View Full Version : Virtumonde.dll problems
lilwing98
2008-09-02, 06:04
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:56:21 PM, on 9/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\lphcvmlj0er0n.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Documents and Settings\Eric\Local Settings\Temp\.tt14D2.tmp.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O4 - HKLM\..\Run: [VPTray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ATIptaxx] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [lphcvmlj0er0n] C:\WINDOWS\system32\lphcvmlj0er0n.exe
O4 - HKLM\..\Run: [inrhcrmlj0er0n] C:\Documents and Settings\Eric\Local Settings\Temp\.tt14D2.tmp.exe /CR=DBB89AC50953E1E8F532527E7FD9E787EFCB0E80B4E95C0B19F47E85ADBF7EDFCFEB1C108D781F7622A194A95B7B1E943FFC274F69FBB95667B6BE93811B4D9D96FF3C8E04A00BF619776638E9C4ED7C5B3A09
O4 - HKLM\..\Run: [6c9de9f1] rundll32.exe "C:\WINDOWS\system32\tqybrbrr.dll",b
O4 - HKLM\..\RunOnce: [!2D826D3371EDCBD4E9D7A9B46494FE] "C:\Documents and Settings\Eric\My Documents\My Downloads\Harmony_Engine_VST_PC_v1.00.exe" /% and Settings\Eric\My Documents\My Downloads\Auto-Tune_5_VST_PC_v5.09.exe" /% and Settings\Eric\My Documents\My Downloads\Auto-Tune_5_VST_PC_v5.09.exe" /% /@ "!2D826D3371EDCBD4E9D7A9B46494FE"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Somefox] C:\DOCUME~1\Eric\LOCALS~1\Temp\a..exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [Ract] "C:\WINDOWS\MANTEC~1\regedit.exe" -vt ndrv (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [] C:\WINDOWS\system32\WNSXS~1\RNDLL~1.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Hmnb] C:\Program Files\s?curity\?vchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Ract] "C:\WINDOWS\MANTEC~1\regedit.exe" -vt ndrv (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} (Brickout Control) - http://www.worldwinner.com/games/v48/brickout/brickout.cab
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} (SolitaireRush Control) - http://www.worldwinner.com/games/v47/solitairerush/solitairerush.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinner.com/games/v49/luxor/luxor.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 9550 bytes
__RiP_ChAiN_
2008-09-05, 09:07
Hello lilwing98,
While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean.
Open Spybot Search & Destroy.
In the Mode menu click "Advanced mode" if not already selected.
Choose "Yes" at the Warning prompt.
Expand the "Tools" menu.
Click "Resident".
Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
In the File menu click "Exit" to exit Spybot Search & Destroy.
----------------------------------------------- Step 2
We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Please ensure you read this guide carefully and install the Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Once installed, you should see a blue screen prompt that says:
The Recovery Console was successfully installed.
Please continue as follows:
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.
Please include the following reports for further review, and so we may continue cleansing the system:
C:\ComboFix.txt
New HijackThis log.
lilwing98
2008-09-06, 16:01
ComboFix 08-09-05.02 - Eric 2008-09-06 9:35:30.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1084 [GMT -4:00]
Running from: C:\Documents and Settings\Eric\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\scurit~1\?vchost.exe . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2008-08-06 to 2008-09-06 )))))))))))))))))))))))))))))))
.
2008-09-01 21:51 . 2008-09-01 21:51 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-01 15:36 . 2008-09-01 15:37 <DIR> d-------- C:\Train
2008-09-01 15:05 . 2008-09-01 15:05 <DIR> d-------- C:\Flobots
2008-08-31 22:17 . 2008-08-31 22:17 0 --a------ C:\WINDOWS\VPC32.INI
2008-08-30 17:23 . 2008-08-30 13:05 834 --ahs---- C:\WINDOWS\system32\rrbrbyqt.ini
2008-08-30 13:05 . 2008-08-30 13:05 834 --ahs---- C:\WINDOWS\system32\rrbrbyqt.tmp
2008-08-28 17:58 . 2008-08-28 17:58 <DIR> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-08-28 01:08 . 2008-08-28 01:08 111,108 --a------ C:\WINDOWS\system32\msxml71.dll
2008-08-19 04:45 . 2008-08-19 04:45 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-13 12:04 . 2008-08-13 12:05 <DIR> d-------- C:\Program Files\iTunes
2008-08-13 12:04 . 2008-08-13 12:04 <DIR> d-------- C:\Program Files\iPod
2008-08-13 12:01 . 2008-08-13 12:02 <DIR> d-------- C:\Program Files\QuickTime Alternative
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-06 04:10 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-09-01 19:33 --------- d-----w C:\Program Files\MagicISO
2008-09-01 19:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-09-01 18:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-01 18:59 --------- d-----w C:\Program Files\3GP Player
2008-08-31 21:23 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-31 12:42 --------- d-----w C:\Documents and Settings\Eric\Application Data\BitTorrent
2008-08-29 21:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-29 16:22 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-28 12:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-28 12:48 --------- d-----w C:\Program Files\Lavasoft
2008-08-28 12:48 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-18 01:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-08-13 16:07 --------- d-----w C:\Program Files\Apple Software Update
2008-08-13 15:49 --------- d-----w C:\Program Files\Safari
2008-08-08 21:19 --------- d-----w C:\Documents and Settings\Eric\Application Data\Image Zone Express
2008-08-01 19:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\FunGames
2008-07-28 16:27 --------- d-----w C:\Program Files\Antares Audio Technologies
2008-07-28 01:24 --------- d-----w C:\Program Files\DivX
2008-07-16 14:38 --------- d-----w C:\Program Files\Xilisoft
2008-07-13 14:11 --------- d-----w C:\Documents and Settings\Eric\Application Data\Snapfish
2008-02-05 01:39 92,064 ----a-w C:\Documents and Settings\Eric\mqdmmdm.sys
2008-02-05 01:39 9,232 ----a-w C:\Documents and Settings\Eric\mqdmmdfl.sys
2008-02-05 01:39 79,328 ----a-w C:\Documents and Settings\Eric\mqdmserd.sys
2008-02-05 01:39 66,656 ----a-w C:\Documents and Settings\Eric\mqdmbus.sys
2008-02-05 01:39 6,208 ----a-w C:\Documents and Settings\Eric\mqdmcmnt.sys
2008-02-05 01:39 5,936 ----a-w C:\Documents and Settings\Eric\mqdmwhnt.sys
2008-02-05 01:39 4,048 ----a-w C:\Documents and Settings\Eric\mqdmcr.sys
2008-02-05 01:39 25,600 ----a-w C:\Documents and Settings\Eric\usbsermptxp.sys
2008-02-05 01:39 22,768 ----a-w C:\Documents and Settings\Eric\usbsermpt.sys
2007-03-17 03:04 75,776 -c-ha-w C:\Documents and Settings\Eric\Application Data\ZZipUtilitiesV02.dll
2007-03-17 03:04 65,536 -c-ha-w C:\Documents and Settings\Eric\Application Data\WindowsSecurity.dll
2007-03-17 03:04 53,248 -c-ha-w C:\Documents and Settings\Eric\Application Data\Notification.dll
2007-03-17 03:04 38,912 -c-ha-w C:\Documents and Settings\Eric\Application Data\RBShell550.dll
2007-03-17 03:04 29,184 -c-ha-w C:\Documents and Settings\Eric\Application Data\RBInternetEncodings550.dll
2006-01-14 03:26 62,808 -c--a-w C:\Documents and Settings\Eric\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-09-06_ 0.42.47.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2002-12-05 16:01:00 5,120 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\ALut.dll
+ 2002-12-05 16:01:00 4,096 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvack.dll
+ 2002-12-05 16:01:00 241,664 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvapu.sys
+ 2002-12-05 16:01:00 62,336 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvarm.sys
+ 2002-12-05 16:01:00 30,720 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvasio.dll
+ 2002-12-05 16:01:00 13,056 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvax.sys
+ 2002-12-05 16:01:00 13,440 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvax9x.sys
+ 2002-12-05 16:01:00 820,864 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvmcp.sys
+ 2002-12-05 16:01:00 10,240 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvmpu401.sys
+ 2002-12-05 16:01:00 44,032 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvopenal.dll
+ 2002-12-05 16:01:00 44,032 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\OpenAL32.dll
+ 2001-07-14 21:32:24 69,632 ----a-w C:\WINDOWS\setupupd\temp\wsdueng.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VPTray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2005-06-23 85696]
"ATIptaxx"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-14 344064]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 81920]
"CTStartup"="C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-20 28672]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 196608]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" [2008-04-29 158624]
"QuickTime Task"="C:\Program Files\QuickTime Alternative\QTTask.exe" [2008-05-27 413696]
"MSConfig"="C:\Documents and Settings\Eric\Desktop\Downloads\msconfig.exe" [2008-09-02 158208]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 C:\WINDOWS\LOGI_MWX.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"!2D826D3371EDCBD4E9D7A9B46494FE"="C:\Documents and Settings\Eric\My Documents\My Downloads\Harmony_Engine_VST_PC_v1.00.exe" [2008-06-25 9722660]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Hmnb"="C:\Program Files\s?curity\?vchost.exe" [?]
