EXPERT NEEDED....need help to analyze my Hijackthis log

Dear 2oG,

When I performed scan using Avira it detected quite a number of Trojan...i thought after doing multiple scan with different tools, i won't see all these bugs again =(

Anyway, so far so good.


ComboFix 09-06-07.07 - 52309 06/08/2009 22:30.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.734.379 [GMT 8:00]
Running from: c:\documents and settings\52309\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\52309\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\52309\Application Data\LimeWire
c:\documents and settings\52309\Application Data\LimeWire\412splashfree.png
c:\documents and settings\52309\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\52309\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\52309\Application Data\LimeWire\createtimes.cache
c:\documents and settings\52309\Application Data\LimeWire\data.ser
c:\documents and settings\52309\Application Data\LimeWire\downloads.dat
c:\documents and settings\52309\Application Data\LimeWire\fileurns.bak
c:\documents and settings\52309\Application Data\LimeWire\fileurns.cache
c:\documents and settings\52309\Application Data\LimeWire\filters.props
c:\documents and settings\52309\Application Data\LimeWire\gnutella.net
c:\documents and settings\52309\Application Data\LimeWire\installation.props
c:\documents and settings\52309\Application Data\LimeWire\library.dat
c:\documents and settings\52309\Application Data\LimeWire\library5.dat
c:\documents and settings\52309\Application Data\LimeWire\limewire.props
c:\documents and settings\52309\Application Data\LimeWire\mojito.props
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\4BC70045d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\51CFDFBBd01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\98E79480d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF8d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\BAFF9A9Bd01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\DFCB219Ed01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\52309\Application Data\LimeWire\pub1.key
c:\documents and settings\52309\Application Data\LimeWire\public.key
c:\documents and settings\52309\Application Data\LimeWire\questions.props
c:\documents and settings\52309\Application Data\LimeWire\responses.cache
c:\documents and settings\52309\Application Data\LimeWire\secureMessage.key
c:\documents and settings\52309\Application Data\LimeWire\simpp.xml
c:\documents and settings\52309\Application Data\LimeWire\spam.dat
c:\documents and settings\52309\Application Data\LimeWire\tables.props
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\lime.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\search.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\lime.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\logo.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\notsearching.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\logo.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\notsearching.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\ttdata.cache
c:\documents and settings\52309\Application Data\LimeWire\ttree.cache
c:\documents and settings\52309\Application Data\LimeWire\ttrees.cache
c:\documents and settings\52309\Application Data\LimeWire\ttroot.cache
c:\documents and settings\52309\Application Data\LimeWire\update.xml
c:\documents and settings\52309\Application Data\LimeWire\version.key
c:\documents and settings\52309\Application Data\LimeWire\version.xml
c:\documents and settings\52309\Application Data\LimeWire\versions.props
c:\documents and settings\52309\Application Data\LimeWire\xml\data\audio.sxml2
c:\documents and settings\52309\Application Data\LimeWire\xml\data\audio.sxml3
c:\documents and settings\52309\Application Data\LimeWire\xml\data\delete_me
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\application.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\audio.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\document.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\image.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\video.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\application.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\audio.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\document.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\image.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\video.xsd
c:\program files\BitTorrent
c:\program files\BitTorrent\8642-bittorrent.2611.dmp
c:\program files\BitTorrent\8642-bittorrent.45e7.dmp
c:\program files\BitTorrent\8642-bittorrent.5a2d.dmp
c:\program files\BitTorrent\8642-bittorrent.76da.dmp
c:\program files\BitTorrent\8642-bittorrent.a050.dmp
c:\program files\BitTorrent\8642-bittorrent.b61c.dmp
c:\program files\BitTorrent\bittorrent.exe
c:\program files\BitTorrent\BitTorrentIE.2.dll
c:\program files\BitTorrent\uninst.exe
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\LimeWire
c:\program files\LimeWire\.NetworkShare\LimeWirePackedJars4.12.15.7z
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.12.15.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.16.3.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.18.8.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin5.1.2.exe
c:\program files\LimeWire\Buy LimeWire PRO.url
c:\program files\LimeWire\COPYING
c:\program files\LimeWire\data.ser
c:\program files\LimeWire\hs_err_pid236.log
c:\program files\LimeWire\hs_err_pid3076.log
c:\program files\LimeWire\hs_err_pid384.log
c:\program files\LimeWire\hs_err_pid656.log
c:\program files\LimeWire\inspection.props
c:\program files\LimeWire\install.log
c:\program files\LimeWire\language.prop
c:\program files\LimeWire\lib\additional_resources.jar
c:\program files\LimeWire\lib\aopalliance.jar
c:\program files\LimeWire\lib\AppFramework.jar
c:\program files\LimeWire\lib\base64-2.2.2.jar
c:\program files\LimeWire\lib\clink.jar
c:\program files\LimeWire\lib\commons-codec-1.3.jar
c:\program files\LimeWire\lib\commons-logging.jar
c:\program files\LimeWire\lib\commons-math-1.2.jar
c:\program files\LimeWire\lib\daap.jar
c:\program files\LimeWire\lib\dnsjava-2.0.6.jar
c:\program files\LimeWire\lib\EventBus-1.2b.jar
c:\program files\LimeWire\lib\gettext-commons.jar
c:\program files\LimeWire\lib\glazedlists-1.7.0_java15.jar
c:\program files\LimeWire\lib\guice-assistedinject-snapshot.jar
c:\program files\LimeWire\lib\guice-snapshot.jar
c:\program files\LimeWire\lib\hashes
c:\program files\LimeWire\lib\hsqldb.jar
c:\program files\LimeWire\lib\httpclient-4.0-beta1.jar
c:\program files\LimeWire\lib\httpcore-4.0-beta2.jar
c:\program files\LimeWire\lib\httpcore-nio-4.0-beta2.jar
c:\program files\LimeWire\lib\icu4j.jar
c:\program files\LimeWire\lib\iTunes-0.0.1.jar
c:\program files\LimeWire\lib\jacob-1.14.1-x64.dll
c:\program files\LimeWire\lib\jacob-1.14.1-x86.dll
c:\program files\LimeWire\lib\jacob-1.14.1.jar
c:\program files\LimeWire\lib\jaudiotagger.jar
c:\program files\LimeWire\lib\jcip-annotations.jar
c:\program files\LimeWire\lib\jcraft.jar
c:\program files\LimeWire\lib\jdic.dll
c:\program files\LimeWire\lib\jdic.jar
c:\program files\LimeWire\lib\jdic_stub.jar
c:\program files\LimeWire\lib\jflac.jar
c:\program files\LimeWire\lib\jl.jar
c:\program files\LimeWire\lib\jmdns.jar
c:\program files\LimeWire\lib\jna.jar
c:\program files\LimeWire\lib\jogg.jar
c:\program files\LimeWire\lib\jorbis.jar
c:\program files\LimeWire\lib\jxlayer.jar
c:\program files\LimeWire\lib\LimeWire.ico
c:\program files\LimeWire\lib\LimeWire.jar
c:\program files\LimeWire\lib\log4j.jar
c:\program files\LimeWire\lib\log4j.properties
c:\program files\LimeWire\lib\messages.jar
c:\program files\LimeWire\lib\miglayout.jar
c:\program files\LimeWire\lib\mozdom4java.jar
c:\program files\LimeWire\lib\MozillaGlue-1.9.jar
c:\program files\LimeWire\lib\MozillaInterfaces-1.9.jar
c:\program files\LimeWire\lib\mozswing.jar
c:\program files\LimeWire\lib\mp3spi.jar
c:\program files\LimeWire\lib\onion-common.jar
c:\program files\LimeWire\lib\onion-fec.jar
c:\program files\LimeWire\lib\smack.jar
c:\program files\LimeWire\lib\smackx-debug.jar
c:\program files\LimeWire\lib\smackx.jar
c:\program files\LimeWire\lib\swing-worker-1.1.jar
c:\program files\LimeWire\lib\swingx-0.9.4.jar
c:\program files\LimeWire\lib\SystemUtilities.dll
c:\program files\LimeWire\lib\SystemUtilitiesA.dll
c:\program files\LimeWire\lib\tritonus.jar
c:\program files\LimeWire\lib\vorbisspi.jar
c:\program files\LimeWire\LimeWire On Startup.lnk
c:\program files\LimeWire\LimeWire.exe
c:\program files\LimeWire\LimeWire.ico
c:\program files\LimeWire\pmf.ico
c:\program files\LimeWire\root\magnet10\badge.img
c:\program files\LimeWire\root\magnet10\canHandle.img
c:\program files\LimeWire\root\magnet10\limewire.gif
c:\program files\LimeWire\root\magnet10\options.js
c:\program files\LimeWire\root\magnet10\silentdetect.js
c:\program files\LimeWire\SOURCE
c:\program files\LimeWire\spacer.gif
c:\program files\LimeWire\uninstall.exe
c:\program files\LimeWire\unpack.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_EPFWTDIR
-------\Legacy_MYPROTECTOR
-------\Service_3qppt58
-------\Service_468aoy1ac
-------\Service_4ddmj4o
-------\Service_58v20f
-------\Service_7yx3zhgur
-------\Service_82wdblow0b
-------\Service_d2yz83c1rc
-------\Service_epfwtdir
-------\Service_faaojfwpo
-------\Service_holda
-------\Service_hxhpvot
-------\Service_m60q7y0
-------\Service_mhv6r42
-------\Service_myprotector
-------\Service_pev26od2
-------\Service_q3i6m8a
-------\Service_r9yr57dd5
-------\Service_wglfl7
-------\Service_yh13phk


