Ok i did the two scans...limewire and bitcomet had been removed previously....here it goes
ComboFix 09-11-28.04 - Owner 11/29/2009 9:56.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1316 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Owner\Application Data\LimeWire
c:\documents and settings\Owner\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\Owner\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\Owner\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\Owner\Application Data\LimeWire\createtimes.cache
c:\documents and settings\Owner\Application Data\LimeWire\downloads.dat
c:\documents and settings\Owner\Application Data\LimeWire\fileurns.cache
c:\documents and settings\Owner\Application Data\LimeWire\gnutella.net
c:\documents and settings\Owner\Application Data\LimeWire\installation.props
c:\documents and settings\Owner\Application Data\LimeWire\library.dat
c:\documents and settings\Owner\Application Data\LimeWire\library5.dat
c:\documents and settings\Owner\Application Data\LimeWire\limewire.props
c:\documents and settings\Owner\Application Data\LimeWire\lock
c:\documents and settings\Owner\Application Data\LimeWire\mojito.props
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\310B24C2d01
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\39E91805d01
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\98E79480d01
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF4d01
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\Cache\BAFF9A88d01
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\Owner\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\Owner\Application Data\LimeWire\player.props
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.lck
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\Owner\Application Data\LimeWire\questions.props
c:\documents and settings\Owner\Application Data\LimeWire\responses.cache
c:\documents and settings\Owner\Application Data\LimeWire\simpp.xml
c:\documents and settings\Owner\Application Data\LimeWire\spam.dat
c:\documents and settings\Owner\Application Data\LimeWire\tables.props
c:\documents and settings\Owner\Application Data\LimeWire\ttdata.cache
c:\documents and settings\Owner\Application Data\LimeWire\ttroot.cache
c:\documents and settings\Owner\Application Data\LimeWire\version.xml
c:\documents and settings\Owner\Application Data\LimeWire\versions.props
c:\documents and settings\Owner\Application Data\LimeWire\xml\data\audio.sxml3
c:\program files\BitComet
c:\program files\BitComet\archive\4ed997169a99888cadae66f2023080e69e7bf42b.torrent
c:\program files\BitComet\BitComet.xml
c:\program files\BitComet\Downloads.xml
c:\program files\BitComet\Downloads.xml.bak
c:\program files\BitComet\rules\dhtnodes.dat
c:\program files\BitComet\share\my_shares.xml
c:\program files\BitComet\torrents\Lo_uR_eed09-Aug-2009.part1.rar.xml
c:\program files\BitComet\torrents\Lou Reed - 1974 - Rock 'N' Roll Animal ( Live ).torrent
c:\program files\BitComet\torrents\Lou Reed - 1974 - Rock 'N' Roll Animal ( Live ).xml
.
((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-29 )))))))))))))))))))))))))))))))
.
