• Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

  • Due to the complexity and risks involved our formally trained malware staff will be the only ones allowed to help with malware removal advice. Thank you.

A little too late for me :(

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
[2010/02/19 19:37:37 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/19 16:09:26 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Marian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/19 14:57:04 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Marvell Libertas Client Configuration Manager.lnk
[2010/02/19 14:51:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/02/19 14:43:15 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/02/19 14:43:15 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2010/02/19 14:43:12 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2010/02/19 14:43:12 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/02/19 14:43:12 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/02/19 14:43:12 | 000,069,112 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/02/19 14:43:11 | 000,180,720 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/02/19 14:43:11 | 000,015,079 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2010/02/19 14:43:11 | 000,007,167 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2010/02/19 14:27:55 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Marian\ntuser.ini
[2010/02/19 14:27:53 | 001,310,720 | -H-- | C] () -- C:\Documents and Settings\Marian\NTUSER.DAT
[2010/02/19 14:26:36 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/02/19 14:25:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/02/19 14:25:34 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/02/19 14:24:45 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/02/19 14:24:45 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/02/19 14:24:20 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/02/19 14:23:55 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/02/19 14:23:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/02/19 14:23:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/02/19 14:23:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/02/19 14:23:38 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/02/19 14:23:38 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/02/19 14:23:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/02/19 14:23:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/02/19 14:23:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/02/19 14:23:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/02/19 14:23:37 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/02/19 14:23:37 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/02/19 14:23:37 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/02/19 14:23:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/02/19 14:23:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/02/19 14:23:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/02/19 14:23:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/02/19 14:23:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/02/19 14:23:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/02/19 14:23:35 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
[2010/02/19 14:23:35 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/02/19 14:23:35 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/02/19 14:23:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/02/19 14:23:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/02/19 14:23:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/02/19 14:23:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/02/19 14:23:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/02/19 14:23:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/02/19 14:23:34 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/02/19 14:23:34 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/02/19 14:23:34 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/02/19 14:23:34 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/02/19 14:23:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/02/19 14:23:32 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/02/19 14:23:32 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/02/19 14:23:32 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/02/19 14:23:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/02/19 14:23:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/02/19 14:23:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/02/19 14:23:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/02/19 14:23:31 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/02/19 14:23:31 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/02/19 14:23:30 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/02/19 14:22:35 | 000,002,626 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/02/19 14:22:35 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/02/19 14:22:35 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/02/19 14:22:35 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/02/19 14:22:35 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/02/19 14:22:25 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/02/19 14:22:25 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/02/19 14:22:24 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/02/19 14:21:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/02/19 14:21:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/02/19 14:21:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/02/19 14:21:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/02/19 14:21:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/02/19 14:21:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/02/19 14:21:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
[2010/02/19 14:21:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/02/19 14:20:45 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/02/19 14:20:09 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/02/19 14:20:09 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/02/19 14:20:03 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/02/19 14:19:49 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/02/19 14:19:33 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/02/19 14:18:42 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/02/19 14:17:40 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/02/19 14:17:40 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/02/19 14:17:40 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/02/19 14:17:40 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/02/19 14:17:40 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/02/19 14:17:40 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/02/19 14:17:39 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/02/19 14:17:39 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/02/19 14:17:39 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/02/19 14:17:39 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/02/19 14:17:39 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/02/19 14:17:39 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/02/19 14:17:39 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/02/19 14:17:39 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/02/19 14:17:38 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/02/19 14:17:38 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/02/19 14:17:38 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/02/19 14:17:38 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/02/19 14:17:38 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/02/19 14:17:36 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/02/19 14:17:35 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/02/19 14:17:34 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/02/19 14:17:27 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/02/19 14:07:50 | 000,004,382 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/02/19 14:07:42 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/02/19 14:07:42 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/02/19 14:07:41 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/02/19 14:07:40 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/02/19 14:07:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/02/19 14:07:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/02/19 14:07:37 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/02/19 14:07:37 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/02/19 14:07:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/02/19 14:07:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/02/19 14:07:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/02/19 14:07:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/02/19 14:07:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/02/19 14:07:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/02/19 14:07:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/02/19 14:07:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/02/19 14:07:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/02/19 14:07:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/02/19 14:07:33 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/02/19 14:07:33 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/02/19 14:07:33 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/02/19 14:07:33 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/02/19 14:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/02/19 14:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/02/19 14:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/02/19 14:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/02/19 14:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/02/19 14:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/02/19 14:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/02/19 14:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/02/19 14:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/02/19 14:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/02/19 14:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/02/19 14:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/02/19 14:07:29 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/02/19 14:07:29 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/02/19 14:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/02/19 14:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/02/19 14:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/02/19 14:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/02/19 14:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/02/19 14:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/02/19 14:07:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/02/19 14:07:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/02/19 14:07:24 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/02/19 14:07:09 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/02/19 14:07:09 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/02/19 14:07:09 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/02/19 14:07:09 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/02/19 14:07:09 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/02/19 14:07:09 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/02/19 14:07:09 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/02/19 14:07:09 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/02/19 14:07:09 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/02/19 14:07:09 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/02/19 14:07:09 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/02/19 14:07:09 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
[2010/02/19 14:07:09 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/02/19 14:07:09 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/02/19 14:07:09 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/02/19 14:07:09 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/02/19 14:07:08 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/02/19 14:07:08 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/02/19 14:07:08 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/02/19 14:06:17 | 000,263,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/19 14:05:31 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/02/19 14:05:26 | 000,000,508 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2004/08/04 12:00:00 | 000,163,032 | RHS- | C] () -- C:\WINDOWS\System32\vqmyp.dll
[2004/08/04 12:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
< End of report >
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
Fingers Crossed

