View Full Version : PUPSC - MyWay.WebSearch removal?
sigerness
2008-10-15, 22:26
My computer has recently been invaded by about 6 trojon virus' and have seemed to leave me with a PUPSC - MyWay.WebSearch which seems to have changed a registry key in HKEY User's... Was wondering if anyone knows how to get rid of it because SPYBOT keeps saying it can't because it's being used - yet no matter how many times it starts on reboot it still can't get rid of it?
Also I can't load up safe mode - it just comes up with screen with file names and doesn't boot.
Thanks
Sigs
Hi
Download and install TrendMicro HijackThis (http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe)
* Once installed open HijackThis by clicking Start > Programs > HijackThis and click the button labeled
Do a system scan only
* Click the scan button in the lower left hand corner of the interface and HijackThis will quickly scan your system.
* Once the scan is complete the scan button will now read save log. Click this button to save the log file to your PC. Once you select where you would like to save the file it will open in your systems default text editor. Typically this application is Notepad. Post the log here.
sigerness
2008-10-17, 23:17
okay:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14:58, on 17/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\TWAIN_32\930Cam\SnapTrap.EXE
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ICO.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QuickTalk 2.1 - {A34FA88D-8437-4634-8A60-E913011EF2E5} - C:\DOCUME~1\SAMANT~1\APPLIC~1\sp2\qaccess.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SnapTrap] C:\WINDOWS\TWAIN_32\930Cam\SnapTrap.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [\YUR3A.exe] C:\Windows\system32\YUR3A.exe
O4 - HKLM\..\Run: [\YUR3B.exe] C:\Windows\system32\YUR3B.exe
O4 - HKLM\..\Run: [\YUR3C.exe] C:\Windows\system32\YUR3C.exe
O4 - HKLM\..\Run: [\YUR3D.exe] C:\Windows\system32\YUR3D.exe
O4 - HKLM\..\Run: [inrhcpurj0eg59] C:\Documents and Settings\Samantha South\Local Settings\Temp\.tt30.tmp.exe /CR=3BA05DB154E618CBD17FDED283BEBE98B7500E24619B5C59910843113D27B00E786C3B2C41A074D79BBE7BDCCB2214D372A0B99AE315B97A0AD892D07F0FDB48AEB17053DB56AF30DA71CA901BAC1E25911068AFAA6DD5
O4 - HKLM\..\Run: [\YUR1A.exe] C:\Windows\system32\YUR1A.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [\YUR5C.exe] C:\Windows\system32\YUR5C.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [] C:\Documents and Settings\Samantha South\Application Data\Adobe\Player.exe
O4 - HKCU\..\Run: [\YUR3A.exe] C:\Windows\system32\YUR3A.exe
O4 - HKCU\..\Run: [\YUR3B.exe] C:\Windows\system32\YUR3B.exe
O4 - HKCU\..\Run: [\YUR3C.exe] C:\Windows\system32\YUR3C.exe
O4 - HKCU\..\Run: [\YUR3D.exe] C:\Windows\system32\YUR3D.exe
O4 - HKCU\..\Run: [\YUR1A.exe] C:\Windows\system32\YUR1A.exe
O4 - HKCU\..\Run: [\YUR5C.exe] C:\Windows\system32\YUR5C.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/ocis/OSInfo.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/ocis/SiSAutodetectNT.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0.0.68.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.94.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 12973 bytes
Hi again
Please visit this webpage for download links, and instructions for running ComboFix tool:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Please ensure you read this guide carefully and install the right Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Once installed, you should see a blue screen prompt that says:
The Recovery Console was successfully installed.
Please continue as follows:
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.
Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.
Please include the following reports for further review, and so we may continue cleansing the system:
C:\ComboFix.txt
New HijackThis log.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
sigerness
2008-10-22, 13:59
Sorry it's taken so long to get back to you - the new log is:
ComboFix 08-10-21.03 - Samantha South 2008-10-22 11:45:19.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.145 [GMT 1:00]
Running from: C:\Documents and Settings\Samantha South\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\Samantha South\Application Data\Adobe\Player.exe.bak
C:\Documents and Settings\Samantha South\Start Menu\Programs\Startup\Rapid Antivirus.lnk
C:\Program Files\internet explorer\msimg32.dll
C:\Program Files\Rapid Antivirus
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\cup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\customer_cup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\heart.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_down.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_up.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\plates.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\ticket.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\tray.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_diner.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\choosedifficulty.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\credits.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_lose.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_win.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help1.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help2.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\highscores.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup_mask.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradegrid.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradetitle.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upsell.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalk.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalkup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancel.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancelup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\close.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\closeup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continueover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_blue.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_yellow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplay.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplayover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfoup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off_on.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on_on.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pause.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pauseover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quit.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgame.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgameover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegame.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegameover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submit.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submitup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagain.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagainover.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_over.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_up.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobal.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobalup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscore.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscoreon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocal.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocalup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\comics\webcomic.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\career.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\customer.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\endless.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\global.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\powerups.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\stove.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\arrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click2.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\grab.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\open.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\sit_legs.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\arial.mvec
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\komikaaxis.mvec
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt2top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt4top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_off.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on1.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on2.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdown.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdownon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowleft.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowlefton.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowright.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowrighton.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowupon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\p1icon.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\textedit.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\title.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_a.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_b.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_c.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_a.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_b.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_c.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_d.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_a.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_b.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_c.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_d.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fifth_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\first_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fourth_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\second_level_diner.txt
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\playfirst_logo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\background.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\frames\upgrade_0001.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\upgrades.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\tableshadow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\choosedifficulty.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooseplayer.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooserestaurant.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\credits.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\game.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\gothighscore.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help2.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscore.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelintro.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelover.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\loading.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainloop.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainmenu.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\ok.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\pause.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\style.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\tutorialintro.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upgrade.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upsell.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\webcomic.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\yesno.lua
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\aol_logo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\gamelabsplash.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\playfirst_logo.jpg
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\strings.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\check.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\checkmark.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\clock.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closed.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closingtime.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\dollar.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\coffee.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\tables.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\wallpaper.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expert.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expertscore.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\fork_timer.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\goalcompleted.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level_career.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\score.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\sound.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staroff.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staron.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumber.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumberup.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\traynumber.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorial_character.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialarrow.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialbox.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.xml
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\drinks.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\maitred.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\oven.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\select.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\shoes.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\stereo.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\table.png
C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\dinerdash.exe
C:\WINDOWS\IE4 Error Log.txt
C:\WINDOWS\system32\drivers\avgrkx86.sys
C:\WINDOWS\system32\f3PSSavr.scr
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AVGRKX86
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_avgrkx86
-------\Service_MyWebSearchService
((((((((((((((((((((((((( Files Created from 2008-09-22 to 2008-10-22 )))))))))))))))))))))))))))))))
.
2008-10-17 21:13 . 2008-10-17 21:13 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-14 21:39 . 2008-10-14 21:39 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\Apple Computer
2008-10-13 21:03 . 2008-10-15 18:43 <DIR> d--h----- C:\$AVG8.VAULT$
2008-10-13 20:32 . 2008-10-13 20:32 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-10-13 20:32 . 2008-10-13 20:32 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-10-13 20:31 . 2008-10-22 10:48 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-10-13 20:31 . 2008-10-13 20:31 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-10-13 20:29 . 2008-10-13 20:29 <DIR> d-------- C:\Program Files\AVG
2008-10-13 20:29 . 2008-10-13 20:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-13 20:29 . 2008-10-13 20:29 45,568 --a------ C:\WINDOWS\system32\avgfwdx.dll
2008-10-13 20:29 . 2008-10-13 20:29 23,296 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys
2008-10-13 09:51 . 2008-10-13 09:51 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\5
2008-10-12 21:43 . 2008-10-12 21:43 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\0000005738
2008-10-12 21:39 . 2008-10-14 12:16 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\sp2
2008-10-12 20:46 . 2008-10-12 20:46 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-10-12 20:45 . 2008-10-12 20:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-12 20:40 . 2008-10-12 20:40 <DIR> d-------- C:\Program Files\Apple Software Update
2008-10-12 20:39 . 2008-10-12 20:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-22 10:41 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Skype
2008-10-22 10:35 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-10-22 09:44 --------- d-----w C:\Program Files\LogMeIn
2008-10-14 18:50 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-13 20:41 --------- d-----w C:\Program Files\Common Files\Sandlot Shared
2008-10-12 21:20 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Azureus
2008-10-12 19:49 --------- d-----w C:\Program Files\QuickTime
2008-10-02 09:49 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-01 14:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-10-01 13:59 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Oberon Games
2008-10-01 13:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Oberon Games
2008-10-01 13:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-09-18 19:40 --------- d-----w C:\Program Files\PlayFirst
2008-09-18 19:39 --------- d-----w C:\Program Files\GameHouse
2008-09-18 19:39 --------- d-----w C:\Program Files\Fish Tycoon
2008-09-18 18:44 --------- d-----w C:\Program Files\Beach Party Craze
2008-09-18 18:38 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Home Sweet Home 2
2008-09-18 18:37 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\PlayFirst
2008-09-18 18:02 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\GameHouse
2008-09-14 15:13 --------- d-----w C:\Program Files\bfgclient
2008-09-14 12:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
2008-08-31 07:56 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\BFG_JanesRealty
2008-08-30 19:11 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Realore_DressUpRush
2008-08-22 17:18 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-07-10 08:07 23 ----a-w C:\Documents and Settings\Samantha South\jagex_runescape_preferences.dat
2008-04-06 19:57 0 ----a-w C:\Program Files\temp01
2006-08-19 20:30 3,072 -c--a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
2006-08-19 20:30 245,408 -c--a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
2008-06-07 13:39 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008060720080608\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 20058152]
"MSMSGS"="C:\Program Files\Messenger\Msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]
"SnapTrap"="C:\WINDOWS\TWAIN_32\930Cam\SnapTrap.EXE" [2004-11-05 155648]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-10-05 368640]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-13 1235736]
"SiSPower"="SiSPower.dll" [2006-03-09 C:\WINDOWS\system32\SiSPower.dll]
"Mouse Suite 98 Daemon"="ICO.EXE" [2003-11-20 C:\WINDOWS\system32\ico.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 03:41 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2006-05-03 02:56 36975 C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-2.1.0-enGB-downloader.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-10-13 97928]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-13 875288]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-13 231704]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-10-13 1220888]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-10-13 76040]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-10-13 23296]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-07-03 86792]
R3 SQTECH930B;ORITE USB 2.0 CCD Webcam(PC370R);C:\WINDOWS\system32\Drivers\Capt930b.sys [2005-04-08 294701]
R3 STAC97NA;SigmaTel 3D Environmental Audio;C:\WINDOWS\system32\drivers\stac97na.sys [2002-09-20 296179]
R3 STAC97NH;STAC97NH;C:\WINDOWS\system32\drivers\stac97nh.sys [2002-09-20 231983]
S1 glaide32;glaide32;C:\WINDOWS\system32\drivers\glaide32.sys [ ]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
S3 als4k;Avance Audio Miniport Driver (WDM);C:\WINDOWS\system32\drivers\als4000.sys [2001-10-22 28919]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-10-13 23296]
S3 pelmouse;Mouse Suite Driver;C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2003-01-10 16384]
S3 pelusblf;USB Mouse Low Filter Driver;C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2003-02-11 9216]
S3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys [2002-11-04 814277]
S3 XDva020;XDva020;C:\WINDOWS\system32\XDva020.sys [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5954f1a3-9448-11dc-a598-000f66f1e4e3}]
\Shell\AutoRun\command - H:\InstallTomTomHOME.exe
.
Contents of the 'Scheduled Tasks' folder
2008-10-14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2008-10-22 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-\YUR3A.exe - C:\Windows\system32\YUR3A.exe
HKCU-Run-\YUR3B.exe - C:\Windows\system32\YUR3B.exe
HKCU-Run-\YUR3C.exe - C:\Windows\system32\YUR3C.exe
HKCU-Run-\YUR3D.exe - C:\Windows\system32\YUR3D.exe
HKCU-Run-\YUR1A.exe - C:\Windows\system32\YUR1A.exe
HKCU-Run-\YUR5C.exe - C:\Windows\system32\YUR5C.exe
HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe
HKLM-Run-\YUR3A.exe - C:\Windows\system32\YUR3A.exe
HKLM-Run-\YUR3B.exe - C:\Windows\system32\YUR3B.exe
HKLM-Run-\YUR3C.exe - C:\Windows\system32\YUR3C.exe
HKLM-Run-\YUR3D.exe - C:\Windows\system32\YUR3D.exe
HKLM-Run-inrhcpurj0eg59 - C:\Documents and Settings\Samantha South\Local Settings\Temp\.tt30.tmp.exe
HKLM-Run-\YUR1A.exe - C:\Windows\system32\YUR1A.exe
HKLM-Run-\YUR5C.exe - C:\Windows\system32\YUR5C.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
MSConfigStartUp-Cmaudio - cmicnfg.cpl
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Samantha South\Application Data\Mozilla\Firefox\Profiles\ij7bebrc.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://en-GB.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-22 11:50:54
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-10-22 11:54:09
ComboFix-quarantined-files.txt 2008-10-22 10:53:57
Pre-Run: 23,598,768,128 bytes free
Post-Run: 23,577,485,312 bytes free
525 --- E O F --- 2008-08-22 17:33:44
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
Azureus
LimeWire
I'd like you to read the this thread (http://forums.spybot.info/showthread.php?t=282).
Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).
Delete these folders afterwards (if still found):
C:\Documents and Settings\Samantha South\Application Data\Azureus
C:\Program Files\LimeWire
C:\Program Files\Azureus
Empty Recycle Bin.
After that:
You should decide whether you want to keep AVG or BitDefender. It's not recommended to have multiple antivirus programs in same system. Also, uninstall Ask Toolbar thru add/remove programs if not installed on purpose.
Open notepad and copy/paste the text in the quotebox below into it:
Driver::
glaide32
File::
C:\Program Files\temp01
C:\WINDOWS\system32\drivers\glaide32.sys
Folder::
C:\Documents and Settings\Samantha South\Application Data\Azureus
C:\Program Files\LimeWire
C:\Program Files\Azureus
DirLook::
C:\Documents and Settings\Samantha South\Application Data\5
C:\Documents and Settings\Samantha South\Application Data\0000005738
C:\Documents and Settings\Samantha South\Application Data\sp2
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\LimeWire\\LimeWire.exe"=-
"C:\\Program Files\\Azureus\\Azureus.exe"=-
Save this as
CFScript
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
Refering to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.
Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.
Uninstall old Adobe Reader versions and get the latest one here (http://www.filehippo.com/download_adobe_reader/) or get Foxit Reader here (http://www.foxitsoftware.com/pdf/reader_2/down_reader.htm).
Uninstall old Java versions and get Java 6 Update 7 here (http://javadl.sun.com/webapps/download/AutoDL?BundleId=23111).
Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.
Double-click ATF Cleaner.exe to open it
Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program.
Please run an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/virusscanner) as instructed in the screenshot here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif).
Post back its report, a fresh hjt log and above mentioned ComboFix resultant log.
sigerness
2008-10-27, 21:42
kaspersky's report was:
Monday, October 27, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, October 27, 2008 07:31:42
Records in database: 1350155
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
A:\
C:\
D:\
E:\
Scan statistics
Files scanned 99144
Threat name 4
Infected objects 7
Suspicious objects 0
Duration of the scan 05:04:53
File name Threat name Threats count
msnmsgr.exe\MSIMG32.dll/msnmsgr.exe\MSIMG32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cv 1
C:\Program Files\Windows Live\Messenger\MSIMG32.dll/C:\Program Files\Windows Live\Messenger\MSIMG32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cv 1
C:\Program Files\Windows Live\Messenger\msimg32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cv 1
C:\Program Files\Windows Live\Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cj 1
C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.cv 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.bg 1
E:\My Music\!!!Listened to\Other\RIchard Marx - Children of the night.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
The selected area was scanned.
combofix didn't fit on this message so i'll pop it onto another
sigerness
2008-10-27, 21:49
ComboFix 08-10-24.02 - Samantha South 2008-10-26 9:19:02.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.107 [GMT 0:00]
Running from: C:\Documents and Settings\Samantha South\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Samantha South\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\Program Files\temp01
C:\WINDOWS\system32\drivers\glaide32.sys
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Samantha South\Application Data\Azureus
C:\Documents and Settings\Samantha South\Application Data\Azureus\.certs
C:\Documents and Settings\Samantha South\Application Data\Azureus\.keystore
C:\Documents and Settings\Samantha South\Application Data\Azureus\.lock
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\2BB8A76C58B3681EB6D21EAD34749C6169B4B0A0.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\2BB8A76C58B3681EB6D21EAD34749C6169B4B0A0.dat.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\3E0B119BC304D0766923C04C21819531529EB11A.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\3E0B119BC304D0766923C04C21819531529EB11A.dat.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\79E60DA04B05BE4555A5CB7DA4C79D820B04EEA2.dat.saving
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\C43BC621EC3CDCBA590289E2FED229401978C5FE.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\C43BC621EC3CDCBA590289E2FED229401978C5FE.dat.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\FAAF1EA7AA0270D86F8C9D7542274EFA27498733.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\active\FAAF1EA7AA0270D86F8C9D7542274EFA27498733.dat.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\azureus.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\azureus.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\azureus.statistics
C:\Documents and Settings\Samantha South\Application Data\Azureus\azureus.statistics.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\banips.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\banips.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\dht\addresses.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\dht\contacts.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\dht\diverse.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\dht\general.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\dht\version.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\downloads.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\downloads.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\friends.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\friends.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\ipfilter.cache
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\alerts_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\AutoSpeed_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\AutoSpeedSearchHistory_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\debug_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\debug_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\MetaSearch_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\NetStatus_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_alerts_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_AutoSpeed_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_AutoSpeedSearchHistory_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_debug_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_debug_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_MetaSearch_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_NetStatus_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_seltrace_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_seltrace_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_SpeedMan_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_SpeedMan_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_thread_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_thread_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.ads_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.CMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.MD_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.PMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.PMsgr_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223192123078_v3.Stream_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_alerts_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_AutoSpeed_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_AutoSpeedSearchHistory_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_debug_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_debug_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_MetaSearch_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_NetStatus_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_seltrace_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_seltrace_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_SpeedMan_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_SpeedMan_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_thread_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_thread_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.ads_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.CMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.MD_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.PMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.PMsgr_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223365281140_v3.Stream_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_alerts_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_AutoSpeed_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_AutoSpeedSearchHistory_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_debug_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_debug_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_MetaSearch_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_NetStatus_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_seltrace_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_seltrace_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_SpeedMan_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_SpeedMan_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_thread_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_thread_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.ads_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.CMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.MD_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.PMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.PMsgr_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\save\1223704359281_v3.Stream_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\seltrace_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\seltrace_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\SpeedMan_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\SpeedMan_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\thread_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\thread_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.ads_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.CMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.Friends_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.Friends_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.MD_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.PMsgr_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.PMsgr_2.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\logs\v3.Stream_1.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\metasearch.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\metasearch.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\net\pm_4589.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\net\pm_5089.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.7.4.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.7.4.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.8.4.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.8.4.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.0.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.0.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.10.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.10.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.11.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.11.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.6.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_1.9.6.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_2.0.11.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_2.0.11.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_2.0.14.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_2.0.14.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_2.0.16.jar
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azemp_2.0.16.zip
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azmplay.exe
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\azmplay.exe.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\cp1250-a.raw
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\cp1250-a.raw.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\cp1250-b.raw
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\cp1250-b.raw.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\font.desc
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\font.desc.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\libInfoGetter.dll
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\osd-mplayer-a.raw
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\osd-mplayer-a.raw.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\osd-mplayer-b.raw
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\osd-mplayer-b.raw.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_1.7.4
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_1.8.4
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_1.9.0
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_1.9.10
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_1.9.11
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_1.9.6
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_2.0.11
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_2.0.14
C:\Documents and Settings\Samantha South\Application Data\Azureus\plugins\azemp\plugin.properties_2.0.16
C:\Documents and Settings\Samantha South\Application Data\Azureus\tables.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\tables.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\timingstats.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27322.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27323.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27324.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27325.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27326.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27327.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27328.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27329.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\tmp\AZU27330.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] 213-www.torrent.to...CarrieUnderwood-SomeHearts.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter- Season 02- Episode 02.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter S02E01 HDTV XviD-XOR [smaragdtorrent.to].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter Season 1.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter.S02E02.HDTV.XviD-LOL.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter.S02E07.HDTV.XviD-NoTV.1293994.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter.S02E09.HDTV.XviD-NoTV.3909997.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter.S02E10.VOSTFR-PM4.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter.S02E11.VOSTFR-PM4.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter.S02E12.HDTV.REPACK.XviD-0TV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter_-_2x08_-_Morning_Comes.Avi.3898967.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Dexter_S02E03_HDTV_XviD_XOR.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] download.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E06.DSR.XviD-NoTV.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E07.WS.DSR.XviD-LOKi.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E08.WS.DSRip.XviD-SFM.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E09.WS.DSRip.XviD-aAF.avi.1125984.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E10.DSR.XviD-NoTV.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E11.DSR.XviD-NoTV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E12.DSR.XviD-NoTV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Eureka.S02E13.DSR.XviD-NoTV.avi.1194462.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy - S3E24-25.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy - Season 1-1.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy - Season 1.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy - Season 2.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy S04E01 HDTV XViD [Eng].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy S4E03.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy.04x06Kung.Fuu.Fighting.Xvid.Caph.1277758.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy.S04x02.Love Addiction.VOSTFR.By Emule-Shareur.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's Anatomy.Season 3 Special.mp4.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey's_Anatomy_03x08_XviD.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey____s.Anatomy.04x08.Forever.Young.Xvid.Caph.3887067.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Grey____s_anatomy_-_the_whole_season_3.3702281.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Greys.Anatomy.Season.2.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Greys.Anatomy.Season4.EP07_S-Files.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes S02E10 HDTV XviD-LOL [eztv] [smaragdtorrent.to].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E01.HDTV.XviD-XOR.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E02.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E03.HR.HDTV.XviD-2HD.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E03.PROPER.720p.HDTV.x264-HALCYON.1209646.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E04.HDTV.XviD-LOL.3843805.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E07.Nor.Sub.HDTV-Cape.3882654.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E09.HDTV.XviD-LOL.1311046.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E10.HDTV.XviD LOL.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Heroes.S02E11.HDTV.XviD-LOL.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] High School Musical 2 Soundtrack.rar.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] High School Musical Soundtrack.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House s04e06.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E01.HDTV.XViD-Caph.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E02.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E03.720p.HDTV.x264-HALCYON.3836785.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E03.HDTV.XviD-2HD.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E06.HDTV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E08.HDTV.XviD-LOL.1313656.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E08.HDTV.XviD-LOL.avi.3893908.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E09.HDTV.XviD-LOL.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E09.HDTV.XviD-XOR.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E09.HR.HDTV.XviD-CRiMSON_[www.NewTorrents.info].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] House.S04E09.SWESUB.HDTV.XviD-pirat.3934444.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Kyle.XY.Complete.S02.Swesub.1159847.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Kyle.XY.Complete.Season.1.HDTV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] lost.s04e02.hdtv.xvid-lol.[+s04e03 Exclus Previews].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Lost_-_Lost_Season_3_Complete_HDTV_XVID.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] psychostick-we couldn't think of a title.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Rescue.Me.S04E09.DSR.XviD-NoTV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Rescue.Me.S04E10.WS.DSR.XviD-LOKi.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Rescue.Me.S04E11.WS.DSRip.XviD-aAF.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Rescue.Me.S04E12.WS.DSR.XviD-CRiMSON.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Rescue.Me.S04E13.DSR.XviD-NoTV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Soundtrack - High School Musical 2 [2007-Album] IX Quality.rar.1143670.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Supernatural S03E08 HDTV XviD-NoTV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Supernatural.S03E01.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] supernatural.s03e02.hdtv.xvid-stfu.[VTV].avi.1217191.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Supernatural.S03E06.HDTV.XviD-XOR_[www.NewTorrents.info].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] supernatural.s03e07.hdtv.vostfr-LBP.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Supernatural.S03E07.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] The.IT.Crowd.S02E02.WS.PDTV.XviD-AFFiNiTY.avi.1116992.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] The.IT.Crowd.S02E03.WS.PDTV.XviD-ANGELiC.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] The.IT.Crowd.S02E04.WS.PDTV.XviD-RiVER.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] The.IT.Crowd.S02E05.WS.PDTV.XviD-RiVER.avi.1165340.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] The.IT.Crowd.S02E06.WS.PDTV.XviD-RiVER.3822999.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Turisas - 2007 - The Varangian Way.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly Betty - Season One Special.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E01.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E03.HDTV.XViD-Caph.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E06.VOSTFR-PM4.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E07.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E08.HDTV.XViD-DOT.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E09.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E10.HDTV.XViD-DOT_2_[www.NewTorrents.info].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt] Ugly.Betty.S02E10.VOSTFR-PM4.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_-=mininova[1].org=-_All_Seasons.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_0a2c126e09a47ddabdd6e79c4ab4d0369a31e513.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_9e97464681a1a14aad5a3a6d57bbe3233ba8dc83.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_b94a089e7fcb8dd519294bac07d5836e1ce13ee4.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Dexter.S03E01.REAL.PROPER.HDTV.XviD-aAF.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_download.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_download[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E01.HDTV.XviD-0TV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E02.HDTV.XviD-0TV.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E03.HDTV.XviD-0TV.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E04.HDTV.XVID-BAJSKORV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E05.PROPER.HDTV.XviD-SAiNTS.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E06.HDTV.XviD-aAF.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E07.HDTV.XviD-NoTV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Eureka.S03E08.HDTV.XviD-NoTV.[VTV].avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Gilmore.Girls.Season.2.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Gilmore_Girls_-_Complete_(Series_1-7)_TVRips_[HQH].4090329.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Greys.Anatomy.S04.COMPLETE.VOSTFR-PM4[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Greys.Anatomy.S04E12.HDTV.XViD-DOT.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Greys.Anatomy.S04E13.HDTV.XviD-2HD.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Greys.Anatomy.S04E15.HDTV.XViD-DOT.[eztv][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Greys.Anatomy.S05E01E02.HDTV.XViD-DOT.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Greys_Anatomy.4x16_4x17.Freedom.HDTV_XviD-FoV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_GReYs_aNaToMy_[4]_Episode_[14][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Heroes.3x01.HDTV.Xvid.Mp3.[SuB].avi.4410629.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Heroes.S03E02.HDTV.XviD-SaM.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Heroes.S03E03.HDTV-SaM.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Heroes.S03E04_HDTV_XviD-LOL.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Heroes_S03E04_HDTV_XviD_VOSTFR_avi_[smaragdtorrent.to].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_house.412.hdtv-lol.subtitulado.Esp.SC.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House.S04E11.HDTV.{SeCtIoN8}.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House.S04E13.HDTV.XviD-XOR.4163010.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House.S04E14.HDTV.XviD-NoTV.[eztv][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House.S04E15.HDTV.XviD-0TV.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House.S05E01.HDTV.XviD-notv.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House.S05E02.HDTV.XviD-NoTV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House.S05E03.HDTV.XviD-LOL.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House_M.D._-_Season_03[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House_S04E14__HDTV_XviD-NoTV[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House_S04E14_HDTV_XviD-NoTV_VOST_FR_slayerFR_avi_[smaragdtorrent.to][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House_S04E14_HDTV_XviD_PROPER.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_House_S04E16_HDTV_XviD-LOL[ShareWave_net]_[smaragdtorrent.to].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Knight.Rider.1x02.Journey.To.The.End.Of.Knight-Sub.Ita.by.Giox.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Knight.Rider.2008.S01E03.HDTV.XviD-LOL.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Knight_Rider_(2008)_S01E01_-_A_Knight_In_Shining_Armor.avi.4425840.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Knight_Rider_2008_S01E01_HDTV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E14.DSR.XviD-iHT.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E15.DSR.XviD.SWESUB-KickFoot.3996111.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E16.DSR.XviD.SWESUB-KickFoot.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E17.REAL.REPACK.DSR.XviD-0TV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E18.DSR.XviD-0TV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E19.DSR.XviD-0TV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E20.DSR.XviD-0TV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E21.DSR.XviD-0TV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E22.DSR.XviD-0TV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle.XY.S02E23.DSR.XviD-0TV[XCRYPT].4086000.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Kyle_XY_-_The_Soundtrack_Season_1_OST_2007.3998788.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost.S04E02.HDTV.XviD-2HD.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost.S04E03.HDTV.XviD-DBG13.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_lost.s04e04.576p--POC.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost.S04E06.HDTV.XviD-2HD.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_LOST.S04E08.SWESUB.720p.HDTV.AC3.AVC-GB.MKV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost.S04E10.PROPER.HDTV.XViD-DOT.avi.4167984.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost.S04E11.HDTV.XviD.VOstFR-GuiKs.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost.S04E13-E14.HDTV.XviD-2HD_[AiTB].4212056.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_LOST_S04E02_HDTV_XviD_DOLBY_SURROUND.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_LOST_S04E03_HDTV_XVID_LEAKED.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_lost_S04E05_hdtv.xvid.warlock.4056133.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost_S04E06_-_The_Other_Woman.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost_S04E07_HDTV_XViD[www.yestorrent.com].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost_S04E09_HDTV_XviD-2HD_[eztv]_[smaragdtorrent.to].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost_S04E11_HDTV_XviD-2HD.4182700.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Lost_S04E12_HDTV_XviD_avi_[smaragdtorrent.to][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Metallica-Death_Magnetic-PROPER-Retail-2008-FLM.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Pushing.Daisies.S02E01.HDTV.XViD-DOT.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Pushing.Daisies.S02E02.HDTV.XViD-DOT.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E01.HDTV.XviD-XOR.1176958.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E02.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E03.HDTV.XviD-XOR.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E04.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E05.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E06.HDTV.XviD-XOR_[www.NewTorrents.info].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E07.HDTV.XviD-2HD.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E08.720p.HDTV.x264-HDQ.1298265.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E08.HDTV.XviD-NoTV.[eztv].3890742.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E09.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E10.HDTV.XviD-2HD_[www.NewTorrents.info].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E11.HDTV.XviD-NoTV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E13.HDTV.XviD-NoTV.4103851.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_reaper.s01e13.hdtv.xvid-notv.avi.4103581.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E14.HDTV.XviD-0TV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E15.HDTV.XviD-0TV.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E16.SWESUB.HDTV.XviD-Smurfenlars.4180192.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E17.HDTV.XviD-2HD.[MFD].avi.4187329.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper.S01E18.HDTV.XviD-2HD.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper_S01E12_SWESUB_HDTV_XviD_-_d_S.avi.4094314.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Reaper_Season_1.4211889.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Rent[DVDRip][The_Cooler].avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Rent_-_Original_Broadway_Cast_Recording[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs-701-My_Own_Worst_Enemy(ComedyKing1988).avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs-702-My_Hard_Labor(ComedyKing1988).avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs-703-My_Inconveniant_Truth(ComedyKing1988).avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs-704-My_Identity_Crisis(ComedyKing1988).avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs-705-My_Growing_Pains(ComedyKing1988).avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs-706-My_Number_One_Doctor(ComedyKing1988).avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs-707-My_Bad_Too(comedyKing1988).avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs.7x08.My_Manhood.PDTV_XviD-FoV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs.7x09.My_Dumb_Luck.PROPER.PDTV_XviD-FoV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs.S07E10.PDTV.XviD-LOL.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs.S07E11.PDTV.XviD-LOL.avi.4179132.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs_-_Season_2_-_High_Quality_-_Dvd_Rip___Extras.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs_Season_1.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs_Season_2[www[2].btmon.com].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Scrubs_Season_6_(Complete).3742069.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Season_1.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Season_2.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Shawn_Hlookoff__-_She_could_be_you_(from_Kyle_XY).4074864.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Silver_Lining_-_Female_Voices.1225299.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_So_You_Think_You_Can_Dance_Season_3_[smaragdtorrent.to].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.4x01.Lazarus.Rising.VOSTFR.HDTV.XviD-BaLLanTeAm.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E10.720p.HDTV.x264-CTU.4017738.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E10.Dream.a.Little.Dream.of.Me.HDTV.XviD-FQM.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E11.HDTV.XviD-XOR.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E12.HDTV.XviD-NoTV.[VTV].avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E12.HDTV.XviD-NoTV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E13.HDTV.XviD-HDQ.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E14.HDTV.XviD-XOR.[VTV].avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E14.PROPER.HDTV.XviD-BSGTV.[eztv][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S03E16.No.Rest.for.the.Wicked.HDTV.XviD-FQM.[VTV].avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S04E02.Are.You.There.God.Its.Me.Dean.Winchester.VOST.FR.slayerFR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural.S04E04.HDTV.XviD-NoTV.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural_-_Complete_First_Season_Swesub.4386519.TPB[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural_[3x15]_(XviD_asd)_EnglishV_NapisyPL_-_www.tvshows.yoyo.pl.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_supernatural_s03e11_hdtv_vostfr-LBP_[all-series_com]_[smaragdtorrent.to].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Supernatural_s0403.4428065.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Toby_Keith.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.3x02.Filing.For.The.Enemy.HDTV.XviD-FoV.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E01.HDTV.XviD-XOR[www.moviex.info][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E02.HDTV.XviD-LOL.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E03.HDTV.XviD-XOR.3538790.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E04.HDTV.XviD-LOL.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E05.HDTV.XviD-DIMENSION.3546471.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E05.HDTV.XviD-DIMENSION.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E06.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E07.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E08.HDTV.XviD-LOL.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E09.HDTV.XviD-XOR.3563779.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E10.HDTV.XviD-XOR_[www.NewTorrents.info].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E11.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E12.Sofias.Choice.HDTV.XviD-FQM.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_ugly.betty.s01e13.hdtv.xvid-xor.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E14.HDTV.XviD-XOR_[www.NewTorrents.info].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E15.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E16.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E17.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E18.HDTV.XviD-NoTV.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E19.PROPER.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E20.Petra-gate.HDTV.XviD-FQM.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E22.HDTV.XviD-XOR.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S01E23.HR.HDTV.XviD-TVFF.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E11.HDTV.XViD-DOT.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E12.HDTV.XviD-NoTV.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E13.HDTV.XViD-DOT.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E14.HDTV.XViD-DOT.avi.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E15.HDTV.XViD-DOT.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E16.HDTV.XViD-DOT.[eztv][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E17.HDTV.XViD-DOT.[eztv][1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S02E18.HDTV.XViD-DOT.[eztv].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S03E01.HDTV.XviD-NoTV.avi.4413737.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.S03E03.HDTV.XViD-DOT.avi.4436967.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\[isoHunt]_Ugly.Betty.Season.1.Complete[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\_[isoHunt] Grey____s.Anatomy.04x08.Forever.Young.Xvid.Caph.3887067.TPB.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\_[isoHunt] The.IT.Crowd.S02E02.WS.PDTV.XviD-AFFiNiTY.avi.1116992.SN.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\_[isoHunt]_b94a089e7fcb8dd519294bac07d5836e1ce13ee4.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\_[isoHunt]_download.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\_[isoHunt]_Reaper.S01E15.HDTV.XviD-0TV.avi[1].torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\_[isoHunt]_Supernatural.S03E12.HDTV.XviD-NoTV.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU11474.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU12011.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU12014.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU12272.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU20486.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU21368.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU22609.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU22615.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU26807.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU28091.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU28098.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU28419.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU28423.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU28426.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU28429.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU32312.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU35668.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU3632.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU39227.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU47716.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU48314.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU48390.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU48395.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU52069.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU55514.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU56687.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU56693.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU5976.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\AZU9495.tmp
C:\Documents and Settings\Samantha South\Application Data\Azureus\torrents\Sword+of+the+New+World%3A+Granado+Espada+%5BJO4PZGTYTMYDRAI76ITK5H5JINHK3MTC%5D.torrent
C:\Documents and Settings\Samantha South\Application Data\Azureus\tracker.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\tracker.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\unsentdata.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\unsentdata.config.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\update.log
C:\Documents and Settings\Samantha South\Application Data\Azureus\update.properties
C:\Documents and Settings\Samantha South\Application Data\Azureus\v3.Friends.dat
C:\Documents and Settings\Samantha South\Application Data\Azureus\v3.Friends.dat.bak
C:\Documents and Settings\Samantha South\Application Data\Azureus\VuzeActivities.config
C:\Documents and Settings\Samantha South\Application Data\Azureus\VuzeActivities.config.bak
C:\Program Files\Azureus
C:\Program Files\Azureus\msvcr71.dll
C:\Program Files\Azureus\plugins\azupdater\azupdater_1.8.5.zip
C:\Program Files\Azureus\plugins\azupdater\azupdater_1.8.8.zip
C:\Program Files\Azureus\plugins\azupdater\azupdaterpatcher_1.8.5.jar
C:\Program Files\Azureus\plugins\azupdater\azupdaterpatcher_1.8.8.jar
C:\Program Files\Azureus\plugins\azupdater\plugin.properties_1.8.5
C:\Program Files\Azureus\plugins\azupdater\plugin.properties_1.8.8
C:\Program Files\Azureus\plugins\azupdater\Updater.jar.bak
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.1.3.jar
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.1.3.zip
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.1.6.jar
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.1.6.zip
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.1.7.jar
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.1.7.zip
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.2.0.jar
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.2.0.zip
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.2.1.jar
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.2.1.zip
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.2.2.jar
C:\Program Files\Azureus\plugins\azupnpav\azupnpav_0.2.2.zip
C:\Program Files\Azureus\plugins\azupnpav\plugin.properties_0.1.3
C:\Program Files\Azureus\plugins\azupnpav\plugin.properties_0.1.6
C:\Program Files\Azureus\plugins\azupnpav\plugin.properties_0.1.7
C:\Program Files\Azureus\plugins\azupnpav\plugin.properties_0.2.0
C:\Program Files\Azureus\plugins\azupnpav\plugin.properties_0.2.1
C:\Program Files\Azureus\plugins\azupnpav\plugin.properties_0.2.2
C:\Program Files\temp01.
sigerness
2008-10-27, 21:51
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_glaide32
((((((((((((((((((((((((( Files Created from 2008-09-26 to 2008-10-26 )))))))))))))))))))))))))))))))
.
2008-10-17 20:13 . 2008-10-17 20:13 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-14 20:39 . 2008-10-14 20:39 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\Apple Computer
2008-10-13 20:03 . 2008-10-23 19:05 <DIR> d--h----- C:\$AVG8.VAULT$
2008-10-13 19:32 . 2008-10-23 08:30 90,632 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-10-13 19:32 . 2008-10-13 19:32 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-10-13 19:31 . 2008-10-26 08:54 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-10-13 19:31 . 2008-10-13 19:31 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-10-13 19:29 . 2008-10-13 19:29 <DIR> d-------- C:\Program Files\AVG
2008-10-13 19:29 . 2008-10-13 19:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-13 19:29 . 2008-10-23 08:30 50,968 --a------ C:\WINDOWS\system32\avgfwdx.dll
2008-10-13 19:29 . 2008-10-23 08:30 29,208 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys
2008-10-13 08:51 . 2008-10-13 08:51 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\5
2008-10-12 20:43 . 2008-10-12 20:43 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\0000005738
2008-10-12 20:39 . 2008-10-14 11:16 <DIR> d-------- C:\Documents and Settings\Samantha South\Application Data\sp2
2008-10-12 19:46 . 2008-10-12 19:46 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-10-12 19:45 . 2008-10-12 19:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-12 19:40 . 2008-10-12 19:40 <DIR> d-------- C:\Program Files\Apple Software Update
2008-10-12 19:39 . 2008-10-12 19:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-26 09:33 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-10-26 06:50 --------- d-----w C:\Program Files\LogMeIn
2008-10-23 08:40 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-23 08:23 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Skype
2008-10-17 20:10 87,352 ----a-w C:\WINDOWS\system32\LMIinit.dll
2008-10-17 20:10 83,288 ----a-w C:\WINDOWS\system32\LMIRfsClientNP.dll
2008-10-17 20:10 47,640 ----a-w C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
2008-10-17 20:10 28,984 ----a-w C:\WINDOWS\system32\LMIport.dll
2008-10-17 20:10 23,736 ----a-w C:\WINDOWS\system32\lmimirr.dll
2008-10-17 20:10 10,040 ----a-w C:\WINDOWS\system32\lmimirr2.dll
2008-10-13 20:41 --------- d-----w C:\Program Files\Common Files\Sandlot Shared
2008-10-12 19:49 --------- d-----w C:\Program Files\QuickTime
2008-10-02 09:49 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-01 14:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-10-01 13:59 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Oberon Games
2008-10-01 13:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Oberon Games
2008-10-01 13:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-09-18 19:40 --------- d-----w C:\Program Files\PlayFirst
2008-09-18 19:39 --------- d-----w C:\Program Files\GameHouse
2008-09-18 19:39 --------- d-----w C:\Program Files\Fish Tycoon
2008-09-18 18:44 --------- d-----w C:\Program Files\Beach Party Craze
2008-09-18 18:38 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Home Sweet Home 2
2008-09-18 18:37 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\PlayFirst
2008-09-18 18:02 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\GameHouse
2008-09-14 15:13 --------- d-----w C:\Program Files\bfgclient
2008-09-14 12:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
2008-08-31 07:56 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\BFG_JanesRealty
2008-08-30 19:11 --------- d-----w C:\Documents and Settings\Samantha South\Application Data\Realore_DressUpRush
2008-07-10 08:07 23 ----a-w C:\Documents and Settings\Samantha South\jagex_runescape_preferences.dat
2006-08-19 20:30 3,072 -c--a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
2006-08-19 20:30 245,408 -c--a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
2008-06-07 13:39 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008060720080608\index.dat
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\Documents and Settings\Samantha South\Application Data\0000005738 ----
2008-10-12 20:43 6832 --a------ C:\Documents and Settings\Samantha South\Application Data\0000005738\base2.dat
2008-10-12 20:43 4400 --a------ C:\Documents and Settings\Samantha South\Application Data\0000005738\spline.dat
2008-10-12 20:43 39610 --a------ C:\Documents and Settings\Samantha South\Application Data\0000005738\Desc.dat
2008-10-12 20:43 3261 --a------ C:\Documents and Settings\Samantha South\Application Data\0000005738\base.dat
---- Directory of C:\Documents and Settings\Samantha South\Application Data\5 ----
2008-10-13 08:51 6832 --a------ C:\Documents and Settings\Samantha South\Application Data\5\base2.dat
2008-10-13 08:51 4400 --a------ C:\Documents and Settings\Samantha South\Application Data\5\spline.dat
2008-10-13 08:51 39610 --a------ C:\Documents and Settings\Samantha South\Application Data\5\Desc.dat
2008-10-13 08:51 3261 --a------ C:\Documents and Settings\Samantha South\Application Data\5\base.dat
---- Directory of C:\Documents and Settings\Samantha South\Application Data\sp2 ----
((((((((((((((((((((((((((((( snapshot@2008-10-22_11.52.56.62 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-20 20:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE
- 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\subs\ERDNT.EXE
+ 2005-10-20 20:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\subs\ERDNT.EXE
- 2000-08-31 07:00:00 28,672 ----a-w C:\WINDOWS\NIRCMD.exe
+ 2000-08-31 08:00:00 28,672 ----a-w C:\WINDOWS\NIRCMD.exe
- 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\SWREG.exe
+ 2000-08-31 08:00:00 161,792 ----a-w C:\WINDOWS\SWREG.exe
- 2008-08-27 08:30:08 93,718 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-10-26 08:54:23 93,718 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-08-27 08:30:08 530,952 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-10-26 08:54:23 530,952 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-05-28 11:33:00 33,080 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIprinter.dll
+ 2008-10-17 20:10:36 34,104 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIprinter.dll
- 2008-05-28 11:33:02 43,320 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIprinterdat.dll
+ 2008-10-17 20:10:41 43,320 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIprinterdat.dll
- 2008-05-28 11:33:02 43,320 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIprinterui.dll
+ 2008-10-17 20:10:41 43,320 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIprinterui.dll
- 2008-05-28 11:33:00 33,080 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\LMIprinter.dll
+ 2008-10-17 20:10:36 34,104 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\LMIprinter.dll
- 2008-05-28 11:33:02 43,320 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\LMIprinterdat.dll
+ 2008-10-17 20:10:41 43,320 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\LMIprinterdat.dll
- 2008-05-28 11:33:02 43,320 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\LMIprinterui.dll
+ 2008-10-17 20:10:41 43,320 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\LMIprinterui.dll
- 2008-05-28 11:33:04 47,416 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
+ 2008-10-17 20:10:42 47,416 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 20058152]
"MSMSGS"="C:\Program Files\Messenger\Msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]
"SnapTrap"="C:\WINDOWS\TWAIN_32\930Cam\SnapTrap.EXE" [2004-11-05 155648]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-10-05 368640]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-23 1235736]
"SiSPower"="SiSPower.dll" [2006-03-09 C:\WINDOWS\system32\SiSPower.dll]
"Mouse Suite 98 Daemon"="ICO.EXE" [2003-11-20 C:\WINDOWS\system32\ico.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-17 20:10 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 02:41 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2006-05-03 01:56 36975 C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-2.1.0-enGB-downloader.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-10-13 97928]
R1 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-10-23 90632]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-23 874776]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-13 231704]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-10-23 1224984]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-10-17 47640]
R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-10-23 29208]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-07-03 86792]
R3 SQTECH930B;ORITE USB 2.0 CCD Webcam(PC370R);C:\WINDOWS\system32\Drivers\Capt930b.sys [2005-04-08 294701]
R3 STAC97NA;SigmaTel 3D Environmental Audio;C:\WINDOWS\system32\drivers\stac97na.sys [2002-09-20 296179]
R3 STAC97NH;STAC97NH;C:\WINDOWS\system32\drivers\stac97nh.sys [2002-09-20 231983]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
S3 als4k;Avance Audio Miniport Driver (WDM);C:\WINDOWS\system32\drivers\als4000.sys [2001-10-22 28919]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-10-23 29208]
S3 pelmouse;Mouse Suite Driver;C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2003-01-10 16384]
S3 pelusblf;USB Mouse Low Filter Driver;C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2003-02-11 9216]
S3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys [2002-11-04 814277]
S3 XDva020;XDva020;C:\WINDOWS\system32\XDva020.sys [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5954f1a3-9448-11dc-a598-000f66f1e4e3}]
\Shell\AutoRun\command - H:\InstallTomTomHOME.exe
.
Contents of the 'Scheduled Tasks' folder
2008-10-14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-10-26 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-26 09:31:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-10-26 9:39:44 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-26 09:39:23
ComboFix2.txt 2008-10-22 10:54:18
Pre-Run: 23,456,768,000 bytes free
Post-Run: 23,503,147,008 bytes free
782 --- E O F --- 2008-08-22 17:33:44
(sorry had to post it over two because it was so long - As for the avg and bitdefender thing - bitdefender i've been trying to get rid of for ages but its not on my add/remove program list)
Hi
No problem with posting in several parts :)
Please try BitDefender Uninstall Tool by following instructions here (http://kb.bitdefender.com/KB333-en--How-to-uninstall-BitDefender.html).
We need to execute an OTMoveIt3 script
Please download OTMoveIt3 by OldTimer (http://oldtimer.geekstogo.com/OTMoveIt3.exe) and save it to your desktop.
Double click theOTMoveIt3 icon on your desktop.
Paste the following code under the Paste Fix Here area. Do not include the word
Code
.
:Files
C:\Documents and Settings\Samantha South\Application Data\5
C:\Documents and Settings\Samantha South\Application Data\0000005738
C:\Documents and Settings\Samantha South\Application Data\sp2
C:\Program Files\Windows Live\Messenger\msimg32.dll
C:\Program Files\Windows Live\Messenger\riched20.dll
E:\My Music\!!!Listened to\Other\RIchard Marx - Children of the night.mp3
Push the large MoveIt button.
OTMI3 may ask to reboot the machine. Please do so if asked.
Copy/Paste the contents under the Results line here in your next reply with a fresh hjt log. How's the system running?
If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
sigerness
2008-10-29, 14:13
Heya
Results:
========== FILES ==========
C:\Documents and Settings\Samantha South\Application Data\5 moved successfully.
C:\Documents and Settings\Samantha South\Application Data\0000005738 moved successfully.
C:\Documents and Settings\Samantha South\Application Data\sp2 moved successfully.
DllUnregisterServer procedure not found in C:\Program Files\Windows Live\Messenger\msimg32.dll
C:\Program Files\Windows Live\Messenger\msimg32.dll NOT unregistered.
C:\Program Files\Windows Live\Messenger\msimg32.dll moved successfully.
DllUnregisterServer procedure not found in C:\Program Files\Windows Live\Messenger\riched20.dll
C:\Program Files\Windows Live\Messenger\riched20.dll NOT unregistered.
C:\Program Files\Windows Live\Messenger\riched20.dll moved successfully.
E:\My Music\!!!Listened to\Other\RIchard Marx - Children of the night.mp3 moved successfully.
OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10292008_120439
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08:58, on 29/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\TWAIN_32\930Cam\SnapTrap.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\Samantha South\Desktop\BitDefender_Uninstall_Tool.exe
C:\DOCUME~1\SAMANT~1\LOCALS~1\Temp\IXP000.TMP\UninstallTool.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SnapTrap] C:\WINDOWS\TWAIN_32\930Cam\SnapTrap.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\SAMANT~1\LOCALS~1\Temp\IXP000.TMP\"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/ocis/OSInfo.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/ocis/SiSAutodetectNT.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0.0.68.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.94.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9892 bytes
My PC's running alot better than it was (specially since my brother got a hold of it) I'm gonna do a spybot now to see if my pupsc has gone.
Hi
Start hjt, do a system scan, check (if found):
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
Close browsers and fix checked.
Reboot and post a fresh hjt log. Let me also know about Spybot scan results. :)
Due to inactivity, this thread will now be closed.
Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than five days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.