipwise"="C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" [2007-09-06 11:24 7394608]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"InternetCalls"="C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" [2007-04-18 15:49 7116352]
"DNA"="C:\Documents and Settings\Administrator\Program Files\BitTorrent_DNA\dna.exe" [2007-05-11 13:50 216064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2005-08-29 19:09 980736]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-10-11 19:23 185784]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [ ]
"SoundMan"="SOUNDMAN.EXE" [2005-03-24 20:20 77824 C:\WINDOWS\SOUNDMAN.EXE]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01 32768]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [ ]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [ ]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2005-04-28 09:43 544768]
"KTPWare"="C:\Program Files\Elantech\ktp.exe" [2005-01-29 04:14 253952]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [ ]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 10:44 208952]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-01-22 16:08 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-01-22 16:07 126976]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"BMaf1a58b6"="C:\WINDOWS\system32\xtrlwxcn.dll" [ ]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 10:44 110592 C:\WINDOWS\system32\bthprops.cpl]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2003-01-21 15:19 40960]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12 483328]
"ac296b2a"="C:\WINDOWS\system32\rkdtvwat.dll" [ ]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-12-18 03:52 87392]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 10:44 15360]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-05-07 08:17:05 802816]
QuickTV6.lnk - C:\Program Files\AVerTV 6.0\AVerQT.exe [2005-11-07 11:36:24 512000]
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-03-08 16:28:29 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^BEE Service.lnk]
backup=C:\WINDOWS\pss\BEE Service.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DataViz Inc Messenger.lnk]
backup=C:\WINDOWS\pss\DataViz Inc Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4oD]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7890:TCP"= 7890:TCP:eMule

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 18:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 18:35]
R3 Ktp;Elantech Touchpad;C:\WINDOWS\system32\DRIVERS\Ktp.sys [2005-04-20 09:24]
S3 avera800;AVerMedia DVB-T BDA Video Capture(A800);C:\WINDOWS\system32\Drivers\avera800.sys [2005-09-20 12:47]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
S3 DSCVc;Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 17:31]
S3 Smc1046;EZ Connect USB to Dual Speed Ethernet Converter;C:\WINDOWS\system32\DRIVERS\SMCUSB.sys [2002-06-21 16:36]
S3 ZSMC302;V-Gear TalkCam 1.1;C:\WINDOWS\system32\Drivers\usbvm302.sys [2004-03-19 17:11]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-05-11 15:18:14 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-05-08 15:39:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-11 16:36:02
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Completion time: 2008-05-11 16:41:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-11 15:41:10

Pre-Run: 8,593,833,984 bytes free
Post-Run: 8,932,605,952 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

196 --- E O F --- 2008-05-11 02:19:11

thanxs but still encountering problem and at start up it tell also that it cannot start c:\windows\system32\xtriwxcn.dll as file missing> I remain confident thanksss
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am

Re: very slow many problems including printer driver fault

Unread postby Katana » May 11th, 2008, 3:29 pm

Submit a File For Analysis
We need to have the files below Scanned by Uploading them/it to Virus Total

Please visit Virustotal
Copy/paste the the following file path into the window

C:\WINDOWS\system32\ipgwvmmm.dll

Click Submit/Send File
Please post back, to let me know the results.

Please do the same for the following file/s
C:\Program Files\slot.dat
C:\WINDOWS\system32\pjdcefan.dll



If Virustotal is too busy please try Jotti



Custom CFScript
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: Select all
    
    File::
    C:\WINDOWS\system32\ipgwvmmm.dll
    C:\WINDOWS\system32\pjdcefan.dll
    C:\WINDOWS\system32\ahwgbbtp.dll
    C:\WINDOWS\mrofinu1535.exe
    
    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31986DA1-9A69-4A10-96D7-380CF1AE77CB}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DNA"=-
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SSBkgdUpdate"=-
    "PaperPort PTD"=-
    "nod32kui"=-
    "IndexSearch"=-
    "BMaf1a58b6"=-
    "ac296b2a"=-
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4oD]
    

  • Save this as CFScript.txt and place it on your desktop.


    Image


  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.




Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
Go Here http://www.kaspersky.com/kos/eng/partne ... bscan.html

Read the Requirements and limitations before you click Accept.
Allow the ActiveX download if necessary
Once the database has downloaded, click Next.
Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
Click on "My Computer" and then put the kettle on!
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.


Logs/Information to Post in Reply
Please post the following logs/Information in your reply
  • Virus Total Results
  • ComboFix Log
  • Kaspersky Log
  • How are things running now ?

----------------------------------------------------------- ----------------------------------------------------------- -----------------------------------------------------------


Your Java and Adobe is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version Java and Adobe components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6u6 from http://java.sun.com/javase/downloads/index.jsp
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.

Update Adobe Acrobat Reader
  • Please go to this link Adobe Acrobat Reader Download Link
  • Cllick Download
  • On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts

Now close all windows, including your browser.
Double click on the Java installation that you downloaded and follow the prompts.

Remove Programs
Now click Start---Control Panel. Double click Add or Remove Programs. If any of the following programs are listed there,
click on the program to highlight it, and click on remove.
  • Adobe Acrobat 5.0 <<< If this is the free version, I recommend that you remove it
  • Adobe Reader 7.0.5
  • J2SE Runtime Environment 5.0 Update 9
    Java(TM) 6 Update 2
    Java(TM) SE Runtime Environment 6 Update 1
Now close the Control Panel.

Reboot your machine.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: very slow many problems including printer driver fault

Unread postby tropics » May 12th, 2008, 4:49 pm

HI

thanks, browsers are running smoother I was even able to install Explorer update which did not work before.
The start up is still slow and the printer driver is still not comunicating or cannot be installed.

The first log you told me to analyse 3 files, but the 1st and 3rd are recognised as the same. Also when I save in notepad format the content is different, I guess is the format. here is the log

FIRST FILE


File ipgwvmmm.dll received on 05.12.2008 12:58:12 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 20/30 (66.67%)
Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___ .
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.5.10.0 2008.05.10 Win-Trojan/Vundo.53312
AntiVir 7.8.0.17 2008.05.11 TR/Vundo.Gen
Authentium 4.93.8 2008.05.11 -
Avast 4.8.1169.0 2008.05.11 Win32:Virtumonde-JF
AVG 7.5.0.516 2008.05.11 BHO.DPP
BitDefender 7.2 2008.05.08 Adware.Virtumonde.GIO
CAT-QuickHeal 9.50 2008.05.10 AdWare.Virtumonde.mju (Not a Virus)
ClamAV 0.92.1 2008.05.12 Trojan.Vundo-2274
DrWeb 4.44.0.09170 2008.05.12 -
eSafe 7.0.15.0 2008.05.12 -
eTrust-Vet 31.4.5781 2008.05.12 -
Ewido 4.0 2008.05.11 -
F-Prot 4.4.2.54 2008.05.12 W32/Virtumonde.J.gen!Eldorado
F-Secure 6.70.13260.0 2008.05.12 -
Fortinet 3.14.0.0 2008.05.12 -
Ikarus T3.1.1.26 2008.05.12 AdWare.Win32.Virtumonde.mju
McAfee 5292 2008.05.10 -
Microsoft 1.3408 2008.05.12 Trojan:Win32/Vundo.GB
NOD32v2 3092 2008.05.12 Win32/Adware.Agent.NIT
Norman 5.80.02 2008.05.09 W32/Virtumonde.TAU
Panda 9.0.0.4 2008.05.11 Suspicious file
Prevx1 V2 2008.05.12 Cloaked Malware
Rising 20.44.02.00 2008.05.12 AdWare.Win32.Vundo.o
Sophos 4.29.0 2008.05.12 Troj/Virtum-Gen
Sunbelt 3.0.1114.0 2008.05.12 -
Symantec 10 2008.05.12 Trojan.Vundo
TheHacker 6.2.92.307 2008.05.12 Adware/Virtumonde.mju
VBA32 3.12.6.5 2008.05.12 AdWare.Win32.Virtumonde.mju
VirusBuster 4.3.26:9 2008.05.11 -
Webwasher-Gateway 6.6.2 2008.05.11 Trojan.Vundo.Gen
Additional information
File size: 53312 bytes
MD5...: db405f1f6e337f1e0ad4a501890fa3d6
SHA1..: 61df8a997ff6a0c88c06c172147559590618b812
SHA256: 7492927e737c9592236368cbbcfa0d7b924e5064f447589046e31e8a4371c4bf
SHA512: 666929f389ae362d489b4fc55da34b9ff60cf9136ba2a0caabb49553c8c23e0f
d8b68be472dcecb1d4fd93243c84e0e05a56c3be9ca3e67a61072a161d3881eb
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x10001000
timedatestamp.....: 0x44e9e710 (Mon Aug 21 17:02:08 2006)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x7287 0x7e00 7.92 9f5668ccb6d6a9021c58b1ba34b99b3a
.rdata 0x9000 0x263 0x400 2.85 8d83adc83f30baf14f4ff718e592613e
.data 0xa000 0x18391 0x4a00 7.97 d955241bbb2f26805505cab1b1696c81

( 2 imports )
> user32.dll: EnableScrollBar, DrawMenuBar, DispatchMessageA, CreateMenu, CreateIconFromResource, CreateCursor
> kernel32.dll: GetSystemTime, lstrcpyA, VirtualAlloc, TlsAlloc, RtlUnwind, MapViewOfFile, GetVersionExA, ExitThread, GetPrivateProfileStringA, GetSystemTimeAsFileTime, GetTimeFormatA

( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext. ... 009A89F9A7

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec
Sistemas. There are no guarantees about the availability and continuity of
this service. Although the detection rate afforded by the use of multiple
antivirus engines is far superior to that offered by just one product,
these results DO NOT guarantee the harmlessness of a file. Currently,
there is not any solution that offers a 100% effectiveness rate for detecting
viruses and malware.


FILE 2


| ????? | | Sloven??ina | Dansk | ??????? | Rom?n? | T?rk?e | Nederlands | ???????? | Fran?ais | Svenska | Portugu?s | Italiano | | | Magyar | Deutsch | ?esky | Polski | Espa?ol
Virus Total
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File slot.dat received on 05.12.2008 13:14:46 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 39 and 56 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.5.10.0 2008.05.10 -
AntiVir 7.8.0.17 2008.05.11 -
Authentium 5.1.0.4 2008.05.11 -
Avast 4.8.1169.0 2008.05.11 -
AVG 7.5.0.516 2008.05.11 -
BitDefender 7.2 2008.05.08 -
CAT-QuickHeal 9.50 2008.05.10 -
ClamAV 0.92.1 2008.05.12 -
DrWeb 4.44.0.09170 2008.05.12 -
eSafe 7.0.15.0 2008.05.12 -
eTrust-Vet 31.4.5781 2008.05.12 -
Ewido 4.0 2008.05.11 -
F-Prot 4.4.2.54 2008.05.10 -
F-Secure 6.70.13260.0 2008.05.12 -
Fortinet 3.14.0.0 2008.05.12 -
GData 2.0.7306.1023 2008.05.12 -
Ikarus T3.1.1.26.0 2008.05.12 -
Kaspersky 7.0.0.125 2008.05.12 -
McAfee 5292 2008.05.10 -
Microsoft 1.3408 2008.05.12 -
NOD32v2 3092 2008.05.12 -
Norman 5.80.02 2008.05.09 -
Panda 9.0.0.4 2008.05.11 -
Prevx1 V2 2008.05.12 -
Rising 20.44.02.00 2008.05.12 -
Sophos 4.29.0 2008.05.12 -
Sunbelt 3.0.1114.0 2008.05.12 -
Symantec 10 2008.05.11 -
TheHacker 6.2.92.307 2008.05.12 -
VBA32 3.12.6.5 2008.05.12 -
VirusBuster 4.3.26:9 2008.05.11 -
Webwasher-Gateway 6.6.2 2008.05.11 -
Additional information
File size: 260 bytes
MD5...: fe6629d61515627591b04929443648f6
SHA1..: f280a2b8b3ece69b434782af2f9d1dbd376ee8a1
SHA256: 42350a4df42b87db12b1a67c2ae64bec5a081ed32b1fde3e02d4cc3638b632a3
SHA512: 37dc0a40a9e0a17f74f8c60b7e931dabf30cdb9be568b645c9c0726210c92e04
516182a2e9248d647be3f23634de33bea021bbe1971c683ccbc358a468e08935
PEiD..: -
PEInfo: -