((((((((((((((((((((((((( Files Created from 2009-05-08 to 2009-06-08 )))))))))))))))))))))))))))))))
.

2009-06-03 16:30 . 2009-06-03 16:30 -------- d-----w- c:\program files\iPod
2009-06-03 16:21 . 2009-06-03 16:23 -------- d-----w- c:\program files\QuickTime
2009-06-03 16:08 . 2009-06-03 16:08 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-01 11:31 . 2009-06-01 11:31 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-26 15:07 . 2009-03-30 02:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-26 15:07 . 2009-03-24 08:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-05-26 15:07 . 2009-02-13 04:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-05-26 15:07 . 2009-02-13 04:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\program files\Avira
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-20 15:09 . 2009-05-20 15:09 -------- d-----w- c:\documents and settings\52309\Application Data\dvdcss
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\scripting
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\l2schemas
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\en
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\bits
2009-05-17 16:06 . 2008-04-14 00:12 69120 ------w- c:\windows\system32\wlanapi.dll
2009-05-17 16:06 . 2008-04-14 00:12 50688 ------w- c:\windows\system32\tspkg.dll
2009-05-17 16:05 . 2008-04-13 18:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-05-17 16:05 . 2008-04-14 00:12 32768 ------w- c:\windows\system32\setupn.exe
2009-05-17 16:05 . 2008-04-14 00:12 61952 ------w- c:\windows\system32\rasqec.dll
2009-05-17 16:05 . 2008-04-14 00:12 76800 ------w- c:\windows\system32\qutil.dll
2009-05-17 16:05 . 2008-04-14 00:12 62464 ------w- c:\windows\system32\qcliprov.dll
2009-05-17 16:05 . 2008-04-14 00:12 291328 ------w- c:\windows\system32\qagentrt.dll
2009-05-17 16:05 . 2008-04-14 00:12 150528 ------w- c:\windows\system32\qagent.dll
2009-05-17 16:05 . 2008-04-14 00:12 144384 ------w- c:\windows\system32\onex.dll
2009-05-17 16:04 . 2008-04-14 00:12 176640 ------w- c:\windows\system32\napstat.exe
2009-05-17 16:04 . 2008-04-14 00:12 30208 ------w- c:\windows\system32\napipsec.dll
2009-05-17 16:04 . 2008-04-14 00:12 193024 ------w- c:\windows\system32\napmontr.dll
2009-05-17 16:04 . 2008-04-13 17:27 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2009-05-17 16:04 . 2008-09-10 01:14 1307648 -c----w- c:\windows\system32\dllcache\msxml6.dll
2009-05-17 16:04 . 2008-04-14 00:12 155136 ------w- c:\windows\system32\mssha.dll
2009-05-17 16:04 . 2008-04-13 18:14 76800 ------w- c:\windows\system32\msshavmsg.dll
2009-05-17 16:03 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2009-05-17 16:03 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2009-05-17 16:03 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2009-05-17 16:03 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2009-05-17 16:03 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2009-05-17 16:03 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2009-05-17 16:03 . 2008-04-14 00:10 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2009-05-17 16:03 . 2008-04-14 00:09 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-08 14:40 . 2005-04-16 14:12 5780 ----a-w- c:\windows\bthservsdp.dat
2009-06-04 11:45 . 2005-07-06 04:30 -------- d-----w- c:\program files\iTunes
2009-06-03 16:30 . 2008-02-22 06:07 -------- d-----w- c:\program files\Common Files\Apple
2009-06-01 11:32 . 2009-05-06 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-26 05:20 . 2009-05-06 14:48 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 05:19 . 2009-05-06 14:48 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-19 16:55 . 2005-04-15 09:04 89007 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\52309\Application Data\Malwarebytes
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-01 12:52 . 2009-05-01 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-29 11:20 . 2009-04-29 11:20 -------- d-----w- c:\program files\Trend Micro
2009-04-27 15:17 . 2009-04-27 13:10 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-27 15:17 . 2006-01-01 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-27 14:10 . 2005-04-15 14:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-27 14:09 . 2008-02-28 06:04 -------- d-----w- c:\program files\Windows Live
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-04-27 13:28 . 2009-04-27 13:28 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-04-27 13:07 . 2007-01-05 01:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-04-27 13:05 . 2006-07-02 08:12 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 16:39 . 2009-04-20 16:39 -------- d-----w- c:\program files\MP3 Converter Simple
2009-04-20 16:36 . 2008-06-27 08:45 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-04-14 16:41 . 2009-03-18 16:31 40 ----a-w- c:\windows\tmp.dat
2009-03-19 08:32 . 2009-03-19 08:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 08:32 . 2008-01-29 04:01 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-06-17 155648]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-09-17 290816]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]

c:\documents and settings\52309\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\0\0]
"Script"=advclient.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\1\0]
"Script"=rpstorage.bat