C:\Documents and Settings\Eric\Start Menu\Programs\Startup\
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe [2006-04-05 1802240]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"VIDC.NSVI"= nsvideo.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^palstart.exe]
backup=C:\WINDOWS\pss\palstart.exeCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
--a------ 2006-08-01 15:35 67112 C:\Program Files\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2008-01-03 12:15 50528 C:\Program Files\AIM6\aim6.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-07-22 20:42 116040 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
--a------ 2007-09-07 19:01 43008 C:\Program Files\BitTorrent\bittorrent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2005-06-02 10:21 48752 C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime Alternative\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 18:41 1832272 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
--a------ 2008-02-01 11:51 1885464 C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TUWinStylerThemeSvc"=3 (0x3)
"Themes"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"WZCSVC"=2 (0x2)
"wscsvc"=2 (0x2)
"SQLAgent$SONY_MEDIAMGR"=3 (0x3)
"MSSQL$SONY_MEDIAMGR"=3 (0x3)
"iPodService"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"ERSvc"=2 (0x2)
"Creative Service for CDROM Access"=2 (0x2)
"GhostStartService"=3 (0x3)
"Diskeeper"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"WMDM PMSP Service"=3 (0x3)
"ose"=3 (0x3)
"iPod Service"=3 (0x3)
"UxTuneUp"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
"HPHmon06"=C:\WINDOWS\system32\hphmon06.exe
"HPHUPD06"=c:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\hphupd06.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\Gnucleus\\Gnucleus.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R0 Achernar;Achernar - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Achernar.sys [2005-09-23 16855]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-04-29 40704]
R2 ZuneBusEnum;Zune Bus Enumerator;C:\WINDOWS\system32\ZuneBusEnum.exe [2008-04-29 61856]
R3 Aldebaran;Aldebaran - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Aldebaran.sys [2005-09-23 21808]
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-10-23 33792]
S0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [ ]
S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 16512]
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-05-07 42112]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;C:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-04-29 245664]
S4 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Eric\Application Data\Mozilla\Firefox\Profiles\xs2p6myb.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Documents and Settings\Eric\Application Data\Mozilla\Firefox\Profiles\xs2p6myb.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07074039.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_05\bin\NPJava11.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_05\bin\NPJava12.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_05\bin\NPJava13.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_05\bin\NPJava14.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_05\bin\NPJava32.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_05\bin\NPJPI150_05.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_05\bin\NPOJI610.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin2.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin3.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin4.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin5.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-06 09:40:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&2???A~??A~????????\???\???????????U?A~??A~\???\?????????`??????C@?\???\??????s????\??????s\????&2?A??s?&2??C@?x???`|?w\?????@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-09-06 9:56:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-06 13:55:20
ComboFix2.txt 2008-09-06 04:44:39
Pre-Run: 2,153,865,216 bytes free
Post-Run: 2,140,471,296 bytes free
258 --- E O F --- 2008-08-17 14:49:13
--------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:08 AM, on 9/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [VPTray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ATIptaxx] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\Documents and Settings\Eric\Desktop\Downloads\msconfig.exe /auto
O4 - HKLM\..\RunOnce: [!2D826D3371EDCBD4E9D7A9B46494FE] "C:\Documents and Settings\Eric\My Documents\My Downloads\Harmony_Engine_VST_PC_v1.00.exe" /% and Settings\Eric\My Documents\My Downloads\Auto-Tune_5_VST_PC_v5.09.exe" /% and Settings\Eric\My Documents\My Downloads\Auto-Tune_5_VST_PC_v5.09.exe" /% /@ "!2D826D3371EDCBD4E9D7A9B46494FE"
O4 - HKUS\S-1-5-18\..\Run: [Hmnb] C:\Program Files\s?curity\?vchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Hmnb] C:\Program Files\s?curity\?vchost.exe (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} (Brickout Control) - http://www.worldwinner.com/games/v48/brickout/brickout.cab
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} (SolitaireRush Control) - http://www.worldwinner.com/games/v47/solitairerush/solitairerush.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinner.com/games/v49/luxor/luxor.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 7825 bytes
__RiP_ChAiN_
2008-09-06, 18:10
Hello lilwing98,
Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:
File::
C:\WINDOWS\system32\rrbrbyqt.ini
C:\WINDOWS\system32\rrbrbyqt.tmp
C:\Documents and Settings\Eric\Desktop\Downloads\msconfig.exe
Folder::
C:\Documents and Settings\Eric\Application Data\BitTorrent
C:\Program Files\BitTorrent
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Hmnb"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
DirLook::
C:\Train
C:\Flobots
Save this as CFScript.txt, in the same location as ComboFix.exe
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
lilwing98
2008-09-09, 19:05
ComboFix 08-09-05.10 - Eric 2008-09-09 9:06:06.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.924 [GMT -4:00]
Running from: C:\Documents and Settings\Eric\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Eric\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Eric\Application Data\BitTorrent
C:\Documents and Settings\Eric\Application Data\BitTorrent\bittorrent.log
C:\Documents and Settings\Eric\Application Data\BitTorrent\bittorrent.log.1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\002df47cefc496f03221a108428a5bb3b09c0915
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\00502459d49dc1b9cd34a04c611076b02c2f1336
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\005065f049929e5c163aba4cbed08e585c16601f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0053bb2653c2856aa05e9e5b5446f34c633ab732
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\00c1e700f6e51d35fb3ef0c2ab4013e10b5aa880
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\02202b4e009685cf12066edfa8deca81a76aaec3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\024141cb6f53040aa4aba8398ac90b9376b9b860
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0246f4cc0e9e302f8ede645e181c4d8934a3c166
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\02d8c63064c668305e1d866fb46e20fce4f42d90
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\033a7302448fee06d1c2deb95846f9637f4e95e7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\045c46ea175fc84db4f5fcc3c556afefb6c33d07
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\04b571fa2e1a5b4aa65c710873749f31ccd8b108
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0654f2a74b897290d5a4ef9a390a10f31466ccd8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\069a0af831261ffdeace509d84b2a65ee8522044
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\07ad9208ffab537bcaa6ad60b5d47fc582840ba7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\07d9262f5988acd81cef85cb93e26e5b666e4b0f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0807de39437fbfc6106089ddf993183ecaf45189
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\08b73ba8699335253ab76a0eb9bcaa1e187cb9f2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\08fd1e225c96548a8bcb2c08cbe9a13d395f2b99
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0982fc9126d3030490968ff91dd1c7da8a2f54e9
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0bbf703cc34390070642cacaa9554ee5ff639a58
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0be8911d9c9935d7a5cf5848c26e0b1cf7acbc2f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0c644c87ab5f9766a130196bdb14ce5ec66d8197
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0d174b81008af1653791ac76bed98cfa7adc067b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0e1dfbc0c6fc72481233d23a804d5f860d14fa35
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0efaae93784ac75cfbd3a981227f1b2483041a33
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0f5847c58923c83b42df7268353b859db9d8d231
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\0f63952df6bc2454a9f14856ecd98cb8c74d0ad2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\10c9ad93be9abe5d06062e25c4a5ece50eafda45
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\11220bf463ec826a46a020b45aac8f6e4912d08e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1125674bf74b4177b2080bd949b9f6fa68706a9d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\12520b3ba9bdbbba5de97cbf6213a57bed72b0d5
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\133d60ea7b3bf59638e0c2e411e54bf0ad92ad02
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1595c6a3220fed402a4dbe9d6e91f71ed352f9e8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1684fd3e2e401d7cd10b7080c436e5638533b574
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\17f1e0d45b2b84d5371016e6f0e19d88801b75a7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\186fe930ef9f9295060206aceab6284431be7f02
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\18929ece18e95427d4414888e6255bccd72f1f52
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\18ae6ac24bd6b33511eb1213be076a066a975c08
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\19c79ba1fd1f3a5e49c3619c4b79c9d19b520903
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1a7a29bebb6b43e3646c60f1ead1856c423c1463
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1e96173b7177c80a2d7dbb299a4d6d0a2d7cd1fd
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1f5ca6b54403d91cc4b23d3c1540b3fe66c0aa7e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1f7411b5575d0d9aaf4dfe29b28c9d4c6612f4f1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1fcb9cc25b930d7cece48d2040723bdba4ea475f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\1fda592b05e7ec71289e0b11d45430dc551a0194
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\20d81a32aad5a955d1a3a82da54ec372e22c71db
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2192bd12f16a0dc2bc158c5eb7ede28f85bd7638
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\235131d64e7dac349eaab6292c3525d2d3358680
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2427b48fe5119f6e7a33c4109e8ba800292ef968
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2432b9deaac1dc119e2bb3d49b3c7b496f0c0296
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\24f0fc76a8cbb07bd9a89bcda1cbb445267f0fe7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\25109b10adbe95eba6492631fbe2777f06925455
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\25cb35ee49ab2633a15df51f328560aedee368a1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2605831a8de8189fb38c1a9a01eeef6f9c279752
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2612b9dbc37316bdc8ffaa861facf85997129385
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\267282b11483ec7763ec19815059e874c670b0ef
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\26e805aad87a0f048ca438f88a6c4691d7b01f28
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\28e02fd7b955d9ea671190e18641b6483fd4f3e9
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\291e54151032f2b3fbb61a4268012f51bbbe4bbd
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2975f1ca14e36a5b9dfadc4d9194e05653445d63