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

Scan another file
VirusTotal ? Hispasec Sistemas - Blog - Contact: info@virustotal.com

FILE 3

tryed to send it for scan virus total but it says I already scanned it
and gives me the result of the first file

Jotti has the following
Scan taken on 12 May 2008 11:23:20 (GMT)
A-Squared
Found nothing
AntiVir
Found TR/Vundo.Gen
ArcaVir
Found Adware.Virtumonde.Mju
Avast
Found Win32:Virtumonde-JF
AVG Antivirus
Found BHO.DPP
BitDefender
Found Adware.Virtumonde.GIO
ClamAV
Found Trojan.Vundo-2274
CPsecure
Found AdWare.W32.Virtumonde.mju
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found not-a-virus:AdWare.Win32.Virtumonde.mju (4, 1, 400)
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found not-a-virus:AdWare.Win32.Virtumonde.mju
NOD32
Found Win32/Adware.Agent.NIT application
Norman Virus Control
Found W32/Virtumonde.TAU
Panda Antivirus
Found nothing
Sophos Antivirus
Found Troj/Virtum-Gen
VirusBuster
Found nothing
VBA32
Found AdWare.Win32.Virtumonde.mju


Secondly I create the file for combofix but did not drop it onto the icon until after the korpersky scan
here is the report

ComboFix 08-05-09.1 - Administrator 2008-05-12 20:46:41.2 - FAT32x86
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt

FILE ::
C:\WINDOWS\mrofinu1535.exe
C:\WINDOWS\system32\ahwgbbtp.dll
C:\WINDOWS\system32\ipgwvmmm.dll
C:\WINDOWS\system32\pjdcefan.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\mrofinu1535.exe
C:\WINDOWS\system32\ahwgbbtp.dll
C:\WINDOWS\system32\ipgwvmmm.dll
C:\WINDOWS\system32\pjdcefan.dll

.
((((((((((((((((((((((((( Files Created from 2008-04-12 to 2008-05-12 )))))))))))))))))))))))))))))))
.

2008-05-12 15:42 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-12 13:35 . 2008-05-12 13:35 759 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-05-12 13:09 . 2008-05-12 13:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-12 13:08 . 2008-05-12 13:08 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-12 12:48 . 2008-03-01 14:06 6,066,176 --------- C:\WINDOWS\system32\DllCache\ieframe.dll
2008-05-12 12:48 . 2007-04-17 10:32 2,455,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dat
2008-05-12 12:48 . 2007-03-08 06:10 991,232 --------- C:\WINDOWS\system32\DllCache\ieframe.dll.mui
2008-05-12 12:48 . 2008-03-01 14:06 459,264 --------- C:\WINDOWS\system32\DllCache\msfeeds.dll
2008-05-12 12:48 . 2008-03-01 14:06 383,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dll
2008-05-12 12:48 . 2008-03-01 14:06 267,776 --------- C:\WINDOWS\system32\DllCache\iertutil.dll
2008-05-12 12:48 . 2008-03-01 14:06 63,488 --------- C:\WINDOWS\system32\DllCache\icardie.dll
2008-05-12 12:48 . 2008-03-01 14:06 52,224 --------- C:\WINDOWS\system32\DllCache\msfeedsbs.dll
2008-05-12 12:48 . 2008-02-22 11:00 13,824 --------- C:\WINDOWS\system32\DllCache\ieudinit.exe
2008-05-12 12:47 . 2007-08-13 18:54 33,792 --a------ C:\WINDOWS\system32\DllCache\custsat.dll
2008-05-11 18:58 . <DIR> C:\WINDOWS\LastGood.Tmp
2008-05-11 12:55 . 2008-05-11 12:55 <DIR> d--hs---- C:\FOUND.000
2008-05-10 10:04 . 2008-05-10 10:04 <DIR> d-------- C:\printer
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Program Files\PC Drivers HeadQuarters
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-05-08 15:19 . 2008-05-08 15:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Program Files\Brother
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Brother
2008-05-07 08:15 . 2004-12-03 01:26 188,416 --------- C:\WINDOWS\system32\PDRVINST.DLL
2008-05-07 08:15 . 2005-04-08 01:01 122,880 --------- C:\WINDOWS\system32\BrfxD05a.dll
2008-05-07 08:15 . 2002-10-31 01:09 81,920 --------- C:\WINDOWS\system32\BrWebIns.dll
2008-05-07 08:15 . 2003-07-03 01:08 65,536 --------- C:\WINDOWS\system32\BRWEBUP.EXE
2008-05-07 08:15 . 2001-11-15 01:00 6,224 --------- C:\WINDOWS\CVRPAGE.BMP
2008-05-07 08:15 . 2003-11-28 18:57 0 --------- C:\WINDOWS\brdfxspd.dat
2008-05-06 22:06 . 2008-05-11 18:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-06 22:06 . 2008-05-06 22:06 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-04 11:04 . 2007-07-09 14:09 584,192 --------- C:\WINDOWS\system32\DllCache\rpcrt4.dll
2008-05-03 17:22 . 2008-05-03 17:22 <DIR> d-------- C:\Program Files\Alwil Software
2008-05-03 12:46 . 2008-05-03 12:46 <DIR> d-------- C:\8f93310bbecffc52bbf2ae251ecb5a25
2008-05-03 12:37 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-03 12:35 . 2008-05-03 12:35 <DIR> d-------- C:\15e22707b0a164cc76175b22cc5d
2008-05-03 10:50 . 2008-05-03 10:50 <DIR> d-------- C:\7ea8b241a65fa63ddd3fb08d1dec16
2008-05-02 20:09 . 2008-05-02 20:09 <DIR> d-------- C:\WCH.CN
2008-05-02 20:09 . 2006-10-25 00:00 36,080 --a------ C:\WINDOWS\system32\drivers\CH341SER.SYS
2008-05-02 20:09 . 2005-07-30 00:00 6,712 --a------ C:\WINDOWS\system32\CH341PT.DLL
2008-05-02 11:31 . 2008-05-02 11:36 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\Program Files\Zone Labs
2008-05-02 11:28 . 2008-05-12 20:58 31,767 --ah----- C:\WINDOWS\system32\vsconfig.xml
2008-05-02 11:25 . 2008-05-02 11:26 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-05-01 11:26 . 2008-05-05 11:27 109,738 --a------ C:\WINDOWS\BMaf1a58b6.xml
2008-04-17 15:17 . 2008-04-17 15:17 <DIR> d-------- C:\Program Files\iPod
2008-04-16 20:24 . 2003-07-16 14:27 43,264 --------- C:\WINDOWS\system32\drivers\ser2pl.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-17 05:44 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\DllCache\win32k.sys
2008-03-01 17:36 3,591,680 ------w C:\WINDOWS\system32\DllCache\mshtml.dll
2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\DllCache\ie4uinit.exe
2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\DllCache\iexplore.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\DllCache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\DllCache\dnsrslvr.dll
2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\DllCache\dnsapi.dll
2008-02-16 08:59 474,112 ------w C:\WINDOWS\system32\DllCache\shlwapi.dll
2008-02-16 08:59 151,040 ------w C:\WINDOWS\system32\DllCache\cdfview.dll
2008-02-16 08:59 1,494,528 ------w C:\WINDOWS\system32\DllCache\shdocvw.dll
2008-02-16 08:59 1,054,208 ------w C:\WINDOWS\system32\DllCache\danim.dll
2008-02-16 08:59 1,023,488 ------w C:\WINDOWS\system32\DllCache\browseui.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\DllCache\ieakui.dll
2004-12-18 23:38 260 ----a-w C:\Program Files\slot.dat
.