[HKLM\~\startupfolder\C:^Documents and Settings^52309^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\52309\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\iERP60\\SEGSVR03\\IERP60\\DotNet\\Intuitive2.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\lxczcoms.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\sopvod.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23775:TCP"= 23775:TCP:BitComet 23775 TCP
"23775:UDP"= 23775:UDP:BitComet 23775 UDP

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/26/2009 11:07 PM 108289]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [10/15/2007 9:08 AM 26624]
S0 4nzed7v;4nzed7;c:\windows\system32\DRIVERS\4nzed7v.sys --> c:\windows\system32\DRIVERS\4nzed7v.sys [?]
S2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 pciinfo;HP Pci Information;\??\c:\docume~1\52309\LOCALS~1\Temp\HPISPz\hpdom\pciinfo.sys --> c:\docume~1\52309\LOCALS~1\Temp\HPISPz\hpdom\pciinfo.sys [?]
S3 cdspacex;cdspacex;c:\windows\system32\drivers\cdspacex.sys [5/29/2006 11:59 PM 22570]
S3 WRSWanDD;iVasion PoET Adapter;c:\windows\system32\drivers\WrKPoETNic2000.sys [4/15/2005 10:56 PM 65604]
.
Contents of the 'Scheduled Tasks' folder

2009-05-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 04:34]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myrp.edu.sg/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} - hxxp://www.tvkoo.com/update/KooPlayer.ocx
FF - ProfilePath - c:\documents and settings\52309\Application Data\Mozilla\Firefox\Profiles\84j7865m.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPInfotl.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 22:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????7?4?5?3??????? ???B?????????????H<C? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\klogon.dll

- - - - - - - > 'explorer.exe'(236)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxczcoms.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\CCM\CcmExec.exe
c:\program files\3M\PSNLite\PsnLite.exe
c:\program files\Microsoft Encarta\Encarta Reference Library 2005\EDICT.EXE
c:\progra~1\3M\PSNLite\PSNGive.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2009-06-08 22:53 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-08 14:52
ComboFix2.txt 2009-06-01 11:23

Pre-Run: 1,001,263,104 bytes free
Post-Run: 984,276,992 bytes free

871 --- E O F --- 2009-05-20 14:18




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:22 PM, on 6/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\Microsoft Encarta\Encarta Reference Library 2005\EDICT.EXE
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myrp.edu.sg/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: LCDPlayer.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {555500CD-CB54-11D6-8DB9-0000864598B3} - http://instantsupport.asiapac.hp.com/awebui/jsp/answerweb/applets/HPISDiagManager.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189433651015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189433612500
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\MDT6\AcDcToday.ocx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\MDT6\InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\MDT6\InstFred.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\MDT6\AcPreview.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rp.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = rp.edu.sg
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = rp.edu.sg
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 10247 bytes

 

You may see more before this is over : ) The crap that Avira found is leftover Trash and not real Trojans..

If you look at the ‘other deletions’ in the ComboFix Log you will see that most of this trash is from using Limewire and Bittorrent – P2P is not good…. : (

As I told you at the start, maybe you should burn the drive. Lol

Bare with me and maybe we can get you cleaned up.. As I said, no guarantee but I will give it my best shot…

We may have to run some of these same programs several more times before you are completely clean (I need the Logs to see what is happening).

If you still have MBAM update and run a full scan if not, do this:

Download Malwarebytes' Anti-Malware to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected. <-- Don't forget this.
• When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

• Please post the MBAM Log in your next reply.




Please navigate to the system tray on the bottom right hand corner and look for an open white umbrella on red background (looks like this: )
• right click it-> untick the option AntiVir Guard enable.
• You should now see a closed, white umbrella on a red background (looks like this: )

You should still have ComboFix on your machine, do this:
Click start > run and Copy and Paste this in exactly, using the picture below for reference, then click OK.

Combo will begin to run DO NOTHING while this is happening.
• It will kill a few processes and disconnect you from the internet.
• If by chance it stops prematurely you can re-establish your internet connection by restarting your computer.
• This needs to be done so the program can work most efficiently for you.
Do not attempt to use the internet or anything else while it's doing its job for you.

Reboot the computer

Post the log from comboFix for me located in
c:\comboFix.txt and the MBAM Log



If you run into any problems, let me know before going on…..

2oG

 

Dear 2oG,

When I performed scan using Avira it detected quite a number of Trojan...i thought after doing multiple scan with different tools, i won't see all these bugs again =(

Anyway, so far so good.


