ComboFix 10-02-27.04 - Pepin 02/28/2010 19:42:19.8.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1150.743 [GMT -6:00]
Running from: c:\documents and settings\Pepin\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Pepin\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\documents and settings\Pepin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT"
"c:\windows\system32\drivers\kgpcpy.cfg"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\STOPzilla!
c:\documents and settings\All Users\Application Data\STOPzilla!\modules_scanned.db
c:\documents and settings\All Users\Application Data\STOPzilla!\modules_scanned.db.bak
c:\documents and settings\All Users\Application Data\STOPzilla!\scanner.log
c:\documents and settings\All Users\Application Data\STOPzilla!\sgdefs.db
c:\documents and settings\All Users\Application Data\STOPzilla!\sgdwc.db
c:\documents and settings\All Users\Application Data\STOPzilla!\userdata.db
c:\documents and settings\All Users\Application Data\STOPzilla!\zilla5.log
c:\documents and settings\Pepin\Application Data\LimeWire
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\Pepin\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\Pepin\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\Pepin\Application Data\LimeWire\createtimes.cache
c:\documents and settings\Pepin\Application Data\LimeWire\downloads.dat
c:\documents and settings\Pepin\Application Data\LimeWire\fileurns.cache
c:\documents and settings\Pepin\Application Data\LimeWire\gnutella.net
c:\documents and settings\Pepin\Application Data\LimeWire\installation.props
c:\documents and settings\Pepin\Application Data\LimeWire\library.dat
c:\documents and settings\Pepin\Application Data\LimeWire\library5.dat
c:\documents and settings\Pepin\Application Data\LimeWire\limewire.props
c:\documents and settings\Pepin\Application Data\LimeWire\lock
c:\documents and settings\Pepin\Application Data\LimeWire\mojito.props
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\96336453d01
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF4d01
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\BAADB0B5d01
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\BAFF9ABCd01
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\CFF25DC1d01
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\Cache\F27BAECCd01
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\Pepin\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\Pepin\Application Data\LimeWire\player.props
c:\documents and settings\Pepin\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\Pepin\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\Pepin\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\Pepin\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\Pepin\Application Data\LimeWire\questions.props
c:\documents and settings\Pepin\Application Data\LimeWire\responses.cache
c:\documents and settings\Pepin\Application Data\LimeWire\simpp.xml
c:\documents and settings\Pepin\Application Data\LimeWire\spam.dat
c:\documents and settings\Pepin\Application Data\LimeWire\tables.props
c:\documents and settings\Pepin\Application Data\LimeWire\ttdata.cache
c:\documents and settings\Pepin\Application Data\LimeWire\ttroot.cache
c:\documents and settings\Pepin\Application Data\LimeWire\version.xml
c:\documents and settings\Pepin\Application Data\LimeWire\versions.props
c:\documents and settings\Pepin\Application Data\LimeWire\xml\data\audio.sxml3
c:\documents and settings\Pepin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
c:\program files\Webroot
c:\windows\system32\drivers\kgpcpy.cfg
.
((((((((((((((((((((((((( Files Created from 2010-02-01 to 2010-03-01 )))))))))))))))))))))))))))))))
.