2009-11-28 02:56 . 2009-11-28 02:57 -------- d-----w- c:\program files\QuickTime
2009-11-27 22:32 . 2009-11-27 22:32 -------- d-----w- c:\program files\ESET
2009-11-19 04:19 . 2009-11-25 14:21 -------- d-----w- c:\documents and settings\Owner\Application Data\QuickScan
2009-11-19 04:19 . 2009-10-29 20:39 679936 ----a-w- c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\1sy4oo2z.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
2009-11-19 04:19 . 2009-10-29 20:39 614400 ----a-w- c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\1sy4oo2z.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2009-11-12 00:04 . 2009-11-12 00:03 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-12 00:03 . 2009-11-12 00:03 152576 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-12 00:02 . 2009-11-12 00:02 79488 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-11 20:50 . 2009-11-11 20:50 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-11-11 20:50 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-11 20:50 . 2009-11-11 20:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-11 20:50 . 2009-11-19 05:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-11 20:50 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-11 03:36 . 2009-11-11 21:06 -------- d-----w- c:\program files\ThreatFire
2009-11-11 01:42 . 2009-11-25 14:23 -------- d-----w- c:\program files\Panda Security
2009-11-09 04:02 . 2009-11-09 04:02 -------- d-----w- c:\program files\Common Files\xing shared
2009-11-09 04:02 . 2009-11-09 04:02 -------- d-----w- c:\program files\real
2009-11-01 03:22 . 2009-11-01 03:23 -------- d-----w- c:\program files\iTunes
2009-11-01 03:10 . 2009-11-01 03:10 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-27 21:53 . 2005-10-22 00:33 -------- d-----w- c:\program files\Java
2009-11-27 20:13 . 2004-08-04 05:59 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-20 01:42 . 2008-09-03 03:19 4 ----a-w- C:\WINDOWSRegDefrag.dat
2009-11-18 20:20 . 2005-10-22 00:36 -------- d-----w- c:\program files\Pure Networks
2009-11-16 01:56 . 2008-02-23 13:41 -------- d-----w- c:\program files\Trend Micro
2009-11-12 00:49 . 2008-04-24 16:05 -------- d-----w- c:\program files\Advanced System Optimizer
2009-11-11 21:32 . 2007-02-22 23:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-09 04:03 . 2005-10-22 00:36 -------- d-----w- c:\program files\Common Files\Real
2009-11-09 04:02 . 2008-11-06 11:42 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-06 01:42 . 2008-11-06 11:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-04 03:02 . 2005-10-22 00:36 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-01 03:22 . 2005-12-28 13:26 -------- d-----w- c:\program files\iPod
2009-11-01 03:22 . 2007-07-04 06:03 -------- d-----w- c:\program files\Common Files\Apple
2009-11-01 03:06 . 2008-04-08 01:46 -------- d-----w- c:\program files\Safari
2009-10-11 23:57 . 2005-12-28 13:28 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer
2009-10-11 23:56 . 2005-10-22 00:52 143304 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-06 04:08 . 2005-10-22 00:28 -------- d-----w- c:\program files\Microsoft Works
2009-09-11 14:18 . 2004-08-26 16:12 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-26 16:12 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-04-17 19:51 . 2006-07-12 23:15 168 --sh--r- c:\windows\system32\240ED6BF9D.sys
2009-04-17 19:51 . 2006-07-12 23:15 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
------- Sigcheck -------
[-] 2009-11-27 20:13 . 0CCD9F78F0539530115AB33FEFB214EB . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-11-25_17.38.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-29 14:35 . 2009-11-29 14:35 16384 c:\windows\Temp\Perflib_Perfdata_540.dat
- 2008-08-07 23:32 . 2009-11-25 13:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-08-07 23:32 . 2009-11-27 14:49 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-10-28 01:09 . 2009-11-25 13:52 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-10-28 01:09 . 2009-11-27 14:49 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2008-08-07 23:32 . 2009-11-25 13:52 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-07 23:32 . 2009-11-27 14:49 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-11-28 02:53 . 2009-11-28 02:53 796672 c:\windows\Installer\f158e8.msi
+ 2009-11-28 02:57 . 2009-11-28 02:57 9473024 c:\windows\Installer\f15b79.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-12-12 133104]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2005-05-10 7086080]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-25 114688]