((((((((((((((((((((((((((((( snapshot@2008-05-11_16.39.43.92 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-11 15:33:10 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-12 19:55:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2004-08-10 09:44:44 61,440 ------w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-10 09:44:44 99,840 ------w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-10 09:44:44 35,328 ------w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-03 11:40:50 33,792 ------w C:\WINDOWS\ie7\custsat.dll
+ 2008-02-16 08:59:36 357,888 ------w C:\WINDOWS\ie7\dxtmsft.dll
+ 2008-02-16 08:59:36 205,312 ------w C:\WINDOWS\ie7\dxtrans.dll
+ 2008-02-16 08:59:36 55,808 ------w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-10 16:44:44 38,912 ------w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-10 09:44:44 34,304 ------w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-10 09:44:44 139,264 ------w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-10 09:44:44 216,576 ------w C:\WINDOWS\ie7\ieaksie.dll
+ 2004-08-10 09:44:44 221,184 ------w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-10 09:44:44 323,584 ------w C:\WINDOWS\ie7\iedkcs32.dll
+ 2008-02-15 09:23:38 18,432 ------w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-10 09:44:44 81,920 ------w C:\WINDOWS\ie7\ieencode.dll
+ 2008-02-16 08:59:36 251,392 ------w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-10 09:44:44 48,640 ------w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-10 09:44:44 62,976 ------w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-10 16:44:44 93,184 ------w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-10 09:44:44 35,840 ------w C:\WINDOWS\ie7\imgutil.dll
+ 2008-02-16 08:59:36 96,256 ------w C:\WINDOWS\ie7\inseng.dll
+ 2007-12-18 14:40:58 450,560 ------w C:\WINDOWS\ie7\jscript.dll
+ 2008-02-16 08:59:36 16,384 ------w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-10 09:44:44 22,016 ------w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-10 09:44:44 29,184 ------w C:\WINDOWS\ie7\mshta.exe
+ 2008-02-16 22:29:38 3,059,712 ------w C:\WINDOWS\ie7\mshtml.dll
+ 2008-02-16 08:59:38 449,024 ------w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-10 09:44:44 56,832 ------w C:\WINDOWS\ie7\mshtmler.dll
+ 2004-08-10 09:44:44 146,432 ------w C:\WINDOWS\ie7\msls31.dll
+ 2008-02-16 08:59:38 146,432 ------w C:\WINDOWS\ie7\msrating.dll
+ 2008-02-16 08:59:38 532,480 ------w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-10 09:44:44 96,256 ------w C:\WINDOWS\ie7\occache.dll
+ 2008-02-16 08:59:38 39,424 ------w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-08-13 17:54:42 32,960 ------w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-08-13 17:52:06 66,048 ----a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:16 213,216 ------w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:18 371,424 ------w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-10 09:44:44 37,888 ------w C:\WINDOWS\ie7\url.dll
+ 2008-02-16 08:59:38 615,936 ------w C:\WINDOWS\ie7\urlmon.dll
+ 2007-12-18 14:40:58 417,792 ------w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 15:13:22 851,968 ------w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-10 09:44:44 276,480 ------w C:\WINDOWS\ie7\webcheck.dll
+ 2008-02-16 08:59:40 659,456 ------w C:\WINDOWS\ie7\wininet.dll
+ 2007-08-13 17:39:00 123,904 ------w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-08-13 17:39:00 123,904 ------w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll.000
+ 2007-08-13 17:35:46 346,624 ------w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-08-13 17:35:38 214,528 ------w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 ------w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 ------w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-08-13 17:39:06 54,784 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe.000
+ 2007-08-13 17:39:26 152,064 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-08-13 17:39:26 152,064 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll.000
+ 2007-08-13 17:39:54 229,376 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-08-13 17:39:54 229,376 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll.000
+ 2007-08-13 16:56:54 161,792 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-08-13 16:56:54 161,792 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll.000
+ 2007-02-12 15:10:12 2,451,312 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-08-13 17:39:50 382,976 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll.000
+ 2007-08-13 17:54:10 6,049,280 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-08-13 17:39:10 43,008 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll.000
+ 2007-08-13 17:34:04 266,752 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-08-13 17:43:56 622,080 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe.000
+ 2007-08-13 17:54:10 27,136 ------w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 ------w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 ------w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 ------w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-08-13 17:54:10 475,648 ------w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 ------w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 ------w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 ------w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 17:44:06 101,376 ------w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll.000
+ 2007-08-13 17:36:12 44,544 ------w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:22:40 213,216 ------w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:52 371,424 ------w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 ------w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-08-13 17:44:30 105,984 ------w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll.000
+ 2007-08-13 17:54:10 1,162,240 ------w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-08-13 17:54:10 231,424 ------w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-08-13 17:54:10 231,424 ------w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll.000
+ 2007-08-13 17:54:10 818,688 ------w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-07 02:21:46 124,928 ------w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-07 02:21:46 124,928 ------w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll.000
+ 2007-12-19 23:01:06 347,136 ------w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:21:46 214,528 ------w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:21:46 133,120 ------w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:21:46 63,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-07 02:21:46 63,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll.000
+ 2007-12-06 11:00:58 70,656 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:21:46 153,088 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:21:46 230,400 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:52 161,792 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dat
+ 2007-12-07 02:21:46 383,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:21:46 383,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll.000
+ 2007-12-07 02:21:46 384,512 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:21:46 6,066,176 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:21:46 6,066,176 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll.000
+ 2007-12-07 02:21:46 44,544 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:21:46 267,776 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-07 02:21:46 267,776 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll.000
+ 2007-12-06 11:00:58 13,824 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:01:26 625,664 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-06 11:01:26 625,664 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe.000
+ 2007-12-07 02:21:48 27,648 ------w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:21:48 459,264 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:21:48 459,264 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll.000
+ 2007-12-07 02:21:48 52,224 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-07 02:21:48 52,224 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll.000
+ 2007-12-08 09:51:48 3,592,192 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-08 09:51:48 3,592,192 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll.000
+ 2007-12-07 02:21:48 478,208 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:21:48 478,208 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll.000
+ 2007-12-07 02:21:48 193,024 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:21:48 671,232 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:21:48 102,912 ------w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:53:32 44,544 ------w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:22:40 213,216 ------w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:52 371,424 ------w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:21:48 105,984 ------w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:21:48 105,984 ------w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll.000
+ 2007-12-07 02:21:48 1,159,680 ------w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:21:48 1,159,680 ------w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll.000
+ 2007-12-07 02:21:48 233,472 ------w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:21:48 233,472 ------w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll.000
+ 2007-12-07 02:21:48 824,832 ------w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2007-12-07 02:21:48 824,832 ------w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll.000
+ 2008-05-12 13:40:24 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
- 2006-12-13 16:58:08 2,775 ----a-w C:\WINDOWS\mozver.dat
+ 2008-05-12 12:59:40 3,267 ----a-w C:\WINDOWS\mozver.dat
+ 2006-06-03 11:40:50 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-10 09:44:44 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-10 09:44:44 99,840 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-03-01 13:06:20 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-08-13 17:39:20 71,680 ------w C:\WINDOWS\system32\DllCache\admparse.dll
+ 2008-03-01 13:06:20 124,928 ------w C:\WINDOWS\system32\DllCache\advpack.dll
+ 2007-08-13 17:42:54 17,408 ------w C:\WINDOWS\system32\DllCache\corpol.dll
- 2008-02-16 08:59:36 357,888 ------w C:\WINDOWS\system32\DllCache\dxtmsft.dll
+ 2008-03-01 13:06:22 347,136 ------w C:\WINDOWS\system32\DllCache\dxtmsft.dll
- 2008-02-16 08:59:36 205,312 ------w C:\WINDOWS\system32\DllCache\dxtrans.dll
+ 2008-03-01 13:06:22 214,528 ------w C:\WINDOWS\system32\DllCache\dxtrans.dll
- 2008-02-16 08:59:36 55,808 ------w C:\WINDOWS\system32\DllCache\extmgr.dll
+ 2008-03-01 13:06:22 133,120 ------w C:\WINDOWS\system32\DllCache\extmgr.dll
+ 2007-08-13 17:18:02 60,416 ------w C:\WINDOWS\system32\DllCache\hmmapi.dll
+ 2008-03-01 13:06:22 153,088 ------w C:\WINDOWS\system32\DllCache\ieakeng.dll
+ 2008-03-01 13:06:22 230,400 ------w C:\WINDOWS\system32\DllCache\ieaksie.dll
+ 2008-03-01 13:06:22 384,512 ------w C:\WINDOWS\system32\DllCache\iedkcs32.dll
- 2008-02-15 09:23:38 18,432 ------w C:\WINDOWS\system32\DllCache\iedw.exe
+ 2007-08-13 17:44:02 69,120 ----a-w C:\WINDOWS\system32\DllCache\iedw.exe
+ 2007-08-13 17:45:18 78,336 ------w C:\WINDOWS\system32\DllCache\ieencode.dll
- 2008-02-16 08:59:36 251,392 ------w C:\WINDOWS\system32\DllCache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\DllCache\iepeers.dll
+ 2008-03-01 13:06:24 44,544 ------w C:\WINDOWS\system32\DllCache\iernonce.dll
+ 2007-08-13 17:39:12 55,296 ------w C:\WINDOWS\system32\DllCache\iesetup.dll
+ 2007-08-13 17:36:06 36,352 ------w C:\WINDOWS\system32\DllCache\imgutil.dll
- 2008-02-16 08:59:36 96,256 ------w C:\WINDOWS\system32\DllCache\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\DllCache\inseng.dll
- 2007-12-18 14:40:58 450,560 ------w C:\WINDOWS\system32\DllCache\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\DllCache\jscript.dll
- 2008-02-16 08:59:36 16,384 ------w C:\WINDOWS\system32\DllCache\jsproxy.dll
+ 2008-03-01 13:06:26 27,648 ------w C:\WINDOWS\system32\DllCache\jsproxy.dll
+ 2007-08-13 17:44:18 40,960 ------w C:\WINDOWS\system32\DllCache\licmgr10.dll
+ 2007-08-13 17:32:30 45,568 ------w C:\WINDOWS\system32\DllCache\mshta.exe
- 2008-02-16 08:59:38 449,024 ------w C:\WINDOWS\system32\DllCache\mshtmled.dll
+ 2008-03-01 13:06:28 478,208 ------w C:\WINDOWS\system32\DllCache\mshtmled.dll
+ 2007-08-13 17:01:12 48,128 ------w C:\WINDOWS\system32\DllCache\mshtmler.dll
+ 2007-08-13 17:54:10 156,160 ------w C:\WINDOWS\system32\DllCache\msls31.dll
- 2008-02-16 08:59:38 146,432 ------w C:\WINDOWS\system32\DllCache\msrating.dll
+ 2008-03-01 13:06:28 193,024 ------w C:\WINDOWS\system32\DllCache\msrating.dll
- 2008-02-16 08:59:38 532,480 ------w C:\WINDOWS\system32\DllCache\mstime.dll
+ 2008-03-01 13:06:30 671,232 ------w C:\WINDOWS\system32\DllCache\mstime.dll
+ 2008-03-01 13:06:30 102,912 ------w C:\WINDOWS\system32\DllCache\occache.dll
- 2008-02-16 08:59:38 39,424 ------w C:\WINDOWS\system32\DllCache\pngfilt.dll
+ 2008-03-01 13:06:30 44,544 ------w C:\WINDOWS\system32\DllCache\pngfilt.dll
+ 2008-03-01 13:06:30 105,984 ------w C:\WINDOWS\system32\DllCache\url.dll
- 2008-02-16 08:59:38 615,936 ------w C:\WINDOWS\system32\DllCache\urlmon.dll
+ 2008-03-01 13:06:30 1,159,680 ------w C:\WINDOWS\system32\DllCache\urlmon.dll
- 2007-12-18 14:40:58 417,792 ------w C:\WINDOWS\system32\DllCache\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\DllCache\vbscript.dll
- 2007-06-26 15:13:22 851,968 ------w C:\WINDOWS\system32\DllCache\vgx.dll
+ 2007-08-13 17:54:10 765,952 ----a-w C:\WINDOWS\system32\DllCache\VGX.dll
+ 2008-03-01 13:06:30 233,472 ------w C:\WINDOWS\system32\DllCache\webcheck.dll
- 2008-02-16 08:59:40 659,456 ------w C:\WINDOWS\system32\DllCache\wininet.dll
+ 2008-03-01 13:06:32 826,368 ------w C:\WINDOWS\system32\DllCache\wininet.dll
- 2008-02-16 08:59:36 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 13:06:22 347,136 ------w C:\WINDOWS\system32\dxtmsft.dll
- 2008-02-16 08:59:36 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 13:06:22 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2008-02-16 08:59:36 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 13:06:22 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 13:06:22 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll
- 2004-08-10 09:44:44 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-29 08:55:24 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-10 09:44:44 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 13:06:22 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-10 09:44:44 216,576 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 13:06:22 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2004-08-10 09:44:44 221,184 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:26 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2008-03-01 13:06:22 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2004-08-10 09:44:44 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 13:06:22 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-10 09:44:44 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2008-03-01 13:06:24 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-02-16 08:59:36 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-10 09:44:44 48,640 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 13:06:24 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 13:06:26 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2004-08-10 09:44:44 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2008-02-22 10:00:52 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2004-08-10 09:44:44 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2008-02-16 08:59:36 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2007-07-12 00:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-22 00:23:36 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-07-12 00:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-22 00:23:40 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-07-12 01:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-22 01:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-12-18 14:40:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2008-02-16 08:59:36 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 13:06:26 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2005-05-24 11:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 14:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 14:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2004-08-10 09:44:44 22,016 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2008-03-01 13:06:26 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 13:06:26 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2004-08-10 09:44:44 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2008-02-16 22:29:38 3,059,712 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 17:36:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-02-16 08:59:38 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 13:06:28 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-10 09:44:44 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2004-08-10 09:44:44 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2008-02-16 08:59:38 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-03-01 13:06:28 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-02-16 08:59:38 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-03-01 13:06:30 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2006-06-28 16:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll
- 2004-08-10 09:44:44 96,256 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-03-01 13:06:30 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-02-16 08:59:38 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 13:06:30 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
- 2005-06-28 09:21:34 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-09-06 16:43:16 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
- 2004-08-10 09:44:44 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-03-01 13:06:30 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-02-16 08:59:38 615,936 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 13:06:30 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-10 09:44:44 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2006-03-24 04:37:50 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2004-08-10 09:44:44 276,480 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 13:06:30 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2008-02-16 08:59:40 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-03-01 13:06:32 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Voipwise"="C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" [2007-09-06 11:24 7394608]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"InternetCalls"="C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" [2007-04-18 15:49 7116352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 10:44 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2005-08-29 19:09 980736]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-10-11 19:23 185784]
"SoundMan"="SOUNDMAN.EXE" [2005-03-24 20:20 77824 C:\WINDOWS\SOUNDMAN.EXE]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01 32768]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2005-04-28 09:43 544768]
"KTPWare"="C:\Program Files\Elantech\ktp.exe" [2005-01-29 04:14 253952]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 10:44 208952]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-01-22 16:08 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-01-22 16:07 126976]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 10:44 110592 C:\WINDOWS\system32\bthprops.cpl]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2003-01-21 15:19 40960]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12 483328]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 10:44 15360]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-05-07 08:17:05 802816]
QuickTV6.lnk - C:\Program Files\AVerTV 6.0\AVerQT.exe [2005-11-07 11:36:24 512000]
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-03-08 16:28:29 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^BEE Service.lnk]
backup=C:\WINDOWS\pss\BEE Service.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DataViz Inc Messenger.lnk]
backup=C:\WINDOWS\pss\DataViz Inc Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\Administrator\\Program Files\\BitTorrent_DNA\\dna.exe"=
"C:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7890:TCP"= 7890:TCP:eMule

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 18:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 18:35]
R3 Ktp;Elantech Touchpad;C:\WINDOWS\system32\DRIVERS\Ktp.sys [2005-04-20 09:24]
S3 avera800;AVerMedia DVB-T BDA Video Capture(A800);C:\WINDOWS\system32\Drivers\avera800.sys [2005-09-20 12:47]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
S3 DSCVc;Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 17:31]
S3 Smc1046;EZ Connect USB to Dual Speed Ethernet Converter;C:\WINDOWS\system32\DRIVERS\SMCUSB.sys [2002-06-21 16:36]
S3 ZSMC302;V-Gear TalkCam 1.1;C:\WINDOWS\system32\Drivers\usbvm302.sys [2004-03-19 17:11]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 15:39:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 20:59:12
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
.
**************************************************************************
.
Completion time: 2008-05-12 21:15:16 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-12 20:14:46
ComboFix2.txt 2008-05-11 15:41:40

