Combo Fix LogComboFix 09-07-04.04 - User 05/07/2009 16:45.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.3327.2556 [GMT 9.5:30]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\User\Application Data\LimeWire
c:\documents and settings\User\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\User\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\User\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\User\Application Data\LimeWire\createtimes.cache
c:\documents and settings\User\Application Data\LimeWire\downloads.dat
c:\documents and settings\User\Application Data\LimeWire\fileurns.bak
c:\documents and settings\User\Application Data\LimeWire\fileurns.cache
c:\documents and settings\User\Application Data\LimeWire\filters.props
c:\documents and settings\User\Application Data\LimeWire\gnutella.net
c:\documents and settings\User\Application Data\LimeWire\installation.props
c:\documents and settings\User\Application Data\LimeWire\library.dat
c:\documents and settings\User\Application Data\LimeWire\library5.dat
c:\documents and settings\User\Application Data\LimeWire\limewire.props
c:\documents and settings\User\Application Data\LimeWire\mojito.props
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF8d01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\Cache\BAFF9A98d01
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\User\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\User\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\User\Application Data\LimeWire\questions.props
c:\documents and settings\User\Application Data\LimeWire\responses.cache
c:\documents and settings\User\Application Data\LimeWire\simpp.xml
c:\documents and settings\User\Application Data\LimeWire\spam.dat
c:\documents and settings\User\Application Data\LimeWire\tables.props
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\01_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\02_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\03_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\04_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\05_star.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\User\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\User\Application Data\LimeWire\ttdata.cache
c:\documents and settings\User\Application Data\LimeWire\ttrees.cache
c:\documents and settings\User\Application Data\LimeWire\ttroot.cache
c:\documents and settings\User\Application Data\LimeWire\version.xml
c:\documents and settings\User\Application Data\LimeWire\versions.props
c:\documents and settings\User\Application Data\LimeWire\xml\data\audio.sxml2
c:\documents and settings\User\Application Data\LimeWire\xml\data\audio.sxml3
c:\program files\Ares
c:\program files\Ares\dxva_sig.txt
c:\program files\BitTorrent
c:\program files\BitTorrent\addrmap.dat
c:\program files\BitTorrent\credits-l10n.txt
c:\program files\BitTorrent\plugin.inf
c:\program files\LimeWire
c:\program files\LimeWire\additional_resources.pack
c:\program files\LimeWire\aopalliance.pack
c:\program files\LimeWire\base64-2.2.2.pack
c:\program files\LimeWire\clink.pack
c:\program files\LimeWire\commons-codec-1.3.pack
c:\program files\LimeWire\commons-logging.pack
c:\program files\LimeWire\commons-math-1.2.pack
c:\program files\LimeWire\daap.pack
c:\program files\LimeWire\dnsjava-2.0.6.pack
c:\program files\LimeWire\gettext-commons.pack
c:\program files\LimeWire\glazedlists-1.7.0_java15.pack
c:\program files\LimeWire\guice-assistedinject-snapshot.pack
c:\program files\LimeWire\guice-snapshot.pack
c:\program files\LimeWire\hsqldb.pack
c:\program files\LimeWire\httpclient-4.0-beta1.pack
c:\program files\LimeWire\httpcore-4.0-beta2.pack
c:\program files\LimeWire\httpcore-nio-4.0-beta2.pack
c:\program files\LimeWire\icu4j.pack
c:\program files\LimeWire\iTunes-0.0.1.pack
c:\program files\LimeWire\jacob-1.14.1.pack
c:\program files\LimeWire\jaudiotagger.pack
c:\program files\LimeWire\jcip-annotations.pack
c:\program files\LimeWire\jcraft.pack
c:\program files\LimeWire\jdic.pack
c:\program files\LimeWire\jdic_stub.pack
c:\program files\LimeWire\jflac.pack
c:\program files\LimeWire\jl.pack
c:\program files\LimeWire\jmdns.pack
c:\program files\LimeWire\jna.pack
c:\program files\LimeWire\jogg.pack
c:\program files\LimeWire\jorbis.pack
c:\program files\LimeWire\jxlayer.pack
c:\program files\LimeWire\lib\commons-net.jar
c:\program files\LimeWire\lib\dnsjava.jar
c:\program files\LimeWire\lib\forms.jar
c:\program files\LimeWire\lib\foxtrot.jar
c:\program files\LimeWire\lib\guice-1.0.jar
c:\program files\LimeWire\lib\httpclient-4.0-alpha5-20080522.192134-5.jar
c:\program files\LimeWire\lib\httpcore-4.0-beta2-20080510.140437-10.jar
c:\program files\LimeWire\lib\httpcore-nio-4.0-beta2-20080510.140437-10.jar
c:\program files\LimeWire\lib\looks.jar
c:\program files\LimeWire\lib\ProgressTabs.jar
c:\program files\LimeWire\lib\swt.jar
c:\program files\LimeWire\lib\themes.jar
c:\program files\LimeWire\lib\tray.dll
c:\program files\LimeWire\lib\UnpackedJars.7z
c:\program files\LimeWire\LimeWire.jar.tmp
c:\program files\LimeWire\log4j.pack
c:\program files\LimeWire\messages.pack
c:\program files\LimeWire\miglayout.pack
c:\program files\LimeWire\mozdom4java.pack
