Hi! I do have some issues w/Outlook & get an error code upon reboot. If you can help w/those once we finish this, that would be great!!
ComboFix 09-05-25.03 - momma 05/25/2009 17:39.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.297 [GMT -4:00]
Running from: c:\documents and settings\momma\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\momma\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090525-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
file zipped: c:\windows\system32\fyjiewajwvluo.dll
file zipped: c:\windows\system32\Suspect_nsn1EB.dll.vir
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\momma\Application Data\LimeWire
c:\documents and settings\momma\Application Data\LimeWire\412splashfree.png
c:\documents and settings\momma\Application Data\LimeWire\414splashfree.png
c:\documents and settings\momma\Application Data\LimeWire\active.mojito
c:\documents and settings\momma\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\momma\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\momma\Application Data\LimeWire\bugs.data
c:\documents and settings\momma\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\momma\Application Data\LimeWire\createtimes.cache
c:\documents and settings\momma\Application Data\LimeWire\data.ser
c:\documents and settings\momma\Application Data\LimeWire\downloads.dat
c:\documents and settings\momma\Application Data\LimeWire\fileurns.bak
c:\documents and settings\momma\Application Data\LimeWire\fileurns.cache
c:\documents and settings\momma\Application Data\LimeWire\filters.props
c:\documents and settings\momma\Application Data\LimeWire\gnutella.net
c:\documents and settings\momma\Application Data\LimeWire\installation.props
c:\documents and settings\momma\Application Data\LimeWire\library.dat
c:\documents and settings\momma\Application Data\LimeWire\library5.dat
c:\documents and settings\momma\Application Data\LimeWire\limewire.props
c:\documents and settings\momma\Application Data\LimeWire\mojito.props
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\4BC70045d01
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\51CFDFBBd01
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\7A2D9D1Ed01
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\98E79480d01
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF8d01
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\Cache\BAFF9A98d01
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\momma\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\momma\Application Data\LimeWire\passive.mojito
c:\documents and settings\momma\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\momma\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\momma\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\momma\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\momma\Application Data\LimeWire\pub1.key
c:\documents and settings\momma\Application Data\LimeWire\public.key
c:\documents and settings\momma\Application Data\LimeWire\questions.props
c:\documents and settings\momma\Application Data\LimeWire\responses.cache
c:\documents and settings\momma\Application Data\LimeWire\secureMessage.key
c:\documents and settings\momma\Application Data\LimeWire\simpp.xml
c:\documents and settings\momma\Application Data\LimeWire\spam.dat
c:\documents and settings\momma\Application Data\LimeWire\tables.props
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme.lwtp
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\
01_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\
02_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\
03_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\
04_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\
05_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\chat.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\dir_closed.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\dir_open.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\forward_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\forward_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\kill.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\kill_on.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\lime.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\logo.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\notsearching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\pause_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\pause_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\play_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\play_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\question.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\rewind_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\rewind_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\searching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\splash.png
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\splashpro.png
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\stop_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\stop_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\theme.txt
c:\documents and settings\momma\Application Data\LimeWire\themes\black_theme\warning.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme.lwtp
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\
01_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\
02_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\