ComboFix 09-06-07.07 - 52309 06/08/2009 22:30.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.734.379 [GMT 8:00]
Running from: c:\documents and settings\52309\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\52309\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\52309\Application Data\LimeWire
c:\documents and settings\52309\Application Data\LimeWire\412splashfree.png
c:\documents and settings\52309\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\52309\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\52309\Application Data\LimeWire\createtimes.cache
c:\documents and settings\52309\Application Data\LimeWire\data.ser
c:\documents and settings\52309\Application Data\LimeWire\downloads.dat
c:\documents and settings\52309\Application Data\LimeWire\fileurns.bak
c:\documents and settings\52309\Application Data\LimeWire\fileurns.cache
c:\documents and settings\52309\Application Data\LimeWire\filters.props
c:\documents and settings\52309\Application Data\LimeWire\gnutella.net
c:\documents and settings\52309\Application Data\LimeWire\installation.props
c:\documents and settings\52309\Application Data\LimeWire\library.dat
c:\documents and settings\52309\Application Data\LimeWire\library5.dat
c:\documents and settings\52309\Application Data\LimeWire\limewire.props
c:\documents and settings\52309\Application Data\LimeWire\mojito.props
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\4BC70045d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\51CFDFBBd01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\98E79480d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF8d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\BAFF9A9Bd01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\DFCB219Ed01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\52309\Application Data\LimeWire\pub1.key
c:\documents and settings\52309\Application Data\LimeWire\public.key
c:\documents and settings\52309\Application Data\LimeWire\questions.props
c:\documents and settings\52309\Application Data\LimeWire\responses.cache
c:\documents and settings\52309\Application Data\LimeWire\secureMessage.key
c:\documents and settings\52309\Application Data\LimeWire\simpp.xml
c:\documents and settings\52309\Application Data\LimeWire\spam.dat
c:\documents and settings\52309\Application Data\LimeWire\tables.props
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\lime.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\search.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\lime.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\logo.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\notsearching.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\logo.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\notsearching.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\ttdata.cache
c:\documents and settings\52309\Application Data\LimeWire\ttree.cache
c:\documents and settings\52309\Application Data\LimeWire\ttrees.cache
c:\documents and settings\52309\Application Data\LimeWire\ttroot.cache
c:\documents and settings\52309\Application Data\LimeWire\update.xml
c:\documents and settings\52309\Application Data\LimeWire\version.key
c:\documents and settings\52309\Application Data\LimeWire\version.xml
c:\documents and settings\52309\Application Data\LimeWire\versions.props
c:\documents and settings\52309\Application Data\LimeWire\xml\data\audio.sxml2
c:\documents and settings\52309\Application Data\LimeWire\xml\data\audio.sxml3
c:\documents and settings\52309\Application Data\LimeWire\xml\data\delete_me
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\application.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\audio.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\document.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\image.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\video.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\application.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\audio.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\document.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\image.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\video.xsd
c:\program files\BitTorrent
c:\program files\BitTorrent\8642-bittorrent.2611.dmp
c:\program files\BitTorrent\8642-bittorrent.45e7.dmp
c:\program files\BitTorrent\8642-bittorrent.5a2d.dmp
c:\program files\BitTorrent\8642-bittorrent.76da.dmp
c:\program files\BitTorrent\8642-bittorrent.a050.dmp
c:\program files\BitTorrent\8642-bittorrent.b61c.dmp
c:\program files\BitTorrent\bittorrent.exe
c:\program files\BitTorrent\BitTorrentIE.2.dll
c:\program files\BitTorrent\uninst.exe
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\LimeWire
c:\program files\LimeWire\.NetworkShare\LimeWirePackedJars4.12.15.7z
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.12.15.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.16.3.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.18.8.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin5.1.2.exe
c:\program files\LimeWire\Buy LimeWire PRO.url
c:\program files\LimeWire\COPYING
c:\program files\LimeWire\data.ser
c:\program files\LimeWire\hs_err_pid236.log
c:\program files\LimeWire\hs_err_pid3076.log
c:\program files\LimeWire\hs_err_pid384.log
c:\program files\LimeWire\hs_err_pid656.log
c:\program files\LimeWire\inspection.props
c:\program files\LimeWire\install.log
c:\program files\LimeWire\language.prop
c:\program files\LimeWire\lib\additional_resources.jar
c:\program files\LimeWire\lib\aopalliance.jar
c:\program files\LimeWire\lib\AppFramework.jar
c:\program files\LimeWire\lib\base64-2.2.2.jar
c:\program files\LimeWire\lib\clink.jar
c:\program files\LimeWire\lib\commons-codec-1.3.jar
c:\program files\LimeWire\lib\commons-logging.jar
c:\program files\LimeWire\lib\commons-math-1.2.jar
c:\program files\LimeWire\lib\daap.jar
c:\program files\LimeWire\lib\dnsjava-2.0.6.jar
c:\program files\LimeWire\lib\EventBus-1.2b.jar
c:\program files\LimeWire\lib\gettext-commons.jar
c:\program files\LimeWire\lib\glazedlists-1.7.0_java15.jar
c:\program files\LimeWire\lib\guice-assistedinject-snapshot.jar
c:\program files\LimeWire\lib\guice-snapshot.jar
c:\program files\LimeWire\lib\hashes
c:\program files\LimeWire\lib\hsqldb.jar
c:\program files\LimeWire\lib\httpclient-4.0-beta1.jar
c:\program files\LimeWire\lib\httpcore-4.0-beta2.jar
c:\program files\LimeWire\lib\httpcore-nio-4.0-beta2.jar
c:\program files\LimeWire\lib\icu4j.jar
c:\program files\LimeWire\lib\iTunes-0.0.1.jar
c:\program files\LimeWire\lib\jacob-1.14.1-x64.dll
c:\program files\LimeWire\lib\jacob-1.14.1-x86.dll
c:\program files\LimeWire\lib\jacob-1.14.1.jar
c:\program files\LimeWire\lib\jaudiotagger.jar
c:\program files\LimeWire\lib\jcip-annotations.jar
c:\program files\LimeWire\lib\jcraft.jar
c:\program files\LimeWire\lib\jdic.dll
c:\program files\LimeWire\lib\jdic.jar
c:\program files\LimeWire\lib\jdic_stub.jar
c:\program files\LimeWire\lib\jflac.jar
c:\program files\LimeWire\lib\jl.jar
c:\program files\LimeWire\lib\jmdns.jar
c:\program files\LimeWire\lib\jna.jar
c:\program files\LimeWire\lib\jogg.jar
c:\program files\LimeWire\lib\jorbis.jar
c:\program files\LimeWire\lib\jxlayer.jar
c:\program files\LimeWire\lib\LimeWire.ico
c:\program files\LimeWire\lib\LimeWire.jar
c:\program files\LimeWire\lib\log4j.jar
c:\program files\LimeWire\lib\log4j.properties
c:\program files\LimeWire\lib\messages.jar
c:\program files\LimeWire\lib\miglayout.jar
c:\program files\LimeWire\lib\mozdom4java.jar
c:\program files\LimeWire\lib\MozillaGlue-1.9.jar
c:\program files\LimeWire\lib\MozillaInterfaces-1.9.jar
c:\program files\LimeWire\lib\mozswing.jar
c:\program files\LimeWire\lib\mp3spi.jar
c:\program files\LimeWire\lib\onion-common.jar
c:\program files\LimeWire\lib\onion-fec.jar
c:\program files\LimeWire\lib\smack.jar
c:\program files\LimeWire\lib\smackx-debug.jar
c:\program files\LimeWire\lib\smackx.jar
c:\program files\LimeWire\lib\swing-worker-1.1.jar
c:\program files\LimeWire\lib\swingx-0.9.4.jar
c:\program files\LimeWire\lib\SystemUtilities.dll
c:\program files\LimeWire\lib\SystemUtilitiesA.dll
c:\program files\LimeWire\lib\tritonus.jar
c:\program files\LimeWire\lib\vorbisspi.jar
c:\program files\LimeWire\LimeWire On Startup.lnk
c:\program files\LimeWire\LimeWire.exe
c:\program files\LimeWire\LimeWire.ico
c:\program files\LimeWire\pmf.ico
c:\program files\LimeWire\root\magnet10\badge.img
c:\program files\LimeWire\root\magnet10\canHandle.img
c:\program files\LimeWire\root\magnet10\limewire.gif
c:\program files\LimeWire\root\magnet10\options.js
c:\program files\LimeWire\root\magnet10\silentdetect.js
c:\program files\LimeWire\SOURCE
c:\program files\LimeWire\spacer.gif
c:\program files\LimeWire\uninstall.exe
c:\program files\LimeWire\unpack.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_EPFWTDIR
-------\Legacy_MYPROTECTOR
-------\Service_3qppt58
-------\Service_468aoy1ac
-------\Service_4ddmj4o
-------\Service_58v20f
-------\Service_7yx3zhgur
-------\Service_82wdblow0b
-------\Service_d2yz83c1rc
-------\Service_epfwtdir
-------\Service_faaojfwpo
-------\Service_holda
-------\Service_hxhpvot
-------\Service_m60q7y0
-------\Service_mhv6r42
-------\Service_myprotector
-------\Service_pev26od2
-------\Service_q3i6m8a
-------\Service_r9yr57dd5
-------\Service_wglfl7
-------\Service_yh13phk


((((((((((((((((((((((((( Files Created from 2009-05-08 to 2009-06-08 )))))))))))))))))))))))))))))))
.