Pre-Run: 7,534,952,448 bytes free
Post-Run: 7,820,574,720 bytes free

494 --- E O F --- 2008-05-11 02:19:11


Lastly the Karpesky, on this note I add that AVAST, does not let me wash out the viruses it only lstop them from causing interference by moving them in an apposite folder, beside it only list 6 files

here is the last log

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, May 12, 2008 8:39:27 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 12/05/2008
Kaspersky Anti-Virus database records: 761821
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 82868
Number of viruses found: 8
Number of infected objects: 20
Number of suspicious objects: 0
Duration of the scan process: 04:58:00

Infected Object Name / Virus Name / Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\MSFWSVC.evt Object is locked skipped
C:\WINDOWS\system32\config\Windows_OneCare_Evt.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\ahwgbbtp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.mju skipped
C:\WINDOWS\system32\pjdcefan.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.mju skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped
C:\WINDOWS\system32\ipgwvmmm.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.mju skipped
C:\WINDOWS\system32\helper1.dll Infected: Trojan-Spy.Win32.Banker.ckw skipped
C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\mrofinu1535.exe Infected: Trojan-Downloader.Win32.Homles.bk skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\7ffip0jl.Default User\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\7ffip0jl.Default User\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\7ffip0jl.Default User\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\7ffip0jl.Default User\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe/crack.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.pae skipped
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe/keygen.exe Infected: Trojan-Downloader.Win32.Small.ury skipped
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe/serial.exe Infected: Trojan-Downloader.Win32.Small.ujl skipped
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe RAR: infected - 3 skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\nRT.jar-76bb50d2-1fd91abf.zip/HiPointInstallShieldRT.class Infected: Trojan-Downloader.Java.OpenConnection.ap skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\nRT.jar-76bb50d2-1fd91abf.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-29d724f2-4e41ab86.zip/HiPointInstallShieldRT.class Infected: Trojan-Downloader.Java.OpenConnection.ap skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-29d724f2-4e41ab86.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\6301139e-73daeaf7/HiPointInstallShieldRT.class Infected: Trojan-Downloader.Java.OpenConnection.ap skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\6301139e-73daeaf7 ZIP: infected - 1 skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\44\3076c3ac-62abd031/HiPointInstallShieldRT.class Infected: Trojan-Downloader.Java.OpenConnection.ap skipped
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\44\3076c3ac-62abd031 ZIP: infected - 1 skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\xtrlwxcn.dll.vir Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\jtafoksn.dll.vir Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\System Volume Information\_restore{76413C72-39CA-4B29-B37D-D3A38E6E9974}\RP15\change.log Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\helper.dll.vir Infected: Trojan-Spy.Win32.Banker.ckw skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{76413C72-39CA-4B29-B37D-D3A38E6E9974}\RP15\change.log Object is locked skipped

Scan process completed.

Wow did not think it was such a lenghty process, thanks again for your support I am learning a great deal here
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am

Re: very slow many problems including printer driver fault

Unread postby Katana » May 12th, 2008, 5:53 pm

tropics wrote:Wow did not think it was such a lenghty process

It takes 10 seconds to get infected, depending what the infection is it can sometimes take days to clean it off :evil:

At least we have found the probable cause of your problems

C:\Documents and Settings\Administrator\Desktop\eurovox software.exe/crack.exe --> Win32.Virtumonde.pae
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe/keygen.exe --> Trojan-Downloader.Win32.Small.ury
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe/serial.exe --> Trojan-Downloader.Win32.Small.ujl


Do you know where eurovox software.exe came from ?


Custom CFScript
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: Select all
    
    File::
    C:\WINDOWS\system32\ahwgbbtp.dll
    C:\WINDOWS\system32\pjdcefan.dll
    C:\WINDOWS\system32\ipgwvmmm.dll
    C:\WINDOWS\system32\helper1.dll
    C:\WINDOWS\mrofinu1535.exe
    C:\Documents and Settings\Administrator\Desktop\eurovox software.exe
    C:\Program Files\Alwil Software\Avast4\DATA\moved\xtrlwxcn.dll.vir
    C:\Program Files\Alwil Software\Avast4\DATA\moved\jtafoksn.dll.vir
    Folder::
    C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi
    C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0
    

  • Save this as CFScript.txt and place it on your desktop.


    Image


  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.



Another long scan now I'm afraid :(

Active Scan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
Please go to this site Link >> ActiveScan << LINK
  • Click the Scan Now button
  • Follow the prompts to install the Active X if necessary
  • Go and make a cup of tea/coffee/beverage of your choice and watch some TV :)
  • When the scan is finished, a report will be generated
  • Next to Scan Details click the small Save button and save the report to your desktop.
  • Please post the report in your reply.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: very slow many problems including printer driver fault

Unread postby tropics » May 13th, 2008, 5:10 am

Hi
the Eurovox is a firmware for my TV digibox that I believe was sent by the manufacturer via email attachment.
It did not cause problem to the digibox when I installed it there. However was soon after that that my Browsers malfunctioned and I was unable to use yahoo and google search engines, this until I downloaded Avast which fixed the problem. Instead the printer fault was a previous matter. I believe that is either a registry cleaning software that I no longer use that caused it, but can also be hijacking as I cannot make any changes to the RPC when I am in services.

This is the log

ComboFix 08-05-09.1 - Administrator 2008-05-13 9:29:04.3 - FAT32x86
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt

FILE ::
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe
C:\Program Files\Alwil Software\Avast4\DATA\moved\jtafoksn.dll.vir
C:\Program Files\Alwil Software\Avast4\DATA\moved\xtrlwxcn.dll.vir
C:\WINDOWS\mrofinu1535.exe
C:\WINDOWS\system32\ahwgbbtp.dll
C:\WINDOWS\system32\helper1.dll
C:\WINDOWS\system32\ipgwvmmm.dll
C:\WINDOWS\system32\pjdcefan.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\20516e80-27da5031
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\20516e80-27da5031.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\2da1e140-56e7ea59
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\2da1e140-56e7ea59.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\577d8f80-72b8b1a4
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\577d8f80-72b8b1a4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\1e4c0f01-28de6ed5-0306.0087.0714.0002-
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\1e4c0f01-28de6ed5-0306.0087.0714.0002-.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\489bac81-42446876
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\489bac81-42446876.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\7f07d381-270bd34b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\7f07d381-270bd34b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\2a63378a-40a864ee
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\2a63378a-40a864ee.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\4a39948a-6a4a931a
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\4a39948a-6a4a931a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\5118b30a-59f142b7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\5118b30a-59f142b7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\7a83c08a-25ed6078
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\7a83c08a-25ed6078.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\251a44cb-6ff247b3
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\251a44cb-6ff247b3.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\2d24eecb-266f18c9
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\2d24eecb-266f18c9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\30eac7cb-2ff86c40
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\30eac7cb-2ff86c40.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\532a088b-311f078d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\532a088b-311f078d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\2f187d0c-28d2ba1a
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\2f187d0c-28d2ba1a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\3698794c-2c5f30fc
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\3698794c-2c5f30fc.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\39215d8c-4b3debb0
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\39215d8c-4b3debb0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\51f1140c-5cb6887d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\51f1140c-5cb6887d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\2ecd894d-26149e5d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\2ecd894d-26149e5d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\328e380d-28577dda
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\328e380d-28577dda.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\363da18d-7d23b339
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\363da18d-7d23b339.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\3e28450d-22673b2d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\3e28450d-22673b2d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\71f897cd-28e4b659
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\71f897cd-28e4b659.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\101fec0e-7a7853f0
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\101fec0e-7a7853f0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\13547f8e-7c4e4d85
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\13547f8e-7c4e4d85.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\221198e-347de679
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\221198e-347de679.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\4022358e-111d678b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\4022358e-111d678b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\4349bce-3bfcac93
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\4349bce-3bfcac93.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\7b23ce8e-40d7252e
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\7b23ce8e-40d7252e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\38b2b80f-48f89e86
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\38b2b80f-48f89e86.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\4119278f-7b9a69f8
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\4119278f-7b9a69f8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\7917eb0f-5a0ac4ec
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\7917eb0f-5a0ac4ec.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\7d94750f-6dd478bf
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\7d94750f-6dd478bf.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\d1f5a0f-695f0633
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\d1f5a0f-695f0633.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\27549cd0-7184ac52
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\27549cd0-7184ac52.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\49966190-45a79b0d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\49966190-45a79b0d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\75ffd350-3ba71e4d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\75ffd350-3ba71e4d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\7846c650-38d7eb60
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\7846c650-38d7eb60.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\1fec7891-7f69241b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\1fec7891-7f69241b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\41c02ed1-3f9c83dd
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\41c02ed1-3f9c83dd.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\557d55d1-13bb9bf6
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\557d55d1-13bb9bf6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\5ff80c51-1cca9912
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\5ff80c51-1cca9912.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\10dbde12-3cb4d6b7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\10dbde12-3cb4d6b7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\3a7786d2-2a425077
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\3a7786d2-2a425077.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\3bd73052-618d4566
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\3bd73052-618d4566.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\4b73fd92-1cd6ca3f
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\4b73fd92-1cd6ca3f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\7bd22752-53b07ea8
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\7bd22752-53b07ea8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\6ada13-1aeec3af
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\6ada13-1aeec3af.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\71b61b13-39b80b05
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\71b61b13-39b80b05.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\744e3a53-3472a529
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\744e3a53-3472a529.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\45b9d302-1db8f1ff
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\45b9d302-1db8f1ff.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\476f05c2-4d7f0639
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\476f05c2-4d7f0639.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\5e74e782-5bf94e7d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\5e74e782-5bf94e7d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\61eab602-3d4fbc85
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\61eab602-3d4fbc85.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\10b8e894-7bbd5ed2
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\10b8e894-7bbd5ed2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\11782054-25669672
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\11782054-25669672.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\45908754-3ee5e9ff
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\45908754-3ee5e9ff.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\4574b615-4ff4f456
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\4574b615-4ff4f456.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\4d61fcd5-228633c6
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\4d61fcd5-228633c6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\5c390795-56aefb08
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\5c390795-56aefb08.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\61b84cd5-7d90d93e
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\61b84cd5-7d90d93e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\6a950555-5bc4aec9
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\6a950555-5bc4aec9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\3062896-4f98315f
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\3062896-4f98315f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\5ef62196-132d6450
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\5ef62196-132d6450.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\68c88156-628a52d8
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\68c88156-628a52d8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\7e25c096-716f5fc6
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\7e25c096-716f5fc6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\33462dd7-7e2b9fc5
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\33462dd7-7e2b9fc5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\377b017-6244855b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\377b017-6244855b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\73d7e57-54e547ad
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\73d7e57-54e547ad.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\177bc558-3b36d924
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\177bc558-3b36d924.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\3e28118-2e7bd1fb
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\3e28118-2e7bd1fb.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\435c798-27e5098c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\435c798-27e5098c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\5c4b3398-3fdc5aca
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\5c4b3398-3fdc5aca.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\684ded98-373f14ab
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\684ded98-373f14ab.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\7a643f98-47e10385
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\7a643f98-47e10385.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\387cf8d9-6e1eb3b1
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\387cf8d9-6e1eb3b1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\70ad1cd9-4a6f5f52
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\70ad1cd9-4a6f5f52.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\7767c0d9-7aaf37f9
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\7767c0d9-7aaf37f9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\7b6b7799-44333e22
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\7b6b7799-44333e22.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\2b06385b-3822db5c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\2b06385b-3822db5c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\35515db-2acf82e6
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\35515db-2acf82e6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\3f69d99b-757a6edb
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\3f69d99b-757a6edb.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\5778ea9b-230b5831
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\5778ea9b-230b5831.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\738911db-3364547a
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\738911db-3364547a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\7cb02e5b-12bd8c03
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\7cb02e5b-12bd8c03.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\a0e3adb-2f649f6c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\a0e3adb-2f649f6c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\a0e3adb-415d5d63
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\a0e3adb-415d5d63.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\1f533f1c-3e122e91
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\1f533f1c-3e122e91.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\7b940f5c-44232582
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\7b940f5c-44232582.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\29\3d15065d-12454b39
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\29\3d15065d-12454b39.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\29\5265579d-12ebb437
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\29\5265579d-12ebb437.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\226a6383-6f8bd875
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\226a6383-6f8bd875.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\23178bc3-1aac6356
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\23178bc3-1aac6356.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\5c328fc3-283f8523
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\5c328fc3-283f8523.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\daf2583-55d54abb
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\daf2583-55d54abb.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\1d1c411e-4dd01961
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\1d1c411e-4dd01961.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\6301139e-73daeaf7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\6301139e-73daeaf7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\1f13a59f-3fa892dd
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\1f13a59f-3fa892dd.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\2db3081f-43b7e62f
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\2db3081f-43b7e62f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\2db3081f-701e5d1e
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\2db3081f-701e5d1e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\4eaea3df-4992c11b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\4eaea3df-4992c11b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\6ceb3b9f-28ce3f2e
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\6ceb3b9f-28ce3f2e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\138c6ea0-20507bf7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\138c6ea0-20507bf7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\153255e0-79dbcd17
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\153255e0-79dbcd17.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\5ec3aba0-38263a66
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\5ec3aba0-38263a66.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\10f6eda1-48e945fe
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\10f6eda1-48e945fe.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\121806a1-31052c6a
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\121806a1-31052c6a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\1cf50c21-48cb7060
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\1cf50c21-48cb7060.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\29c0cf21-33cd2a71
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\29c0cf21-33cd2a71.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\2de357e1-34e7a32c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\2de357e1-34e7a32c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\42feaf61-27473a9a
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\42feaf61-27473a9a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\5f13a761-6e8b65d9
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\5f13a761-6e8b65d9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\660bad21-1994719c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\660bad21-1994719c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\26f781e2-6835e953
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\26f781e2-6835e953.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\3fec3e2-7688c2f4
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\3fec3e2-7688c2f4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\35\45966023-4e807564
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\35\45966023-4e807564.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\1ea2af24-4add8d79
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\1ea2af24-4add8d79.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\3dd29264-6dc41bc1
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\3dd29264-6dc41bc1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\505e03a4-1e388424
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\505e03a4-1e388424.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\37\10fd99a5-41d3b04b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\37\10fd99a5-41d3b04b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\38\787d0d66-77762d7e
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\38\787d0d66-77762d7e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\39\13d2f667-2f7b9fc4
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\39\13d2f667-2f7b9fc4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\39\3ea22667-2f619f6f
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\39\3ea22667-2f619f6f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\46fe0484-6cd3f54c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\46fe0484-6cd3f54c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\c958a44-6cfff656
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\c958a44-6cfff656.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\29f49ce8-659074ba
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\29f49ce8-659074ba.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\477fc3a8-77b768c3
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\477fc3a8-77b768c3.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\a5bada8-4c8e5fb0
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\a5bada8-4c8e5fb0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\2dd6a2e9-6706c110
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\2dd6a2e9-6706c110.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\32687829-405e3de5
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\32687829-405e3de5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\791501a9-3392f328
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\791501a9-3392f328.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\7b5c769-550d0fff
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\7b5c769-550d0fff.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\2096a16a-6d110fb6
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\2096a16a-6d110fb6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\4d842c6a-58a6c96e
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\4d842c6a-58a6c96e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\5b32fa2a-5bd13be6
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\5b32fa2a-5bd13be6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\211885ab-58a9b49f
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\211885ab-58a9b49f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\3b24392b-76b6aae5
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\3b24392b-76b6aae5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\61b8e7ab-6c0a6fad
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\61b8e7ab-6c0a6fad.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\d0915ab-77d8adc5
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\d0915ab-77d8adc5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\44\3076c3ac-62abd031
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\44\3076c3ac-62abd031.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\3d7a33ed-560147a8
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\3d7a33ed-560147a8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\3d7a33ed-6.0.lap
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\5db4e0ad-6c9e3157
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\5db4e0ad-6c9e3157.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\6306e6ed-1fe0213e
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\6306e6ed-1fe0213e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\751f67ed-51838004
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\751f67ed-51838004.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\79cd742d-5497b767
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\79cd742d-5497b767.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\1770ab6e-50c3c3bd
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\1770ab6e-50c3c3bd.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\1b2468ae-3402981d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\1b2468ae-3402981d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\27b8a4ae-3c9f4d8f
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\27b8a4ae-3c9f4d8f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\2b377eae-4be5dbd7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\2b377eae-4be5dbd7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\6ccf46ee-36ee6ed2
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\6ccf46ee-36ee6ed2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\6e0e34ee-46cb5415
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\6e0e34ee-46cb5415.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\aefb16e-14c59cf4
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\aefb16e-14c59cf4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\47\55b662ef-4c7748c9
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\47\55b662ef-4c7748c9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\48\43a62270-721ba916
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\48\43a62270-721ba916.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\48\578d1230-619a4d22
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\48\578d1230-619a4d22.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\49\25ae6ff1-2bf6ac00
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\49\25ae6ff1-2bf6ac00.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\49\52915b1-7dd4be44
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\49\52915b1-7dd4be44.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\194d0f85-6d6308a7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\194d0f85-6d6308a7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\3c4037c5-1fa972a7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\3c4037c5-1fa972a7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\3ec7d245-40bd16f1
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\3ec7d245-40bd16f1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\605a7545-77579afa
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\605a7545-77579afa.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\6863df85-55627f05
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\6863df85-55627f05.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\6d595bc5-5080afa8
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\6d595bc5-5080afa8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\7f1a2e05-476a9fa5
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\7f1a2e05-476a9fa5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\826b345-1277300a
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\826b345-1277300a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\fd21185-5ca05a28
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\fd21185-5ca05a28.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\10def2f2-530c92d7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\10def2f2-530c92d7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\159cac32-2eb2f3a8
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\159cac32-2eb2f3a8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\225a29f2-28edb59b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\225a29f2-28edb59b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\225a29f2-6.0.lap
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\2f08c9b2-1df40336
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\2f08c9b2-1df40336.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\fdbec72-725fc9aa
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\fdbec72-725fc9aa.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\4495b933-22a8cd87-0307.0002.0316.0003-
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\4495b933-22a8cd87-0307.0002.0316.0003-.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\49f73ff3-307ef5d0
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\49f73ff3-307ef5d0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\51b4e5f3-79b5c824
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\51b4e5f3-79b5c824.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\61123b73-6bca0420
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\61123b73-6bca0420.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\7c5a0d33-1d21efa2
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\7c5a0d33-1d21efa2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\52\24872f74-489aa3fc
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\52\24872f74-489aa3fc.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\53\6a41d275-1ba40808
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\53\6a41d275-1ba40808.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\54\662a8576-61df94f1
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\54\662a8576-61df94f1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\1b8609f7-66b4c748
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\1b8609f7-66b4c748.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\2373dc37-669e71b2
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\2373dc37-669e71b2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\59905077-612edb39
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\59905077-612edb39.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\7637fbf7-1a24b112
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\7637fbf7-1a24b112.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\797c99b7-4267244d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\797c99b7-4267244d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\56\28d8bcf8-1c6cdd57
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\56\28d8bcf8-1c6cdd57.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\14afabb9-3e066b87
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\14afabb9-3e066b87.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\3c9384f9-218235c1
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\3c9384f9-218235c1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\479105f9-5af1f654
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\479105f9-5af1f654.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\189c95fa-79f14025
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\189c95fa-79f14025.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\1a08bbba-7321cd47
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\1a08bbba-7321cd47.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\2e20ff3a-5e4c32c7
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\2e20ff3a-5e4c32c7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\43c2d3ba-6853db6d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\43c2d3ba-6853db6d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\537ce7fa-122ac5a1
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\537ce7fa-122ac5a1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\7c13caba-6a4b15de
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\7c13caba-6a4b15de.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\1b56303b-4b517b0b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\1b56303b-4b517b0b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\1fbc26bb-2ec42c9b
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\1fbc26bb-2ec42c9b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\3206ecbb-20363fcd
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\3206ecbb-20363fcd.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\4fc15abb-18570db4
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\4fc15abb-18570db4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\3272f146-1c12b14c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\3272f146-1c12b14c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\3aedd146-34352236
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\3aedd146-34352236.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\6919a7c6-586f60b3
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\6919a7c6-586f60b3.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\797a6146-21c3f1ce
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\797a6146-21c3f1ce.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\11c700fc-6a02a232
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\11c700fc-6a02a232.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\386df7c-2406df40
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\386df7c-2406df40.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\3913627c-5a803769
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\3913627c-5a803769.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\62802b3c-26b913ed
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\62802b3c-26b913ed.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\710de7fc-1a2cd408
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\710de7fc-1a2cd408.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\7292c27c-35332d9d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\7292c27c-35332d9d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\1897e03d-2c6d64ac
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\1897e03d-2c6d64ac.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\2a05e7bd-2f4ce2f4
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\2a05e7bd-2f4ce2f4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\62\25075cfe-2ae690e9
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\62\25075cfe-2ae690e9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\62\577566be-7aa3e5b2
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\62\577566be-7aa3e5b2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\1e3235bf-2e65a9b2
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\1e3235bf-2e65a9b2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\69dd2d7f-2d0185e5
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\69dd2d7f-2d0185e5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\7e1daf3f-77460987
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\7e1daf3f-77460987.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\9c1a03f-7b40dd5d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\9c1a03f-7b40dd5d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\c709ec7-305c446c
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\c709ec7-305c446c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\1b069688-32a06876
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\1b069688-32a06876.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\1e20fc88-70510e78
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\1e20fc88-70510e78.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\318da108-47ba107d
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\318da108-47ba107d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\6ace0588-4e03b1d5
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\6ace0588-4e03b1d5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\77017308-1d712aa6
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\77017308-1d712aa6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\109436c9-602344bb
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\109436c9-602344bb.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\1615549-76acb387
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\1615549-76acb387.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\2fc71209-2d03b3de
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\2fc71209-2d03b3de.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\33d1eb09-6e0704b8
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\33d1eb09-6e0704b8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\37dc9489-1e02b1b0
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\37dc9489-1e02b1b0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\lastAccessed
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\splash\splash.xml
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a01.gif-4eabb772-76dc9942.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a01.gif-4eabb772-76dc9942.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a02.gif-4eb9cef3-124c4952.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a02.gif-4eb9cef3-124c4952.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a03.gif-4ec7e674-18f18306.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a03.gif-4ec7e674-18f18306.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a04.gif-4ed5fdf5-7c323953.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a04.gif-4ed5fdf5-7c323953.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a05.gif-4ee41576-60f5ae38.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a05.gif-4ee41576-60f5ae38.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a06.gif-4ef22cf7-14cbfbc4.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a06.gif-4ef22cf7-14cbfbc4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a07.gif-4f004478-372290f0.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a07.gif-4f004478-372290f0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a08.gif-4f0e5bf9-100ceb51.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a08.gif-4f0e5bf9-100ceb51.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a09.gif-4f1c737a-1a32cbb7.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a09.gif-4f1c737a-1a32cbb7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a10.gif-50527890-1cf03b8d.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a10.gif-50527890-1cf03b8d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a11.gif-50609011-65771bdd.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a11.gif-50609011-65771bdd.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a12.gif-506ea792-7293c95c.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\a12.gif-506ea792-7293c95c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\abuse.gif-22e9b071-622d7eb9.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\abuse.gif-22e9b071-622d7eb9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\advnewsscroll.class-52af096f-6c05ee03.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\advnewsscroll.class-52af096f-6c05ee03.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\angry.gif-1c458acc-55ac8535.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\angry.gif-1c458acc-55ac8535.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ascroll2.class-78f9792f-4bc4d6b1.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ascroll2.class-78f9792f-4bc4d6b1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\beep.au-60fcbb6e-5a39287d.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\beep.au-60fcbb6e-5a39287d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Bild10.jpg-758665df-2ab6d36c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Bild10.jpg-758665df-2ab6d36c.jpg
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\blush.gif-462426ab-7ec555ae.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\blush.gif-462426ab-7ec555ae.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\btn_nav.jpg-6347d440-726e8d8b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\btn_nav.jpg-6347d440-726e8d8b.jpg
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\btn_navh.jpg-23f9778-78ab43ee.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\btn_navh.jpg-23f9778-78ab43ee.jpg
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\chatbutton1.gif-32d4fb92-3ea7cb99.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\chatbutton1.gif-32d4fb92-3ea7cb99.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\chatbutton2.gif-32e31313-33979133.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\chatbutton2.gif-32e31313-33979133.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\CInfo.class-12b527b9-2466b4bc.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\CInfo.class-12b527b9-2466b4bc.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\CInfo.class-7bd61ad0-51172476.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\CInfo.class-7bd61ad0-51172476.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\closedr.au-6d38080a-52b9d21a.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\closedr.au-6d38080a-52b9d21a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\confused.gif-1cd8cd98-647d910c.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\confused.gif-1cd8cd98-647d910c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\contactmap.jpg-4328eb64-21f16ea4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\contactmap.jpg-4328eb64-21f16ea4.jpg
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\cool.gif-301be300-4c6a2614.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\cool.gif-301be300-4c6a2614.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\cry.gif-24764515-796cc230.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\cry.gif-24764515-796cc230.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ding1.au-11460cfd-251a4c70.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ding1.au-11460cfd-251a4c70.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DividendsWithValue.class-604eddf0-2860a3af.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DividendsWithValue.class-604eddf0-2860a3af.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DMI.class-37660225-28999ece.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DMI.class-37660225-28999ece.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DPAScroll.class-7f43d36b-7fb19a07.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DPAScroll.class-7f43d36b-7fb19a07.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\drumroll.au-7569bf59-25c1e0ae.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\drumroll.au-7569bf59-25c1e0ae.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\EarningsWithValue.class-36dbe8c7-2147b789.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\EarningsWithValue.class-36dbe8c7-2147b789.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphover.class-204d3700-40e50f02.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphover.class-204d3700-40e50f02.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphover.class-51e08700-23b2d7b2.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphover.class-51e08700-23b2d7b2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphoverx.class-5272c616-50d5a97f.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphoverx.class-5272c616-50d5a97f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphoverx.class-56ecb712-63cee88d.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\fphoverx.class-56ecb712-63cee88d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ge.class-63909fb2-5c45d22a.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ge.class-63909fb2-5c45d22a.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\grin.gif-64326387-4ae9be00.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\grin.gif-64326387-4ae9be00.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\hi.au-e45bf3b-1863f5ea.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\hi.au-e45bf3b-1863f5ea.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\img.class-6ff828c9-7f35a70f.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\img.class-6ff828c9-7f35a70f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\iscroll.class-285ffebb-3c6a92c0.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\iscroll.class-285ffebb-3c6a92c0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\iscroll.class-54dc9f88-53e4d63e.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\iscroll.class-54dc9f88-53e4d63e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\laugh.gif-5a967ac-22d0e1d7.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\laugh.gif-5a967ac-22d0e1d7.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\login37.gif-22dbb005-61eb174c.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\login37.gif-22dbb005-61eb174c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Logo-gry.gif-33200aa7-44deb8f0.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Logo-gry.gif-33200aa7-44deb8f0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\MACD.class-7c9ab17e-774a6d59.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\MACD.class-7c9ab17e-774a6d59.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\MLiveConnectAdapter.class-352eb11-67d1fc87.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\MLiveConnectAdapter.class-352eb11-67d1fc87.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxeheader.class-2a964d79-53ec82fd.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxeheader.class-2a964d79-53ec82fd.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxeheader.class-7e19acac-4ce41658.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxeheader.class-7e19acac-4ce41658.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxene.class-6328add6-4d5958f8.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxene.class-6328add6-4d5958f8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxene.class-fa54ea3-5513cfc3.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxene.class-fa54ea3-5513cfc3.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxepanel.class-2e2fe6ed-7346391c.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxepanel.class-2e2fe6ed-7346391c.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxepanel.class-5aac87ba-3ed429ef.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\navdeluxepanel.class-5aac87ba-3ed429ef.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\NB-Logo.gif-2b559e16-64947f89.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\NB-Logo.gif-2b559e16-64947f89.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\newsidebanner.gif-2a79fbb7-542e9a47.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\newsidebanner.gif-2a79fbb7-542e9a47.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\noway.au-6c9efc82-409752b1.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\noway.au-6c9efc82-409752b1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\opendr.au-20cded84-4296f57d.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\opendr.au-20cded84-4296f57d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\PFAge.class-589b0144-32ad553e.class
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\PFAge.class-589b0144-32ad553e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\r2-djv-bc-java-bottom.gif-2f364942-2cd8f47e.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\r2-djv-bc-java-bottom.gif-2f364942-2cd8f47e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\r2-djv-bc-java-middle.gif-62bdc3ac-1f45c699.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\r2-djv-bc-java-middle.gif-62bdc3ac-1f45c699.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\r2-djv-bc-java-top.gif-22ad7824-4b41d46b.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\r2-djv-bc-java-top.gif-22ad7824-4b41d46b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\sad.gif-54afa901-6b832c70.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\sad.gif-54afa901-6b832c70.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\smile.gif-7fa9b8b3-47c76530.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\smile.gif-7fa9b8b3-47c76530.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38.gif-262c3569-5a46a5de.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38.gif-262c3569-5a46a5de.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38.gif-4150b2ef-476dd059.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38.gif-4150b2ef-476dd059.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38.gif-677548ae-6210dad1.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38.gif-677548ae-6210dad1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-1bc0f923-3e7f60a0.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-1bc0f923-3e7f60a0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-295337e6-537678fe.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-295337e6-537678fe.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-32ea227-3ae5f418.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-32ea227-3ae5f418.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-680a24a1-5e91c142.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\speedsterskin38fs5.gif-680a24a1-5e91c142.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\surprised.gif-2db5dc6-68b452d3.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\surprised.gif-2db5dc6-68b452d3.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\symMap24_2095.gif-30ae9ff2-6d5582ab.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\symMap24_2095.gif-30ae9ff2-6d5582ab.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\symMap24_7100.gif-311b9e5b-4e37b132.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\symMap24_7100.gif-311b9e5b-4e37b132.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\symNTAND241.gif-79be6971-35f7ff6b.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\symNTAND241.gif-79be6971-35f7ff6b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\throat.au-78572eb8-3b8ced96.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\throat.au-78572eb8-3b8ced96.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ThugBait-Logo.gif-60e7dfcd-56ab71a4.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ThugBait-Logo.gif-60e7dfcd-56ab71a4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\wink.gif-e8b10c6-1d99f7ca.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\wink.gif-e8b10c6-1d99f7ca.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\yahoo.au-65dcb890-2d94a355.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\yahoo.au-65dcb890-2d94a355.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\yawn.gif-46a17496-747f2b2f.gif
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\yawn.gif-46a17496-747f2b2f.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\yell.au-220ce150-137e3da4.au
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\yell.au-220ce150-137e3da4.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\audioclipstream.zip-6e970de9-3ae22b42.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\audioclipstream.zip-6e970de9-3ae22b42.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\BubbleMenu.jar-ca91036-5773d461.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\BubbleMenu.jar-ca91036-5773d461.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cbe6cl.jar-4f3080d2-2e9e93d8.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cbe6cl.jar-4f3080d2-2e9e93d8.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\entajavaplan.jar-1191bfe6-1017262e.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\entajavaplan.jar-1191bfe6-1017262e.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-29d724f2-4e41ab86.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-29d724f2-4e41ab86.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\FreeScreener_x.jar-71c83f09-321110b5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\FreeScreener_x.jar-71c83f09-321110b5.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\gdc1267.jar-8f8664a-611d2fb5.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\gdc1267.jar-8f8664a-611d2fb5.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\gdc20.jar-4240a5e6-7d0b19b6.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\gdc20.jar-4240a5e6-7d0b19b6.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ifchat61.jar-3d88492d-1852918d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ifchat61.jar-3d88492d-1852918d.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\IpixViewer.jar-65a0da70-62fc8a57.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\IpixViewer.jar-65a0da70-62fc8a57.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\JavaCharter.jar-38be5f5-31005ca3.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\JavaCharter.jar-38be5f5-31005ca3.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\map24portal_blue_e_NTAND_EUROPE_en-UK.zip-722367b8-1743dfe9.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\map24portal_blue_e_NTAND_EUROPE_en-UK.zip-722367b8-1743dfe9.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\nRT.jar-76bb50d2-1fd91abf.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\nRT.jar-76bb50d2-1fd91abf.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-200566a9-53873f7d.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-200566a9-53873f7d.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-26b7dd35-7f527cee.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-26b7dd35-7f527cee.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-34ea196a-20ac3a32.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-34ea196a-20ac3a32.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-34ea1ad5-696f2422.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-34ea1ad5-696f2422.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-3b9c8ff6-4a8c727b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PPoll.jar-3b9c8ff6-4a8c727b.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-28fe215-368b554b.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-28fe215-368b554b.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-793fa6a-65e4bf49.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-793fa6a-65e4bf49.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-7bdd6b89-3c93d181.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-7bdd6b89-3c93d181.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-7bdd6cf4-755bd5c2.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-7bdd6cf4-755bd5c2.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-e4670f6-36aa2e24.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\PVis.jar-e4670f6-36aa2e24.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\rac_NTAND_EUROPE_en.zip-7262b069-1fbbc565.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\rac_NTAND_EUROPE_en.zip-7262b069-1fbbc565.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\SIRtext.jar-10400c5e-11921f35.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\SIRtext.jar-10400c5e-11921f35.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\SIRtext.jar-63c36b91-51b2d9d1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\SIRtext.jar-63c36b91-51b2d9d1.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\TFLTicker.jar-6d915731-2b773a19.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\TFLTicker.jar-6d915731-2b773a19.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcne5p9.jar-24890c2a-38a72440.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcne5p9.jar-24890c2a-38a72440.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcne5p9.jar-4aada1e9-7e02ec97.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcne5p9.jar-4aada1e9-7e02ec97.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcne5p9.jar-9648ea4-6eb4a476.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcne5p9.jar-9648ea4-6eb4a476.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-28cfc5b7-5fea6b06.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-28cfc5b7-5fea6b06.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-43f4433d-1edc9b07.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-43f4433d-1edc9b07.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-5c869a39-29c3cbe0.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-5c869a39-29c3cbe0.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-6a18d8fc-31629628.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\wcnefs5p9.jar-6a18d8fc-31629628.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\Windowing.jar-21aa6ee-2c0befb1.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\Windowing.jar-21aa6ee-2c0befb1.zip
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\yahoo_xs_TAAND_EUROPE_en.zip-d690dfd-4a5b0264.idx
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\yahoo_xs_TAAND_EUROPE_en.zip-d690dfd-4a5b0264.zip
C:\Documents and Settings\Administrator\Desktop\eurovox software.exe
C:\Program Files\Alwil Software\Avast4\DATA\moved\jtafoksn.dll.vir . . . . failed to delete
C:\Program Files\Alwil Software\Avast4\DATA\moved\xtrlwxcn.dll.vir . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-04-13 to 2008-05-13 )))))))))))))))))))))))))))))))
.