c:\program files\LimeWire\MozillaGlue-1.9.pack
c:\program files\LimeWire\MozillaInterfaces-1.9.pack
c:\program files\LimeWire\mozswing.pack
c:\program files\LimeWire\mp3spi.pack
c:\program files\LimeWire\onion-common.pack
c:\program files\LimeWire\onion-fec.pack
c:\program files\LimeWire\smack.pack
c:\program files\LimeWire\smackx-debug.pack
c:\program files\LimeWire\smackx.pack
c:\program files\LimeWire\swing-worker-1.1.pack
c:\program files\LimeWire\swingx-0.9.4.pack
c:\program files\LimeWire\tritonus.pack
c:\program files\LimeWire\vorbisspi.pack
.
((((((((((((((((((((((((( Files Created from 2009-06-05 to 2009-07-05 )))))))))))))))))))))))))))))))
.
2009-07-05 02:19 . 2009-06-12 05:51 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-05 02:19 . 2009-06-12 05:51 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-05 02:19 . 2009-06-12 05:51 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-05 02:19 . 2009-06-12 05:51 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-04 12:28 . 2009-07-04 12:28 314712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-07-04 12:28 . 2009-07-04 12:28 25440 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\savapibridge.dll
2009-07-04 12:28 . 2009-07-04 12:28 15688 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-07-04 12:28 . 2009-07-04 12:28 169312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-07-04 12:28 . 2009-07-04 12:28 348496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-07-04 12:28 . 2009-07-04 12:28 298336 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-07-04 12:28 . 2009-07-04 12:28 84832 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-07-04 12:28 . 2009-07-04 12:28 1630560 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-07-04 12:28 . 2009-07-04 12:28 246128 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-07-04 12:28 . 2009-07-04 12:28 40288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-07-04 12:28 . 2009-07-04 12:28 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-07-04 12:27 . 2009-07-04 12:27 85352 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe
2009-07-04 12:27 . 2009-07-04 12:27 664424 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-07-04 12:27 . 2009-07-04 12:27 563064 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-07-04 12:27 . 2009-07-04 12:27 566632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-07-04 12:27 . 2009-07-04 12:27 2352968 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-07-04 12:27 . 2009-07-04 12:27 629072 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-07-04 12:27 . 2009-07-04 12:27 520024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-07-04 12:27 . 2009-07-04 12:27 1029456 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-07-02 08:30 . 2009-07-02 08:30 -------- d-----w- C:\rsit
2009-06-30 06:34 . 2009-06-30 06:34 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-06-29 10:51 . 2009-07-04 12:28 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-06-29 10:16 . 2009-07-04 12:28 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-06-29 10:15 . 2009-06-29 10:15 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-29 10:15 . 2009-03-12 08:17 2902048 -c--a-w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-06-29 08:12 . 2009-07-03 12:21 -------- d-----w- c:\program files\Trend Micro
2009-06-22 11:05 . 2009-06-22 11:05 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-06-20 00:41 . 2009-06-20 00:40 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-06-20 00:41 . 2009-06-20 00:40 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-06-20 00:41 . 2009-06-12 05:51 1261344 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgwd.dll
2009-06-20 00:40 . 2009-06-20 00:40 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-06-13 07:52 . 2009-06-13 07:52 -------- d-----w- c:\program files\iPod
2009-06-13 07:52 . 2009-06-13 07:53 -------- d-----w- c:\program files\iTunes
2009-06-13 07:48 . 2009-06-13 07:48 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-12 05:52 . 2009-06-02 04:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-06-12 05:52 . 2009-06-12 05:51 826624 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\AVGToolbarInstall.exe
2009-06-12 05:52 . 2009-06-12 05:52 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-06-12 05:52 . 2009-06-12 05:52 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVGTOOLBAR
2009-06-10 08:09 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-10 08:09 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-06 11:18 . 2009-06-06 11:18 -------- d-----w- c:\program files\Common Files\DivX Shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 02:19 . 2008-05-15 01:10 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-04 09:08 . 2008-10-07 11:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-30 11:11 . 2006-07-11 11:14 0 ----a-w- C:\mediasample.bin
2009-06-29 10:15 . 2009-04-04 02:11 -------- d-----w- c:\program files\Lavasoft
2009-06-29 10:15 . 2008-08-23 04:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-06-29 10:14 . 2006-06-23 13:47 -------- d-----w- c:\documents and settings\User\Application Data\Lavasoft
2009-06-25 13:07 . 2006-06-29 11:51 -------- d-----w- c:\program files\Yahoo!