03_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\
04_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\
05_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\chat.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\dir_closed.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\dir_open.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\forward_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\forward_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\kill.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\logo.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\notsearching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\pause_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\pause_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\play_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\play_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\question.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\rewind_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\rewind_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\search.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\searching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\splash.png
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\splashpro.png
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\stop_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\stop_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\theme.txt
c:\documents and settings\momma\Application Data\LimeWire\themes\classic_theme\warning.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme.lwtp
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\
01_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\
02_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\
03_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\
04_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\
05_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\chat.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\dir_closed.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\dir_open.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\forward_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\forward_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\kill.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\kill_on.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\lime.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\logo.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\notsearching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\pause_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\pause_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\play_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\play_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\question.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\rewind_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\rewind_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\searching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\splash.png
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\splashpro.png
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\stop_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\stop_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\theme.txt
c:\documents and settings\momma\Application Data\LimeWire\themes\limewire_theme\warning.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme.lwtp
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\
01_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\
02_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\
03_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\
04_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\
05_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\chat.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\forward_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\forward_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\kill.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\kill_on.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\logo.png
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\notsearching.png
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\pause_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\pause_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\play_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\play_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\question.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\rewind_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\rewind_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\searching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\splash.png
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\splashpro.png
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\stop_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\stop_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\theme.txt
c:\documents and settings\momma\Application Data\LimeWire\themes\other_theme\warning.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\
01_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\
02_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\
03_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\
04_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\
05_star.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\logo.png