"PivotSoftware"="c:\program files\WinPortrait\wpctrl.exe" [2005-01-26 698104]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-10-21 995528]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-09 198160]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-12 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Startup Manager"="c:\program files\Advanced System Optimizer\startUp manager.exe" [2007-06-22 919280]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{F2A0229A-C4CA-4789-B606-973D24DCDD1C}"= "c:\progra~1\mcafee\MCAFEE~1\mssshell.dll" [2005-07-18 155769]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1129941372\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\WINDOWS\\system32\\lxcgcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxcgpswx.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\1129941372\\EE\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1129941372\\EE\\aim6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\gnucash\\bin\\gnucash-bin.exe"=
"c:\\Program Files\\gnucash\\bin\\gconfd-2.exe"=
"c:\\Program Files\\Adobe\\Adobe GoLive CS\\GoLive.exe"=
"c:\\Program Files\\AOL 9.1a\\waol.exe"=
"c:\\Program Files\\Linksys Wireless-G USB Wireless Network Monitor\\InvokeSvc2.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Laplink\\PCmover\\PCmover.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"22702:TCP"= 22702:TCP:BitComet 22702 TCP
"22702:UDP"= 22702:UDP:BitComet 22702 UDP
R2 Seagate-Replica-SysMon;Seagate-Replica-SysMon;c:\program files\Seagate Replica\bin\Seagate-Replica-SysMon.exe [9/16/2009 3:13 PM 78288]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2/24/2009 3:42 PM 36368]
R3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [9/25/2008 9:51 AM 2944]
R3 BrSerWDM;Brother WDM Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [9/25/2008 10:02 AM 61952]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\BrUsbMdm.sys [9/25/2008 9:51 AM 11008]
R3 BrUsbScn;Brother MFC USB Scanner driver;c:\windows\system32\drivers\BrUsbScn.sys [9/25/2008 9:50 AM 10368]
S2 Seagate-Replica-Service;Seagate-Replica-Service;c:\program files\Seagate Replica\bin\Seagate-Replica-Service.exe [9/16/2009 3:13 PM 1818624]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2/24/2009 2:49 PM 50192]
S2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2/24/2009 2:49 PM 677128]
S3 CpPwdSvc;CopyPwd Service;c:\program files\Laplink\PCmover\x32\cppwdsvc.exe [3/26/2009 11:24 AM 46384]
S3 P1171VID;Creative WebCam Notebook #2;c:\windows\system32\drivers\P1171Vid.sys [3/24/2008 5:03 PM 91392]
.
Contents of the 'Scheduled Tasks' folder
2009-11-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2009-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-776000276-866684552-4279383214-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-12 04:59]
2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-776000276-866684552-4279383214-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-12 04:59]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page =
hxxp://www.yahoo.com/mSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/def ... earch.htmluInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.comIE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
Trusted Zone: turbotax.com
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
DPF: {2703049B-D81D-4763-A3C6-AF8932FCBD8F} -
hxxps://am.hrblock.com/ActivexComponent ... Status.CABFF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\1sy4oo2z.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.aol.com/aolcom/search?inv ... ie7&query=FF - prefs.js: browser.startup.homepage -
hxxp://us.ard.yahoo.com/SIG=14s5qqe8o/M ... .yahoo.comFF - prefs.js: keyword.URL -
hxxp://search.aol.com/aolcom/search?inv ... Lab&query=FF - plugin: c:\documents and settings\mickey\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Seagate-Replica-Service]
"ImagePath"="c:\program files\Seagate Replica\bin\Seagate-Replica-Service.exe /startedbyscm:FE2355B7-40E2EE35-RebitSvcModule"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\PortraitDisplays\DisplayTune\W5A 50N 06021]
@DACL=(02 0000)
"Analog Caps"="type(LCD)vcp(page0(02 04 05 06 08 0E 10 12 14(05 0< 0B) 16 18 1A 1E 20 30 3E 60(01 03) 8A 8C 9B 9C 9D 9E 9F A0 AA(01 04) AC AE B6 C6 C8 C9 D6(01 04) DF ))\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00asset_eep(40)\00\00\00mccs_ver(2.1)\00\00\00\09\00\00És\1e\00\00Ês\1e\1e\00asset_eep(40)mccs_ver(2.1)"
.