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2c5676845325f1a56f94721e75cbdfbd725aa800
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2c85a54bc84468d9c8f626d70e6ce61342f8f2ee
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2cd3e0a7dddd7472e0980c7058893fc1f8889002
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2d83d33ce76e50faa676f1bd56f668710b8dacbb
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\2eb6a0b935ea57f6534a080f14d8b42cb9348ebc
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3081d8a6465572c18d5dbbff97221f82c6714561
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\30b9e714aaa0350d34ffe1ad1a02d0207b45f2a2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\312921084a587ad42bcdb86b5ac74088083e523c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\31676118987d86bb41da0a14400a9d376d4f56b9
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3172bfd3eb6305d1ec5b1c3c410e78001dd60f4e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\31c6b8d7373050d11d9b932bab8a432bc2dd22c2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\32642da43c1465c5d8f1377e362819a9005f0e70
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\32cb1bb049f0c56ff8f1be2927827ef8eb16f1f3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3337bf4cb30e78a93ff04fe4d2c00d5fc52a672b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\360e0697adc43d51411ef2cc47de245be778deab
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3653acf97e31a1b3c8179334e3816388ca5a5b75
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\38e08fc8213cddb8faecb3d079e0d938a82c007b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3a6fa870c9b8dc4969b66bc3b89c3d9c2e195e00
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3c21b8dc74f084d7863c5bdf2e581236e220560b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3c364a256a53207be086b17bfc33fbeecf091762
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3d40b2ed2430875359f7d3ff9896f8446750fa58
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3db587d675f039c06725d221378bd4b7ad314367
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3dd51257a00bc8fef5396ddd9534eb468ffe4918
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3e3ced57eb87a36a1f4e411f011e1b58d3918832
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\3e8c72360c69b94570fab95864ccf21ce63c3676
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4019948ee5b240355d4ad17129dd8eb317a8b654
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\406d8879012d4b5dc0579288f43c3a5debc6b39c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4192437c8099a2c98bcd7293b47a34b1e8b6bda7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\43b824ad10972db3a861ec3bb32d1c333378773d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4448b9339b7ab7ef913e2494cfe3db9e2d0e4694
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4569fccd2462a17ac56d575345ae810147ee3204
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4625505019c5412ecf6dea82357f400038862cd7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\468491991b9daf55e6018a14b22228c3edc3a706
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\46ed1043e54c2b56aec0154f45d987a9b560c1fe
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\46f5cab8043d391ec37aaf09522086b1e67f728a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4704bce2d77bead490b290a6ff447c8927fdde12
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\473cf90141c36b039e17b6a2aa985cdda9390454
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\476b774bb70c455d4ca964ace6a0dfca242fe512
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\47d037490122d42a61e6800303e98c8f868d7347
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\47e48b70ecbc67695d119a42e7bd38f1fa9f92c0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\48041b3946c2c588e683b0a5b8bfe07453c34e39
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4828a8a1e52e12b4fd8860735e1220099cd762f3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\490e2d84711c4a93b2ccff50d48d44164132b5e5
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\49beab47369b7311ba83ebb911150a7250d9b794
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4a66689ec5ef304d9a7408d49b4fc39427702aa6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4b4244a484ef07baf01621b3e69f46b627b17206
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4c31d770d141844a91d5742d1d4696bacbe8fdec
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4c5bb2fed2650a782ee279f7bf7bdbc91055ae7f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4d7a0309a8e639413f763fc13856eb024e034e68
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4d8406e410ab3f36753a092d09f6234226be71f5
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4dc94ac796a741034c93970b6d06524891f7b8d2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4de6c2985277fe87351ede6bff3af816e7d7a53f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4e30c2631ff893e0c671582857043c1b71db4f4b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4e4761b05a8bbebe8c54d5ffdb6bd91f1206cc8e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4f68e56a319b62176bb3007b30ec6b04c954a7d4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4fdbc2e6750bef8a66a974196c8d1faac6c59e9a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\4fe08d0146f44f04f62c692fa6b50e9b82b0dbbf
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\515e215deff3729e19db2a6f8d22f1a02f3a3ed0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\51a413539568ea1533b44336f511ecbd7e087257
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\528ad033c7a842c0cefb40249cbda8ed00ef45cf
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\52e0703bf61faac27dd58893b58d98af5df1c235
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\52f01fb46071a822a08068a20a1ce9099a15fb88
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\53d958afd3244e834d71633a3b0b6424897d6001
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\56fcfd6abf40af3b6249055e15c0bb55eb0eea72
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\570a908f788f0ef7371f4f6fc7eb87b66588492d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\593f8ee61b3ec9cd125b5fe4b7b6547e2574e473
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\5a1434e78ff576d40f151b18ab03a834ce4bd087
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\5a5f2d65682ce572c51f846e002dbcfefb801689
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\5b234eb29e69326e4e6b315083e22216fde2dbbe
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\5e9020fc804e16c2e1dab111064c3a0c29491a10
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\5eddae875d139340b379764f600e32bbe4a34475
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\62513a0d15364341c9f87f5f9408f83dfddb2c89
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\63472b653a684e33fd1f8673fb541c0d996cd1cb
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\65a2e1687243b06b637d1738cc6fbcb3a4ea374e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\65d701136b6e38e7db2bd3398f626905fe507094
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6787f1bad1d302151782a5181c5c2d2f5eee06f6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\681e6aecf3a2a3063a6f85d76062b9f33c549e81
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6864d87220df86c94bc707dd7a88c6c3b77e08a1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6911cf88445d96934dcae3a978a103ff26cda80a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6a4734796a85b2c00ae11a0e8e53e2594423dd13
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6b3ad90e51920a7309ef26615f447e86f8c1e73e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6bd4175a5cbc002f6bf582caed25a9ab0658378b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6be5137240f831777cedbaf893bf97f8e8a014f2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6d33ff1971f884d15cff72e0fc2dd3bd858f35e4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6dd589b463cfd7e2756e88a6dae48cb3ddb951f0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6e4f49ba41fcc8749295e239a7b1bc7e6ef47f47
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6e7b6d480384fd224984ad9e1139488fb5f5a18d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6f07a06d2ff98bb73fc940e586814c1aaf3bcb7c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6f820bb1231b465a5ad915e7ee07d239d22157d7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6fa4f62153e1ca85de7a721e3f5e9dcc38a7501a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\6ffdc05f7b6f8e253a2af3dbc46efba644846a98
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\703989d84ed65c728851cd88bf039e4a0aef03b6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\708ed738ba3dcac88ba039c195027475f0216ea2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\70b5a3664e0ff0d967855905c0a69e7589d73c57
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\70d4b172c120a8294a6c18c3b87f8b388cc9a253
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\713345f087139cce64cd9e8f9b6192947cff4441
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\71bc822561b5daf82d8b30b383d386c5bb0f9ef4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\71efae2b3bea8447b67b778359471bf20542e6ba
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\72042fc98e9ad2b7c48a4dcea7bac987c4306de6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\729994bb6ec54f6d21c081a223b3f3694c59f9b8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\72f11d49c3177d8c8c2c979d39ed599df1202bec
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\74191fa71f7ab01254e182a46e9de4f877bd7930
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7439919ba79a804e5258db7cadcba1540782ccf3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\74cf59e35bf94bd12f54fa31f87f736ed46ef26b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\74e6322e49604c7253af68821bed017e4a5b336a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\74f6e82b472d130cf6588fac158632f18b6adacd
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\756602ebad23b55fe892d09db3a3b90651110344
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\76647afea221421b5607161f8eb6f5518fccee5d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\776b79b02313a050ec7c79a34d36e628c142be81
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\77a0a1e927cea151f22f0b91e590d90f86f1792d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\77e74d1a03e0c07ae946b56174088bcda46087a6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\78434cb2daad5c51a4528deea4fd1553785f58a3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\786f7f49a490920f4f20f3f27f05dda52914d49a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7aacc8f5db61df7ab69fef2eedcc52ccc3430fbb
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7abe52064f5d0747a0f26604693b4c205ce49467
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7b06e9c1ffc35136bc19aa7b7237bc7d6b5006c5
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7c7a363cf1ea23d224dc65f814198a488c9cadcd
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7c9979b9ce3e613ea3912e3a7fdaee60e5c22983
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7cb1da1d2962205feba4f7f0a852de53b61fde32
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7e0ef6df2aa565e2f9031802024dc11019b01304
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7e11392c545f4d17eb192798ea50349072ce32c6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7e431e1e7e766d5cecf325d3e426ef93b54805fb
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7e668a56908ea96bd886f45e1b80e68ccf2cc394
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7eb9450403f964ca5fb0ae05bda73948e752f2ac
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\7ec15d7f2b8e5b124876d4a9d7ca0d51f2cb09e4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\80db12b2ce93246ec82d440cc542adf32ac74d7a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\80deeed96a628f808c4c8b85d7bb567fba5a6f73
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\80f830788ac50c75f414eaa5f6e47e7aa5d162c1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\811c35594343ca3276959594a672f2e332600d1f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\813e92b3c5a11c7d6b4c12915ba51f5a30903060