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\notsearching.png
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\searching.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\splash.png
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\splashpro.png
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\momma\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\momma\Application Data\LimeWire\ttdata.cache
c:\documents and settings\momma\Application Data\LimeWire\ttree.cache
c:\documents and settings\momma\Application Data\LimeWire\ttrees.cache
c:\documents and settings\momma\Application Data\LimeWire\ttroot.cache
c:\documents and settings\momma\Application Data\LimeWire\version.key
c:\documents and settings\momma\Application Data\LimeWire\version.xml
c:\documents and settings\momma\Application Data\LimeWire\versions.props
c:\documents and settings\momma\Application Data\LimeWire\xml\data\audio.sxml2
c:\documents and settings\momma\Application Data\LimeWire\xml\data\audio.sxml3
c:\documents and settings\momma\Application Data\LimeWire\xml\data\delete_me
c:\documents and settings\momma\Application Data\LimeWire\xml\data\video.sxml2
c:\documents and settings\momma\Application Data\LimeWire\xml\data\video.sxml3
c:\documents and settings\momma\Application Data\LimeWire\xml\misc\application.gif
c:\documents and settings\momma\Application Data\LimeWire\xml\misc\audio.gif
c:\documents and settings\momma\Application Data\LimeWire\xml\misc\document.gif
c:\documents and settings\momma\Application Data\LimeWire\xml\misc\image.gif
c:\documents and settings\momma\Application Data\LimeWire\xml\misc\video.gif
c:\documents and settings\momma\Application Data\LimeWire\xml\schemas\application.xsd
c:\documents and settings\momma\Application Data\LimeWire\xml\schemas\audio.xsd
c:\documents and settings\momma\Application Data\LimeWire\xml\schemas\document.xsd
c:\documents and settings\momma\Application Data\LimeWire\xml\schemas\image.xsd
c:\documents and settings\momma\Application Data\LimeWire\xml\schemas\video.xsd
c:\windows\system32\fyjiewajwvluo.dll
.
((((((((((((((((((((((((( Files Created from 2009-04-25 to 2009-05-25 )))))))))))))))))))))))))))))))
.
2009-05-25 19:28 . 2009-05-25 19:28 -------- d-----w c:\documents and settings\Guest\Application Data\OnlineArmor
2009-05-24 19:39 . 2009-05-24 20:06 -------- d-----w c:\documents and settings\All Users\Application Data\OnlineArmor
2009-05-24 19:39 . 2009-05-24 19:39 -------- d-----w c:\documents and settings\momma\Application Data\OnlineArmor
2009-05-24 18:41 . 2009-05-24 18:41 -------- d-----w c:\program files\Tall Emu
2009-05-24 18:41 . 2009-04-28 09:38 29776 ----a-w c:\windows\system32\drivers\OAnet.sys
2009-05-24 18:41 . 2009-04-28 09:02 31824 ----a-w c:\windows\system32\drivers\OAmon.sys
2009-05-24 18:41 . 2009-04-28 09:01 198224 ----a-w c:\windows\system32\drivers\OADriver.sys
2009-05-24 18:39 . 2009-02-05 20:06 51376 ----a-w c:\windows\system32\drivers\aswTdi.sys
2009-05-24 18:39 . 2009-02-05 20:06 23152 ----a-w c:\windows\system32\drivers\aswRdr.sys
2009-05-24 18:39 . 2009-02-05 20:05 26944 ----a-w c:\windows\system32\drivers\aavmker4.sys
2009-05-24 18:39 . 2009-02-05 20:04 97480 ----a-w c:\windows\system32\AvastSS.scr
2009-05-24 18:39 . 2009-02-05 20:08 93296 ----a-w c:\windows\system32\drivers\aswmon.sys
2009-05-24 18:39 . 2009-02-05 20:08 94032 ----a-w c:\windows\system32\drivers\aswmon2.sys
2009-05-24 18:39 . 2009-02-05 20:07 114768 ----a-w c:\windows\system32\drivers\aswSP.sys
2009-05-24 18:39 . 2009-02-05 20:07 20560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
2009-05-24 18:38 . 2009-02-05 20:11 1256296 ----a-w c:\windows\system32\aswBoot.exe
2009-05-24 18:38 . 2009-05-24 18:38 -------- d-----w c:\program files\Alwil Software
2009-05-18 16:11 . 2009-05-18 16:11 -------- d-----w c:\documents and settings\All Users\Application Data\NortonInstaller
2009-05-18 15:39 . 2009-05-18 15:39 57344 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-22dfa643-n\Decora-SSE.dll
2009-05-18 15:39 . 2009-05-18 15:39 24064 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-38aa17b0-n\Decora-D3D.dll
2009-05-18 15:39 . 2009-05-18 15:39 315392 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-75fa4177-n\jogl.dll
2009-05-18 15:39 . 2009-05-18 15:39 20480 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-75fa4177-n\jogl_awt.dll
2009-05-18 15:39 . 2009-05-18 15:39 114688 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-75fa4177-n\jogl_cg.dll
2009-05-18 15:39 . 2009-05-18 15:39 20480 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-1e47f442-n\gluegen-rt.dll
2009-05-18 15:39 . 2009-05-18 15:39 499712 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-5ec939ec-n\msvcp71.dll
2009-05-18 15:39 . 2009-05-18 15:39 499712 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-5ec939ec-n\jmc.dll
2009-05-18 15:39 . 2009-05-18 15:39 348160 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-5ec939ec-n\msvcr71.dll
2009-05-18 15:38 . 2009-05-18 15:38 152576 ----a-w c:\documents and settings\momma\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-17 19:50 . 2009-05-17 19:51 -------- d-----w C:\rsit
2009-05-15 18:06 . 2007-09-17 14:34 136528 ------w c:\documents and settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4397.2.4\radioupd.exe
2009-05-15 17:37 . 2009-05-15 17:37 -------- d-----w c:\documents and settings\All Users\Application Data\acccore