2008-05-12 15:42 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-12 13:35 . 2008-05-12 13:35 759 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-05-12 13:09 . 2008-05-12 13:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-12 13:08 . 2008-05-12 13:08 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-12 12:48 . 2008-03-01 14:06 6,066,176 --------- C:\WINDOWS\system32\DllCache\ieframe.dll
2008-05-12 12:48 . 2007-04-17 10:32 2,455,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dat
2008-05-12 12:48 . 2007-03-08 06:10 991,232 --------- C:\WINDOWS\system32\DllCache\ieframe.dll.mui
2008-05-12 12:48 . 2008-03-01 14:06 459,264 --------- C:\WINDOWS\system32\DllCache\msfeeds.dll
2008-05-12 12:48 . 2008-03-01 14:06 383,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dll
2008-05-12 12:48 . 2008-03-01 14:06 267,776 --------- C:\WINDOWS\system32\DllCache\iertutil.dll
2008-05-12 12:48 . 2008-03-01 14:06 63,488 --------- C:\WINDOWS\system32\DllCache\icardie.dll
2008-05-12 12:48 . 2008-03-01 14:06 52,224 --------- C:\WINDOWS\system32\DllCache\msfeedsbs.dll
2008-05-12 12:48 . 2008-02-22 11:00 13,824 --------- C:\WINDOWS\system32\DllCache\ieudinit.exe
2008-05-12 12:47 . 2007-08-13 18:54 33,792 --a------ C:\WINDOWS\system32\DllCache\custsat.dll
2008-05-11 12:55 . 2008-05-11 12:55 <DIR> d--hs---- C:\FOUND.000
2008-05-10 10:04 . 2008-05-10 10:04 <DIR> d-------- C:\printer
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Program Files\PC Drivers HeadQuarters
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-05-08 15:19 . 2008-05-08 15:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Program Files\Brother
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Brother
2008-05-07 08:15 . 2004-12-03 01:26 188,416 --------- C:\WINDOWS\system32\PDRVINST.DLL
2008-05-07 08:15 . 2005-04-08 01:01 122,880 --------- C:\WINDOWS\system32\BrfxD05a.dll
2008-05-07 08:15 . 2002-10-31 01:09 81,920 --------- C:\WINDOWS\system32\BrWebIns.dll
2008-05-07 08:15 . 2003-07-03 01:08 65,536 --------- C:\WINDOWS\system32\BRWEBUP.EXE
2008-05-07 08:15 . 2001-11-15 01:00 6,224 --------- C:\WINDOWS\CVRPAGE.BMP
2008-05-07 08:15 . 2003-11-28 18:57 0 --------- C:\WINDOWS\brdfxspd.dat
2008-05-06 22:06 . 2008-05-12 21:04 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-06 22:06 . 2008-05-06 22:06 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-04 11:04 . 2007-07-09 14:09 584,192 --------- C:\WINDOWS\system32\DllCache\rpcrt4.dll
2008-05-03 17:22 . 2008-05-03 17:22 <DIR> d-------- C:\Program Files\Alwil Software
2008-05-03 12:46 . 2008-05-03 12:46 <DIR> d-------- C:\8f93310bbecffc52bbf2ae251ecb5a25
2008-05-03 12:37 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-03 12:35 . 2008-05-03 12:35 <DIR> d-------- C:\15e22707b0a164cc76175b22cc5d
2008-05-03 10:50 . 2008-05-03 10:50 <DIR> d-------- C:\7ea8b241a65fa63ddd3fb08d1dec16
2008-05-02 20:09 . 2008-05-02 20:09 <DIR> d-------- C:\WCH.CN
2008-05-02 20:09 . 2006-10-25 00:00 36,080 --a------ C:\WINDOWS\system32\drivers\CH341SER.SYS
2008-05-02 20:09 . 2005-07-30 00:00 6,712 --a------ C:\WINDOWS\system32\CH341PT.DLL
2008-05-02 11:31 . 2008-05-02 11:36 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\Program Files\Zone Labs
2008-05-02 11:28 . 2008-05-13 09:46 31,767 --ah----- C:\WINDOWS\system32\vsconfig.xml
2008-05-02 11:25 . 2008-05-02 11:26 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-05-01 11:26 . 2008-05-05 11:27 109,738 --a------ C:\WINDOWS\BMaf1a58b6.xml
2008-04-17 15:17 . 2008-04-17 15:17 <DIR> d-------- C:\Program Files\iPod
2008-04-16 20:24 . 2003-07-16 14:27 43,264 --------- C:\WINDOWS\system32\drivers\ser2pl.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-17 05:44 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\DllCache\win32k.sys
2008-03-01 17:36 3,591,680 ------w C:\WINDOWS\system32\DllCache\mshtml.dll
2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\DllCache\ie4uinit.exe
2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\DllCache\iexplore.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\DllCache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\DllCache\dnsrslvr.dll
2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\DllCache\dnsapi.dll
2008-02-16 08:59 474,112 ------w C:\WINDOWS\system32\DllCache\shlwapi.dll
2008-02-16 08:59 151,040 ------w C:\WINDOWS\system32\DllCache\cdfview.dll
2008-02-16 08:59 1,494,528 ------w C:\WINDOWS\system32\DllCache\shdocvw.dll
2008-02-16 08:59 1,054,208 ------w C:\WINDOWS\system32\DllCache\danim.dll
2008-02-16 08:59 1,023,488 ------w C:\WINDOWS\system32\DllCache\browseui.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\DllCache\ieakui.dll
2004-12-18 23:38 260 ----a-w C:\Program Files\slot.dat
.