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\817e2e690b4c723951db284e863dcac4eec546d9
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\822804476471287ad0efca3572eb8d422e0a9554
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\828247e3c93f0255027f9c1df043768bbf401d05
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\82ef663c7e0b22c20b5293bb9f421d6235e06dbe
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\82fa8fd718bbe2c09b6f11c01deceb0829d26fa8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\838d56ecc59eb895272750f7e99f76612fbbe763
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\840d9bd7377814778cf31ca682ace5860cdb3064
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\845330b58b55e728aedb82ae08f89491d2cce3cc
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\84e69672c9114f2774f89a99be86ccd3e9faca0c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\85447ad72411ae34e88f451d6749ef721b9d2a01
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\854bca2c8a6922a1330192c254fa7318b4224681
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\85df88f0d657f628376ad5197c29d5b697d34e74
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\86bd4cfd774121fa1eb73b6d52baad0fafbd1b3c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\87862c534f3744b5347ba2131f8d36514213b4c0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\87871f2225b97d1cacaab194fccddecec40ce4b7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\87db3f47d5ce50019d97ec5b1cdcb8883b702b6b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8807797a8c9b820b6bd113f12af694144226b9fe
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\88620c047e3a413647b0afdc1d31d121859feb0c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\887065404bd80f24e74bc771f57b84a2b51f2e29
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\887d930f892c59a91f7b00b6f798d002c0e72587
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8a00b6068f06667d47d40815e0a88d4ac82ef237
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8ad4dde33fab1c0ffcd669c0048873e7ee1d736e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8b7bb6a61d36a616a92708381915eb9a37f6c466
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8c74bccdf213f2af8ff640f241ed32eef6b99072
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8ce752c3c6e979e67ad3c3a3019470903d156c45
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8d49a4a9cfe5b1d0f3289aa5944b7b1cca42f157
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8d4f87391f324c57917c1ee414e68806c0e99429
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8d55bcc44b396599d738105a1be8887e5dc5eef9
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\8e72c84e2696d777d2e59d2e191e3c58237b5481
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\902ab9c98ba5ea525629723fe055cf45956093f1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\906a3ec5e690566a054460d16b94728b8896bb23
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\90c38a4d3002f3dbdfea474230db0cc4b31adbf0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\9213c7b2c2fb8b62927597e4ef607b0df22a9eeb
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\928797b30aa38904dd746698fa77f073ca7dc984
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\92ed4236d09c470dd08fcde5e5e3e2e87c5b528f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\93b748ecfcae185b2324cc5119f3512f5eb82c1b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\94d0f7c5f2faac13f5f0ab6bc3abe75394fc99a7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\9537e0ed01d465f714d697afbf1d0d045e37dab0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\95a253f0c67cdc4659b957327e1ad8011728d2b3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\95e1e914dff800920ba52f6ca73d595eefab881f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\95f454ac4e650eeac9196929a970065776450d59
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\95fad212cfa29f2055ab5d8cb260ccad590cd128
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\97a9ce56fa65ccc8327d8261d51bf5d62216a711
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\98d47faa29414763e98080784a2c7454a5548916
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\9c32020e0f1a0f864064090623da63b82e559d5e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\9ca1336bc27cb6c499e62e13b007cd7394b6942e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\9e227fd8390256eb15595786499a8b9d47787ee1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\9f2b3f93e386801a52f6e6149592a2195f9fcbb4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a127213d9431e7ac9f152dc7787e4bcea7f32907
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a1360053f395b907eb4f13a5f1b6fd640bfaca63
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a1b4da1d5c3b6ed48c6db1239578116dd53de1c8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a2145783af4efae8cbac30e6169e94a380012a5f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a21f7998525bf124e1600dd7f627335d16c986c3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a25b42b4ab154ba354bb2d2fc6c15307a2ff05f1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a2f0894dc1b23be77710356296404f9295626047
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a459ccdcbe7e219ceb49fd6f1a00451de090389d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a4d12c319a54e628e88c94eebfe772ac7a9b1437
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a652362414b729b402414d807249fc4ef63ceff3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a7325f79a4b51ba29f89adef61d2ae1a9c6cabfa
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a7714c1371645e82dba96d0ad44f34edc905a3a3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a7b19de1f0c0fd31c589e879ae24533abcf42d9a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\a8941405e03dfcb18ecfa5fea9fa16b17a8ea46d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\aa332bbb25663d0818796118e93050d5d361d643
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\aa7b86d527d63ddd11a48b6520923d0db514e272
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ab008116d409bc21f5d85e6ff86fb3e7b4e647e8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ab0fa1d883a262d4f86fe248065071b8af9fb641
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ab6036a4692b50226ebe91a8360652794c10cc03
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ab7d34e8c02b7bf3a6cffa066d73abb4d2b08be8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ac20bc978050c59be9eff93db75941b2d0f5bce0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ac54efbcb899d1b21c49de5bd5bea1198fcc72c5
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ae052899d489c8c14815a14955d3b2f615ee3b2a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\af8fe5eb999654319b6515650ca8a2f08d6cb5b6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b09a43bf861e47c4c72e30c29214e732fd544a19
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b1c1e68c39a72fa90d6b5c7cf80fe362c27df0ae
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b1cdb0aacb9f306123d4c830d8734ad4c881f904
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b1d34802dab2eece43ebd2e8e220b36ce10a28f6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b261e624acffc9b8d76ddc4428bbc4965a77526f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b44a3a58c200889309e6c999f44804f01a31e778
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b4699eb6bbb8f3f384240944e6055f068b3b16ea
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b47aa0c13d4c98850c4960112d6d6524aa624b31
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b55f63f8f7cdafd1d0c8bdafd9dc30c31fba04b7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b575494d5f637de4e2304829375132d44884dd24
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b58d9acb2e9307ebb8b31ff7ccdf688ecc2cc2a2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b695e2be8e21af04c7f769f1e3a8dedfdae4f50a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b70be4d4bac5d1c9e8614ddae86155944a9542a0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b76f499d2316b31452dde8a1d3dd8aa509ba6d6c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b7b534b4c00328e2a483813d351bef6db5b037cf
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b8a56a2f892c153e039f94debb7923d1a2e2b2f4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b8c4b65467b0122c434ced5b76fdf3fea6b0b557
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b957b276b5e86209fbd4d7eb876455616f7b96db
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b994dea8b6d843c9f246fc731b515eb57ee495df
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\b9a3952ab90d8bdb626c6dba437051977042f92e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ba41a263fdf8c53171decbeca5dd5f96e3e51938
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ba43602a3fe5470f3aebb7d74895595c0fbfb0a6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ba721e6dbfcba1010c24843f906fb124a5f58799
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\bc96b61548a0a590947dc3d4df0c2f4ef1cb30fb
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\bca805a5017f41b48acd667a16cf6b3b0820d0fc
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\be246fd67651743324d8347da7f61f87acdf54a4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c0ed4972d5b7819820092f21c954888997dbcff4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c0fb3a273b0692ccfa78059cb985dc1baf1a2280
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c2977796c35037b3effa30e249e7ed02e51f2252
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c2b0ba41fc05402bb5c7bbb327743d0e0adf6b98
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c2bb84a4998a07f476c1e21cf839a80eab9b8f1a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c3bd0af670198b705317d5798101af8524a4ceb0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c4fd72fbe46f30b7ee3afaa0d88677ad057c8010
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c4ff9e501281c83df338b81d01ca51c5174853c7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c51047ce07087a502e8c07a6a9905d67ba33924f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c57919f29c064e59195c55808462310d91d6c833
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c5dbddc5041b881efc04b777bf33f2e2c419db65
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c68969243f3eb159d7c75919f0d2f18268c17313
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c6d82a5a95540ef10e2bd247114f0d7b0f38b92a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c76173199ef0a8a1f92df3926bdd56a231068c4c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c84c41fe7edccc53db4b502ada5c26289f4d591b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c8993225734ddf9655ad9c66cc96e18425fbe488
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c89cdf3d9f12f5eb1e681726a610fdd9a6dfcca4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\c9b05d5e59a7dfcecbfff1f504bc4ebe7a1828cf
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ca9b2dfe5b07e4dda1402832ee2a50f0f0f72f82
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\cac9664cd1bf408136f99e6406aa2b5a695d4035
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\cbd5f5edb4bba51a2c76b9e9ab89e22a3889b12b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\cc85721026f5313cefdcc73a71cf6eec96181d57
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ce4817357a3f2a4fa7cbd264cd58cae80b34d61c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d0bc643713f820c14147861d6d232bc85461d9c4
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d1120a365fa8e0e65242b43b5d0d51c507fa05b5
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d282cd46f3efcb82399260924992d9fe3b346ae9
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d2da16b3e6fd26d33eccf32ee44b859a986b0482
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d3ab7591c2e6e4c805317f94afaaacf9fd2dc366
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d46bbdddc97c1033d851d6095135f220222a012c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d72086191d2909afd99ff2ae1fd9a367b97530b7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d7a624332e962cf27c6e3f3ce42ee86dc7d639ce
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d9bd3500eb7d68149b2d05b5ba577ac3d2d254e8