2009-05-15 17:35 . 2009-05-15 18:04 -------- d-----w c:\program files\AIM6
2009-05-10 19:43 . 2009-05-10 19:43 -------- d-----w c:\program files\Trend Micro
2009-05-09 14:14 . 2008-12-11 12:38 159600 ----a-w c:\windows\system32\drivers\pctgntdi.sys
2009-05-09 14:14 . 2009-03-06 20:45 130424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-05-09 14:14 . 2008-12-18 16:16 73840 ----a-w c:\windows\system32\drivers\PCTAppEvent.sys
2009-05-09 14:14 . 2009-05-18 16:21 -------- d-----w c:\program files\Common Files\PC Tools
2009-05-09 14:14 . 2009-05-18 16:37 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-29 14:45 . 2009-04-29 14:45 688640 ----a-w c:\windows\system32\nsn1EB.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-25 05:28 . 2009-02-11 04:43 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-05-23 20:34 . 2008-07-17 03:46 -------- d-----w c:\program files\MSECache
2009-05-22 20:13 . 2007-05-10 16:37 -------- d-----w c:\program files\Google
2009-05-18 16:21 . 2007-08-16 19:47 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-05-18 16:08 . 2007-06-13 21:32 -------- d-----w c:\program files\Hewlett-Packard
2009-05-18 15:38 . 2009-04-09 22:31 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-18 15:38 . 2007-05-10 16:29 -------- d-----w c:\program files\Java
2009-05-15 17:37 . 2007-05-10 16:35 -------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2009-05-15 17:37 . 2007-05-10 16:34 -------- d-----w c:\documents and settings\All Users\Application Data\AOL
2009-05-13 00:40 . 2007-10-12 01:25 -------- d-----w c:\program files\CCleaner
2009-05-10 16:11 . 2007-10-12 00:50 -------- d-----w c:\documents and settings\momma\Application Data\SUPERAntiSpyware.com
2009-05-10 15:57 . 2008-05-19 05:28 -------- d-----w c:\documents and settings\All Users\Application Data\Outspark
2009-05-10 15:57 . 2008-05-19 05:20 -------- d-----w c:\program files\Outspark
2009-05-09 21:58 . 2008-11-05 14:52 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-05-08 20:31 . 2007-08-16 17:16 -------- d-----w c:\documents and settings\momma\Application Data\Apple Computer
2009-05-06 14:51 . 2007-09-10 21:18 1842 ----a-w c:\documents and settings\momma\Application Data\wklnhst.dat
2009-04-27 12:33 . 2008-05-11 01:00 710 ----a-w c:\documents and settings\Guest\Application Data\wklnhst.dat
2009-04-22 16:28 . 2009-04-22 16:28 1915520 ----a-w c:\documents and settings\Guest\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-04-21 13:26 . 2009-02-12 22:57 -------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-04-21 13:26 . 2009-02-12 22:57 -------- d-----w c:\program files\NOS
2009-04-21 13:23 . 2009-04-21 13:23 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-04-21 13:22 . 2007-06-30 05:31 -------- d-----w c:\program files\Common Files\Adobe
2009-04-17 01:08 . 2009-04-17 01:08 -------- d-----w c:\program files\AML Products
2009-04-15 04:16 . 2008-05-30 02:21 -------- d-----w c:\documents and settings\Guest\Application Data\Apple Computer
2009-04-15 00:12 . 2009-04-15 00:12 0 ---ha-w c:\documents and settings\Guest\hpothb07.dat
2009-04-07 02:03 . 2009-04-07 02:02 -------- d-----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-07 02:03 . 2009-03-26 18:47 -------- d-----w c:\program files\iTunes
2009-04-07 02:02 . 2009-04-07 02:02 -------- d-----w c:\program files\iPod
2009-04-07 02:02 . 2007-08-16 17:15 -------- d-----w c:\program files\Common Files\Apple
2009-04-07 01:56 . 2009-04-07 01:56 75048 ----a-w c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-07 01:55 . 2009-04-07 01:55 -------- d-----w c:\program files\Safari
2009-04-01 20:05 . 2008-08-21 23:26 -------- d-----w c:\documents and settings\Guest\Application Data\OpenOffice.org2
2009-04-01 16:42 . 2008-07-08 14:22 -------- d-----w c:\program files\OpenOffice.org 2.4
2009-04-01 16:35 . 2008-09-25 10:46 -------- d-----w c:\documents and settings\momma\Application Data\OpenOffice.org2
2009-04-01 16:14 . 2009-04-01 16:14 -------- d-----w c:\program files\Windows Live Safety Center
2009-03-28 13:25 . 2007-06-15 21:04 -------- d-----w c:\program files\Apple Software Update
2009-03-19 20:32 . 2009-03-19 20:32 23400 ----a-w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 20:32 . 2006-09-19 19:44 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-06 14:22 . 2004-08-10 17:51 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-06 03:59 . 2009-03-26 18:41 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-03-06 03:59 . 2007-09-23 14:30 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
.
------- Sigcheck -------
[7] 2004-08-04 10:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-11-28 20:35 507904 3969440BA384D35317DBBDEEAAE641CE c:\windows\system32\winlogon.exe
[7] 2004-08-04 10:00 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\$NtServicePackUninstall$\termsrv.dll
[7] 2008-04-14 00:12 295424 FF3477C03BE7201C294C35F684B3479F c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-11-28 20:35 295424 63999D0ABD8DABFD76A9C07F6E104868 c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-05-18_17.05.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-24 19:57 . 2009-05-24 19:57 16384 c:\windows\temp\Perflib_Perfdata_790.dat
+ 2009-05-24 19:57 . 2009-05-24 19:57 16384 c:\windows\temp\Perflib_Perfdata_4fc.dat
+ 2004-08-10 17:51 . 2009-05-24 18:41 67838 c:\windows\system32\perfc009.dat
+ 2009-05-22 20:14 . 2009-05-22 20:14 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