2009-06-25 13:06 . 2007-01-18 10:12 -------- d-----w- c:\program files\pdf995
2009-06-22 11:59 . 2006-06-21 18:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-20 03:55 . 2009-04-19 09:39 1525 ----a-w- c:\documents and settings\User\Application Data\iolo\restore.bat
2009-06-20 03:38 . 2008-08-17 02:11 -------- d-----w- c:\documents and settings\User\Application Data\iolo
2009-06-20 03:38 . 2008-08-17 02:11 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-06-20 00:40 . 2008-05-15 01:10 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-17 11:03 . 2006-06-24 13:03 -------- d-----w- c:\documents and settings\User\Application Data\BitTorrent
2009-06-13 07:52 . 2008-05-05 11:38 -------- d-----w- c:\program files\Common Files\Apple
2009-06-13 07:51 . 2006-06-25 10:07 -------- d-----w- c:\program files\QuickTime
2009-06-13 07:36 . 2008-08-09 08:47 -------- d-----w- c:\documents and settings\User\Application Data\gtk-2.0
2009-06-08 01:47 . 2007-05-29 11:10 -------- d-----w- c:\documents and settings\User\Application Data\U3
2009-06-06 11:19 . 2006-07-02 11:51 -------- d-----w- c:\program files\Google
2009-06-06 11:19 . 2006-07-02 11:49 -------- d-----w- c:\program files\DivX
2009-06-05 02:12 . 2009-03-21 12:49 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-05 02:12 . 2008-05-05 11:38 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-05-29 06:10 . 2007-07-16 05:27 940896 ----a-w- c:\windows\system32\Incinerator.dll
2009-05-15 11:49 . 2008-10-08 11:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-05-15 11:49 . 2008-10-08 11:57 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-15 11:49 . 2008-10-08 11:57 -------- d-----w- c:\program files\Nokia
2009-05-15 11:48 . 2009-05-15 11:48 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\Installer\CommonCustomActions\Sleep.exe
2009-05-15 11:48 . 2009-05-15 11:48 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\Installer\CommonCustomActions\msxml6Exec.exe
2009-05-15 11:48 . 2009-05-15 11:48 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\Installer\CommonCustomActions\vcredistExec.exe
2009-05-15 11:48 . 2009-05-15 11:48 24312696 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\NokiaSoftwareUpdaterSetup_1.6.11EN.exe
2009-05-13 05:15 . 2006-02-28 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-08 10:29 . 2007-07-18 13:27 -------- d-----w- c:\documents and settings\User\Application Data\Canon
2009-05-07 15:32 . 2006-02-28 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-04 23:44 . 2009-02-04 07:18 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-04 23:43 . 2009-03-30 09:11 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-04-27 09:32 . 2009-04-27 09:32 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-04-27 09:32 . 2009-04-27 09:32 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-27 09:32 . 2009-04-27 09:32 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-04-27 09:32 . 2009-04-27 09:33 34396584 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_eng.exe
2009-04-17 12:26 . 2006-02-28 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2006-02-28 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2007-07-25 10:16 . 2006-12-09 04:28 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2008-09-20 07:14 . 2008-09-20 07:13 48 --sh--w- c:\windows\S9A399B4C.tmp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-02 04:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-16 67128]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-07 39408]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776]
"SW20"="c:\windows\system32\sw20.exe" [2005-06-29 212992]
"SW24"="c:\windows\system32\sw24.exe" [2005-07-04 69632]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2006-03-27 69632]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2006-03-20 327680]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"BigPond Toolbar"="c:\program files\Telstra\Toolbar\bpumTray.exe" [2005-12-01 327680]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-26 1836544]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-08-03 529968]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-08-03 244520]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-04 520024]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2005-12-09 15691264]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-12-04 1626112]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2006-07-19 94208]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2006-07-19 94208]
c:\documents and settings\User\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-7-16 113664]
ComproRemote.lnk - c:\program files\Common Files\VideoMate\ComproRemote.exe [2006-8-16 151552]
ComproSchedulerDTV.lnk - c:\program files\Common Files\VideoMate\ComproSchedulerDTV.exe [2006-8-15 77824]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-2-16 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-10-25 671744]
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2008-2-18 49220]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-04 23:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0smrgdf c:\program files\iolo\System Mechanic 6\\0lsdelete