Completion time: 2009-11-29 10:01
ComboFix-quarantined-files.txt 2009-11-29 15:00
ComboFix2.txt 2009-11-25 17:44
Pre-Run: 188,715,065,344 bytes free
Post-Run: 188,711,063,552 bytes free
- - End Of File - - 57A298DDE5FD15EC43979D26FE8D320B
DDS (Ver_09-11-24.02) - NTFSx86
Run by Owner at 10:18:31.12 on Sun 11/29/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1435 [GMT -5:00]
AV: Trend Micro AntiVirus *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Gateway\EzTune\dtsslsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Gateway\EzTune\dtsrvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Seagate Replica\bin\Seagate-Replica-Service.exe
C:\Program Files\Seagate Replica\bin\Seagate-Replica-SysMon.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Seagate Replica\bin\Seagate-Replica-AutoPlay.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Seagate Replica\bin\Seagate-Replica-Tray.exe
C:\Documents and Settings\Owner\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page =
hxxp://www.yahoo.com/mSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/def ... earch.htmluInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.comuURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn4\YTSingleInstance.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [IntelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAY
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PivotSoftware] c:\program files\winportrait\wpctrl.exe
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRun: [Startup Manager] c:\program files\advanced system optimizer\startUp manager.exe
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\AOLDES~1.LNK -
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\HOTSYNC.EXE
IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Open with WordPerfect - c:\program files\wordperfect office x3\programs\WPLauncher.hta
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: turbotax.com
DPF: Microsoft XML Parser for Java -
file://c:\windows\java\classes\xmldso.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} -
hxxp://office.microsoft.com/templates/ieawsdc.cabDPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
hxxp://support.gateway.com/support/prof ... itStop.CABDPF: {17492023-C23A-453E-A040-C7C580BBF700} -
hxxp://download.microsoft.com/download/ ... ontrol.cabDPF: {2703049B-D81D-4763-A3C6-AF8932FCBD8F} -
hxxps://am.hrblock.com/ActivexComponent ... Status.CABDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload.macromedia.com/pub/sh ... wflash.cabHandler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: McAfee AntiSpyware Shell Extension: {f2a0229a-c4ca-4789-b606-973d24dcdd1c} - c:\progra~1\mcafee\mcafee~1\mssshell.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\1sy4oo2z.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.aol.com/aolcom/search?inv ... ie7&query=FF - prefs.js: browser.startup.homepage -
hxxp://us.ard.yahoo.com/SIG=14s5qqe8o/M ... .yahoo.comFF - prefs.js: keyword.URL -
hxxp://search.aol.com/aolcom/search?inv ... Lab&query=FF - plugin: c:\documents and settings\mickey\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
R2 Seagate-Replica-Service;Seagate-Replica-Service;c:\program files\seagate replica\bin\Seagate-Replica-Service.exe [2009-9-16 1818624]
R2 Seagate-Replica-SysMon;Seagate-Replica-SysMon;c:\program files\seagate replica\bin\Seagate-Replica-SysMon.exe [2009-9-16 78288]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-2-24 50192]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-2-24 36368]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-2-24 677128]
R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392]
R3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [2008-9-25 2944]
R3 BrUsbScn;Brother MFC USB Scanner driver;c:\windows\system32\drivers\BrUsbScn.sys [2008-9-25 10368]
S3 CpPwdSvc;CopyPwd Service;c:\program files\laplink\pcmover\x32\cppwdsvc.exe [2009-3-26 46384]
S3 P1171VID;Creative WebCam Notebook #2;c:\windows\system32\drivers\P1171Vid.sys [2008-3-24 91392]