((((((((((((((((((((((((((((( snapshot_2008-05-12_21.13.07.09 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-12 19:55:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-13 08:43:04 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-04-25 13:06:40 65,536 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\PM_Designer.exe
+ 2008-05-12 20:12:30 65,536 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\PM_Designer.exe
- 2007-04-25 13:06:40 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
+ 2008-05-12 20:12:26 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
- 2007-04-25 13:06:40 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat_Standard.exe
+ 2008-05-12 20:12:30 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat_Standard.exe
- 2007-04-25 13:06:40 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Distiller.exe
+ 2008-05-12 20:12:30 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Distiller.exe
- 2007-04-25 13:06:40 7,278 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_ELEMENTS_DT.exe
+ 2008-05-12 20:12:30 7,278 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_ELEMENTS_DT.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Voipwise"="C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" [2007-09-06 11:24 7394608]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"InternetCalls"="C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" [2007-04-18 15:49 7116352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 10:44 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2005-08-29 19:09 980736]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-10-11 19:23 185784]
"SoundMan"="SOUNDMAN.EXE" [2005-03-24 20:20 77824 C:\WINDOWS\SOUNDMAN.EXE]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01 32768]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2005-04-28 09:43 544768]
"KTPWare"="C:\Program Files\Elantech\ktp.exe" [2005-01-29 04:14 253952]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 10:44 208952]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-01-22 16:08 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-01-22 16:07 126976]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 10:44 110592 C:\WINDOWS\system32\bthprops.cpl]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2003-01-21 15:19 40960]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12 483328]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 10:44 15360]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-05-07 08:17:05 802816]
QuickTV6.lnk - C:\Program Files\AVerTV 6.0\AVerQT.exe [2005-11-07 11:36:24 512000]
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-03-08 16:28:29 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^BEE Service.lnk]
backup=C:\WINDOWS\pss\BEE Service.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DataViz Inc Messenger.lnk]
backup=C:\WINDOWS\pss\DataViz Inc Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\Administrator\\Program Files\\BitTorrent_DNA\\dna.exe"=
"C:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7890:TCP"= 7890:TCP:eMule

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 18:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 18:35]
R3 Ktp;Elantech Touchpad;C:\WINDOWS\system32\DRIVERS\Ktp.sys [2005-04-20 09:24]
S3 avera800;AVerMedia DVB-T BDA Video Capture(A800);C:\WINDOWS\system32\Drivers\avera800.sys [2005-09-20 12:47]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
S3 DSCVc;Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 17:31]
S3 Smc1046;EZ Connect USB to Dual Speed Ethernet Converter;C:\WINDOWS\system32\DRIVERS\SMCUSB.sys [2002-06-21 16:36]
S3 ZSMC302;V-Gear TalkCam 1.1;C:\WINDOWS\system32\Drivers\usbvm302.sys [2004-03-19 17:11]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 15:39:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-13 09:48:00
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-05-13 9:59:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-13 08:58:44
ComboFix3.txt 2008-05-11 15:41:40
ComboFix2.txt 2008-05-12 20:15:24

Pre-Run: 7,711,604,736 bytes free
Post-Run: 7,694,860,288 bytes free

923 --- E O F --- 2008-05-13 08:16:26


Thank you
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am

Re: very slow many problems including printer driver fault

Unread postby Katana » May 13th, 2008, 4:23 pm

Do you have the Active scan log ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: very slow many problems including printer driver fault

Unread postby tropics » May 13th, 2008, 6:36 pm

hi
Unfortunately the active scan is not loading on my machine for some reason it start dowloading and stop at 94% in both browsers mozilla and explorer, of course my antivurus and firewall are off and activex add on is enabled for pandasecurity but not getting lucky with this.

any other scan I can do
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am

Re: very slow many problems including printer driver fault

Unread postby Katana » May 14th, 2008, 6:16 am

Let's try a different one then :)

Eset NOD32 Online AntiVirus

Run Eset NOD32 Online AntiVirus
http://www.eset.eu/online-scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Disable your current Antivirus software. You can usually do this with its Notfication Tray icon near the clock.
  • Click Start
  • Make sure that the option "Remove found threats" is Un-checked, and the option "Scan unwanted applications" is checked
  • Click Scan
  • Wait for the scan to finish
  • Re-enable your Anvirisus software.
  • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: very slow many problems including printer driver fault

Unread postby tropics » May 14th, 2008, 3:23 pm

hi
Well something interesting happened today I like to report. I browsed into each service my pc is running trying to find RPC and driver related entry, well this is the second time that I find in the log on Tab, where it gives a double choice one is local host the second is other user, the latter was ticked with a name I forgot to note but it began with capital NS then was a series of letters and carachters, then it had encrypted password. Well NS made me think of National Security !!! well I guess that is the hijacker of my machine, I was able to tick automaticatic when I changed back the user to local host. Reinstalled my printer driver and bingo the printer is spits out documents again.

Anyway back to the topic, my machine is getting slower everyday and I guess softwares have been mutated so that they suck memory and CPU power unnecessarely.
I also emember now that there is a file that has been downloading automatically on my pc every few weeks by the name of 54_file.pdf, sometime if I am in front of my pc screen I stop it from downloading, otherwise I find it on my desktop, I have executed an Avast scan on it but nothing seem to be in it, however I just thought I mention it.

Thanks for your help and patience, this is the log

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3099 (20080514)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=d26f84de85d2fa4497ab14fe1a593bd9
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2008-05-14 06:34:09
# local_time=2008-05-14 07:34:09 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=5.1.2600 NT Service Pack 2
# scanned=345839
# found=12
# scan_time=14441
C:\Program Files\Mozilla Firefox\readme.bat probably a variant of Win32/Agent trojan E46306598C5F687B8AFE6A7F5D153792
C:\Program Files\MalwareAlarm\Uninstall.exe Win32/Adware.SpySheriff application 5974E3839D8C7A3DD07CEBDCC6A3BEF2
C:\System Volume Information\_restore{76413C72-39CA-4B29-B37D-D3A38E6E9974}\RP18\A0001475.exe multiple infiltrations 31EC0EDD071170EF7669552AC34628AC
C:\System Volume Information\_restore{76413C72-39CA-4B29-B37D-D3A38E6E9974}\RP18\A0001475.exe ?RAR ?crack.exe Win32/Adware.Virtumonde application 00000000000000000000000000000000
C:\System Volume Information\_restore{76413C72-39CA-4B29-B37D-D3A38E6E9974}\RP18\A0001475.exe ?RAR ?keygen.exe Win32/TrojanDownloader.Small.IWH trojan 00000000000000000000000000000000
C:\System Volume Information\_restore{76413C72-39CA-4B29-B37D-D3A38E6E9974}\RP18\A0001475.exe ?RAR ?serial.exe a variant of Win32/TrojanDownloader.Small.IAW trojan 00000000000000000000000000000000
C:\System Volume Information\_restore{76413C72-39CA-4B29-B37D-D3A38E6E9974}\RP18\A0001475.exe ?RAR ?readme.bat probably a variant of Win32/Agent trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Administrator\Desktop\eurovox software.exe.vir multiple infiltrations 31EC0EDD071170EF7669552AC34628AC
C:\QooBox\Quarantine\C\Documents and Settings\Administrator\Desktop\eurovox software.exe.vir ?RAR ?crack.exe Win32/Adware.Virtumonde application 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Administrator\Desktop\eurovox software.exe.vir ?RAR ?keygen.exe Win32/TrojanDownloader.Small.IWH trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Administrator\Desktop\eurovox software.exe.vir ?RAR ?serial.exe a variant of Win32/TrojanDownloader.Small.IAW trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Administrator\Desktop\eurovox software.exe.vir ?RAR ?readme.bat probably a variant of Win32/Agent trojan 00000000000000000000000000000000

thanks
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am

Re: very slow many problems including printer driver fault

Unread postby Katana » May 14th, 2008, 4:28 pm

There is nothing in your log to suggest a remote hijacker, why do you suspect one ?
I have not come across 54_file.pdf, if it happens again let me know.
We will look at speeding up the machine after this.