2009-06-03 16:30 . 2009-06-03 16:30 -------- d-----w- c:\program files\iPod
2009-06-03 16:21 . 2009-06-03 16:23 -------- d-----w- c:\program files\QuickTime
2009-06-03 16:08 . 2009-06-03 16:08 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-01 11:31 . 2009-06-01 11:31 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-26 15:07 . 2009-03-30 02:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-26 15:07 . 2009-03-24 08:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-05-26 15:07 . 2009-02-13 04:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-05-26 15:07 . 2009-02-13 04:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\program files\Avira
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-20 15:09 . 2009-05-20 15:09 -------- d-----w- c:\documents and settings\52309\Application Data\dvdcss
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\scripting
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\l2schemas
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\en
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\bits
2009-05-17 16:06 . 2008-04-14 00:12 69120 ------w- c:\windows\system32\wlanapi.dll
2009-05-17 16:06 . 2008-04-14 00:12 50688 ------w- c:\windows\system32\tspkg.dll
2009-05-17 16:05 . 2008-04-13 18:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-05-17 16:05 . 2008-04-14 00:12 32768 ------w- c:\windows\system32\setupn.exe
2009-05-17 16:05 . 2008-04-14 00:12 61952 ------w- c:\windows\system32\rasqec.dll
2009-05-17 16:05 . 2008-04-14 00:12 76800 ------w- c:\windows\system32\qutil.dll
2009-05-17 16:05 . 2008-04-14 00:12 62464 ------w- c:\windows\system32\qcliprov.dll
2009-05-17 16:05 . 2008-04-14 00:12 291328 ------w- c:\windows\system32\qagentrt.dll
2009-05-17 16:05 . 2008-04-14 00:12 150528 ------w- c:\windows\system32\qagent.dll
2009-05-17 16:05 . 2008-04-14 00:12 144384 ------w- c:\windows\system32\onex.dll
2009-05-17 16:04 . 2008-04-14 00:12 176640 ------w- c:\windows\system32\napstat.exe
2009-05-17 16:04 . 2008-04-14 00:12 30208 ------w- c:\windows\system32\napipsec.dll
2009-05-17 16:04 . 2008-04-14 00:12 193024 ------w- c:\windows\system32\napmontr.dll
2009-05-17 16:04 . 2008-04-13 17:27 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2009-05-17 16:04 . 2008-09-10 01:14 1307648 -c----w- c:\windows\system32\dllcache\msxml6.dll
2009-05-17 16:04 . 2008-04-14 00:12 155136 ------w- c:\windows\system32\mssha.dll
2009-05-17 16:04 . 2008-04-13 18:14 76800 ------w- c:\windows\system32\msshavmsg.dll
2009-05-17 16:03 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2009-05-17 16:03 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2009-05-17 16:03 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2009-05-17 16:03 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2009-05-17 16:03 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2009-05-17 16:03 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2009-05-17 16:03 . 2008-04-14 00:10 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2009-05-17 16:03 . 2008-04-14 00:09 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-08 14:40 . 2005-04-16 14:12 5780 ----a-w- c:\windows\bthservsdp.dat
2009-06-04 11:45 . 2005-07-06 04:30 -------- d-----w- c:\program files\iTunes
2009-06-03 16:30 . 2008-02-22 06:07 -------- d-----w- c:\program files\Common Files\Apple
2009-06-01 11:32 . 2009-05-06 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-26 05:20 . 2009-05-06 14:48 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 05:19 . 2009-05-06 14:48 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-19 16:55 . 2005-04-15 09:04 89007 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\52309\Application Data\Malwarebytes
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-01 12:52 . 2009-05-01 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-29 11:20 . 2009-04-29 11:20 -------- d-----w- c:\program files\Trend Micro
2009-04-27 15:17 . 2009-04-27 13:10 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-27 15:17 . 2006-01-01 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-27 14:10 . 2005-04-15 14:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-27 14:09 . 2008-02-28 06:04 -------- d-----w- c:\program files\Windows Live
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-04-27 13:28 . 2009-04-27 13:28 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-04-27 13:07 . 2007-01-05 01:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-04-27 13:05 . 2006-07-02 08:12 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 16:39 . 2009-04-20 16:39 -------- d-----w- c:\program files\MP3 Converter Simple
2009-04-20 16:36 . 2008-06-27 08:45 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-04-14 16:41 . 2009-03-18 16:31 40 ----a-w- c:\windows\tmp.dat
2009-03-19 08:32 . 2009-03-19 08:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 08:32 . 2008-01-29 04:01 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-06-17 155648]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-09-17 290816]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]

c:\documents and settings\52309\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\0\0]
"Script"=advclient.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\1\0]
"Script"=rpstorage.bat

[HKLM\~\startupfolder\C:^Documents and Settings^52309^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\52309\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\iERP60\\SEGSVR03\\IERP60\\DotNet\\Intuitive2.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\lxczcoms.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\sopvod.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23775:TCP"= 23775:TCP:BitComet 23775 TCP
"23775:UDP"= 23775:UDP:BitComet 23775 UDP

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/26/2009 11:07 PM 108289]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [10/15/2007 9:08 AM 26624]
S0 4nzed7v;4nzed7;c:\windows\system32\DRIVERS\4nzed7v.sys --> c:\windows\system32\DRIVERS\4nzed7v.sys [?]
S2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 pciinfo;HP Pci Information;\??\c:\docume~1\52309\LOCALS~1\Temp\HPISPz\hpdom\pciinfo.sys --> c:\docume~1\52309\LOCALS~1\Temp\HPISPz\hpdom\pciinfo.sys [?]
S3 cdspacex;cdspacex;c:\windows\system32\drivers\cdspacex.sys [5/29/2006 11:59 PM 22570]
S3 WRSWanDD;iVasion PoET Adapter;c:\windows\system32\drivers\WrKPoETNic2000.sys [4/15/2005 10:56 PM 65604]
.
Contents of the 'Scheduled Tasks' folder

2009-05-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 04:34]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myrp.edu.sg/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} - hxxp://www.tvkoo.com/update/KooPlayer.ocx
FF - ProfilePath - c:\documents and settings\52309\Application Data\Mozilla\Firefox\Profiles\84j7865m.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPInfotl.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 22:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????7?4?5?3??????? ???B?????????????H<C? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\klogon.dll

- - - - - - - > 'explorer.exe'(236)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxczcoms.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\CCM\CcmExec.exe
c:\program files\3M\PSNLite\PsnLite.exe
c:\program files\Microsoft Encarta\Encarta Reference Library 2005\EDICT.EXE
c:\progra~1\3M\PSNLite\PSNGive.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2009-06-08 22:53 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-08 14:52
ComboFix2.txt 2009-06-01 11:23

Pre-Run: 1,001,263,104 bytes free
Post-Run: 984,276,992 bytes free

871 --- E O F --- 2009-05-20 14:18




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:22 PM, on 6/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\Microsoft Encarta\Encarta Reference Library 2005\EDICT.EXE
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myrp.edu.sg/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: LCDPlayer.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {555500CD-CB54-11D6-8DB9-0000864598B3} - http://instantsupport.asiapac.hp.com/awebui/jsp/answerweb/applets/HPISDiagManager.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189433651015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189433612500
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\MDT6\AcDcToday.ocx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\MDT6\InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\MDT6\InstFred.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\MDT6\AcPreview.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rp.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = rp.edu.sg
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = rp.edu.sg
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 10247 bytes

 

Sorry man

Sorry for the spam in the previous posts...