Hopefully, this time I have done it right? I know that I keep saying sorry, but I really am and I am sorry that I have made SO much work for you :eek: THANK YOU FOR BEING SO KIND & PATIENT :) Starbuck.
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Twiceshy

Hopefully, this time I have done it right?
yep, all ok.
Well done.
I know that I keep saying sorry, but I really am and I am sorry that I have made SO much work for you
It's fine, just give me awhile to put the reports in order and then i'll go through them.
A quick look doesn't seem to be any bad.... but some tidying up to do.
I'll get back to you later.
Go and have a drink and put your feet up for awhile.
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Twiceshy

I see what you mean about having no software on the system.
What did you have on it before?

By doing a reinstall, all the programs you previously had would have needed to be reinstalled as well.

We'll just tidy up some loose ends and then we'll see about getting you 'Service Pack3'.
The error logs show you may have been struggling to get the updates... is this correct?

Step 1
Double click on OTL.exe to run it.
Copy the lines in the codebox below. (make sure you include the first lot of : )
Code:
:otl
O4 - HKLM..\Run: [] File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{e5011400-1d70-11df-9296-0016ec651d97}\Shell - "" = AutoRun
O33 - MountPoints2\{e5011400-1d70-11df-9296-0016ec651d97}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fde72bc8-1d64-11df-9290-0016ec651d97}\Shell - "" = AutoRun
O33 - MountPoints2\{fde72bc8-1d64-11df-9290-0016ec651d97}\Shell\AutoRun - "" = Auto&Play
[2010/02/19 16:09:26 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Marian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:commands
[emptytemp]
[purity]
  • Return to OTL,
  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

  • Click the red Run Fix button.

  • OTL will reboot your system once the fix has completed.
  • After the reboot, you may need to double click OTL to launch the program and retrieve the log.


Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

Let me have this report before going on to the next step.
If you continue straight to the next step, you may lose the OTL report that comes up after the fix.