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\d9c3ff020812e0c49785671404847dfe02049e6d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\daa64441c76ea196be52346a5d6ab561881e8f1f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\daa7b7974207c51478661c95132d4827ed32a63b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\dac298db32c2bf09c43b2ade71f56c00fbe62329
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\db2fcd50baab9a92c39f5f059a1c26049683d42f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\db59653136d329b88c67bc645fbdb6e03e7e631b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\dcb47dd1f8e6375e0e6cc1f87cf4eb373dcfa855
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ddc877ab76b42c27c6f796f35fdbfe59c11b5f53
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ddee10a032344250eb4bc203c040e067018900d1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ded4192158c1b7435ba3cfdd5d952be5fd71c422
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\dfb67cb58901564098b72fb76befbbef5f332931
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e0998844658849a91767d64d28af237bf3881ce3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e0e4d9aa23e1b09db50a5cec0a225ef5a336aeb5
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e0f6705dbe91a7d767156bf001d1064f9d3e9d80
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e2dc4b1df9a850fe572fc50e9cfd1705f7355d19
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e3c04eb5155227b0f2f30ed84aff0d88be370663
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e476614d421bfcc0ef51a2828358ee51ef3ca42e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e4c80e593460dccd223ed8d3c02532e89e65eef2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e56adba028ab20d8c0de4643a01ba5b8f10c7166
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e59cd741ea3f985aef78d9274e6902828d0c8a1a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e5b1fac61162d568a81f439cc17363558bcf4737
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e62b71c43c027fd43293f12514502b49bed1a7b6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e6398d6fde8a5868ae6eb4774ff1e4d336541605
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e654c007e86ea9aadfa806dd22e6944796ecfc1c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e6d4b4113c14c710e93adf3eca834ab346629f38
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e7c6c97fb25f1f6349dd0d48506b80ab838412a1
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e7ff2a6b4eabf26dae2a25d3bc2f11fede11e46a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e97103a7740f11fb5a0b79e1f0215612fb3f9aef
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\e9c20d409d2a7997d82bdb15f956318945f86ffd
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\eb5ae39e816f31eeb97f4bc25ed16693492b3c04
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\eb6c65a347ddfaf3bd6f5582d1bc8bce2fa4003c
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ebc541cf20ec0ac4e2f8a860ae592398c96fe9c6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ee187dc1ed1bdc848a5f3030d18a4f874e322098
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ef34d7b17bfa27b07acc2fe466646d1aa1b326f6
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f023998e84ba9acbf490ddec651ad8308177ec33
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f05241da22f979bed59f690f0a83ba7278a2fb0f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f072d99747b63f2fa5baf5485586b6e0baaf4fa0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f0a633bb3b71fb44ac9c330a0bb988b6ce074ee0
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f20c68c8b76b08903d3fbb735e5bd93a82ee2c62
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f259f0a83b8ca48fd2a6b1dc3001150b2b5945cd
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f2b60e2377b662693df56d7be8395dfa4c04571f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f3277fd7e094773e11d34363e8eef1207bc0d849
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f3ed62cd2d0734d53c8e4f03e5882314fdf150cf
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f3fe0c9c9f3bff76c0e61879db66b5355f00de8a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f4703dd05913905f04290d749860daecb8ea2b10
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f571f8dbb8338f82a50f6754cfd946a0d8081c90
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f5eab862231017b0f0c10b974cf1cc3fc2612b1a
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f5ff4970dc2e7c95134445f7ddf180301699a768
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f61aa1dac2d7266140465274c73bf80f4e40e25e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f71101036374cd21d045bc48bd66c610e711f89e
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f77be2d47b0d29f118591874fe5d454a13814f0d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f79a15419aa24e5b20473b8512c7e90e0644d14f
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f7cdf9d7701d0431c2f7e9ccb66e32c61dc5a153
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\f87e717a40619567cf8506e433a4936c6eb52ced
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fa1b99aa502ad944a562e3da5044f027dc0bc006
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fa2b41b07b3e5f1b2f3dea60e975cd6574d49eee
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fa365a075aa85d9818950596ab0fc519fe5f3d5b
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fa7406e46894b85fa2212f71c7d831b23e6ca7fd
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fbf98405f0f8f02711aee926a6ff126304ec3270
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fbfccfd49e120af6b57b15f2cbfb3dfee1616a49
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fc2ddd7e72d9e44b66bdb017256d192bc2e12738
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fc30bcc81e2658d49356e177c6010b2b0a05fe71
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fd3dad4a0d03e0a310623c24ccc5eacd499739c2
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\fd6cb20047d53ab1dc3f48379b261fb7dadc42c7
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ff1337382c2bcb0d7c9c09ab215d88360ae0d112
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\metainfo\ffc84c471bdbc39a3cda0be182a997d2f1843c6d
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\resume\02202b4e009685cf12066edfa8deca81a76aaec3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\resume\045c46ea175fc84db4f5fcc3c556afefb6c33d07
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\resume\8ce752c3c6e979e67ad3c3a3019470903d156c45
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\routing_table
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\torrent_config
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\torrent_config.broken
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\torrents\02202b4e009685cf12066edfa8deca81a76aaec3
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\torrents\045c46ea175fc84db4f5fcc3c556afefb6c33d07
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\torrents\8ce752c3c6e979e67ad3c3a3019470903d156c45
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\ui_config
C:\Documents and Settings\Eric\Application Data\BitTorrent\data\ui_state
C:\Documents and Settings\Eric\Application Data\BitTorrent\incomplete\473cf901-e939\U2 - (1991) Achtung Baby\01-Zoo Station.mp3
C:\Documents and Settings\Eric\Desktop\Downloads\msconfig.exe
C:\Program Files\BitTorrent
C:\Program Files\BitTorrent\_c_urlarg.pyd
C:\Program Files\BitTorrent\_controls_.pyd
C:\Program Files\BitTorrent\_core_.pyd
C:\Program Files\BitTorrent\_ctypes.pyd
C:\Program Files\BitTorrent\_gdi_.pyd
C:\Program Files\BitTorrent\_gizmos.pyd
C:\Program Files\BitTorrent\_grid.pyd
C:\Program Files\BitTorrent\_iocp.pyd
C:\Program Files\BitTorrent\_misc_.pyd
C:\Program Files\BitTorrent\_socket.pyd
C:\Program Files\BitTorrent\_ssl.pyd
C:\Program Files\BitTorrent\_stc.pyd
C:\Program Files\BitTorrent\_win32sysloader.pyd
C:\Program Files\BitTorrent\_windows_.pyd
C:\Program Files\BitTorrent\_zope_interface_coptimizations.pyd
C:\Program Files\BitTorrent\addrmap.dat
C:\Program Files\BitTorrent\ARC4.pyd
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\BitTorrent\bittorrent.exe.manifest
C:\Program Files\BitTorrent\BitTorrentIE.2.dll
C:\Program Files\BitTorrent\cBitfield.pyd
C:\Program Files\BitTorrent\choose_language.exe
C:\Program Files\BitTorrent\choose_language.exe.manifest
C:\Program Files\BitTorrent\credits-l10n.txt
C:\Program Files\BitTorrent\credits.txt
C:\Program Files\BitTorrent\crypto.pyd
C:\Program Files\BitTorrent\dde.pyd
C:\Program Files\BitTorrent\etc\gtk-2.0\gdk-pixbuf.loaders
C:\Program Files\BitTorrent\etc\gtk-2.0\gtkrc
C:\Program Files\BitTorrent\etc\pango\pango.aliases
C:\Program Files\BitTorrent\etc\pango\pango.modules
C:\Program Files\BitTorrent\images\bittorrent.ico
C:\Program Files\BitTorrent\images\flags\AE.png
C:\Program Files\BitTorrent\images\flags\AR.png
C:\Program Files\BitTorrent\images\flags\AT.png
C:\Program Files\BitTorrent\images\flags\AU.png
C:\Program Files\BitTorrent\images\flags\BE.png
C:\Program Files\BitTorrent\images\flags\BG.png
C:\Program Files\BitTorrent\images\flags\BR.png
C:\Program Files\BitTorrent\images\flags\CA.png
C:\Program Files\BitTorrent\images\flags\CH.png
C:\Program Files\BitTorrent\images\flags\CL.png
C:\Program Files\BitTorrent\images\flags\CN.png
C:\Program Files\BitTorrent\images\flags\CO.png
C:\Program Files\BitTorrent\images\flags\CY.png
C:\Program Files\BitTorrent\images\flags\CZ.png
C:\Program Files\BitTorrent\images\flags\DE.png
C:\Program Files\BitTorrent\images\flags\DK.png
C:\Program Files\BitTorrent\images\flags\ES.png
C:\Program Files\BitTorrent\images\flags\EU.png
C:\Program Files\BitTorrent\images\flags\FI.png
C:\Program Files\BitTorrent\images\flags\FR.png
C:\Program Files\BitTorrent\images\flags\GB.png
C:\Program Files\BitTorrent\images\flags\GR.png
C:\Program Files\BitTorrent\images\flags\GT.png
C:\Program Files\BitTorrent\images\flags\HK.png
C:\Program Files\BitTorrent\images\flags\HU.png
C:\Program Files\BitTorrent\images\flags\IT.png
C:\Program Files\BitTorrent\images\flags\JP.png
C:\Program Files\BitTorrent\images\flags\KR.png
C:\Program Files\BitTorrent\images\flags\KW.png
C:\Program Files\BitTorrent\images\flags\LT.png
C:\Program Files\BitTorrent\images\flags\LV.png
C:\Program Files\BitTorrent\images\flags\MX.png
C:\Program Files\BitTorrent\images\flags\NA.png
C:\Program Files\BitTorrent\images\flags\NL.png
C:\Program Files\BitTorrent\images\flags\NO.png
C:\Program Files\BitTorrent\images\flags\noimage.png
C:\Program Files\BitTorrent\images\flags\PR.png
C:\Program Files\BitTorrent\images\flags\PT.png
C:\Program Files\BitTorrent\images\flags\RU.png
C:\Program Files\BitTorrent\images\flags\SE.png
C:\Program Files\BitTorrent\images\flags\SG.png
C:\Program Files\BitTorrent\images\flags\SI.png
C:\Program Files\BitTorrent\images\flags\TW.png
C:\Program Files\BitTorrent\images\flags\unknown.png
C:\Program Files\BitTorrent\images\flags\US.png
C:\Program Files\BitTorrent\images\flags\YU.png
C:\Program Files\BitTorrent\images\flags\ZA.png
C:\Program Files\BitTorrent\images\logo\banner.png
C:\Program Files\BitTorrent\images\logo\bittorrent_icon_16.png
C:\Program Files\BitTorrent\images\themes\default\add_16.png
C:\Program Files\BitTorrent\images\themes\default\add_24.png
C:\Program Files\BitTorrent\images\themes\default\add_32.png
C:\Program Files\BitTorrent\images\themes\default\fileops\first_16.png
C:\Program Files\BitTorrent\images\themes\default\fileops\first_24.png
C:\Program Files\BitTorrent\images\themes\default\fileops\first_32.png
C:\Program Files\BitTorrent\images\themes\default\fileops\never_16.png
C:\Program Files\BitTorrent\images\themes\default\fileops\never_24.png
C:\Program Files\BitTorrent\images\themes\default\fileops\never_32.png
C:\Program Files\BitTorrent\images\themes\default\fileops\normal_16.png
C:\Program Files\BitTorrent\images\themes\default\fileops\normal_24.png
C:\Program Files\BitTorrent\images\themes\default\fileops\normal_32.png
C:\Program Files\BitTorrent\images\themes\default\progressbar.png
C:\Program Files\BitTorrent\images\themes\default\search_16.png
C:\Program Files\BitTorrent\images\themes\default\search_24.png
C:\Program Files\BitTorrent\images\themes\default\search_32.png
C:\Program Files\BitTorrent\images\themes\default\settings_16.png