Guess there's something wrong with my network....

 

Dear 2oG,

When I performed scan using Avira it detected quite a number of Trojan...i thought after doing multiple scan with different tools, i won't see all these bugs again =(

Anyway, so far so good.


ComboFix 09-06-07.07 - 52309 06/08/2009 22:30.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.734.379 [GMT 8:00]
Running from: c:\documents and settings\52309\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\52309\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\52309\Application Data\LimeWire
c:\documents and settings\52309\Application Data\LimeWire\412splashfree.png
c:\documents and settings\52309\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xul.dll
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\52309\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\52309\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\52309\Application Data\LimeWire\createtimes.cache
c:\documents and settings\52309\Application Data\LimeWire\data.ser
c:\documents and settings\52309\Application Data\LimeWire\downloads.dat
c:\documents and settings\52309\Application Data\LimeWire\fileurns.bak
c:\documents and settings\52309\Application Data\LimeWire\fileurns.cache
c:\documents and settings\52309\Application Data\LimeWire\filters.props
c:\documents and settings\52309\Application Data\LimeWire\gnutella.net
c:\documents and settings\52309\Application Data\LimeWire\installation.props
c:\documents and settings\52309\Application Data\LimeWire\library.dat
c:\documents and settings\52309\Application Data\LimeWire\library5.dat
c:\documents and settings\52309\Application Data\LimeWire\limewire.props
c:\documents and settings\52309\Application Data\LimeWire\mojito.props
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\4BC70045d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\51CFDFBBd01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\98E79480d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF8d01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\BAFF9A9Bd01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\Cache\DFCB219Ed01
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\52309\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\52309\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\52309\Application Data\LimeWire\pub1.key
c:\documents and settings\52309\Application Data\LimeWire\public.key
c:\documents and settings\52309\Application Data\LimeWire\questions.props
c:\documents and settings\52309\Application Data\LimeWire\responses.cache
c:\documents and settings\52309\Application Data\LimeWire\secureMessage.key
c:\documents and settings\52309\Application Data\LimeWire\simpp.xml
c:\documents and settings\52309\Application Data\LimeWire\spam.dat
c:\documents and settings\52309\Application Data\LimeWire\tables.props
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\lime.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\black_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\search.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\classic_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\dir_closed.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\dir_open.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\lime.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\logo.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\notsearching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\limewire_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\logo.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\notsearching.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\other_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\01_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\02_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\03_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\04_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\05_star.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\logo.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\notsearching.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\searching.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\splash.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\splashpro.png
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\52309\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\52309\Application Data\LimeWire\ttdata.cache
c:\documents and settings\52309\Application Data\LimeWire\ttree.cache
c:\documents and settings\52309\Application Data\LimeWire\ttrees.cache
c:\documents and settings\52309\Application Data\LimeWire\ttroot.cache
c:\documents and settings\52309\Application Data\LimeWire\update.xml
c:\documents and settings\52309\Application Data\LimeWire\version.key
c:\documents and settings\52309\Application Data\LimeWire\version.xml
c:\documents and settings\52309\Application Data\LimeWire\versions.props
c:\documents and settings\52309\Application Data\LimeWire\xml\data\audio.sxml2
c:\documents and settings\52309\Application Data\LimeWire\xml\data\audio.sxml3
c:\documents and settings\52309\Application Data\LimeWire\xml\data\delete_me
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\application.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\audio.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\document.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\image.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\misc\video.gif
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\application.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\audio.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\document.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\image.xsd
c:\documents and settings\52309\Application Data\LimeWire\xml\schemas\video.xsd
c:\program files\BitTorrent
c:\program files\BitTorrent\8642-bittorrent.2611.dmp
c:\program files\BitTorrent\8642-bittorrent.45e7.dmp
c:\program files\BitTorrent\8642-bittorrent.5a2d.dmp
c:\program files\BitTorrent\8642-bittorrent.76da.dmp
c:\program files\BitTorrent\8642-bittorrent.a050.dmp
c:\program files\BitTorrent\8642-bittorrent.b61c.dmp
c:\program files\BitTorrent\bittorrent.exe
c:\program files\BitTorrent\BitTorrentIE.2.dll
c:\program files\BitTorrent\uninst.exe
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\LimeWire
c:\program files\LimeWire\.NetworkShare\LimeWirePackedJars4.12.15.7z
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.12.15.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.16.3.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin4.18.8.exe
c:\program files\LimeWire\.NetworkShare\LimeWireWin5.1.2.exe
c:\program files\LimeWire\Buy LimeWire PRO.url
c:\program files\LimeWire\COPYING
c:\program files\LimeWire\data.ser
c:\program files\LimeWire\hs_err_pid236.log
c:\program files\LimeWire\hs_err_pid3076.log
c:\program files\LimeWire\hs_err_pid384.log
c:\program files\LimeWire\hs_err_pid656.log
c:\program files\LimeWire\inspection.props
c:\program files\LimeWire\install.log
c:\program files\LimeWire\language.prop
c:\program files\LimeWire\lib\additional_resources.jar
c:\program files\LimeWire\lib\aopalliance.jar
c:\program files\LimeWire\lib\AppFramework.jar
c:\program files\LimeWire\lib\base64-2.2.2.jar
c:\program files\LimeWire\lib\clink.jar
c:\program files\LimeWire\lib\commons-codec-1.3.jar
c:\program files\LimeWire\lib\commons-logging.jar
c:\program files\LimeWire\lib\commons-math-1.2.jar
c:\program files\LimeWire\lib\daap.jar
c:\program files\LimeWire\lib\dnsjava-2.0.6.jar
c:\program files\LimeWire\lib\EventBus-1.2b.jar
c:\program files\LimeWire\lib\gettext-commons.jar
c:\program files\LimeWire\lib\glazedlists-1.7.0_java15.jar
c:\program files\LimeWire\lib\guice-assistedinject-snapshot.jar
c:\program files\LimeWire\lib\guice-snapshot.jar
c:\program files\LimeWire\lib\hashes
c:\program files\LimeWire\lib\hsqldb.jar
c:\program files\LimeWire\lib\httpclient-4.0-beta1.jar
c:\program files\LimeWire\lib\httpcore-4.0-beta2.jar
c:\program files\LimeWire\lib\httpcore-nio-4.0-beta2.jar
c:\program files\LimeWire\lib\icu4j.jar
c:\program files\LimeWire\lib\iTunes-0.0.1.jar
c:\program files\LimeWire\lib\jacob-1.14.1-x64.dll
c:\program files\LimeWire\lib\jacob-1.14.1-x86.dll
c:\program files\LimeWire\lib\jacob-1.14.1.jar
c:\program files\LimeWire\lib\jaudiotagger.jar
c:\program files\LimeWire\lib\jcip-annotations.jar
c:\program files\LimeWire\lib\jcraft.jar
c:\program files\LimeWire\lib\jdic.dll
c:\program files\LimeWire\lib\jdic.jar
c:\program files\LimeWire\lib\jdic_stub.jar
c:\program files\LimeWire\lib\jflac.jar
c:\program files\LimeWire\lib\jl.jar
c:\program files\LimeWire\lib\jmdns.jar
c:\program files\LimeWire\lib\jna.jar
c:\program files\LimeWire\lib\jogg.jar
c:\program files\LimeWire\lib\jorbis.jar
c:\program files\LimeWire\lib\jxlayer.jar
c:\program files\LimeWire\lib\LimeWire.ico
c:\program files\LimeWire\lib\LimeWire.jar
c:\program files\LimeWire\lib\log4j.jar
c:\program files\LimeWire\lib\log4j.properties
c:\program files\LimeWire\lib\messages.jar
c:\program files\LimeWire\lib\miglayout.jar
c:\program files\LimeWire\lib\mozdom4java.jar
c:\program files\LimeWire\lib\MozillaGlue-1.9.jar
c:\program files\LimeWire\lib\MozillaInterfaces-1.9.jar
c:\program files\LimeWire\lib\mozswing.jar
c:\program files\LimeWire\lib\mp3spi.jar
c:\program files\LimeWire\lib\onion-common.jar
c:\program files\LimeWire\lib\onion-fec.jar
c:\program files\LimeWire\lib\smack.jar
c:\program files\LimeWire\lib\smackx-debug.jar
c:\program files\LimeWire\lib\smackx.jar
c:\program files\LimeWire\lib\swing-worker-1.1.jar
c:\program files\LimeWire\lib\swingx-0.9.4.jar
c:\program files\LimeWire\lib\SystemUtilities.dll
c:\program files\LimeWire\lib\SystemUtilitiesA.dll
c:\program files\LimeWire\lib\tritonus.jar
c:\program files\LimeWire\lib\vorbisspi.jar
c:\program files\LimeWire\LimeWire On Startup.lnk
c:\program files\LimeWire\LimeWire.exe
c:\program files\LimeWire\LimeWire.ico
c:\program files\LimeWire\pmf.ico
c:\program files\LimeWire\root\magnet10\badge.img
c:\program files\LimeWire\root\magnet10\canHandle.img
c:\program files\LimeWire\root\magnet10\limewire.gif
c:\program files\LimeWire\root\magnet10\options.js
c:\program files\LimeWire\root\magnet10\silentdetect.js
c:\program files\LimeWire\SOURCE
c:\program files\LimeWire\spacer.gif
c:\program files\LimeWire\uninstall.exe
c:\program files\LimeWire\unpack.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_EPFWTDIR
-------\Legacy_MYPROTECTOR
-------\Service_3qppt58
-------\Service_468aoy1ac
-------\Service_4ddmj4o
-------\Service_58v20f
-------\Service_7yx3zhgur
-------\Service_82wdblow0b
-------\Service_d2yz83c1rc
-------\Service_epfwtdir
-------\Service_faaojfwpo
-------\Service_holda
-------\Service_hxhpvot
-------\Service_m60q7y0
-------\Service_mhv6r42
-------\Service_myprotector
-------\Service_pev26od2
-------\Service_q3i6m8a
-------\Service_r9yr57dd5
-------\Service_wglfl7
-------\Service_yh13phk