Step 2
To check for updates on Windows Update, follow these steps:
Use Internet Explorer to get your updates;

1. Visit the following Microsoft Web site:

Microsoft Windows Update

2. Click Express (Recommended).
3. If your computer is up to date, Windows XP SP3 will be one of the updates that is automatically selected. Click Install. If your computer is not up to date, Windows Update will offer some other updates that you have to install first. Install those, and then repeat steps 1 and 2 to obtain Windows XP SP3.
4. For Windows XP SP3, review and accept the Microsoft Software License Terms.

Windows XP SP3 will be downloaded to your computer, and the Windows XP Service Pack 3 Setup Wizard will help you install it.

If you have problems obtaining the service pack from Windows Update, you can download the stand-alone update package from the Download Center. This page will say that this installation package is intended for IT professionals and developers. However, you can safely download this file. The following file is available for download from the Microsoft Download Center:

Download details: Windows XP Service Pack 3 Network Installation Package for IT Professionals and Developers

Let me know how it goes.
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
OTL REPORT - As requested

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5011400-1d70-11df-9296-0016ec651d97}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5011400-1d70-11df-9296-0016ec651d97}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5011400-1d70-11df-9296-0016ec651d97}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5011400-1d70-11df-9296-0016ec651d97}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fde72bc8-1d64-11df-9290-0016ec651d97}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fde72bc8-1d64-11df-9290-0016ec651d97}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fde72bc8-1d64-11df-9290-0016ec651d97}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fde72bc8-1d64-11df-9290-0016ec651d97}\ not found.
C:\Documents and Settings\Marian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 3756682 bytes

User: Marian
->Temp folder emptied: 22603037 bytes
->Temporary Internet Files folder emptied: 68072028 bytes
->Google Chrome cache emptied: 24651607 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2142714 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4812 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 316948 bytes

Total Files Cleaned = 116.00 mb


OTL by OldTimer - Version 3.1.30.1 log created on 02222010_212642

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Nice one :cool:

Let me know how the 'Service Pack 3' download goes.

Btw: if you use the manual download method, make sure you turn off your Anti Virus before installing it.
It'll save any conflicts.
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
Unable to Proceed to STEP 2.

Starbuck, unfortunately I cannot proceed to Step 2.

When I try to do so I receive DNS ERROR - CANNOT FIND SERVER ...Oops! This link appears to be broken. I tried Googling MICROSOFT WINDOWS UPDATE but the same error message appeared.

I was offered a Google cache of hhtp://www.microsoft.com ....and the following message appeared - It is a snapshot of the pages as it appeared on 22nd Feb 2010 16:04:09 GMT

Please could you advise what I should do :(
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Does this only happen with the windows update site?
Did you try clicking on the manual download link?
do you get the same there?
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Try this:

Click Start...Run... Type in (or copy and paste) ipconfig /flushdns then click the 'enter' key.(if typing in, don't forget there's a space between the 'g' and the '/' ) You'll get a confirmation that the flush was successful.

Then:

Click on Start >>> Control Panel, select the 'Network and Internet Connections' category or double click on Network Connections, depending on which View you are using. Then right click on your default connection, usually 'local area connection' for cable and dsl, and left click on properties. Double-click on the 'Internet Protocol' (TCP/IP) item. Write down the settings in case you should need to change them back. Select the radio dial that says 'Obtain DNS servers automatically'.
Press OK twice to get out of the properties screen and reboot if it asks. If it does not prompt you to reboot go ahead and reboot manually.
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
Have tried to do as you advised but when trying to go onto MICROSOFT WINDOWS UPDATE link, the same thing happened - DNS ERROR. I even tried typing it manually and the same thing happened.

( May I also say that when I carried out the reboot, even though it showed I was conected wirefree onto the BT HomeHub...Speed : 48.0 Mbs/ Signal Strength : Excellent/ Status: Connected I couldn't get onto the Net. I did what I usually have to do - Go into WIRELESS NETWORK CONNECTION PROPERTIES, then into WIRELESS NETWORKS then, USE WINDOWS TO CONFIGURE MY WIRELESS NETWORK SETTINGS - tick the box - this was unticked and I've got to tick it everytime I log on,. Once this I was able to access on to the internet.)