C:\Program Files\BitTorrent\images\themes\default\settings_24.png
C:\Program Files\BitTorrent\images\themes\default\settings_32.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\info_16.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\info_24.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\info_32.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\launch_16.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\launch_24.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\launch_32.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\remove_16.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\remove_24.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\remove_32.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\resume_16.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\resume_24.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\resume_32.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\stop_16.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\stop_24.png
C:\Program Files\BitTorrent\images\themes\default\torrentops\stop_32.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\complete.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\created.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\downloading.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\error.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\finishing.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\force-seed.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\paused.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\seeding.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\starting.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\stopped.png
C:\Program Files\BitTorrent\images\themes\default\torrentstate\unknown.png
C:\Program Files\BitTorrent\libeay32.dll
C:\Program Files\BitTorrent\library.zip
C:\Program Files\BitTorrent\LICENSE.txt
C:\Program Files\BitTorrent\maketorrent.exe
C:\Program Files\BitTorrent\maketorrent.exe.manifest
C:\Program Files\BitTorrent\mfc71.dll
C:\Program Files\BitTorrent\MSVCR71.dll
C:\Program Files\BitTorrent\plugin.inf
C:\Program Files\BitTorrent\public.key
C:\Program Files\BitTorrent\pyexpat.pyd
C:\Program Files\BitTorrent\python24.dll
C:\Program Files\BitTorrent\pythoncom24.dll
C:\Program Files\BitTorrent\pywintypes24.dll
C:\Program Files\BitTorrent\rand.pyd
C:\Program Files\BitTorrent\README.txt
C:\Program Files\BitTorrent\select.pyd
C:\Program Files\BitTorrent\share\locale\af\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\af\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\bg\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\bg\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\bg\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\ca\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\ca\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\ca\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\cs\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\cs\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\cs\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\da\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\da\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\da\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\de\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\de\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\de\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\el\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\el\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\el\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\es\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\es\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\es\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\fr\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\fr\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\fr\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\he\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\he\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\he\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\hu\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\hu\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\hu\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\is\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\is\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\is\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\it\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\it\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\it\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\ja\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\ja\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\ja\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\ko\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\ko\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\ko\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\nl\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\nl\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\nl\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\pl\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\pl\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\pl\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\pt\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\pt\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\pt\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\pt_BR\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\pt_BR\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\pt_BR\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\ro\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\ro\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\ro\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\ru\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\ru\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\ru\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\sk\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\sk\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\sk\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\sl\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\sl\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\sl\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\sv\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\sv\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\sv\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\tr\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\tr\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\tr\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\vi\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\vi\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\vi\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\zh_CN\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\zh_CN\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\zh_CN\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\locale\zh_TW\LC_MESSAGES\glib20.mo
C:\Program Files\BitTorrent\share\locale\zh_TW\LC_MESSAGES\gtk20-properties.mo
C:\Program Files\BitTorrent\share\locale\zh_TW\LC_MESSAGES\gtk20.mo
C:\Program Files\BitTorrent\share\themes\MS-Windows\gtk-2.0\gtkrc
C:\Program Files\BitTorrent\shell.pyd
C:\Program Files\BitTorrent\SSL.pyd
C:\Program Files\BitTorrent\ssleay32.dll
C:\Program Files\BitTorrent\TRACKERLESS.txt
C:\Program Files\BitTorrent\unicodedata.pyd
C:\Program Files\BitTorrent\unicows.dll
C:\Program Files\BitTorrent\uninstall.exe
C:\Program Files\BitTorrent\w9xpopen.exe
C:\Program Files\BitTorrent\win32api.pyd
C:\Program Files\BitTorrent\win32event.pyd
C:\Program Files\BitTorrent\win32file.pyd
C:\Program Files\BitTorrent\win32gui.pyd
C:\Program Files\BitTorrent\win32pipe.pyd
C:\Program Files\BitTorrent\win32process.pyd
C:\Program Files\BitTorrent\win32security.pyd
C:\Program Files\BitTorrent\win32ui.pyd
C:\Program Files\BitTorrent\wxmsw26uh_gizmos_vc.dll
C:\Program Files\BitTorrent\wxmsw26uh_stc_vc.dll
C:\Program Files\BitTorrent\wxmsw26uh_vc.dll
C:\Program Files\BitTorrent\zlib.pyd
C:\WINDOWS\system32\rrbrbyqt.ini
C:\WINDOWS\system32\rrbrbyqt.tmp
C:\Program Files\scurit~1\?vchost.exe . . . . failed to delete
lilwing98
2008-09-09, 19:06
((((((((((((((((((((((((( Files Created from 2008-08-09 to 2008-09-09 )))))))))))))))))))))))))))))))
.
2008-09-01 21:51 . 2008-09-01 21:51 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-01 15:36 . 2008-09-01 15:37 <DIR> d-------- C:\Train
2008-09-01 15:05 . 2008-09-01 15:05 <DIR> d-------- C:\Flobots
2008-08-31 22:17 . 2008-08-31 22:17 0 --a------ C:\WINDOWS\VPC32.INI
2008-08-28 17:58 . 2008-08-28 17:58 <DIR> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-08-28 01:08 . 2008-08-28 01:08 111,108 --a------ C:\WINDOWS\system32\msxml71.dll
2008-08-19 04:45 . 2008-08-19 04:45 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-13 12:04 . 2008-08-13 12:05 <DIR> d-------- C:\Program Files\iTunes
2008-08-13 12:04 . 2008-08-13 12:04 <DIR> d-------- C:\Program Files\iPod
2008-08-13 12:01 . 2008-08-13 12:02 <DIR> d-------- C:\Program Files\QuickTime Alternative
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-06 04:10 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-09-01 19:33 --------- d-----w C:\Program Files\MagicISO
2008-09-01 19:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-09-01 18:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-01 18:59 --------- d-----w C:\Program Files\3GP Player
2008-08-31 21:23 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-29 21:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-29 16:22 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-28 12:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-28 12:48 --------- d-----w C:\Program Files\Lavasoft
2008-08-28 12:48 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-18 01:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-08-13 16:07 --------- d-----w C:\Program Files\Apple Software Update
2008-08-13 15:49 --------- d-----w C:\Program Files\Safari
2008-08-08 21:19 --------- d-----w C:\Documents and Settings\Eric\Application Data\Image Zone Express
2008-08-01 19:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\FunGames
2008-07-28 16:27 --------- d-----w C:\Program Files\Antares Audio Technologies
2008-07-28 01:24 --------- d-----w C:\Program Files\DivX
2008-07-16 14:38 --------- d-----w C:\Program Files\Xilisoft
2008-07-13 14:11 --------- d-----w C:\Documents and Settings\Eric\Application Data\Snapfish
2008-02-05 01:39 92,064 ----a-w C:\Documents and Settings\Eric\mqdmmdm.sys
2008-02-05 01:39 9,232 ----a-w C:\Documents and Settings\Eric\mqdmmdfl.sys
2008-02-05 01:39 79,328 ----a-w C:\Documents and Settings\Eric\mqdmserd.sys
2008-02-05 01:39 66,656 ----a-w C:\Documents and Settings\Eric\mqdmbus.sys
2008-02-05 01:39 6,208 ----a-w C:\Documents and Settings\Eric\mqdmcmnt.sys
2008-02-05 01:39 5,936 ----a-w C:\Documents and Settings\Eric\mqdmwhnt.sys
2008-02-05 01:39 4,048 ----a-w C:\Documents and Settings\Eric\mqdmcr.sys
2008-02-05 01:39 25,600 ----a-w C:\Documents and Settings\Eric\usbsermptxp.sys
2008-02-05 01:39 22,768 ----a-w C:\Documents and Settings\Eric\usbsermpt.sys
2007-03-17 03:04 75,776 -c-ha-w C:\Documents and Settings\Eric\Application Data\ZZipUtilitiesV02.dll
2007-03-17 03:04 65,536 -c-ha-w C:\Documents and Settings\Eric\Application Data\WindowsSecurity.dll
2007-03-17 03:04 53,248 -c-ha-w C:\Documents and Settings\Eric\Application Data\Notification.dll
2007-03-17 03:04 38,912 -c-ha-w C:\Documents and Settings\Eric\Application Data\RBShell550.dll
2007-03-17 03:04 29,184 -c-ha-w C:\Documents and Settings\Eric\Application Data\RBInternetEncodings550.dll
2006-01-14 03:26 62,808 -c--a-w C:\Documents and Settings\Eric\Application Data\GDIPFONTCACHEV1.DAT
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\Flobots ----
2008-08-28 22:04 8090808 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_07_Never Had It_2007.mp3
2008-08-28 08:10 4941311 --a------ C:\Flobots\Platypus\Flobots - Platypus - 4 - Handlebars.mp3
2008-08-27 21:47 5504925 --a------ C:\Flobots\Platypus\Flobots - Platypus - 2 - Jet Pack.mp3