2010-02-28 00:31 . 2010-02-28 00:31 -------- d-----w- c:\program files\Trend Micro
2010-02-27 22:59 . 2010-02-27 22:59 -------- d-----w- c:\program files\ERUNT
2010-02-18 05:24 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-18 05:24 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-18 05:24 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-18 05:24 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-18 05:24 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-18 05:24 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-18 05:24 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-18 05:24 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-18 05:24 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-18 05:16 . 2010-02-18 05:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-17 00:41 . 2010-02-17 00:41 -------- d-----w- c:\program files\MSXML 4.0
2010-02-16 16:05 . 2010-02-16 16:05 -------- d-----w- c:\program files\TrendMicro
2010-02-16 15:47 . 2010-02-16 15:47 128 ----a-w- c:\documents and settings\Pepin\Local Settings\Application Data\fusioncache.dat
2010-02-16 15:46 . 2010-02-16 15:46 -------- d-----w- c:\program files\MSSOAP
2010-02-16 15:45 . 2010-02-16 15:45 164 ----a-w- c:\windows\install.dat
2010-02-14 21:34 . 2010-02-14 21:34 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-02-10 23:23 . 2010-02-10 23:23 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 05:24 . 2009-10-05 17:22 -------- d-----w- c:\program files\Alwil Software
2010-02-15 21:36 . 2009-10-21 22:43 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-15 21:36 . 2010-01-22 09:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-02-02 09:01 . 2009-10-10 20:17 -------- d-----w- c:\documents and settings\Pepin\Application Data\Move Networks
2010-01-27 07:27 . 2009-10-18 00:00 -------- d-----w- c:\program files\Google
2010-01-25 21:46 . 2009-10-19 07:10 -------- d-----w- c:\documents and settings\Pepin\Application Data\AdobeUM
2010-01-25 01:25 . 2009-10-17 00:03 143976 ----a-w- c:\documents and settings\Pepin\Application Data\Move Networks\uninstall.exe
2010-01-25 01:25 . 2009-10-15 00:50 5642688 ----a-w- c:\documents and settings\Pepin\Application Data\Move Networks\plugins\npqmp071701000002.dll
2010-01-25 01:25 . 2010-01-25 01:24 1794456 ----a-w- c:\documents and settings\Pepin\Application Data\Move Networks\MoveMediaPlayerWin_071701000002.exe
2010-01-22 21:29 . 2010-01-22 21:29 -------- d-----w- c:\documents and settings\Pepin\Application Data\DivX
2010-01-22 18:11 . 2010-01-22 09:46 117760 ----a-w- c:\documents and settings\Pepin\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-22 09:46 . 2010-01-22 09:46 52224 ----a-w- c:\documents and settings\Pepin\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-22 09:45 . 2010-01-22 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-01-22 09:45 . 2010-01-22 09:45 -------- d-----w- c:\documents and settings\Pepin\Application Data\SUPERAntiSpyware.com
2010-01-13 21:03 . 2010-01-13 21:03 -------- d-----w- c:\program files\CCleaner
2010-01-08 16:24 . 2010-01-08 16:23 -------- d-----w- c:\program files\iTunes
2010-01-08 16:23 . 2010-01-08 16:23 -------- d-----w- c:\program files\iPod
2010-01-08 16:23 . 2009-10-05 17:33 -------- d-----w- c:\program files\Common Files\Apple
2010-01-08 16:17 . 2009-10-05 17:35 -------- d-----w- c:\program files\QuickTime
2010-01-08 16:06 . 2010-01-08 16:06 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-12-31 16:50 . 2004-08-04 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2004-08-04 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-16 18:43 . 2009-10-05 08:46 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:27 . 2004-08-04 12:00 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2004-08-03 22:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2004-08-04 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-03 07:32 . 2009-12-03 06:14 103193 ----a-w- c:\windows\hpoins08.dat
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-04 198160]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-28 149280]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-01 794624]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-02-17 233534]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-11 339968]
c:\documents and settings\Pepin\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/17/2010 11:24 PM 162512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/17/2010 11:24 PM 19024]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [10/5/2009 2:58 AM 200192]
S2 gupdate1ca4f8634bd17a0;Google Update Service (gupdate1ca4f8634bd17a0);c:\program files\Google\Update\GoogleUpdate.exe [10/17/2009 6:01 PM 133104]
.
Contents of the 'Scheduled Tasks' folder
2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2010-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-18 00:00]
2010-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-18 00:00]
2010-03-01 c:\windows\Tasks\User_Feed_Synchronization-{3AEC60E6-E8B8-47B2-8A33-893DE89E8FD8}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.comuInternet Connection Wizard,ShellNext =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopuInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Pepin\Application Data\Mozilla\Firefox\Profiles\24lm75dh.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.msn.com/FF - plugin: c:\documents and settings\Pepin\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\Pepin\Application Data\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-02-28 19:48
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????0?4?5?0??????? ???B?????????????hLC? ??????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-02-28 19:49:49
ComboFix-quarantined-files.txt 2010-03-01 01:49
ComboFix2.txt 2010-02-27 23:41
ComboFix3.txt 2010-02-18 08:56
ComboFix4.txt 2010-02-17 21:29
ComboFix5.txt 2010-03-01 01:41
Pre-Run: 131,918,159,872 bytes free
Post-Run: 131,863,703,552 bytes free
- - End Of File - - A26AB7463E9A2645DC6C824518507C8D