Still, the Broken Link problem continues......
 
Last edited:

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
Meant also to say, I don't know if it has any bearing on the problem but, on clicking on the Internet Protocol there were NO settings in the box to start with???
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Twiceshy,

I suppose it had to happen sooner or later.... but i'm getting confused now. :confused:
In beginning you said:
I use to use BT Wirefree Broadband, but now the only way that I can access onto the internet is to use the Ethernet cable.
Now you are saying:

even though it showed I was conected wirefree onto the BT HomeHub...Speed : 48.0 Mbs/ Signal Strength : Excellent/ Status: Connected I couldn't get onto the Net. I did what I usually have to do - Go into WIRELESS NETWORK CONNECTION PROPERTIES, then into WIRELESS NETWORKS then, USE WINDOWS TO CONFIGURE MY WIRELESS NETWORK SETTINGS - tick the box - this was unticked and I've got to tick it everytime I log on,. Once this I was able to access on to the internet.)
Are you connecting wirelessly or by ethernet?
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
Hi Starbuck,

I can connect every time using the ethernet but if I want to connect wirelessly I have to - Go into WIRELESS NETWORK CONNECTION PROPERTIES, then into WIRELESS NETWORKS then, USE WINDOWS TO CONFIGURE MY WIRELESS NETWORK SETTINGS - tick the box - this was unticked and I've got to tick it everytime I log on wirelessly.

I guess that I am causing confusion because I am jumping from one problem to another? There seems to be so many to me and no doubt I am causing you a headache? It is not my intention and I do appreciate your help. Suffice to say that when I try to go onto Microsoft Window Update I get the DNS ERROR message and this shows on every Windows website.

I do hope that I haven't caused more confusion for you and I sincerely hope that you won't give up on me? Once again, my apologies for the hassle that I am causing.
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Twiceshy

I sincerely hope that you won't give up on me?
You won't get rid of me that easily. :p

If the system had been reformatted and then a reinstall done, you shouldn't have any problems at all.... as everything would be as new.
But it seems as though 'Microsoft' sites are being blocked.
This would normally point to malware, possibly altering the hosts file.

Let's get the hosts file reset and then run a malware scan and see if anything is on the system..... but after a reformat/reinstall there shouldn't be.

Step 1
Download HostsXpert.zip
  • Extract (unzip) HostsXpert.zip to a permanent folder on your hard drive such as C:\HostsXpert
  • Double-click HostsXpert.exe to run the program.
  • Click "Make Hosts Writable?" in the upper left corner (Only If available).
  • Click "Restore Microsoft's Hosts file" and then click "OK".
  • Click the X to exit the program.
  • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.


Step 2
Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

In your next reply, please submit:
MBAM scan report.


Thanks.
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
Starbuck, I am following Step One, but it doesn't give the option of 'Make Hosts Writable' only provides options:
Make Read Only
Back up? Restore
Import Options
Restore MS Hosts File
File Handling
Editing
Download
Tools
Help
Which one should I choose?
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Twiceshy,

but it doesn't give the option of 'Make Hosts Writable' only provides options:
That's ok then.
The reason we add:
Click "Make Hosts Writable?" in the upper left corner (Only If available).
is because, if it was there, we would need to change it.
As that option isn't there, just carry on with the other instructions:
Click "Restore Microsoft's Hosts file" and then click "OK".
Click the X to exit the program.
 

Twiceshy

FPCH Member
Joined
Feb 21, 2010
Location
North East, Uk
PC Experience
PC Illiterate
Bother! Now I have moved onto STEP TWO and as soon as I click on the link that you have given, once again - DNS ERROR :( I am connected and have even tried to manually type into Google, but the same DNS ERROR message appears....AGH!!!
 
Top Bottom