((((((((((((((((((((((((( Files Created from 2009-05-08 to 2009-06-08 )))))))))))))))))))))))))))))))
.

2009-06-03 16:30 . 2009-06-03 16:30 -------- d-----w- c:\program files\iPod
2009-06-03 16:21 . 2009-06-03 16:23 -------- d-----w- c:\program files\QuickTime
2009-06-03 16:08 . 2009-06-03 16:08 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-01 11:31 . 2009-06-01 11:31 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-26 15:07 . 2009-03-30 02:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-26 15:07 . 2009-03-24 08:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-05-26 15:07 . 2009-02-13 04:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-05-26 15:07 . 2009-02-13 04:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\program files\Avira
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-20 15:09 . 2009-05-20 15:09 -------- d-----w- c:\documents and settings\52309\Application Data\dvdcss
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\scripting
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\l2schemas
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\en
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\bits
2009-05-17 16:06 . 2008-04-14 00:12 69120 ------w- c:\windows\system32\wlanapi.dll
2009-05-17 16:06 . 2008-04-14 00:12 50688 ------w- c:\windows\system32\tspkg.dll
2009-05-17 16:05 . 2008-04-13 18:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-05-17 16:05 . 2008-04-14 00:12 32768 ------w- c:\windows\system32\setupn.exe
2009-05-17 16:05 . 2008-04-14 00:12 61952 ------w- c:\windows\system32\rasqec.dll
2009-05-17 16:05 . 2008-04-14 00:12 76800 ------w- c:\windows\system32\qutil.dll
2009-05-17 16:05 . 2008-04-14 00:12 62464 ------w- c:\windows\system32\qcliprov.dll
2009-05-17 16:05 . 2008-04-14 00:12 291328 ------w- c:\windows\system32\qagentrt.dll
2009-05-17 16:05 . 2008-04-14 00:12 150528 ------w- c:\windows\system32\qagent.dll
2009-05-17 16:05 . 2008-04-14 00:12 144384 ------w- c:\windows\system32\onex.dll
2009-05-17 16:04 . 2008-04-14 00:12 176640 ------w- c:\windows\system32\napstat.exe
2009-05-17 16:04 . 2008-04-14 00:12 30208 ------w- c:\windows\system32\napipsec.dll
2009-05-17 16:04 . 2008-04-14 00:12 193024 ------w- c:\windows\system32\napmontr.dll
2009-05-17 16:04 . 2008-04-13 17:27 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2009-05-17 16:04 . 2008-09-10 01:14 1307648 -c----w- c:\windows\system32\dllcache\msxml6.dll
2009-05-17 16:04 . 2008-04-14 00:12 155136 ------w- c:\windows\system32\mssha.dll
2009-05-17 16:04 . 2008-04-13 18:14 76800 ------w- c:\windows\system32\msshavmsg.dll
2009-05-17 16:03 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2009-05-17 16:03 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2009-05-17 16:03 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2009-05-17 16:03 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2009-05-17 16:03 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2009-05-17 16:03 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2009-05-17 16:03 . 2008-04-14 00:10 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2009-05-17 16:03 . 2008-04-14 00:09 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-08 14:40 . 2005-04-16 14:12 5780 ----a-w- c:\windows\bthservsdp.dat
2009-06-04 11:45 . 2005-07-06 04:30 -------- d-----w- c:\program files\iTunes
2009-06-03 16:30 . 2008-02-22 06:07 -------- d-----w- c:\program files\Common Files\Apple
2009-06-01 11:32 . 2009-05-06 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-26 05:20 . 2009-05-06 14:48 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 05:19 . 2009-05-06 14:48 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-19 16:55 . 2005-04-15 09:04 89007 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\52309\Application Data\Malwarebytes
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-01 12:52 . 2009-05-01 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-29 11:20 . 2009-04-29 11:20 -------- d-----w- c:\program files\Trend Micro
2009-04-27 15:17 . 2009-04-27 13:10 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-27 15:17 . 2006-01-01 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-27 14:10 . 2005-04-15 14:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-27 14:09 . 2008-02-28 06:04 -------- d-----w- c:\program files\Windows Live
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-04-27 13:28 . 2009-04-27 13:28 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-04-27 13:07 . 2007-01-05 01:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-04-27 13:05 . 2006-07-02 08:12 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 16:39 . 2009-04-20 16:39 -------- d-----w- c:\program files\MP3 Converter Simple
2009-04-20 16:36 . 2008-06-27 08:45 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-04-14 16:41 . 2009-03-18 16:31 40 ----a-w- c:\windows\tmp.dat
2009-03-19 08:32 . 2009-03-19 08:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 08:32 . 2008-01-29 04:01 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-06-17 155648]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-09-17 290816]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]

c:\documents and settings\52309\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\0\0]
"Script"=advclient.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\1\0]
"Script"=rpstorage.bat