=============== Created Last 30 ================
2009-11-29 14:51:21 0 d-----w- C:\ComboFix
2009-11-27 22:32:14 0 d-----w- c:\program files\ESET
2009-11-25 17:22:13 0 d-sha-r- C:\cmdcons
2009-11-25 17:17:21 98816 ----a-w- c:\windows\sed.exe
2009-11-25 17:17:21 77312 ----a-w- c:\windows\MBR.exe
2009-11-25 17:17:21 260608 ----a-w- c:\windows\PEV.exe
2009-11-25 17:17:21 161792 ----a-w- c:\windows\SWREG.exe
2009-11-19 04:19:06 0 d-----w- c:\docume~1\owner\applic~1\QuickScan
2009-11-12 03:41:58 607 ----a-w- c:\windows\Uninstall Manager.INI
2009-11-12 00:04:37 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-11 20:50:31 0 d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2009-11-11 20:50:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-11 20:50:24 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-11 20:50:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-11 20:50:23 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-11 04:08:24 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2009-11-11 04:08:24 69632 ----a-w- c:\windows\system32\QuickTime.qts
2009-11-11 03:36:19 0 d-----w- c:\program files\ThreatFire
2009-11-11 01:42:37 0 d-----w- c:\program files\Panda Security
2009-11-09 04:02:39 0 d-----w- c:\program files\common files\xing shared
2009-11-01 03:22:30 0 d-----w- c:\program files\iTunes
==================== Find3M ====================
2009-11-27 20:13:15 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-20 01:42:57 4 ----a-w- C:\WINDOWSRegDefrag.dat
2009-11-09 04:02:05 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-06 01:42:21 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-04-17 19:51:56 168 --sh--r- c:\windows\system32\240ED6BF9D.sys
2009-04-17 19:51:56 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2008-08-07 23:32:58 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008080720080808\index.dat
============= FINISH: 10:19:19.42 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-11-24.02)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 12/20/2005 2:49:49 PM
System Uptime: 11/29/2009 10:14:24 AM (0 hours ago)
Motherboard: Intel Corporation | | D945GCZ
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | | 2799/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 228 GiB total, 175.783 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 2.234 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
==== Disabled Device Manager Items =============
Class GUID: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Description: Plug and Play Monitor
Device ID: DISPLAY\GWY0889\4&581EE68&0&80861500&00&02
Manufacturer: (Standard monitor types)
Name: Plug and Play Monitor
PNP Device ID: DISPLAY\GWY0889\4&581EE68&0&80861500&00&02
Service: pdiddcci
Class GUID: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Description: Plug and Play Monitor
Device ID: DISPLAY\GWY0889\4&581EE68&0&80861100&00&02
Manufacturer: (Standard monitor types)
Name: Plug and Play Monitor
PNP Device ID: DISPLAY\GWY0889\4&581EE68&0&80861100&00&02
Service: pdiddcci
==== System Restore Points ===================
RP329: 8/31/2009 10:18:08 AM - System Checkpoint
RP330: 9/8/2009 7:16:01 PM - System Checkpoint
RP331: 9/8/2009 10:09:18 PM - Software Distribution Service 3.0
RP332: 9/9/2009 10:13:16 PM - System Checkpoint
RP333: 9/17/2009 10:22:58 PM - System Checkpoint
RP334: 9/17/2009 11:20:55 PM - Software Distribution Service 3.0
RP335: 9/18/2009 3:28:18 PM - Installed PCmover Professional.
RP336: 9/24/2009 11:06:01 AM - System Checkpoint
RP337: 9/25/2009 4:15:54 PM - System Checkpoint
RP338: 9/29/2009 2:33:19 PM - System Checkpoint
RP339: 10/1/2009 8:17:58 PM - System Checkpoint
RP340: 10/6/2009 12:03:29 AM - Software Distribution Service 3.0
RP341: 10/13/2009 11:47:23 PM - Software Distribution Service 3.0
RP342: 10/16/2009 5:02:32 PM - System Checkpoint
RP343: 10/19/2009 10:10:13 AM - System Checkpoint
RP344: 10/21/2009 8:07:34 AM - System Checkpoint