+ 2009-05-22 20:14 . 2009-05-22 20:14 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-05-22 20:14 . 2009-05-22 20:14 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-05-22 20:14 . 2009-05-22 20:14 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-05-22 20:14 . 2009-05-22 20:14 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-05-22 20:14 . 2009-05-22 20:14 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ARPPRODUCTICON.exe
+ 2009-05-23 20:35 . 2009-05-23 20:35 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2009-05-23 20:37 . 2009-05-23 20:37 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2003-07-15 02:57 . 2003-07-15 02:57 58944 c:\windows\Installer\$PatchCache$\Managed\9040580900063D11C8EF10054038389C\11.0.6506\SEQCHK10.DLL
+ 2003-07-15 02:52 . 2003-07-15 02:52 55360 c:\windows\Installer\$PatchCache$\Managed\9040580900063D11C8EF10054038389C\11.0.6506\MSOHTMED.EXE
+ 2004-08-10 17:51 . 2009-05-24 18:41 417164 c:\windows\system32\perfh009.dat
+ 2009-05-23 20:35 . 2009-05-23 20:35 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2005-05-03 16:09 . 2005-05-03 16:09 6864584 c:\windows\Installer\$PatchCache$\Managed\9040580900063D11C8EF10054038389C\11.0.6506\WORDVIEW.EXE
+ 2005-04-22 02:57 . 2005-04-22 02:57 12235968 c:\windows\Installer\$PatchCache$\Managed\9040580900063D11C8EF10054038389C\11.0.6506\MSO.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-11 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2007-05-10 26112]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-18 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\OAui.exe" [2009-04-28 2045128]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2006-02-10 282624]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-04-28 335048]
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [5/9/2009 10:14 AM 130424]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5/24/2009 2:39 PM 114768]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [5/24/2009 2:41 PM 198224]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [5/24/2009 2:41 PM 31824]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [5/24/2009 2:41 PM 29776]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/24/2009 2:39 PM 20560]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [5/24/2009 2:41 PM 361672]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [9/11/2007 6:47 PM 24652]
S2 gupdate1c98c0362dbb048;Google Update Service (gupdate1c98c0362dbb048);c:\program files\Google\Update\GoogleUpdate.exe [2/11/2009 12:44 AM 133104]
S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [5/24/2009 2:41 PM 3052744]
.
Contents of the 'Scheduled Tasks' folder
2009-05-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-11 20:03]
.
.
------- Supplementary Scan -------
.
uSearch Page =
hxxp://www.google.comuSearch Bar =
hxxp://www.google.com/iemStart Page =
hxxp://www.dell.comuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: &Search -
http://edits.mywebsearch.com/toolbaredi ... p=ZCfox000FF - ProfilePath - c:\documents and settings\momma\Application Data\Mozilla\Firefox\Profiles\8dllqohr.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.msn.com/FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMyWebS.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npsabffx.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\windows\system32\SuperAdBlocker.com\npsabffx.dll
---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-05-25 17:42
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(416)
c:\windows\system32\igfxdev.dll
- - - - - - - > 'winlogon.exe'(3888)
c:\windows\system32\igfxdev.dll
- - - - - - - > 'winlogon.exe'(4176)
c:\windows\system32\igfxdev.dll
.
Completion time: 2009-05-25 17:44
ComboFix-quarantined-files.txt 2009-05-25 21:44
ComboFix2.txt 2009-05-24 18:31
ComboFix3.txt 2009-05-18 17:07
Pre-Run: 99,048,865,792 bytes free
Post-Run: 99,051,859,968 bytes free
760 --- E O F --- 2009-05-13 07:02
Upload was successful
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:58:22 PM, on 5/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell.comR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
www.google.com/ig/dell?hl=en&client=del ... bd=6070510O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\OAui.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1450584279-1723378454-3865011881-1006\..\Run: [Aim6] (User 'Stud')
O4 - HKUS\S-1-5-21-1450584279-1723378454-3865011881-1006\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Stud')
O4 - HKUS\S-1-5-21-1450584279-1723378454-3865011881-1006\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" (User 'Stud')
O4 - HKUS\S-1-5-21-1450584279-1723378454-3865011881-1008\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-21-1450584279-1723378454-3865011881-501\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'Guest')
O4 - S-1-5-21-1450584279-1723378454-3865011881-501 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Guest')
O4 - S-1-5-21-1450584279-1723378454-3865011881-501 User Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Guest')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Search -
http://edits.mywebsearch.com/toolbaredi ... p=ZCfox000O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=67633O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resour ... se5483.cabO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c98c0362dbb048) (gupdate1c98c0362dbb048) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 9659 bytes