Create A Batch File
Please copy (Ctrl+C) and paste (Ctrl+V) the following text in the quote to Notepad.
Save it as "All Files" and name it look.bat Please save it on your desktop.

@echo off
if exist C:\kresults.txt del /q C:\kresults.txt
type C:\Program Files\Mozilla Firefox\readme.bat >> C:\kresults.txt
start notepad C:\kresults.txt
del /q %0
exit

Double click on look.bat
Please be patient, as this will search the entire disc

Notepad will open, please copy/paste the results here.



Custom CFScript
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: Select all
    
    File::
    C:\Program Files\Mozilla Firefox\readme.bat
    Folder::
    C:\Program Files\MalwareAlarm
    

  • Save this as CFScript.txt and place it on your desktop.


    Image


  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: very slow many problems including printer driver fault

Unread postby tropics » May 14th, 2008, 5:18 pm

hi

in the batch file on notepad which encoding I have to use in save as?
I tried with the ANSI but if I do that when I double click on the file notepad result notepad window opens with nothing in it named results, so not sure if I have done it correctly and simply I have to wait.

Thanks
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am

Re: very slow many problems including printer driver fault

Unread postby Katana » May 14th, 2008, 5:40 pm

Lets see if we can open it a different way

Click Start >> Run
Copy/ paste the following into the open Run box

notepad C:\Program Files\Mozilla Firefox\readme.bat

Now click enter

If that doesn't work then just follow the ComboFix instructions
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: very slow many problems including printer driver fault

Unread postby tropics » May 15th, 2008, 9:37 am

hi
unfurtunatly I was not successful with the bat file.

here is the combo fix log

great.thanks.

ComboFix 08-05-09.1 - Administrator 2008-05-15 13:53:27.4 - FAT32x86
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt

FILE ::
C:\Program Files\Mozilla Firefox\readme.bat
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\MalwareAlarm
C:\Program Files\MalwareAlarm\MalwareAlarm.lic
C:\Program Files\MalwareAlarm\Uninstall.exe
C:\Program Files\Mozilla Firefox\readme.bat

.
((((((((((((((((((((((((( Files Created from 2008-04-15 to 2008-05-15 )))))))))))))))))))))))))))))))
.

2008-05-14 15:30 . 2008-05-14 15:30 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-05-14 14:40 . 2004-12-03 01:26 188,416 --------- C:\WINDOWS\system32\PDRVINST.DLL
2008-05-14 14:40 . 2005-04-08 01:01 122,880 --------- C:\WINDOWS\system32\BrfxD05a.dll
2008-05-14 14:40 . 2002-10-31 01:09 81,920 --------- C:\WINDOWS\system32\BrWebIns.dll
2008-05-14 14:40 . 2003-07-03 01:08 65,536 --------- C:\WINDOWS\system32\BRWEBUP.EXE
2008-05-14 14:40 . 2001-11-15 01:00 6,224 --------- C:\WINDOWS\CVRPAGE.BMP
2008-05-14 14:40 . 2003-11-28 18:57 0 --------- C:\WINDOWS\brdfxspd.dat
2008-05-14 10:58 . 2008-05-14 10:58 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Uniblue
2008-05-14 10:36 . 2008-05-14 10:36 <DIR> d-------- C:\Program Files\Uniblue
2008-05-14 09:47 . 2008-05-14 09:47 <DIR> d-------- C:\VundoFix Backups
2008-05-13 23:11 . 2008-05-13 23:11 <DIR> d-------- C:\43e2edef75aae7f66e51deda
2008-05-13 22:26 . 2008-05-13 22:26 <DIR> d-------- C:\Program Files\Panda Security
2008-05-12 15:42 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-12 13:09 . 2008-05-12 13:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-12 13:08 . 2008-05-12 13:08 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-12 12:48 . 2008-03-01 14:06 6,066,176 --------- C:\WINDOWS\system32\DllCache\ieframe.dll
2008-05-12 12:48 . 2007-04-17 10:32 2,455,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dat
2008-05-12 12:48 . 2007-03-08 06:10 991,232 --------- C:\WINDOWS\system32\DllCache\ieframe.dll.mui
2008-05-12 12:48 . 2008-03-01 14:06 459,264 --------- C:\WINDOWS\system32\DllCache\msfeeds.dll
2008-05-12 12:48 . 2008-03-01 14:06 383,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dll
2008-05-12 12:48 . 2008-03-01 14:06 267,776 --------- C:\WINDOWS\system32\DllCache\iertutil.dll
2008-05-12 12:48 . 2008-03-01 14:06 63,488 --------- C:\WINDOWS\system32\DllCache\icardie.dll
2008-05-12 12:48 . 2008-03-01 14:06 52,224 --------- C:\WINDOWS\system32\DllCache\msfeedsbs.dll
2008-05-12 12:48 . 2008-02-22 11:00 13,824 --------- C:\WINDOWS\system32\DllCache\ieudinit.exe
2008-05-12 12:47 . 2007-08-13 18:54 33,792 --a------ C:\WINDOWS\system32\DllCache\custsat.dll
2008-05-11 12:55 . 2008-05-11 12:55 <DIR> d--hs---- C:\FOUND.000
2008-05-10 10:04 . 2008-05-10 10:04 <DIR> d-------- C:\printer
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Program Files\PC Drivers HeadQuarters
2008-05-08 16:37 . 2008-05-08 16:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-05-08 15:19 . 2008-05-08 15:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Program Files\Brother
2008-05-07 08:15 . 2008-05-07 08:15 <DIR> d-------- C:\Brother
2008-05-06 22:06 . 2008-05-13 23:47 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-06 22:06 . 2008-05-06 22:06 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-04 11:04 . 2007-07-09 14:09 584,192 --------- C:\WINDOWS\system32\DllCache\rpcrt4.dll
2008-05-03 17:22 . 2008-05-03 17:22 <DIR> d-------- C:\Program Files\Alwil Software
2008-05-03 12:46 . 2008-05-03 12:46 <DIR> d-------- C:\8f93310bbecffc52bbf2ae251ecb5a25
2008-05-03 12:37 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-03 12:35 . 2008-05-03 12:35 <DIR> d-------- C:\15e22707b0a164cc76175b22cc5d
2008-05-03 10:50 . 2008-05-03 10:50 <DIR> d-------- C:\7ea8b241a65fa63ddd3fb08d1dec16
2008-05-02 20:09 . 2008-05-02 20:09 <DIR> d-------- C:\WCH.CN
2008-05-02 20:09 . 2006-10-25 00:00 36,080 --a------ C:\WINDOWS\system32\drivers\CH341SER.SYS
2008-05-02 20:09 . 2005-07-30 00:00 6,712 --a------ C:\WINDOWS\system32\CH341PT.DLL
2008-05-02 11:31 . 2008-05-02 11:36 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-05-02 11:28 . 2008-05-02 11:28 <DIR> d-------- C:\Program Files\Zone Labs
2008-05-02 11:28 . 2008-05-15 14:08 31,767 --ah----- C:\WINDOWS\system32\vsconfig.xml
2008-05-02 11:25 . 2008-05-02 11:26 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-05-01 11:26 . 2008-05-05 11:27 109,738 --a------ C:\WINDOWS\BMaf1a58b6.xml
2008-04-17 15:17 . 2008-04-17 15:17 <DIR> d-------- C:\Program Files\iPod
2008-04-16 20:24 . 2003-07-16 14:27 43,264 --------- C:\WINDOWS\system32\drivers\ser2pl.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-17 05:44 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2004-12-18 23:38 260 ----a-w C:\Program Files\slot.dat
.

((((((((((((((((((((((((((((( snapshot_2008-05-12_21.13.07.09 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-12 19:55:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-15 13:05:14 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-04-25 13:06:40 65,536 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\PM_Designer.exe
+ 2008-05-14 11:12:38 65,536 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\PM_Designer.exe
- 2007-04-25 13:06:40 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
+ 2008-05-14 11:12:36 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
- 2007-04-25 13:06:40 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat_Standard.exe
+ 2008-05-14 11:12:38 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat_Standard.exe
- 2007-04-25 13:06:40 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Distiller.exe
+ 2008-05-14 11:12:40 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Distiller.exe
- 2007-04-25 13:06:40 7,278 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_ELEMENTS_DT.exe
+ 2008-05-14 11:12:38 7,278 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_ELEMENTS_DT.exe
- 2008-05-12 12:59:40 3,267 ----a-w C:\WINDOWS\mozver.dat
+ 2008-05-13 21:27:16 4,635 ----a-w C:\WINDOWS\mozver.dat
+ 2007-07-27 14:49:02 196,683 ----a-w C:\WINDOWS\system32\lnod32apiA.dll
+ 2007-07-27 14:49:02 225,355 ----a-w C:\WINDOWS\system32\lnod32apiW.dll
+ 2005-12-05 19:25:22 139,264 ----a-w C:\WINDOWS\system32\lnod32umc.dll
+ 2005-12-05 12:37:10 106,496 ----a-w C:\WINDOWS\system32\lnod32upd.dll
+ 2007-08-02 17:11:28 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll
+ 2007-08-02 17:11:14 241,664 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll
+ 2007-08-06 12:17:40 19,456 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
+ 2007-06-13 10:10:34 77,824 ----a-w C:\WINDOWS\system32\OnlineScannerUninstaller.exe
- 2004-12-14 01:08:34 14,336 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\AD2KREGP.DLL
+ 2005-09-23 20:28:06 14,848 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\AD2KREGP.DLL
- 2004-12-14 01:07:02 143,360 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\AD2KUIGP.DLL
+ 2005-09-23 20:27:54 143,360 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\AD2KUIGP.DLL
- 2004-12-14 01:08:34 14,336 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\ad2kregp.dll
+ 2005-09-23 20:28:06 14,848 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\ad2kregp.dll
- 2004-12-14 01:07:02 143,360 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\ad2kuigp.dll
+ 2005-09-23 20:27:54 143,360 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\ad2kuigp.dll
+ 2004-12-07 10:11:34 258,352 ----a-w C:\WINDOWS\system32\unicows.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"Uniblue SpeedUpMyPC"="C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe" [2008-04-02 09:50 9442584]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 10:44 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2005-08-29 19:09 980736]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-10-11 19:23 185784]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01 32768]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 10:44 455168]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2005-04-28 09:43 544768]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 10:44 208952]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-01-22 16:08 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-01-22 16:07 126976]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2003-01-21 15:19 40960]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 02:08 483328]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 10:44 15360]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-03-08 16:28:29 25214]
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-05-14 14:42:15 802816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^BEE Service.lnk]
backup=C:\WINDOWS\pss\BEE Service.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DataViz Inc Messenger.lnk]
backup=C:\WINDOWS\pss\DataViz Inc Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\Administrator\\Program Files\\BitTorrent_DNA\\dna.exe"=
"C:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7890:TCP"= 7890:TCP:eMule

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 18:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 18:35]
R3 Ktp;Elantech Touchpad;C:\WINDOWS\system32\DRIVERS\Ktp.sys [2005-04-20 09:24]
S3 avera800;AVerMedia DVB-T BDA Video Capture(A800);C:\WINDOWS\system32\Drivers\avera800.sys [2005-09-20 12:47]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
S3 DSCVc;Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 17:31]
S3 Smc1046;EZ Connect USB to Dual Speed Ethernet Converter;C:\WINDOWS\system32\DRIVERS\SMCUSB.sys [2002-06-21 16:36]
S3 ZSMC302;V-Gear TalkCam 1.1;C:\WINDOWS\system32\Drivers\usbvm302.sys [2004-03-19 17:11]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 15:39:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-14 10:09:54 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-05-15 13:14:24 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-15 14:08:41
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Completion time: 2008-05-15 14:21:51 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-15 13:21:20
ComboFix4.txt 2008-05-11 15:41:40
ComboFix3.txt 2008-05-12 20:15:24
ComboFix2.txt 2008-05-13 08:59:18

Pre-Run: 6,771,539,968 bytes free
Post-Run: 6,780,977,152 bytes free

227 --- E O F --- 2008-05-13 08:16:26
tropics
Active Member
 
Posts: 11
Joined: May 8th, 2008, 10:37 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 32 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware