s&d constantlly removing viruses. they always come back

Blade81 · May 23, 2010

Hi again,

Uninstall BitTorrent.

Open notepad and copy/paste the text in the quotebox below into it:

Code:

Folder::
c:\documents and settings\User\Application Data\BitTorrent
c:\documents and settings\User\Application Data\LimeWire
c:\program files\bittorrent
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=-

Save this as
CFScript

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.

Close all browser windows, disable protection and refering to the picture above, drag CFScript into ComboFix1.exe
Then post the resultant log.

Get update 9.3.2 for Adobe Reader here or get Foxit Reader here. Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 20.
Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u20-windows-i586-p.exe to install the newest version. Uncheck Carbonite online backup trial if it's offered there.

Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.

Please run an online scan with Kaspersky Online Scanner as instructed in the screenshot here.

Post back its report, a fresh dds.txt log and above mentioned ComboFix resultant log.

Anton_eric · May 24, 2010

the combofix log is to big so ill post it in a few replys

ComboFix 10-05-22.03 - User 05/23/2010 9:20.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2825 [GMT -6:00]
Running from: c:\documents and settings\User\Desktop\ComboFix1.exe
Command switches used :: c:\documents and settings\User\Desktop\cfscript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\User\Application Data\BitTorrent
c:\documents and settings\User\Application Data\BitTorrent\(2005) Sugar Ray - The Best of Sugar Ray.rar.torrent
c:\documents and settings\User\Application Data\BitTorrent\[NFL Replay]2006.AFC.Championship.Colts.VS.Pats.XviD.unethikal.torrent
c:\documents and settings\User\Application Data\BitTorrent\[RlsogKing.Com] Smallville.S09E03.HDTV.XviD-XII.torrent
c:\documents and settings\User\Application Data\BitTorrent\2012.TS.XviD-IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\A.Perfect.Getaway.DVDRip.XviD-NeDiVx avi - [ www.TorrentDay.com ].torrent
c:\documents and settings\User\Application Data\BitTorrent\Adobe Illustrator CS3.torrent
c:\documents and settings\User\Application Data\BitTorrent\Adventureland.2009.DvdRip.Xvid {1337x}-Noir.torrent
c:\documents and settings\User\Application Data\BitTorrent\Alice In Wonderland 2010 TS XViD - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Alice in Wonderland R5.torrent
c:\documents and settings\User\Application Data\BitTorrent\Alvin And The Chipmunks[2007]DVDRip.torrent
c:\documents and settings\User\Application Data\BitTorrent\Alvin.And.The.Chipmunks.The.Squeakquel.R5.LiNE.XviD-Rx.torrent
c:\documents and settings\User\Application Data\BitTorrent\American Gangster[2007][Unrated Edition]DvDrip[Eng]-FXG.torrent
c:\documents and settings\User\Application Data\BitTorrent\American.Pie.Presents.The.Book.of.Love.2009.DvdRip.Xvid {1337x}-Moursi.torrent
c:\documents and settings\User\Application Data\BitTorrent\American.Summer.2009.DvDrip.XviD.UNDEAD[www.USABIT.com].avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Arlington.Road.DvDRip.Eng-FxM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Armored.2009.DVDRip.XviD.AC3-ViSiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\Arrested Development.torrent
c:\documents and settings\User\Application Data\BitTorrent\Assassination.Of.A.High.School.President.2008.DVDRip.XviD-DiVERSE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Assassination.Of.A.High.School.President.2008.DVDRip.XviD-ViSiON.1.torrent
c:\documents and settings\User\Application Data\BitTorrent\Assassination.Of.A.High.School.President.2008.DVDRip.XviD-ViSiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\Astro.Boy.BDRip.XviD-DiAMOND.torrent
c:\documents and settings\User\Application Data\BitTorrent\Avatar (2009) PROPER TS XviD-MAXSPEED.torrent
c:\documents and settings\User\Application Data\BitTorrent\Avatar 2009 DVDScr H264 AAC-GreatMagician.torrent
c:\documents and settings\User\Application Data\BitTorrent\BAND OF BROTHERS-COMMEMORATIVE BOXSET DISC 2-PARTS THREE&FOUR-A H.264 RIP BY KIDZCORNER.torrent
c:\documents and settings\User\Application Data\BitTorrent\BAND OF BROTHERS-COMMEMORATIVE BOXSET DISC 3-PARTS FIVE&SIX-A H.264 RIP BY KIDZCORNER.torrent
c:\documents and settings\User\Application Data\BitTorrent\BAND OF BROTHERS-COMMEMORATIVE BOXSET DISC 4-PARTS SEVEN&EIGHT-A H.264 RIP BY KIDZCORNER.torrent
c:\documents and settings\User\Application Data\BitTorrent\BAND OF BROTHERS COMMEMORATIVE BOXSET-DISC 1-PARTS ONE&TWO-A H.264 RIP BY KIDZCORNER.torrent
c:\documents and settings\User\Application Data\BitTorrent\Ben.10.Alien.Swarm.2009.DVDRip.XviD-VoMiT.torrent
c:\documents and settings\User\Application Data\BitTorrent\BF Bad Company 2 Beta.torrent
c:\documents and settings\User\Application Data\BitTorrent\BioShock-XBOX360-USA-DAGGER.torrent
c:\documents and settings\User\Application Data\BitTorrent\bittorrent.lng
c:\documents and settings\User\Application Data\BitTorrent\Black_Hawk_Down(DVDRip)(xvid)-Goblin10.torrent
c:\documents and settings\User\Application Data\BitTorrent\Blow[2001]DVDrip[ENG]-MissRipZ.torrent
c:\documents and settings\User\Application Data\BitTorrent\Boondock Saints II All Saints Day DVDRip XviD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Brooklyns Finest SCR.Wrk-Pnt XviD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Brothers[2009]DvDrip-aXXo.torrent
c:\documents and settings\User\Application Data\BitTorrent\Cirque Du Freak Vampires Assistant Dvdrip 2009 ISWE-RG.torrent
c:\documents and settings\User\Application Data\BitTorrent\City of Ember.torrent
c:\documents and settings\User\Application Data\BitTorrent\Clash Of The Titans 2010 TS XViD - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Company of heroes.torrent
c:\documents and settings\User\Application Data\BitTorrent\Cop Out CAM XViD V2 - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Cop.Out.2010 R6.LINE.XVID-UniversalAbsurdity.torrent
c:\documents and settings\User\Application Data\BitTorrent\Cop.Out.2010.TS.XviD-Rx.torrent
c:\documents and settings\User\Application Data\BitTorrent\Couples Retreat (2009) BRRIP DivXNL-Team.torrent
c:\documents and settings\User\Application Data\BitTorrent\Couples.Retreat.2009.BDRip.XviD-iMBT.torrent
c:\documents and settings\User\Application Data\BitTorrent\Daybreakers TS XVID - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Daybreakers.DvDScr.Line.XviD-FLAWL3SS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Dead.Man.Running.2009.Dvdrip.Xvid.ISWE-RG.NoRar.www.crazy-torrent.com.torrent
c:\documents and settings\User\Application Data\BitTorrent\DEAR JOHN DVDRip XviD.torrent
c:\documents and settings\User\Application Data\BitTorrent\dht.dat
c:\documents and settings\User\Application Data\BitTorrent\dht.dat.old
c:\documents and settings\User\Application Data\BitTorrent\District 9 2009 TELESYNC H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\District.9[2009]R5.Xvid.MF.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\edge of darkness.torrent
c:\documents and settings\User\Application Data\BitTorrent\Entourage Season 6.torrent
c:\documents and settings\User\Application Data\BitTorrent\Everybodys.Fine.DVDRip.XviD-NeDiVx.torrent
c:\documents and settings\User\Application Data\BitTorrent\Fantastic.Mr.Fox.2009.DVDSCR.XviD-MegaPlay.torrent
c:\documents and settings\User\Application Data\BitTorrent\FiFA 10 [NTSC] [X360] [www.bajandojuegos.eu].torrent
c:\documents and settings\User\Application Data\BitTorrent\Fighting.UNRATED.BDRip.XviD-DASH.torrent
c:\documents and settings\User\Application Data\BitTorrent\Final.Destination.3.DVDRip.XviD.torrent
c:\documents and settings\User\Application Data\BitTorrent\From.Paris.With.Love.2010.R5.LiNE.XviD-Rx.torrent
c:\documents and settings\User\Application Data\BitTorrent\From.Paris.with.Love.R5.LINE.XviD-MENTiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\Full Metal Jacket 1987 Remastered BRRip H264 5.1 ch-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\Funny.People.UNRATED.2009.DvDRiP.XviD-ExtraScene RG.torrent
c:\documents and settings\User\Application Data\BitTorrent\G.I. Joe The Rise Of Cobra 2009 TELESYNC H264 AC3-SecretMyth (Kingdom-Release).torrent.torrent
c:\documents and settings\User\Application Data\BitTorrent\G.I. Joe The Rise Of The Cobra 2009 CAM V2 XviD-PrisM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gamer.DVDRip.XviD-DoNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\garrison 1337x-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Generation Kill.torrent
c:\documents and settings\User\Application Data\BitTorrent\GI Joe The Rise Of Cobra.2009.DvdRip.Xvid {1337x}-Noir.torrent
c:\documents and settings\User\Application Data\BitTorrent\Going.The.Distance.2004.Swesub.DvDRip.XviD-Jontey.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gossip.Girl.S03E09.HDTV.XviD-NoTV.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gossip.Girl.S03E10.HDTV.XviD-2HD.[VTV].avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gossip.Girl.S03E10.HDTV.XviD-2HD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gossip.Girl.S03E11.HDTV.XviD-2HD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gossip.Girl.S03E12.The.Debarted.HDTV.XviD-FQM.[VTV].avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gossip.Girl.S03E17.Inglourious.Bassterds.HDTV.XviD-FQM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Gossip.Girl.S03E21.HDTV.XviD-FQM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Green Zone TS XViD - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Halo.Legends.2010.BRRip.XviD-MegaPlay.torrent
c:\documents and settings\User\Application Data\BitTorrent\Hannah.Montana.The.Movie.DVDSCR.XviD-CRUX.torrent
c:\documents and settings\User\Application Data\BitTorrent\Harry Potter And The Half-Blood Prince 2009 DVDRip H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\How To Train Your Dragon 2010 TS XviD-FLAWL3SS.torrent
c:\documents and settings\User\Application Data\BitTorrent\How To Train Your Dragon 2010 TS XviD-PrisM-[www.meWarez.org].torrent
c:\documents and settings\User\Application Data\BitTorrent\I Love You Man[2009]DvDrip-LW.torrent
c:\documents and settings\User\Application Data\BitTorrent\I.Love.You.Beth.Cooper.DVDRip.XviD-DiAMOND.torrent
c:\documents and settings\User\Application Data\BitTorrent\I.Love.You.Man[2009]DvDrip[Eng]-Corpse.torrent
c:\documents and settings\User\Application Data\BitTorrent\Ice Age 3 Dawn Of The Dinosaurs 2009 DvDrip NLsub code kako.torrent
c:\documents and settings\User\Application Data\BitTorrent\Ice.Twisters.2009.DVDRip.XviD-GFW.torrent
c:\documents and settings\User\Application Data\BitTorrent\Inglourious Basterds 2009 CAM H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\Inglourious Basterds 2009.torrent
c:\documents and settings\User\Application Data\BitTorrent\Inglourious Basterds PPV XViD-IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Inglourious.Basterds.2009.DvDRip-FxM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Iron.Man.2.2010.NEW.AUDIO.CAM.XVID-PrisM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its Always Sunny In Philadelphia-A Very Sunny Christmas 2009.DVDRip.XviD-WBZ.NoRar.www.crazy-torrent.com.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E01.PDTV.XviD-SYS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E02.WS.PDTV.XviD-SYS.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.in.Philadelphia.S05E03.REPACK.WS.PDTV.XviD-XII.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E04.WS.PDTV.XviD-SYS.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E05.WS.PDTV.XviD-SYS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E06.WS.PDTV.XviD-SYS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E07.WS.PDTV.XviD-XII.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E08.WS.PDTV.XviD-SYS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E09.WS.PDTV.XviD-XII.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E10.WS.PDTV.XviD-SYS.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.in.Philadelphia.S05E11.Mac.and.Charlie.Write.a.Movie.WS.PDTV.XviD-FQM.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E11.WS.PDTV.XviD PLATINUM-SYS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.in.Philadelphia.S05E12.The.Gang.Reignites.the.Rivalry.WS.PDTV.XviD-FQM.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Its.Always.Sunny.In.Philadelphia.S05E13.WEBRIP.H264.mp4.torrent
c:\documents and settings\User\Application Data\BitTorrent\Jarhead[2005]DvDrip[Eng]-aXXo.torrent
c:\documents and settings\User\Application Data\BitTorrent\Jeff.Dunham-Arguing.With.Myself.DvdRip.VostFr.torrent
c:\documents and settings\User\Application Data\BitTorrent\Jennifers Body Unrated (2009) DvdRip [Xvid] {1337x}-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Jennifers.Body.R5.LiNE.XviD-IMAGINE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Kick-Ass.R5.XviD-COALiTiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\Land Of The Lost[2009]DvDrip-LW.torrent
c:\documents and settings\User\Application Data\BitTorrent\Law Abiding Citizen (2009) DVDRip XviD-MAXSPEED.torrent
c:\documents and settings\User\Application Data\BitTorrent\Legion.R5.LINE.XviD-MENTiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\License.To.Wed[2007]DvDrip.AC3[Eng]-aXXo.torrent
c:\documents and settings\User\Application Data\BitTorrent\Miss.March[2009][Unrated-Fully Exposed]DvDrip[En-Fr]Subs[En-Fr-Es]DivX-Ch4cal.torrent
c:\documents and settings\User\Application Data\BitTorrent\Mutant Chronicles.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\National Treasure 2.torrent
c:\documents and settings\User\Application Data\BitTorrent\National.Lampoons.Spring.Break.2007.UNRATED.NTSC.DVDR-DPiMP.1.torrent
c:\documents and settings\User\Application Data\BitTorrent\National.Lampoons.Spring.Break.2007.UNRATED.NTSC.DVDR-DPiMP.torrent
c:\documents and settings\User\Application Data\BitTorrent\National.Lampoons.Stoned.Age.UNRATED.2008.DVDRip.XviD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Necrosis.2009.DvdRip.Xvid {1337x}-Noir.torrent
c:\documents and settings\User\Application Data\BitTorrent\Never.Back.Down[2008]DvDrip-aXXo.torrent
c:\documents and settings\User\Application Data\BitTorrent\neverbackdown.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\NHL_10_NTSC_XBOX360-CCCLX.1.torrent
c:\documents and settings\User\Application Data\BitTorrent\NHL_10_NTSC_XBOX360-CCCLX.2.torrent
c:\documents and settings\User\Application Data\BitTorrent\NHL_10_NTSC_XBOX360-CCCLX.3.torrent
c:\documents and settings\User\Application Data\BitTorrent\NHL_10_NTSC_XBOX360-CCCLX.4.torrent
c:\documents and settings\User\Application Data\BitTorrent\Night at the Museum Battle of the Smithsonian[2009]DvDrip[Eng]-FXG.torrent
c:\documents and settings\User\Application Data\BitTorrent\Nine Miles Down (2009) DvdRip [Xvid] {1337x}-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Ninja Assassin (2009) 2Lions-Team.torrent
c:\documents and settings\User\Application Data\BitTorrent\Ninja.Assassin.2009.WS.SCR.XviD-SilentNinja.torrent
c:\documents and settings\User\Application Data\BitTorrent\Old Dogs (2009) DvdRip [Xvid] {1337x}-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Pandorum.2009.BRRip.XviD-MegaPlay.torrent
c:\documents and settings\User\Application Data\BitTorrent\patton.360.s01e07.on.hitlers.doorstep.hdtv.xvid-dvsky.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Percy Jackson Lightning Thief TS XVID - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Percy.Jackson.And.the.Olympians.The.Lightning.Thief.2010.Eng.LU.torrent
c:\documents and settings\User\Application Data\BitTorrent\Percy.Jackson.and.the.Olympians.The.Lightning.Thief.REPACK.R5.LiNE.XviD-VEiNS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Percy.Jackson.and.the.Olympic.Lightning.Thief.2010.TS.H264-CRYS.torrent
c:\documents and settings\User\Application Data\BitTorrent\Planet 51 DVDRip XviD-ARROW.torrent
c:\documents and settings\User\Application Data\BitTorrent\Public Enemies (2009) DVDRip XviD-MAXSPEED.torrent
c:\documents and settings\User\Application Data\BitTorrent\Public.Enemies.BDRip.XViD-iMBT.torrent
c:\documents and settings\User\Application Data\BitTorrent\Pulp Fiction [DVDRip][1994][Eng][BugzBunny].torrent
c:\documents and settings\User\Application Data\BitTorrent\resume.dat
c:\documents and settings\User\Application Data\BitTorrent\resume.dat.old
c:\documents and settings\User\Application Data\BitTorrent\Risk 2.torrent
c:\documents and settings\User\Application Data\BitTorrent\Rock_Band_2_USA_XBOX360-Goomba.torrent
c:\documents and settings\User\Application Data\BitTorrent\Rock_Band_USA_XBOX360-PI.torrent
c:\documents and settings\User\Application Data\BitTorrent\rss.dat
c:\documents and settings\User\Application Data\BitTorrent\rss.dat.old
c:\documents and settings\User\Application Data\BitTorrent\S2005.torrent
c:\documents and settings\User\Application Data\BitTorrent\S2008.torrent
c:\documents and settings\User\Application Data\BitTorrent\S2014.torrent
c:\documents and settings\User\Application Data\BitTorrent\Saving Private Ryan [1999]DvDrip[Eng]-dbk.torrent
c:\documents and settings\User\Application Data\BitTorrent\Sc2 Fix with goodies!.torrent
c:\documents and settings\User\Application Data\BitTorrent\Serious Moonlight (2009) DvdRip [Xvid} {1337x}-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\settings.dat
c:\documents and settings\User\Application Data\BitTorrent\settings.dat.old
c:\documents and settings\User\Application Data\BitTorrent\Sherlock Holmes (2009) DVDSCR [ResourceRG H264 by Bezauk].torrent
c:\documents and settings\User\Application Data\BitTorrent\Shes Out Of My League TS XViD - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\Shutter Island (2010) R5 DVDRip XviD-MAXSPEED.torrent
c:\documents and settings\User\Application Data\BitTorrent\Sky.High.DVDRip.XviD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E01.HDTV.XviD-XII.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E01.HDTV.XviD-XII.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E02.HDTV.XviD-FEVER.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E04.Echo.HDTV.XviD-FQM.avi.1.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E04.Echo.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E05.HDTV.XviD-XII.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E06.HDTV.XviD-XII.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E07.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E08.Idol.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E11.Absolute.Justice.PROPER.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E14.HDTV.XviD-XII.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E16.HDTV.XviD-2HD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smallville.S09E21.HDTV.XviD-2HD.torrent
c:\documents and settings\User\Application Data\BitTorrent\Smokin.Aces.2.Assassins.Ball.UNRATED.DVDRip.XviD-BULLDOZER.[www.torrentfive.com].torrent
c:\documents and settings\User\Application Data\BitTorrent\Solomon.Kane.DVDSCR.XVID-PrisM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Splinterheads.2009.LiMiTED.DVDRiP.XViD-MisFitZ(www.usabit.com).torrent
c:\documents and settings\User\Application Data\BitTorrent\Star Trek 2009 BRRip H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\Starcraft 2.torrent
c:\documents and settings\User\Application Data\BitTorrent\StarCraft II - Beta Launcher 0.28 (STABLE).torrent
c:\documents and settings\User\Application Data\BitTorrent\State.Of.Play.2009.DvDRip-FxM.torrent
c:\documents and settings\User\Application Data\BitTorrent\Stop-Loss[2008]DvDrip-aXXo.torrent
c:\documents and settings\User\Application Data\BitTorrent\Sugar Ray - The Best Of [Mp3-vrb].torrent
c:\documents and settings\User\Application Data\BitTorrent\Surrogates (2009) TS XviD-MAXSPEED.NoRar.www.crazy-torrent.com.torrent
c:\documents and settings\User\Application Data\BitTorrent\Surrogates CAM XVID - STG.torrent
c:\documents and settings\User\Application Data\BitTorrent\Surrogates.PROPER.R5.LINE.XviD-D3M0NZ.torrent
c:\documents and settings\User\Application Data\BitTorrent\Survivor.S20E12.A.Sinking.Ship.HDTV.XviD-FQM [NO-RAR] - [ www.torrentday.com ].torrent
c:\documents and settings\User\Application Data\BitTorrent\Survivor.S20E13.Loose.Lips.Sink.Ships.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Book Of Eli 2010 TELESYNC H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\The Bounty Hunter TS XViD - IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Bounty Hunter.2010.R5.LiNE.Xvid {1337x}-Noir.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Box DVDRip XviD-MENTiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Box[2009]R5-DvDrip-LW.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Crazies (1973) BRRip XviD AC3-SANTi.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Final Destination 4 (2009) DVDRip XviD-MAXSPEED.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Heavy [2009]DVDRip[Xvid]AC3 5.1[Eng]BlueLady .avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Imaginarium of Doctor Parnassus[2009]DvDrip[Eng]-FXG.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Long Weekend (2005) - DVDRip - ENG.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Losers DVDSCR XViD IMAGiNE.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Marine 2 (2010) DVDR DivXNL-Team.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Pacific Part 9 - Okinawa XviD SAFCuk009.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Pacific.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Proposal 2009 BRRip H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\The Proposal 2009 DVDRip Xvid-ACE.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Proposal 2009 TELESYNC XVID-FLAWL3SS.torrent
c:\documents and settings\User\Application Data\BitTorrent\The Time Traveler's Wife 2009 BDRip H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\The Twight Saga NEW MOON SXCGALx.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Back.Up.Plan.DVDSCR.XviD- MC8.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Blind.Side.2009.DVDSCR.XviD-MegaPlay.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Book.of.Eli.TELESYNC.XviD-MENTiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Box.2009.DVDRip.XviD-MegaPlay.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Box.2009.R5.LiNE.XviD.v2-ViSiON.[Movie-Torrentz].torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Game.Plan.DVDRip.XviD-DiAMOND.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Goods.Live.Hard.Sell.Hard.2009.PROPER.DvDRiP.XviD-ExtraScene RG.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Invention.of.Lying.2009.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Keeper.2009.Dvdrip.NL-Subs.NLR-Team.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Last.House.On.The.Left.UNRATED.DVDRip.XviD-DASH.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Pacific.Pt.I.HDTV.XviD-SYS.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Pacific.Pt.II.HDTV.XviD-NoTV.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Pacific.Pt.VII.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Pacific.Pt.VIII.HDTV.XviD-RockToIt.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Spy.Next.Door.2010.R6.DVDRip.XviD-ViSiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Stepfather.2009.UNRATED.DVDRip.XviD-ARROW.[www.torrentfive.com].torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Taking.of.Pelham.1.2.3.2009.DVDRIP.H264-ZEKTORM.torrent
c:\documents and settings\User\Application Data\BitTorrent\The.Wolfman.UNRATED.DVDRip.XviD-DiAMOND.torrent
c:\documents and settings\User\Application Data\BitTorrent\Tooth Fairy.2010.R5.LiNE.Xvid {1337x}-Noir.torrent
c:\documents and settings\User\Application Data\BitTorrent\Transformers.Revenge.of.the.Fallen.DVDRip.XviD-iMBT.torrent
c:\documents and settings\User\Application Data\BitTorrent\TunnelRats 1337x-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Twilight.Saga.New.Moon.2009.PPV.XviD.AC3-Rx.torrent
c:\documents and settings\User\Application Data\BitTorrent\Undeclared.1.torrent
c:\documents and settings\User\Application Data\BitTorrent\Undeclared.torrent
c:\documents and settings\User\Application Data\BitTorrent\Up in the Air[2009]DvDrip[Eng]-FXG.torrent
c:\documents and settings\User\Application Data\BitTorrent\Valentine's Day 2010 TELESYNC H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\BitTorrent\Valentines.Day.2010.DVDRip.XviD-Larceny.torrent
c:\documents and settings\User\Application Data\BitTorrent\Valentines.Day.REPACK.TELESYNC.XviD-MENTiON.torrent
c:\documents and settings\User\Application Data\BitTorrent\Valhalla Rising 2009.BDRIP.Xvid.UniverSalAbsurdity.torrent
c:\documents and settings\User\Application Data\BitTorrent\Vice.2008.DVDRip.XviD-VoMiT.torrent
c:\documents and settings\User\Application Data\BitTorrent\whip It (2009) DvdRip [Xvid] {1337x}-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\WWE_SmackDown_Vs_RAW_2010_RF_XBOX360_REPACK-PROTOCOL.torrent
c:\documents and settings\User\Application Data\BitTorrent\Year One UNRATED DVDRip XviD-ARROW[NoRar][www.Yestorrent.com].torrent
c:\documents and settings\User\Application Data\BitTorrent\Year.One.2009.torrent
c:\documents and settings\User\Application Data\BitTorrent\ZombieLand (2009) CAM [Xvid] {1337x}-X.avi.torrent
c:\documents and settings\User\Application Data\BitTorrent\Zombieland 2009 R5 LINE H264-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\User\Application Data\LimeWire
c:\documents and settings\User\Application Data\LimeWire\.AppSpecialShare\Bolt[2008]DvDrip-aXXo.torrent.bak
c:\documents and settings\User\Application Data\LimeWire\.AppSpecialShare\vJZ4SWRN_Marley.And.Me.DVDRip.XviD-nsiervi.avi.torrent.bak
c:\documents and settings\User\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js

Anton_eric · May 24, 2010

c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\User\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\User\Application Data\LimeWire\createtimes.cache
c:\documents and settings\User\Application Data\LimeWire\downloads.dat
c:\documents and settings\User\Application Data\LimeWire\fileurns.cache
c:\documents and settings\User\Application Data\LimeWire\filters.props
c:\documents and settings\User\Application Data\LimeWire\gnutella.net
c:\documents and settings\User\Application Data\LimeWire\installation.props
c:\documents and settings\User\Application Data\LimeWire\library.dat
c:\documents and settings\User\Application Data\LimeWire\library5.dat
c:\documents and settings\User\Application Data\LimeWire\limewire.props
c:\documents and settings\User\Application Data\LimeWire\lock
c:\documents and settings\User\Application Data\LimeWire\mojito.props
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\4A128B02d01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\86336453d01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\9FCB996Ed01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF4d01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\BAFF9ABFd01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\User\Application Data\LimeWire\player.props
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\User\Application Data\LimeWire\questions.props
c:\documents and settings\User\Application Data\LimeWire\responses.cache
c:\documents and settings\User\Application Data\LimeWire\simpp.xml
c:\documents and settings\User\Application Data\LimeWire\spam.dat
c:\documents and settings\User\Application Data\LimeWire\tables.props
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\01_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\02_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\03_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\04_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\05_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\User\Application Data\LimeWire\ttdata.cache
c:\documents and settings\User\Application Data\LimeWire\ttrees.cache
c:\documents and settings\User\Application Data\LimeWire\ttroot.cache
c:\documents and settings\User\Application Data\LimeWire\version.xml
c:\documents and settings\User\Application Data\LimeWire\versions.props
c:\documents and settings\User\Application Data\LimeWire\xml\data\audio.sxml2
c:\documents and settings\User\Application Data\LimeWire\xml\data\audio.sxml3
c:\documents and settings\User\Application Data\LimeWire\xml\data\video.sxml3
c:\documents and settings\User\Application Data\Microsoft\HTML Help\hh.dat
C:\Documents
c:\program files\bittorrent
c:\program files\bittorrent\bittorrent.exe
c:\program files\bittorrent\uninst.exe

.
((((((((((((((((((((((((( Files Created from 2010-04-23 to 2010-05-23 )))))))))))))))))))))))))))))))
.

2010-05-23 00:49 . 2010-05-23 01:36 -------- d-----w- c:\program files\MSECACHE
2010-05-22 17:16 . 2010-05-22 17:16 -------- d-----w- C:\rsit
2010-05-21 21:47 . 2010-05-22 15:05 -------- d-----w- C:\ComboFix
2010-05-12 01:33 . 2010-05-12 01:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Whiz
2010-04-30 07:36 . 2010-05-21 05:18 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-30 07:36 . 2010-04-30 07:36 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-30 07:36 . 2010-05-11 08:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-04-29 22:25 . 2010-04-29 22:25 47292 ---ha-w- c:\windows\system32\mlfcache.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-23 13:42 . 2010-03-02 02:54 -------- d-----w- c:\program files\Diablo II
2010-05-23 03:52 . 2008-09-27 17:15 -------- d-----w- c:\program files\AVG
2010-05-23 03:51 . 2008-09-27 17:15 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2010-05-23 00:53 . 2008-09-27 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-22 19:02 . 2009-09-02 13:29 75 ----a-w- c:\documents and settings\User\jagex_runescape_preferences2.dat
2010-05-22 18:27 . 2008-09-27 17:07 69 ----a-w- c:\documents and settings\User\jagex_runescape_preferences.dat
2010-05-22 02:09 . 2009-10-29 03:29 -------- d-----w- c:\documents and settings\User\Application Data\vlc
2010-05-21 03:40 . 2008-04-14 12:00 4224 ----a-w- c:\windows\system32\drivers\rdpcdd.sys
2010-05-15 23:02 . 2009-12-04 22:49 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-05-15 18:29 . 2010-03-25 00:40 54657 ----a-w- c:\windows\DIIUnin.dat
2010-05-04 03:10 . 2010-03-17 05:58 256 ----a-w- c:\windows\system32\pool.bin
2010-03-25 00:52 . 2009-02-11 14:15 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-03-25 00:52 . 2009-02-11 14:15 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-03-25 00:52 . 2009-02-11 14:15 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-03-25 00:40 . 2010-03-25 00:40 2829 ----a-w- c:\windows\DIIUnin.pif
2010-03-25 00:40 . 2010-03-25 00:40 94208 ----a-w- c:\windows\DIIUnin.exe
2010-03-25 00:10 . 2010-03-25 00:10 0 ----a-w- c:\documents and settings\User\jagex__preferences3.dat
2010-03-17 06:07 . 2008-09-26 17:19 58608 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-15 02:39 . 2010-03-15 02:39 15 ----a-w- C:\resetlog.exe
2010-03-13 01:29 . 2010-03-13 01:29 1956808 ----a-w- c:\documents and settings\User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-03-11 12:38 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:38 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:38 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-09 11:09 . 2008-04-14 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2008-04-14 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-05-22_15.31.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-23 15:19 . 2010-05-23 15:19 16384 c:\windows\temp\Perflib_Perfdata_1dc.dat
+ 2009-05-19 14:15 . 2010-05-22 18:26 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
- 2009-05-19 14:15 . 2010-05-21 23:25 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2009-05-19 14:15 . 2010-05-22 18:26 86016 c:\windows\.jagex_cache_32\runescape\jaggl.dll
- 2009-05-19 14:15 . 2010-05-21 23:25 86016 c:\windows\.jagex_cache_32\runescape\jaggl.dll
+ 2010-05-13 13:56 . 2010-05-22 18:26 81920 c:\windows\.jagex_cache_32\runescape\hw3d.dll
- 2010-05-13 13:56 . 2010-05-21 23:25 81920 c:\windows\.jagex_cache_32\runescape\hw3d.dll
- 2010-02-08 22:25 . 2010-05-21 23:25 831488 c:\windows\.jagex_cache_32\runescape\sw3d.dll
+ 2010-02-08 22:25 . 2010-05-22 18:26 831488 c:\windows\.jagex_cache_32\runescape\sw3d.dll
- 2010-05-13 13:56 . 2010-05-21 23:25 102400 c:\windows\.jagex_cache_32\runescape\jagdx.dll
+ 2010-05-13 13:56 . 2010-05-22 18:26 102400 c:\windows\.jagex_cache_32\runescape\jagdx.dll
- 2010-05-13 13:56 . 2010-05-21 23:25 102400 c:\windows\.jagex_cache_32\runescape\jaclib.dll
+ 2010-05-13 13:56 . 2010-05-22 18:26 102400 c:\windows\.jagex_cache_32\runescape\jaclib.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-11 16844800]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-19 2046816]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-16 86016]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-16 13680640]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 1501064]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 14:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
2009-11-20 04:29 623960 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 22:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 11:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 22:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Steam\\steamapps\\ae_anton\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Program Files\\StarCraft II Beta\\StarCraft II.exe"=
"e:\\Program Files\\StarCraft II Beta\\Versions\\Base14133\\SC2.exe"=
"e:\\Program Files\\StarCraft II Beta\\Versions\\Base14093\\SC2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"5720:TCP"= 5720:TCP:Jumi Controller
"5720:UDP"= 5720:UDP:Jumi Controller

R0 BsStor;B.H.A Storage Helper Driver;c:\windows\system32\drivers\BsStor.sys [1/22/2009 7:06 PM 9344]
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [11/3/2009 5:51 PM 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [11/3/2009 5:51 PM 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9/27/2008 11:15 AM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9/27/2008 11:15 AM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/27/2008 11:15 AM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/27/2008 11:15 AM 297752]
S3 HTUGX;HTUGX;c:\docume~1\User\LOCALS~1\Temp\HTUGX.exe --> c:\docume~1\User\LOCALS~1\Temp\HTUGX.exe [?]
S4 BsUDF;B.H.A UDF Filesystem;c:\windows\system32\drivers\BsUDF.sys [1/22/2009 7:06 PM 394496]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 6:28 PM 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [7/10/2008 2:49 AM 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/10/2008 10:55 AM 721904]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 6:28 PM 369688]
.
Contents of the 'Scheduled Tasks' folder

2010-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\3u4ipr5s.default\
FF - plugin: c:\documents and settings\User\Application Data\Move Networks\plugins\npqmp071502000008.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

AddRemove-BitTorrent - c:\program files\BitTorrent\uninst.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-23 09:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8B040918]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba10cf28
\Driver\ACPI -> ACPI.sys @ 0xb9f59cb8
\Driver\atapi -> 0x8b040918
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Generic Marvell Yukon 88E8056 based Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9df2bb0
PacketIndicateHandler -> NDIS.sys @ 0xb9dffa21
SendHandler -> NDIS.sys @ 0xb9ddd87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
Completion time: 2010-05-23 09:27:50
ComboFix-quarantined-files.txt 2010-05-23 15:27
ComboFix2.txt 2010-05-22 17:14
ComboFix3.txt 2010-05-22 15:38

Pre-Run: 22,124,683,264 bytes free
Post-Run: 22,254,657,536 bytes free

- - End Of File - - 732C146EBB81165BFFB6A43AFA87787F

Anton_eric · May 24, 2010

DDS (Ver_10-03-17.01) - NTFSx86
Run by User at 12:46:36.57 on Mon 05/24/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2402 [GMT -6:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Desktop\jhgjh.com

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No File
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\3u4ipr5s.default\
FF - plugin: c:\documents and settings\user\application data\move networks\plugins\npqmp071502000008.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 BsStor;B.H.A Storage Helper Driver;c:\windows\system32\drivers\BsStor.sys [2009-1-22 9344]
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2009-11-3 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2009-11-3 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-9-27 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-9-27 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-9-27 108552]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-4-9 225344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-4-9 25240]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-9-27 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-9-27 297752]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-7-26 55640]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo livepcsupport\CLPSLS.exe [2010-2-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-4-9 1769216]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-8-27 12672]
S1 avgio;avgio;\??\c:\program files\avira\antivir desktop\avgio.sys --> c:\program files\avira\antivir desktop\avgio.sys [?]
S3 HTUGX;HTUGX;c:\docume~1\user\locals~1\temp\htugx.exe --> c:\docume~1\user\locals~1\temp\HTUGX.exe [?]
S4 BsUDF;B.H.A UDF Filesystem;c:\windows\system32\drivers\BsUDF.sys [2009-1-22 394496]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-10 369688]

=============== Created Last 30 ================

2010-05-24 01:36:11 0 d-----w- c:\docume~1\alluse~1\applic~1\COMODO
2010-05-24 01:32:16 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-23 15:37:15 0 d-----w- c:\documents and settings\user\.SunDownloadManager
2010-05-23 15:32:50 0 d-----w- c:\program files\COMODO
2010-05-23 15:32:19 0 d-----w- c:\docume~1\alluse~1\applic~1\Comodo Downloader
2010-05-23 00:49:05 0 d-----w- c:\program files\MSECACHE
2010-05-21 21:50:30 77312 ----a-w- c:\windows\MBR.exe
2010-05-21 21:50:29 98816 ----a-w- c:\windows\sed.exe
2010-05-21 21:50:29 161792 ----a-w- c:\windows\SWREG.exe
2010-05-21 21:47:35 0 d-----w- C:\ComboFix
2010-05-15 23:06:07 130 ----a-w- c:\windows\cfplogvw.INI
2010-05-12 01:33:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Driver Whiz
2010-04-30 07:36:21 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-30 07:36:21 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-29 22:25:02 47292 ---ha-w- c:\windows\system32\mlfcache.dat

==================== Find3M ====================

2010-05-22 19:02:39 75 ----a-w- c:\documents and settings\user\jagex_runescape_preferences2.dat
2010-05-22 18:27:04 69 ----a-w- c:\documents and settings\user\jagex_runescape_preferences.dat
2010-05-21 03:40:33 4224 ----a-w- c:\windows\system32\drivers\rdpcdd.sys
2010-05-15 23:02:31 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-05-15 18:29:06 54657 ----a-w- c:\windows\DIIUnin.dat
2010-04-26 21:58:12 256512 ----a-w- c:\windows\PEV.exe
2010-04-09 07:26:12 277240 ----a-w- c:\windows\system32\guard32.dll
2010-04-09 07:25:46 25240 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-04-09 07:25:46 225344 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-04-09 07:25:44 15464 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-03-25 00:52:33 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-03-25 00:52:33 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-03-25 00:52:33 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-03-25 00:40:06 2829 ----a-w- c:\windows\DIIUnin.pif
2010-03-25 00:40:05 94208 ----a-w- c:\windows\DIIUnin.exe
2010-03-25 00:10:45 0 ----a-w- c:\documents and settings\user\jagex__preferences3.dat
2010-03-15 02:39:58 15 ----a-w- C:\resetlog.exe
2010-03-11 12:38:54 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:38:52 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:38:51 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-09 11:09:18 430080 ----a-w- c:\windows\system32\vbscript.dll
2009-07-20 23:06:58 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009072020090721\index.dat

============= FINISH: 12:46:59.12 ===============

also windows keeps trying to install roxio media manager and will not go away no matter what i try if i click cancel it freezes for a bit then tries again right after and is very annoying and lagging up the entire computer is there a way to get rid of this?

Blade81 · May 24, 2010

Hi,

Have you run Kaspersky online scanner yet?

also windows keeps trying to install roxio media manager and will not go away no matter what i try if i click cancel it freezes for a bit then tries again right after and is very annoying and lagging up the entire computer is there a way to get rid of this?

Have you tried to uninstall it in add/remove programs?

Anton_eric · May 24, 2010

Blade81 said:
Hi,

Have you run Kaspersky online scanner yet?

Have you tried to uninstall it in add/remove programs?

yes i did run it but i forgot to post the log and now i do not have one. i tried running it again but it wont run for me!

and i did remove roxio from the control pannel and all of its registry's but that did not stop it

Blade81 · May 25, 2010

tried running it again but it wont run for me!

Any specific error?

For Roxio issue try this:

1. Open Task Manager.
In Applications, right click on the RMM install process
Left click on go to process
This step puts you on ISUSPM.exe.
Left click on end process

2. Go back to Task Manager, select Processes
Find msiexec.exe
Left click on it and left click on end process

3. Uninstall Roxio Media Manager

4. Download and run Windows Install Clean Up utility from: http://support.microsoft.com/kb/290301.
If it it errors out because another install program is running, repeat 2.

5. Remove all instances of Roxio programs.

Anton_eric · May 25, 2010

Blade81 said:
Any specific error?

For Roxio issue try this:

1. Open Task Manager.
In Applications, right click on the RMM install process
Left click on go to process
This step puts you on ISUSPM.exe.
Left click on end process

2. Go back to Task Manager, select Processes
Find msiexec.exe
Left click on it and left click on end process

3. Uninstall Roxio Media Manager

4. Download and run Windows Install Clean Up utility from: http://support.microsoft.com/kb/290301.
If it it errors out because another install program is running, repeat 2.

5. Remove all instances of Roxio programs.

kaspery is running but when i click go to process on roxio it goes to something called agent.exe so i ended that and the other processes you told me to and ran the cleanup tool and seems to keep coming back?

Blade81 · May 25, 2010

Hi,

Kill all agent.exe, ISUSPM.exe and msiexec.exe named processes (only name matters not if the name contains capital letters or not). Then try to run Windows Installer CleanUp Utility to uninstall Roxio related things.

Anton_eric · May 25, 2010

Blade81 said:
Hi,

Kill all agent.exe, ISUSPM.exe and msiexec.exe named processes (only name matters not if the name contains capital letters or not). Then try to run Windows Installer CleanUp Utility to uninstall Roxio related things.

i did that and it dosnt seem like it came back yet thanks ill post the kaspery log when i get home

Blade81 · May 25, 2010

Ok. Shall wait for the results

Anton_eric · May 26, 2010

Blade81 said:
Ok. Shall wait for the results

should this be taking a long time? so far its 2% done after 40 mins of scanning?

Anton_eric · May 26, 2010

so the roxio thing is gone except it comes up when i reboot the computer is there anyway to get rid of this?

Blade81 · May 26, 2010

Hi,

should this be taking a long time? so far its 2% done after 40 mins of scanning?

Depends how badly hard drive is fragmented. Have antivirus protection disabled.

Open notepad and copy/paste the text in the quotebox below into it:

Code:

DDS::
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
Quit::

Save this as
CFScript

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.

Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log + fresh dds log. See if Roxio issue pops up.

Anton_eric · May 26, 2010

ComboFix 10-05-25.05 - User 05/26/2010 8:39.8.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2796 [GMT -6:00]
Running from: c:\documents and settings\User\Desktop\ComboFix1.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\common files\installshield\updateservice\ISUSPM.exe

.
((((((((((((((((((((((((( Files Created from 2010-04-26 to 2010-05-26 )))))))))))))))))))))))))))))))
.

2010-05-24 20:12 . 2010-05-24 20:12 -------- d-----w- c:\program files\Common Files\Java
2010-05-24 01:36 . 2010-05-24 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\COMODO
2010-05-24 01:32 . 2010-05-24 01:32 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-527a3805-n\msvcp71.dll
2010-05-24 01:32 . 2010-05-24 01:32 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-527a3805-n\jmc.dll
2010-05-24 01:32 . 2010-05-24 01:32 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-527a3805-n\msvcr71.dll
2010-05-24 01:32 . 2010-05-24 01:32 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5987508f-n\decora-sse.dll
2010-05-24 01:32 . 2010-05-24 01:32 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5987508f-n\decora-d3d.dll
2010-05-24 01:32 . 2010-05-24 20:11 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-23 15:37 . 2010-05-23 15:40 -------- d-----w- c:\documents and settings\User\.SunDownloadManager
2010-05-23 15:32 . 2010-05-23 15:33 -------- d-----w- c:\program files\COMODO
2010-05-23 15:32 . 2010-05-23 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo Downloader
2010-05-23 00:49 . 2010-05-25 14:35 -------- d-----w- c:\program files\MSECACHE
2010-05-22 17:16 . 2010-05-22 17:16 -------- d-----w- C:\rsit
2010-05-21 21:47 . 2010-05-22 15:05 -------- d-----w- C:\ComboFix
2010-05-12 01:33 . 2010-05-12 01:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Whiz
2010-04-30 07:36 . 2010-05-21 05:18 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-30 07:36 . 2010-04-30 07:36 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-30 07:36 . 2010-05-11 08:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-04-29 22:25 . 2010-04-29 22:25 47292 ---ha-w- c:\windows\system32\mlfcache.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-26 14:22 . 2010-03-02 02:54 -------- d-----w- c:\program files\Diablo II
2010-05-24 22:45 . 2008-09-27 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-23 03:52 . 2008-09-27 17:15 -------- d-----w- c:\program files\AVG
2010-05-23 03:51 . 2008-09-27 17:15 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2010-05-22 19:02 . 2009-09-02 13:29 75 ----a-w- c:\documents and settings\User\jagex_runescape_preferences2.dat
2010-05-22 18:27 . 2008-09-27 17:07 69 ----a-w- c:\documents and settings\User\jagex_runescape_preferences.dat
2010-05-22 02:09 . 2009-10-29 03:29 -------- d-----w- c:\documents and settings\User\Application Data\vlc
2010-05-21 03:40 . 2008-04-14 12:00 4224 ----a-w- c:\windows\system32\drivers\rdpcdd.sys
2010-05-15 23:02 . 2009-12-04 22:49 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-05-15 18:29 . 2010-03-25 00:40 54657 ----a-w- c:\windows\DIIUnin.dat
2010-05-04 03:10 . 2010-03-17 05:58 256 ----a-w- c:\windows\system32\pool.bin
2010-04-09 07:26 . 2010-04-09 07:26 277240 ----a-w- c:\windows\system32\guard32.dll
2010-04-09 07:25 . 2010-04-09 07:25 86800 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-04-09 07:25 . 2010-04-09 07:25 25240 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-04-09 07:25 . 2010-04-09 07:25 225344 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-04-09 07:25 . 2010-04-09 07:25 15464 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-03-25 00:52 . 2009-02-11 14:15 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-03-25 00:52 . 2009-02-11 14:15 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-03-25 00:52 . 2009-02-11 14:15 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-03-25 00:40 . 2010-03-25 00:40 2829 ----a-w- c:\windows\DIIUnin.pif
2010-03-25 00:40 . 2010-03-25 00:40 94208 ----a-w- c:\windows\DIIUnin.exe
2010-03-25 00:10 . 2010-03-25 00:10 0 ----a-w- c:\documents and settings\User\jagex__preferences3.dat
2010-03-17 06:07 . 2008-09-26 17:19 58608 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-15 02:39 . 2010-03-15 02:39 15 ----a-w- C:\resetlog.exe
2010-03-13 01:29 . 2010-03-13 01:29 1956808 ----a-w- c:\documents and settings\User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-03-11 12:38 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:38 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:38 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-09 11:09 . 2008-04-14 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-05-22_15.31.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-26 14:38 . 2010-05-26 14:38 16384 c:\windows\temp\Perflib_Perfdata_4c0.dat
- 2008-04-14 12:00 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2009-01-07 03:30 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2009-01-07 03:30 . 2009-05-26 09:01 17272 c:\windows\system32\spmsg.dll
+ 2009-12-22 02:09 . 2009-12-22 02:09 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\ViewerPS.dll
+ 2009-12-22 07:57 . 2009-12-22 07:57 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\reader_sl.exe
+ 2009-12-22 02:02 . 2009-12-22 02:02 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPrevHndlr.dll
+ 2009-12-22 05:21 . 2009-12-22 05:21 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\eula.exe
+ 2009-12-11 21:57 . 2009-12-11 21:57 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\adobeextractfiles.dll
+ 2009-12-22 05:37 . 2009-12-22 05:37 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrotextextractor.exe
+ 2009-12-22 00:39 . 2009-12-22 00:39 15288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32Info.exe
+ 2009-12-22 00:27 . 2009-12-22 00:27 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acroiehelpershim.dll
+ 2009-12-22 00:27 . 2009-12-22 00:27 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroIEHelper.dll
- 2009-05-19 14:15 . 2010-05-21 23:25 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2009-05-19 14:15 . 2010-05-22 18:26 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2009-05-19 14:15 . 2010-05-22 18:26 86016 c:\windows\.jagex_cache_32\runescape\jaggl.dll
- 2009-05-19 14:15 . 2010-05-21 23:25 86016 c:\windows\.jagex_cache_32\runescape\jaggl.dll
- 2010-05-13 13:56 . 2010-05-21 23:25 81920 c:\windows\.jagex_cache_32\runescape\hw3d.dll
+ 2010-05-13 13:56 . 2010-05-22 18:26 81920 c:\windows\.jagex_cache_32\runescape\hw3d.dll
+ 2010-05-24 20:12 . 2010-05-24 20:11 153376 c:\windows\system32\javaws.exe
- 2009-08-12 13:45 . 2009-07-25 11:23 145184 c:\windows\system32\javaw.exe
+ 2010-05-24 20:12 . 2010-05-24 20:11 145184 c:\windows\system32\javaw.exe
+ 2010-05-24 20:12 . 2010-05-24 20:11 145184 c:\windows\system32\java.exe
- 2009-08-12 13:45 . 2009-07-25 11:23 145184 c:\windows\system32\java.exe
+ 2010-05-24 20:12 . 2010-05-24 20:12 180224 c:\windows\Installer\76b39.msi
+ 2010-05-24 20:11 . 2010-05-24 20:11 576000 c:\windows\Installer\76b33.msi
+ 2009-12-11 21:57 . 2009-12-11 21:57 326056 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\readerupdater.exe
+ 2009-12-22 00:35 . 2009-12-22 00:35 378264 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\pdfshell.dll
+ 2009-12-22 02:05 . 2009-12-22 02:05 116168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPrevHndlrShim.exe
+ 2009-12-22 00:34 . 2009-12-22 00:34 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\nppdf32.dll
+ 2009-11-10 01:18 . 2009-11-10 01:18 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\JP2KLib.dll
+ 2009-12-22 02:02 . 2009-12-22 02:02 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AdobeCollabSync.exe
+ 2009-12-11 21:57 . 2009-12-11 21:57 948672 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\adobearm.exe
+ 2009-12-22 00:43 . 2009-12-22 00:43 120240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRdIF.dll
+ 2009-12-22 07:57 . 2009-12-22 07:57 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32.exe
+ 2009-12-22 00:15 . 2009-12-22 00:15 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroPDF.dll
+ 2009-12-22 01:32 . 2009-12-22 01:32 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrobroker.exe
+ 2009-12-11 21:57 . 2009-12-11 21:57 326056 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrobatupdater.exe
+ 2009-12-22 01:15 . 2009-12-22 01:15 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\a3dutility.exe
- 2010-02-08 22:25 . 2010-05-21 23:25 831488 c:\windows\.jagex_cache_32\runescape\sw3d.dll
+ 2010-02-08 22:25 . 2010-05-22 18:26 831488 c:\windows\.jagex_cache_32\runescape\sw3d.dll
- 2010-05-13 13:56 . 2010-05-21 23:25 102400 c:\windows\.jagex_cache_32\runescape\jagdx.dll
+ 2010-05-13 13:56 . 2010-05-22 18:26 102400 c:\windows\.jagex_cache_32\runescape\jagdx.dll
- 2010-05-13 13:56 . 2010-05-21 23:25 102400 c:\windows\.jagex_cache_32\runescape\jaclib.dll
+ 2010-05-13 13:56 . 2010-05-22 18:26 102400 c:\windows\.jagex_cache_32\runescape\jaclib.dll
+ 2010-05-23 15:34 . 2010-05-23 15:34 3651072 c:\windows\Installer\b2c00.msi
+ 2010-05-23 15:32 . 2010-05-23 15:32 1516544 c:\windows\Installer\b2bfc.msi
+ 2009-12-22 00:29 . 2009-12-22 00:29 2409880 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\rt3d.dll
+ 2009-10-28 02:34 . 2009-10-28 02:34 5009408 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\authplay.dll
+ 2009-12-22 05:31 . 2009-12-22 05:31 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AGM.dll
+ 2010-05-23 15:30 . 2010-05-23 15:30 11850240 c:\windows\Installer\b2bf6.msp
+ 2009-12-22 05:21 . 2009-12-22 05:21 20436408 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-11 16844800]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-19 2046816]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-16 86016]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-16 13680640]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 1501064]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-09 2029456]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 14:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
2009-11-20 04:29 623960 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 22:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 11:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 22:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Steam\\steamapps\\ae_anton\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Program Files\\StarCraft II Beta\\StarCraft II.exe"=
"e:\\Program Files\\StarCraft II Beta\\Versions\\Base14133\\SC2.exe"=
"e:\\Program Files\\StarCraft II Beta\\Versions\\Base14093\\SC2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"5720:TCP"= 5720:TCP:Jumi Controller
"5720:UDP"= 5720:UDP:Jumi Controller

R0 BsStor;B.H.A Storage Helper Driver;c:\windows\system32\drivers\BsStor.sys [1/22/2009 7:06 PM 9344]
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [11/3/2009 5:51 PM 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [11/3/2009 5:51 PM 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9/27/2008 11:15 AM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9/27/2008 11:15 AM 108552]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [4/9/2010 1:25 AM 225344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [4/9/2010 1:25 AM 25240]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/27/2008 11:15 AM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/27/2008 11:15 AM 297752]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [2/19/2010 5:00 PM 148744]
S3 HTUGX;HTUGX;c:\docume~1\User\LOCALS~1\Temp\HTUGX.exe --> c:\docume~1\User\LOCALS~1\Temp\HTUGX.exe [?]
S4 BsUDF;B.H.A UDF Filesystem;c:\windows\system32\drivers\BsUDF.sys [1/22/2009 7:06 PM 394496]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 6:28 PM 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [7/10/2008 2:49 AM 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/10/2008 10:55 AM 721904]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 6:28 PM 369688]
.
Contents of the 'Scheduled Tasks' folder

2010-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\3u4ipr5s.default\
FF - plugin: c:\documents and settings\User\Application Data\Move Networks\plugins\npqmp071502000008.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-26 08:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8AA833B0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba10cf28
\Driver\ACPI -> ACPI.sys @ 0xb9f59cb8
\Driver\atapi -> 0x8aa833b0
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
Completion time: 2010-05-26 08:45:57
ComboFix-quarantined-files.txt 2010-05-26 14:45
ComboFix2.txt 2010-05-24 20:03
ComboFix3.txt 2010-05-23 15:27
ComboFix4.txt 2010-05-22 17:14
ComboFix5.txt 2010-05-26 14:34

Pre-Run: 50,344,202,240 bytes free
Post-Run: 50,426,474,496 bytes free

- - End Of File - - 7B1C6DEB2F9826475E793DBA13173E3D

Wednesday, May 26, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, May 25, 2010 18:12:12
Records in database: 4171113
Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes
Scan area My Computer
C:\
D:\
E:\
F:\
H:\
Scan statistics
Objects scanned 89631
Threats found 0
Infected objects found 0
Suspicious objects found 0
Scan duration 01:17:29

No threats found. Scanned area is clean.
Selected area has been scanned.

Anton_eric · May 26, 2010

oh yeah i forgot to add combofix says there is rootkit activity and needs to restart still everytime it is being ran.

Blade81 · May 26, 2010

Hi,

Please see if you're able to run GMER now (disable protection software first).

Anton_eric · May 26, 2010

Blade81 said:
Hi,

Please see if you're able to run GMER now (disable protection software first).

i tried and i was unable to start it. it opens and runs for a few seconds then tells me to send an error report. and the program closes on me. as soon as i open it, it starts and i cannot click on any of the checked boxes.

Blade81 · May 27, 2010

Hi,

Run ComboFix with following script:

Code:

DeQuarantine::
c:\qoobox\quarantine\c\program files\common files\installshield\updateservice\ISUSPM.exe.vir
Quit::

It should generate DeQuarantine.txt log for you. Post back its contents.

1. Download TDSSKiller and extract its contents into a folder in desired location (i.e. c:\tdsskiller).
2. Execute the file TDSSKiller.exe and wait for the process to finish.
3. Post back contents of log file in c: drive root (name should be in UtilityName.Version_Date_Time_log.txt format)

Anton_eric · May 27, 2010

c:\qoobox\quarantine\c\program files\common files\installshield\updateservice\ISUSPM.exe.vir -> c:\program files\common files\installshield\updateservice\ISUSPM.exe ( 206112 bytes )

08:44:18:375 3164 TDSS rootkit removing tool 2.3.1.0 May 25 2010 12:52:14
08:44:18:375 3164 ================================================================================
08:44:18:375 3164 SystemInfo:

08:44:18:375 3164 OS Version: 5.1.2600 ServicePack: 3.0
08:44:18:375 3164 Product type: Workstation
08:44:18:375 3164 ComputerName: DOWNSTAIRS
08:44:18:375 3164 UserName: User
08:44:18:375 3164 Windows directory: C:\WINDOWS
08:44:18:375 3164 Processor architecture: Intel x86
08:44:18:375 3164 Number of processors: 2
08:44:18:375 3164 Page size: 0x1000
08:44:18:375 3164 Boot type: Normal boot
08:44:18:375 3164 ================================================================================
08:44:18:718 3164 Initialize success
08:44:18:718 3164
08:44:18:718 3164 Scanning Services ...
08:44:19:062 3164 Raw services enum returned 355 services
08:44:19:062 3164
08:44:19:062 3164 Scanning Drivers ...
08:44:19:875 3164 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:44:19:906 3164 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:44:19:953 3164 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:44:20:046 3164 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
08:44:20:109 3164 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:44:20:140 3164 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:44:20:171 3164 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:44:20:234 3164 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:44:20:281 3164 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:44:20:375 3164 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys
08:44:20:468 3164 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys
08:44:20:500 3164 avgntflt (551d52aa398392f427ce2538051da947) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
08:44:20:546 3164 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\WINDOWS\System32\Drivers\avgtdix.sys
08:44:20:578 3164 avipbb (452e382340bb0c5e694ed9d3625356d0) C:\WINDOWS\system32\DRIVERS\avipbb.sys
08:44:20:640 3164 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:44:20:687 3164 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
08:44:20:703 3164 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
08:44:20:734 3164 BsStor (d6d0f3860f022a12e888965f8237cbd9) C:\WINDOWS\system32\drivers\BsStor.sys
08:44:20:781 3164 BsUDF (588f5e394617e879097f39064542cb40) C:\WINDOWS\system32\drivers\BsUDF.sys
08:44:20:937 3164 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:44:20:968 3164 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:44:21:000 3164 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:44:21:031 3164 cdrbsvsd (7fc46240546c16c0448c29c9d233b915) C:\WINDOWS\system32\drivers\cdrbsvsd.sys
08:44:21:093 3164 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:44:21:203 3164 cmdGuard (ee8d7168cbbe3af052ea93015f51abe9) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
08:44:21:250 3164 cmdHlp (45a1f7d2890681f22406458d93d03cc1) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
08:44:21:281 3164 cpuz132 (097a0a4899b759a4f032bd464963b4be) C:\WINDOWS\system32\drivers\cpuz132_x32.sys
08:44:21:328 3164 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
08:44:21:390 3164 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
08:44:21:437 3164 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:44:21:484 3164 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:44:21:531 3164 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:44:21:593 3164 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:44:21:625 3164 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:44:21:640 3164 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:44:21:656 3164 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:44:21:703 3164 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
08:44:21:718 3164 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:44:21:765 3164 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
08:44:21:843 3164 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:44:21:875 3164 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:44:21:968 3164 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:44:22:015 3164 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:44:22:062 3164 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:44:22:093 3164 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:44:22:156 3164 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:44:22:218 3164 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:44:22:265 3164 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:44:22:312 3164 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:44:22:421 3164 Inspect (508837e828309bd8444ae5c7550c2c17) C:\WINDOWS\system32\DRIVERS\inspect.sys
08:44:22:546 3164 IntcAzAudAddService (274ff777c369cc8f05a4b4f9a243335b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:44:22:656 3164 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:44:22:687 3164 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:44:22:703 3164 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:44:22:718 3164 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:44:22:765 3164 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:44:22:796 3164 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:44:22:875 3164 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:44:22:921 3164 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:44:22:953 3164 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:44:22:968 3164 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:44:23:015 3164 klmd23 (0b06b0a25e08df0d536402bce3bde61e) C:\WINDOWS\system32\drivers\klmd.sys
08:44:23:078 3164 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:44:23:125 3164 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:44:23:171 3164 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:44:23:203 3164 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:44:23:265 3164 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:44:23:312 3164 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:44:23:328 3164 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:44:23:359 3164 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:44:23:453 3164 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:44:23:625 3164 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:44:24:000 3164 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:44:24:171 3164 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:44:24:281 3164 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:44:24:453 3164 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:44:24:484 3164 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
08:44:24:546 3164 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:44:24:562 3164 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:44:24:625 3164 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:44:24:640 3164 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:44:24:656 3164 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
08:44:24:703 3164 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:44:24:734 3164 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:44:24:828 3164 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:44:24:890 3164 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:44:24:906 3164 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:44:24:953 3164 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:44:25:125 3164 nv (90a2fe4b6e558e05e88e4517001a33ea) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:44:25:328 3164 nvsmu (2a085aec3ab2b1211611d2a7b9e22456) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
08:44:25:359 3164 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:44:25:359 3164 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:44:25:437 3164 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:44:25:468 3164 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
08:44:25:515 3164 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:44:25:546 3164 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:44:25:609 3164 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:44:25:625 3164 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:44:25:656 3164 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:44:25:781 3164 PnkBstrK (10be25c04613b70d8ce1f412e14d9454) C:\WINDOWS\system32\drivers\PnkBstrK.sys
08:44:25:875 3164 Point32 (e5582e43e167cf367757d81e9727da2a) C:\WINDOWS\system32\DRIVERS\point32.sys
08:44:25:906 3164 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:44:25:921 3164 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:44:25:953 3164 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:44:26:000 3164 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:44:26:046 3164 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:44:26:062 3164 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:44:26:062 3164 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:44:26:078 3164 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:44:26:125 3164 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:44:26:140 3164 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:44:26:171 3164 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
08:44:26:250 3164 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:44:26:281 3164 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
08:44:26:328 3164 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
08:44:26:359 3164 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
08:44:26:421 3164 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\WINDOWS\system32\DRIVERS\RsFx0102.sys
08:44:26:468 3164 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:44:26:500 3164 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:44:26:562 3164 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
08:44:26:609 3164 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:44:26:640 3164 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:44:26:687 3164 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
08:44:26:781 3164 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:44:26:828 3164 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
08:44:26:843 3164 ssmdrv (654dfea96bc82b4acda4f37e5e4a3bbf) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
08:44:26:890 3164 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:44:26:921 3164 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:44:26:968 3164 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:44:27:046 3164 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:44:27:078 3164 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:44:27:140 3164 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:44:27:187 3164 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:44:27:234 3164 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:44:27:281 3164 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:44:27:312 3164 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
08:44:27:406 3164 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
08:44:27:437 3164 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:44:27:484 3164 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:44:27:531 3164 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:44:27:640 3164 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:44:27:703 3164 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:44:27:781 3164 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:44:27:828 3164 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:44:27:937 3164 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:44:28:000 3164 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:44:28:046 3164 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:44:28:109 3164 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:44:28:171 3164 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
08:44:28:203 3164 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:44:28:296 3164 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:44:28:375 3164 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:44:28:546 3164 yukonwxp (67331fd053f97a874a60374be6b59523) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
08:44:28:546 3164
08:44:28:546 3164 Completed
08:44:28:546 3164
08:44:28:546 3164 Results:
08:44:28:546 3164 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
08:44:28:546 3164 File objects infected / cured / cured on reboot: 0 / 0 / 0
08:44:28:546 3164
08:44:28:546 3164 KLMD(ARK) unloaded successfully

s&d constantlly removing viruses. they always come back

Security Expert: Emeritus

New member

New member

New member

Security Expert: Emeritus

New member

Security Expert: Emeritus

New member

Security Expert: Emeritus

New member

Security Expert: Emeritus

New member

New member

Security Expert: Emeritus

New member

New member

Security Expert: Emeritus

New member

Security Expert: Emeritus

New member