RP345: 10/25/2009 1:32:48 AM - System Checkpoint
RP346: 10/28/2009 3:14:53 PM - System Checkpoint
RP347: 10/29/2009 4:02:13 PM - System Checkpoint
RP348: 11/3/2009 11:29:48 PM - Software Distribution Service 3.0
RP349: 11/5/2009 9:17:39 AM - System Checkpoint
RP350: 11/6/2009 9:29:16 PM - System Checkpoint
RP351: 11/8/2009 8:35:03 PM - System Checkpoint
RP352: 11/9/2009 9:07:14 PM - System Checkpoint
RP353: 11/10/2009 8:22:45 PM - Installed Antispyware
RP354: 11/11/2009 4:29:11 PM - Software Distribution Service 3.0
RP355: 11/11/2009 7:03:28 PM - Installed Java(TM) 6 Update 17
RP356: 11/11/2009 7:49:09 PM - Advance System Optimizer Wed, Nov 11, 09 19:49
RP357: 11/11/2009 7:49:36 PM - Systweak System Optimizer Wed, Nov 11, 09 19:49
RP358: 11/11/2009 7:53:52 PM - Advanced Registry Optimizer Wed, Nov 11, 09 19:53
RP359: 11/11/2009 7:57:34 PM - Advanced Registry Optimizer - Before Optimize
RP360: 11/12/2009 9:17:47 PM - System Checkpoint
RP361: 11/16/2009 9:52:14 AM - System Checkpoint
RP362: 11/17/2009 7:08:29 PM - System Checkpoint
RP363: 11/19/2009 12:51:03 AM - System Checkpoint
RP364: 11/22/2009 8:50:03 PM - System Checkpoint
RP365: 11/24/2009 2:28:26 PM - Software Distribution Service 3.0
RP366: 11/27/2009 3:23:38 PM - post malware
RP367: 11/27/2009 4:44:16 PM - Removed J2SE Runtime Environment 5.0 Update 2
RP368: 11/27/2009 4:46:26 PM - Removed J2SE Runtime Environment 5.0 Update 6
RP369: 11/27/2009 4:48:52 PM - Removed Java(TM) 6 Update 3
RP370: 11/27/2009 4:52:51 PM - Removed Java(TM) 6 Update 5
RP371: 11/27/2009 4:58:49 PM - Removed Java(TM) 6 Update 7
RP372: 11/27/2009 9:55:04 PM - Installed QuickTime
RP373: 11/28/2009 10:51:22 PM - System Checkpoint
==== Installed Programs ======================
ABBYY FineReader 6.0 Sprint
ACDSee for PENTAX 2.0
Acrobat.com
Adobe Acrobat 6.0 Professional
Adobe AIR
Adobe Creative Suite
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe SVG Viewer 3.0
Advanced Registry Optimizer
Advanced System Optimizer
AnswerWorks 4.0 Runtime - English
Antispyware
AOL Pictures Tools (version 10.6.0.4)
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AQUAZONE DESKTOP GARDEN
ArcSoft Software Suite
AT&T Yahoo! Applications
Bonjour
Brother MFL-Pro Suite
Calendar Creator 10
Canon Camera WIA Driver
Canon EOS-1D Mark II WIA Driver
Canon EOS-1Ds Mark II WIA Driver
Canon EOS 20D WIA Driver
Canon Utilities EOS Capture 1.2
Canon Utilities EOS Viewer Utility 1.2
Canon Utilities PhotoStitch 3.1
CCScore
Cook'n with Betty Crocker
Creative WebCam Notebook Driver (1.04.01.0322)
Critical Update for Windows Media Player 11 (KB959772)
DeductionPro 2008
Dev-C++ 5 beta 9 release (4.9.9.2)
Digital Media Reader
Discover PC and Windows Basics
DiscwareLite
DivX 5.2.1 (Playback Only)
Documents To Go
Dogz 5
Download Updater (AOL LLC)
Encyclopaedia Britannica CD Installer
EOS Capture 1.2
EOS Viewer Utility 1.2.1
ESET Online Scanner v3
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
EzTune
fflink
FloorPlan 3D v10
GnuCash 2.2.6
Google Chrome
Google SketchUp 7
Google Toolbar for Internet Explorer
Greeting Cards Deluxe
HijackThis 2.0.2
HotFax MessageCenter
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hoyle Board Games 2005
Hoyle Card Games 2005
Hoyle Casino 2006 (remove only)
Hoyle Friday Night Poker
Hoyle Games Demo 2005
Hoyle Puzzle Games 2005
Intel Audio Studio
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) Processor ID Utility
iPod for Windows 2006-03-23
iTunes
Java(TM) 6 Update 17
kgcbase
Kodak EasyShare software
Lexmark 2300 Series
Lexmark Fax Solutions
Lexmark Software Uninstall
Linksys Wireless-G USB Network Adapter
Malwarebytes' Anti-Malware
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft IntelliPoint 4.1
Microsoft Money 2005
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Media Content
Microsoft Office XP Professional with FrontPage
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Web Publishing Wizard 1.52
Microsoft Works
MobileMe Control Panel