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [29/06/2009 7:46 PM 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [15/05/2008 10:40 AM 335752]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [30/03/2009 6:41 PM 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [4/02/2009 4:48 PM 298776]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [19/04/2009 7:02 PM 600944]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [19/04/2009 7:02 PM 600944]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [25/10/2007 9:05 PM 3712]
R3 VMHybrid;VMHybrid service;c:\windows\system32\drivers\VMHybrid.sys [11/07/2006 8:29 PM 705152]
S2 gupdate1c9885c131f00dc;Google Update Service (gupdate1c9885c131f00dc);c:\program files\Google\Update\GoogleUpdate.exe [6/02/2009 10:38 PM 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [10/03/2009 4:36 AM 1029456]
S2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [22/06/2006 4:57 AM 167296]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [22/06/2006 4:57 AM 21248]
S3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [22/06/2006 4:57 AM 15872]
S3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [22/06/2006 4:57 AM 10368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder
2009-06-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 12:27]
2009-07-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 03:04]
2009-07-05 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 00:50]
2009-07-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 07:44]
2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-06 13:08]
2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-06 13:08]
2009-07-04 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 06:34]
2009-07-05 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 06:34]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.bigpond.com.au/uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {F1D54B0B-B6EA-43B5-BD26-A79D3DBF47E3} -
hxxp://bigpondmusic.com/activex/multidownx.cabDPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} -
hxxp://www.iolo.com/app/ocx/UpgradeVerify.ocx.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-07-05 16:48
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-07-05 16:50
ComboFix-quarantined-files.txt 2009-07-05 07:20
ComboFix2.txt 2009-07-05 06:42
ComboFix3.txt 2009-07-04 12:17
Pre-Run: 127,799,181,312 bytes free
Post-Run: 127,764,803,584 bytes free
707 --- E O F --- 2009-06-10 09:32
MBAM LogMalwarebytes' Anti-Malware 1.38
Database version: 2375
Windows 5.1.2600 Service Pack 3
5/07/2009 6:11:21 PM
mbam-log-2009-07-05 (18-11-21).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 194255
Time elapsed: 39 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully.
Files Infected:
c:\documents and settings\all users\start menu\Programs\relevantknowledge\About RelevantKnowledge.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\relevantknowledge\Privacy Policy and User License Agreement.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\relevantknowledge\Support.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\relevantknowledge\Uninstall Instructions.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully.
HiJack This LogLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:19:39 PM, on 5/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Telstra\Toolbar\bpumTray.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\VideoMate\ComproRemote.exe
C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MailWasher Pro\MailWasher.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigpond.com.au/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: ActivateBand Class - {4C7B6DE1-99A4-4CF1-8B44-68889900E1D0} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: BigPond Toolbar - {7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BigPond Toolbar] "C:\Program Files\Telstra\Toolbar\bpumTray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: ComproRemote.lnk = ?
O4 - Global Startup: ComproSchedulerDTV.lnk = C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List -
res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print -
res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview -
res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print -
res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/download/ipixx.cabO16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b56986.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1006.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cabO16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.nvidia.com/content/DriverDow ... eqlab2.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b56907.cabO16 - DPF: {F1D54B0B-B6EA-43B5-BD26-A79D3DBF47E3} (Multidownx Control) -
http://bigpondmusic.com/activex/multidownx.cabO16 - DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} (iolo.ProductDetector) -
http://www.iolo.com/app/ocx/UpgradeVerify.ocxO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9885c131f00dc) (gupdate1c9885c131f00dc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 14384 bytes