2008-08-27 21:47 5477967 --a------ C:\Flobots\Platypus\Flobots - Platypus - 3 - One Love.mp3
2008-08-27 21:47 5194590 --a------ C:\Flobots\Platypus\Flobots - Platypus - 5 - The Moon.mp3
2008-08-27 21:47 4052927 --a------ C:\Flobots\Platypus\Flobots - Platypus - 6 - No W.mp3
2008-08-27 21:47 2985290 --a------ C:\Flobots\Platypus\Flobots - Platypus - 7 - Something Grown Together.mp3
2008-08-27 21:37 969648 --a------ C:\Flobots\Platypus\Flobots - Platypus - 1 - Prelude.mp3
2008-08-27 21:37 17938 --ah----- C:\Flobots\Folder.jpg
2008-08-27 21:27 41933 --ah----- C:\Flobots\AlbumArt_{3271262E-BAFB-46BF-B24A-2E4AA3465560}_Large.jpg
2008-08-27 21:26 17938 --a------ C:\Flobots\Platypus\Platypus cover.jpg
2008-08-27 21:23 7090883 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_05_Fight With Tools_2007.mp3
2008-08-27 21:23 6848943 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_02_Mayday!!!_2007.mp3
2008-08-27 21:23 6348599 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_12_Rise_2007.mp3
2008-08-27 21:23 6204171 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_04_Stand Up_2007.mp3
2008-08-27 21:23 5954393 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_10_Anne Braden_2007.mp3
2008-08-27 21:23 5120915 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_06_Handlebars_2007.mp3
2008-08-27 21:23 4916292 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_11_We Are Winning_2007.mp3
2008-08-27 21:23 4760831 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_03_Same Thing_2007.mp3
2008-08-27 21:23 3174725 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_08_Combat_2007.mp3
2008-08-27 21:23 1903971 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_01_There's A War Going On For Your Mind_2007.mp3
2008-08-22 00:32 5948902 --a------ C:\Flobots\Fight With Tools\Flobots_Fight With Tools_09_The Rhythm Method (Move!)_2007.mp3
2008-08-22 00:31 64175 --ah----- C:\Flobots\Fight With Tools\Folder.jpg
2008-08-22 00:31 64175 --ah----- C:\Flobots\Fight With Tools\AlbumArt_{388F3836-2344-445E-B576-4EDB22206ECF}_Large.jpg
2008-08-22 00:30 629 --a------ C:\Flobots\Fight With Tools\Flobots - Fight With Tools.m3u
---- Directory of C:\Train ----
2008-06-03 15:39 7447390 --a------ C:\Train\For Me It's You\Train - 09 - Explanation.mp3
2008-06-03 15:39 6749491 --a------ C:\Train\For Me It's You\Train - 13 - For Me, It's You.mp3
2008-06-03 15:39 6483644 --a------ C:\Train\For Me It's You\Train - 05 - Am I Reaching You Now.mp3
2008-06-03 15:39 6383732 --a------ C:\Train\For Me It's You\Train - 02 - Get Out.mp3
2008-06-03 15:39 6359525 --a------ C:\Train\For Me It's You\Train - 01 - All I Ever Wanted.mp3
2008-06-03 15:39 6040845 --a------ C:\Train\For Me It's You\Train - 11 - I'm Not Waiting In Line.mp3
2008-06-03 15:39 6009955 --a------ C:\Train\For Me It's You\Train - 07 - All I Hear.mp3
2008-06-03 15:39 5998486 --a------ C:\Train\For Me It's You\Train - 12 - Skyscraper.mp3
2008-06-03 15:39 5911118 --a------ C:\Train\For Me It's You\Train - 08 - Shelter Me.mp3
2008-06-03 15:39 5783287 --a------ C:\Train\For Me It's You\Train - 04 - Give Myself To You.mp3
2008-06-03 15:39 5719737 --a------ C:\Train\For Me It's You\Train - 06 - If I Can't Change Your Mind.mp3
2008-06-03 15:39 5578443 --a------ C:\Train\For Me It's You\Train - 10 - Always Remember.mp3
2008-06-03 15:39 5448191 --a------ C:\Train\For Me It's You\Train - 03 - Cab.mp3
2008-06-03 15:36 9832448 --a------ C:\Train\Drops Of Jupiter\11 - Train - Mississippi.mp3
2008-06-03 15:36 9613312 --a------ C:\Train\Drops Of Jupiter\07 - Train - Let It Roll.mp3
2008-06-03 15:36 9029669 --a------ C:\Train\Train\12 - Train.mp3
2008-06-03 15:36 8755200 --a------ C:\Train\Drops Of Jupiter\08 - Train - Something More.mp3
2008-06-03 15:36 8679424 --a------ C:\Train\Drops Of Jupiter\05 - Train - Hopeless.mp3
2008-06-03 15:36 8554496 --a------ C:\Train\Drops Of Jupiter\04 - Train - It's About You.mp3
2008-06-03 15:36 8540160 --a------ C:\Train\Drops Of Jupiter\09 - Train - Whipping Boy.mp3
2008-06-03 15:36 8517632 --a------ C:\Train\Drops Of Jupiter\10 - Train - Getaway.mp3
2008-06-03 15:36 8501248 --a------ C:\Train\Drops Of Jupiter\02 - Train - I Wish You Would.mp3
2008-06-03 15:36 8339456 --a------ C:\Train\Drops Of Jupiter\03 - Train - Drops Of Jupiter.mp3
2008-06-03 15:36 8241640 --a------ C:\Train\Train\08 - Idaho.mp3
2008-06-03 15:36 7607374 --a------ C:\Train\Train\09 - Days.mp3
2008-06-03 15:36 7409564 --a------ C:\Train\Train\06 - Blind.mp3
2008-06-03 15:36 7348224 --a------ C:\Train\Drops Of Jupiter\01 - Train - She's On Fire.mp3
2008-06-03 15:36 7108192 --a------ C:\Train\Train\10 - Rat.mp3
2008-06-03 15:36 7023708 --a------ C:\Train\Train\04 - Homesick.mp3
2008-06-03 15:36 6978651 --a------ C:\Train\Train\02 - I Am.mp3
2008-06-03 15:36 6708209 --a------ C:\Train\Train\05 - Free.mp3
2008-06-03 15:36 6586368 --a------ C:\Train\Drops Of Jupiter\06 - Train - Respect.mp3
2008-06-03 15:36 6198017 --a------ C:\Train\Train\01 - Meet Virginia.mp3
2008-06-03 15:36 5919923 --a------ C:\Train\Train\13 - Heavy.mp3
2008-06-03 15:36 5850597 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 01 - Calling All Angels.mp3
2008-06-03 15:36 5619249 --a------ C:\Train\Train\11 - Swaying.mp3
2008-06-03 15:36 5568233 --a------ C:\Train\Train\03 - If You Leave.mp3
2008-06-03 15:36 5244417 --a------ C:\Train\Train\07 - Eggplant.mp3
2008-06-03 15:36 4269879 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 09 - Your Every Color.mp3
2008-06-03 15:36 4137275 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 07 - Counting Airplanes.mp3
2008-06-03 15:36 3924193 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 11 - I'm About to Come Alive.mp3
2008-06-03 15:36 3907929 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 03 - When I Look to the Sky.mp3
2008-06-03 15:36 3902495 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 06 - Get to Me.mp3
2008-06-03 15:36 3894992 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 04 - Save the Day.mp3
2008-06-03 15:36 3599341 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 08 - Following Rita.mp3
2008-06-03 15:36 3477577 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 10 - Lincoln Avenue.mp3
2008-06-03 15:36 3204862 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 05 - My Private Nation.mp3
2008-06-03 15:36 3170251 --a------ C:\Train\My Private Nation\Train - 2003-My Private Nation - 02 - All American Girl.mp3
2008-06-03 15:34 27058 --ah----- C:\Train\My Private Nation\AlbumArt_{6D6CADC3-66B1-4537-81DB-A042956545E3}_Large.jpg
2008-06-03 15:33 27647 --ah----- C:\Train\For Me It's You\AlbumArt_{4E893A0A-C7C0-48DA-84DA-C936AED71FEA}_Large.jpg
2008-06-03 15:31 27453 --ah----- C:\Train\Train\AlbumArt_{7B936CCD-6E8A-478A-B967-CC1313951CE5}_Large.jpg
2008-06-03 15:03 25910 --ah----- C:\Train\Drops Of Jupiter\AlbumArt_{CC0EA966-6E07-4D41-AE53-F855DB8E46BB}_Large.jpg
2008-06-03 13:58 25951 --ah----- C:\Train\Drops Of Jupiter\Folder.jpg
2008-04-23 09:01 27453 --ah----- C:\Train\Train\ZuneAlbumArt.jpg
2008-04-23 09:01 27453 --ah----- C:\Train\Train\Folder.jpg
2008-04-21 21:51 36898 --ah----- C:\Train\For Me It's You\Folder.jpg
2008-04-21 21:51 27647 --ah----- C:\Train\For Me It's You\ZuneAlbumArt.jpg
2008-04-21 21:51 27058 --ah----- C:\Train\My Private Nation\ZuneAlbumArt.jpg
2008-04-21 21:51 27058 --ah----- C:\Train\My Private Nation\Folder.jpg
((((((((((((((((((((((((((((( snapshot@2008-09-06_ 0.42.47.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2002-12-05 16:01:00 5,120 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\ALut.dll
+ 2002-12-05 16:01:00 4,096 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvack.dll
+ 2002-12-05 16:01:00 241,664 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvapu.sys
+ 2002-12-05 16:01:00 62,336 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvarm.sys
+ 2002-12-05 16:01:00 30,720 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvasio.dll
+ 2002-12-05 16:01:00 13,056 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvax.sys
+ 2002-12-05 16:01:00 13,440 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvax9x.sys
+ 2002-12-05 16:01:00 820,864 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvmcp.sys
+ 2002-12-05 16:01:00 10,240 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvmpu401.sys
+ 2002-12-05 16:01:00 44,032 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\nvopenal.dll
+ 2002-12-05 16:01:00 44,032 ----a-w C:\WINDOWS\setupupd\dudrvs\4585022\OpenAL32.dll
+ 2001-07-14 21:32:24 69,632 ----a-w C:\WINDOWS\setupupd\temp\wsdueng.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VPTray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2005-06-23 85696]
"ATIptaxx"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-14 344064]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 81920]
"CTStartup"="C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-20 28672]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 196608]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" [2008-04-29 158624]
"QuickTime Task"="C:\Program Files\QuickTime Alternative\QTTask.exe" [2008-05-27 413696]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 C:\WINDOWS\LOGI_MWX.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"!2D826D3371EDCBD4E9D7A9B46494FE"="C:\Documents and Settings\Eric\My Documents\My Downloads\Harmony_Engine_VST_PC_v1.00.exe" [2008-06-25 9722660]
C:\Documents and Settings\Eric\Start Menu\Programs\Startup\
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe [2006-04-05 1802240]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"VIDC.NSVI"= nsvideo.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^palstart.exe]
backup=C:\WINDOWS\pss\palstart.exeCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
--a------ 2006-08-01 15:35 67112 C:\Program Files\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2008-01-03 12:15 50528 C:\Program Files\AIM6\aim6.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-07-22 20:42 116040 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2005-06-02 10:21 48752 C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime Alternative\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 18:41 1832272 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
--a------ 2008-02-01 11:51 1885464 C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TUWinStylerThemeSvc"=3 (0x3)
"Themes"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"WZCSVC"=2 (0x2)
"wscsvc"=2 (0x2)
"SQLAgent$SONY_MEDIAMGR"=3 (0x3)
"MSSQL$SONY_MEDIAMGR"=3 (0x3)
"iPodService"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"ERSvc"=2 (0x2)
"Creative Service for CDROM Access"=2 (0x2)
"GhostStartService"=3 (0x3)
"Diskeeper"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"WMDM PMSP Service"=3 (0x3)
"ose"=3 (0x3)
"iPod Service"=3 (0x3)
"UxTuneUp"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
"HPHmon06"=C:\WINDOWS\system32\hphmon06.exe
"HPHUPD06"=c:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\hphupd06.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\Gnucleus\\Gnucleus.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R0 Achernar;Achernar - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Achernar.sys [2005-09-23 16855]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-04-29 40704]
R2 ZuneBusEnum;Zune Bus Enumerator;C:\WINDOWS\system32\ZuneBusEnum.exe [2008-04-29 61856]
R3 Aldebaran;Aldebaran - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Aldebaran.sys [2005-09-23 21808]
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-10-23 33792]
S0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [ ]
S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 16512]
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-05-07 42112]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;C:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-04-29 245664]
S4 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-BitTorrent - C:\Program Files\BitTorrent\bittorrent.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 10:37:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4???6????&2???A~??A~6???????\???\???????????U?A~??A~\???\??????? Ia??????C@?\???\??????s6???\??????s\????&2?A??s?&2??C@?x???`|?w\?????@
scanning hidden files ...