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.0.15)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Napster
Napster Burn Engine
Nero BurnRights
Nero OEM
netbrdg
Notifier
OfficeReady Professional 3.0
OfotoXMI
OpenOffice.org Installer 1.0
Palm Desktop
PCmover Professional
PhotoShow Deluxe 4
PhotoStitch
Picasa 3
Plucker 1.6
PowerDVD
Quicken 2005
Quicken WillMaker Plus 2006
QuickTime
Recovery Software Suite Gateway
Safari
SAPI
SBC Yahoo! DSL Home Networking Installer
Seagate Replica v3.0.768.5345
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
SHASTA
Shockwave
SigmaTel Audio
skin0001
SKINXSDK
SoftV92 Data Fax Modem with SmartCP
SpongeBob SquarePants Employee of the Month
staticcr
TaxCut New York 2008
TaxCut Premium + State + Efile 2008
tooltips
Trend Micro AntiVirus
Troy Oz Conversion Tool-DEMO 3.10
TrueSwitch Wizard SBC
TurboTax Deluxe 2007
Ulead PhotoImpact 10 SE
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb975960)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Manager
USB Wireless Keyboard Driver
Virtual Earth 3D (Beta)
VPRINTOL
WebFldrs XP
Windows Backup Utility
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WIRELESS
WordPerfect Office X3
Yahoo! Search Protection
Yahoo! Software Update
ZIP Reader 8.00.0018
==== Event Viewer Messages From Past Week ========
11/27/2009 9:49:58 AM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
11/27/2009 9:49:58 AM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The WUSB54Gv4SVC service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The Trend Micro Proxy Service service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The PrismXL service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The McAfee AntiSpyware Real-Time Scanner service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The Brother Popup Suspend service for Resource manager service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 5:27:20 PM, error: Service Control Manager [7031] - The Seagate-Replica-SysMon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1 milliseconds: Restart the service.
11/27/2009 5:27:20 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/27/2009 5:27:12 PM, error: Service Control Manager [7034] - The Trend Micro Unauthorized Change Prevention Service service terminated unexpectedly. It has done this 1 time(s).
11/27/2009 4:45:19 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
11/27/2009 3:13:35 PM, warning: Windows File Protection [64008] - The protected system file c:\windows\system32\drivers\atapi.sys could not be verified as valid because Windows File Protection is terminating. Use the SFC utility to verify the integrity of the file at a later time.
11/25/2009 12:41:21 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WUSB54Gv4SVC service.
11/25/2009 12:24:36 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Seagate-Replica-Service service to connect.
11/25/2009 12:24:36 PM, error: Service Control Manager [7000] - The Seagate-Replica-Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/25/2009 12:24:34 PM, error: Service Control Manager [7031] - The Seagate-Replica-Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2500 milliseconds: Restart the service.
11/25/2009 12:24:29 PM, error: Service Control Manager [7034] - The Portrait Displays Display Tune Service service terminated unexpectedly. It has done this 1 time(s).
11/25/2009 12:24:29 PM, error: Service Control Manager [7034] - The Asset Management Daemon service terminated unexpectedly. It has done this 1 time(s).
11/25/2009 12:24:29 PM, error: Service Control Manager [7031] - The Seagate-Replica-Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2500 milliseconds: Restart the service.
11/25/2009 12:14:30 PM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
11/25/2009 12:14:19 PM, error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
11/25/2009 12:13:44 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
==== End Of File ===========================