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
.
**************************************************************************
.
Completion time: 2008-09-09 10:52:56 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-09 14:51:51
ComboFix2.txt 2008-09-06 13:56:25
ComboFix3.txt 2008-09-06 04:44:39
Pre-Run: 2,014,822,400 bytes free
Post-Run: 2,005,221,376 bytes free
964 --- E O F --- 2008-08-17 14:49:13
lilwing98
2008-09-09, 19:07
Ad-Aware
Adobe Acrobat 5.0
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Audition 2.0
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player Plugin
Adobe Help Center 2.0
Adobe Reader 8.1.2
Adobe Stock Photos 1.0
Adobe Stock Photos 1.0
Adobe SVG Viewer 3.0
AIM 6
AOL Instant Messenger
Apple Mobile Device Support
Apple Software Update
AsusUpdate
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI HYDRAVISION
Audacity 1.2.6
BitTorrent 5.0.9
Bob the Builder - Bob Builds a Park
ClickFix for Adobe Audition version 3.02 (remove only)
DAEMON Tools
Data Lifeguard
DivX Converter
DivX Player
DivX Web Player
DVD Shrink 3.2
EVEREST Home Edition v2.20
Gnucleus version 2.2.0.0
Harmony Engine VST
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
HP Image Zone 4.7
HP Image Zone Express
HP Software Update
IK Multimedia Amplitube DX/VST/RTAS v2.0
iTunes
J2SE Runtime Environment 5.0 Update 5
LADSPA_plugins-win-0.4.15
Lame ACM MP3 Codec
Learning in Toyland
Lexmark 510 Series
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Logitech MouseWare 9.79
Logitech Resource Center
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Bootvis
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Professional Edition 2003
Microsoft Office Professional Edition 2003
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft USB Flash Drive Manager
Microsoft User-Mode Driver Framework Feature Pack 1.0
mkw Audio Compression Toolkit
Motorola Driver Installation
Motorola Phone Tools
Motorola Software Update
Mozilla Firefox (3.0.1)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Nero Suite
neroxml
NVIDIA Drivers
NVIDIA Windows 2000/XP nForce Drivers
Photosmart 320,370,7400,8100,8400,8700 Series
PowerDVD
Presto! VideoWorks 6
QuickTime
Safari
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Sound Blaster Audigy
SPBBC
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Symantec AntiVirus
Trillian
TuneUp Utilities 2006
Uniblue RegistryBooster 2
Universal Media Player
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Viewpoint Media Player
Winamp
Windows Installer 3.1 (KB893803)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows WMF Metafile Vulnerability HotFix 1.4
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888240
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
WinZip
Yahoo! Widget Engine
Yahoo! Widget Engine
Zune
Zune
Zune Language Pack (ES)
Zune Language Pack (FR)
__RiP_ChAiN_
2008-09-10, 00:17
Hello lilwing98,
Using Add Or Remove Programs remove the following entries (if present): (To get into add Or Remove Programs press the START button > Control Panel > Add Or Remove Programs. )
BitTorrent 5.0.9
J2SE Runtime Environment 5.0 Update 5
Upgrading Java:
Download the latest version of Java Runtime Environment (JRE) 6 Update 7 (http://java.sun.com/javase/downloads/index.jsp).
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
Click on Continue.
Click on the link to download Windows Offline Installation (jre-6u7-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u7-windows-i586-p.exe and select "Run as an Administrator.")
Please run the F-Secure Online Scanner (http://support.f-secure.com/enu/home/ols3.shtml#)
Note: This Scanner is for Internet Explorer Only!
Follow the Instruction Here (http://support.f-secure.com/enu/home/ols3.shtml) for installation.
Accept the License Agreement.
Once the ActiveX installs,Click Full System Scan
Once the download completes,the scan will begin automatically.
The scan will take some time to finish,so please be patient.
When the scan completes, click the Automatic cleaning (recommended) button.
Click the Show Report button and Copy&Paste the entire report in your next reply.
lilwing98
2008-09-11, 13:28
Scanning Report
Wednesday, September 10, 2008 20:52:06 - 07:25:24
Computer name: LOST_FRIDAY
Scanning type: Scan system for malware, rootkits
Target: C:\ D:\
Result: 7 malware found
AdWare.Win32.PurityScan (spyware)
* System
TrackingCookie.2o7 (spyware)
* System
TrackingCookie.Atdmt (spyware)
* System
TrackingCookie.Atwola (spyware)
* System
TrackingCookie.Revsci (spyware)
* System
Trojan.Win32.FraudPack (virus)
* System
Trojan.Win32.FraudPack.gen (virus)
* C:\WINDOWS\SYSTEM32\MSXML71.DLL
Statistics
Scanned:
* Files: 68063
* System: 4733
* Not scanned: 10
Actions:
* Disinfected: 0
* Renamed: 0
* Deleted: 0
* None: 7
* Submitted: 0
Files not scanned:
* C:\HIBERFIL.SYS
* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
* C:\WINDOWS\SYSTEM32\DRIVERS\SPTD2477.SYS
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\WINDOWS\SYSTEM32\CONFIG\SAM
* C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
* C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
* C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\TEMP\ETILQS_BVEMCOP75LF5EAWYLYCN
Options
Scanning engines:
* F-Secure USS: 2.30.0
* F-Secure Hydra: 2.8.8110, 2008-09-11
* F-Secure AVP: 7.0.171, 2008-09-11
* F-Secure Pegasus: 1.20.0, 2008-04-14
* F-Secure Blacklight: 1.0.68
Scanning options:
* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
* Use Advanced heuristics
__RiP_ChAiN_
2008-09-11, 17:37
Hello lilwing98,
Please post back with a new HijackThis log, and an update on how your computer is running.
lilwing98
2008-09-12, 00:27
My computer seems to be running great!
Here is the requeested HiJack This Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:25:19 PM, on 9/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Zune\zune.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [VPTray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ATIptaxx] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [!2D826D3371EDCBD4E9D7A9B46494FE] "C:\Documents and Settings\Eric\My Documents\My Downloads\Harmony_Engine_VST_PC_v1.00.exe" /% and Settings\Eric\My Documents\My Downloads\Auto-Tune_5_VST_PC_v5.09.exe" /% and Settings\Eric\My Documents\My Downloads\Auto-Tune_5_VST_PC_v5.09.exe" /% /@ "!2D826D3371EDCBD4E9D7A9B46494FE"
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} (Brickout Control) - http://www.worldwinner.com/games/v48/brickout/brickout.cab
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} (SolitaireRush Control) - http://www.worldwinner.com/games/v47/solitairerush/solitairerush.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinner.com/games/v49/luxor/luxor.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 8097 bytes
__RiP_ChAiN_
2008-09-13, 09:57
Hello lilwing98,
Time for some housekeeping
Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
http://i189.photobucket.com/albums/z176/EPL47/CF_Cleanup.png
When shown the disclaimer, Select "2"
Below I have included a number of recommendations for how to protect your computer against malware infections.
* Keep Windows updated by regularly checking their website at :
http://windowsupdate.microsoft.com/
This will ensure your computer has always the latest security updates available installed on your computer.
* To reduce re-infection for malware in the future, I strongly recommend installing these free programs:
SpywareBlaster (http://www.javacoolsoftware.com/sbdownload.html) protects against bad ActiveX
IE-SPYAD (http://www.spywarewarrior.com/uiuc/res/ie-spyad.exe) puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all
Have a look at this tutorial for IE-Spyad here (http://www.bleepingcomputer.com/tutorials/tutorial53.html)
* SpywareGuard (http://www.javacoolsoftware.com/sgdownload.html) offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program or there will be a conflict.
Make Internet Explorer more secure
Click Start > Run
Type Inetcpl.cpl & click OK
Click on the Security tab
Click Reset all zones to default level
Make sure the Internet Zone is selected & Click Custom level
In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
Next Click OK, then Apply button and then OK to exit the Internet Properties page.
* MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
* Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
Here (http://www.mozilla.org/products/firefox/)
* Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'
Here (http://forums.spywareinfo.com/index.php?showtopic=60955)
Thank you for your patience, and performing all of the procedures requested.
lilwing98
2008-09-15, 23:11
Thanks so very much!!!
__RiP_ChAiN_
2008-09-16, 01:52
Your very welcome :)
__RiP_ChAiN_
2008-09-22, 16:46
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than five days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.