[HKLM\~\startupfolder\C:^Documents and Settings^52309^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\52309\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\iERP60\\SEGSVR03\\IERP60\\DotNet\\Intuitive2.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\lxczcoms.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\sopvod.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23775:TCP"= 23775:TCP:BitComet 23775 TCP
"23775:UDP"= 23775:UDP:BitComet 23775 UDP

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/26/2009 11:07 PM 108289]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [10/15/2007 9:08 AM 26624]
S0 4nzed7v;4nzed7;c:\windows\system32\DRIVERS\4nzed7v.sys --> c:\windows\system32\DRIVERS\4nzed7v.sys [?]
S2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 pciinfo;HP Pci Information;\??\c:\docume~1\52309\LOCALS~1\Temp\HPISPz\hpdom\pciinfo.sys --> c:\docume~1\52309\LOCALS~1\Temp\HPISPz\hpdom\pciinfo.sys [?]
S3 cdspacex;cdspacex;c:\windows\system32\drivers\cdspacex.sys [5/29/2006 11:59 PM 22570]
S3 WRSWanDD;iVasion PoET Adapter;c:\windows\system32\drivers\WrKPoETNic2000.sys [4/15/2005 10:56 PM 65604]
.
Contents of the 'Scheduled Tasks' folder

2009-05-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 04:34]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myrp.edu.sg/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} - hxxp://www.tvkoo.com/update/KooPlayer.ocx
FF - ProfilePath - c:\documents and settings\52309\Application Data\Mozilla\Firefox\Profiles\84j7865m.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPInfotl.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 22:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????7?4?5?3??????? ???B?????????????H<C? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\klogon.dll

- - - - - - - > 'explorer.exe'(236)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxczcoms.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\CCM\CcmExec.exe
c:\program files\3M\PSNLite\PsnLite.exe
c:\program files\Microsoft Encarta\Encarta Reference Library 2005\EDICT.EXE
c:\progra~1\3M\PSNLite\PSNGive.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2009-06-08 22:53 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-08 14:52
ComboFix2.txt 2009-06-01 11:23

Pre-Run: 1,001,263,104 bytes free
Post-Run: 984,276,992 bytes free

871 --- E O F --- 2009-05-20 14:18




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:22 PM, on 6/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\Microsoft Encarta\Encarta Reference Library 2005\EDICT.EXE
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myrp.edu.sg/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: LCDPlayer.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {555500CD-CB54-11D6-8DB9-0000864598B3} - http://instantsupport.asiapac.hp.com/awebui/jsp/answerweb/applets/HPISDiagManager.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189433651015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189433612500
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\MDT6\AcDcToday.ocx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\MDT6\InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\MDT6\InstFred.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\MDT6\AcPreview.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rp.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = rp.edu.sg
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = rp.edu.sg
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 10247 bytes

 

Did you see my last post – please run another MBAM and ComboFix here ->

http://forums.afterdawn.com/thread_view.cfm/2/768339#4704757

Need new Logs……..

2oG

 

ok mate...Here you go


Malwarebytes' Anti-Malware 1.37
Database version: 2261
Windows 5.1.2600 Service Pack 3

6/11/2009 11:24:12 PM
mbam-log-2009-06-11 (23-24-12).txt

Scan type: Full Scan (C:\|)
Objects scanned: 212139
Time elapsed: 2 hour(s), 49 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


ComboFix 09-06-14.02 - 52309 06/15/2009 21:48.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.734.447 [GMT 8:00]
Running from: c:\documents and settings\52309\desktop\combofix.exe
Command switches used :: /killall
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((( Files Created from 2009-05-15 to 2009-06-15 )))))))))))))))))))))))))))))))
.

2009-06-15 13:42 . 2009-06-15 13:44 -------- d-----w- C:\5c335898b27094da13ccc7ca20
2009-06-03 16:30 . 2009-06-03 16:30 -------- d-----w- c:\program files\iPod
2009-06-03 16:21 . 2009-06-03 16:23 -------- d-----w- c:\program files\QuickTime
2009-06-03 16:08 . 2009-06-03 16:08 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-01 11:31 . 2009-06-01 11:31 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-26 15:07 . 2009-03-30 02:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-26 15:07 . 2009-03-24 08:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-05-26 15:07 . 2009-02-13 04:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-05-26 15:07 . 2009-02-13 04:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\program files\Avira
2009-05-26 15:07 . 2009-05-26 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-20 15:09 . 2009-05-20 15:09 -------- d-----w- c:\documents and settings\52309\Application Data\dvdcss
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\scripting
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\l2schemas
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\en
2009-05-19 16:47 . 2009-05-19 16:47 -------- d-----w- c:\windows\system32\bits
2009-05-17 16:06 . 2008-04-14 00:12 69120 ------w- c:\windows\system32\wlanapi.dll
2009-05-17 16:06 . 2008-04-14 00:12 50688 ------w- c:\windows\system32\tspkg.dll
2009-05-17 16:05 . 2008-04-13 18:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-05-17 16:05 . 2008-04-14 00:12 32768 ------w- c:\windows\system32\setupn.exe
2009-05-17 16:05 . 2008-04-14 00:12 61952 ------w- c:\windows\system32\rasqec.dll
2009-05-17 16:05 . 2008-04-14 00:12 76800 ------w- c:\windows\system32\qutil.dll
2009-05-17 16:05 . 2008-04-14 00:12 62464 ------w- c:\windows\system32\qcliprov.dll
2009-05-17 16:05 . 2008-04-14 00:12 291328 ------w- c:\windows\system32\qagentrt.dll
2009-05-17 16:05 . 2008-04-14 00:12 150528 ------w- c:\windows\system32\qagent.dll
2009-05-17 16:05 . 2008-04-14 00:12 144384 ------w- c:\windows\system32\onex.dll
2009-05-17 16:04 . 2008-04-14 00:12 176640 ------w- c:\windows\system32\napstat.exe
2009-05-17 16:04 . 2008-04-14 00:12 30208 ------w- c:\windows\system32\napipsec.dll
2009-05-17 16:04 . 2008-04-14 00:12 193024 ------w- c:\windows\system32\napmontr.dll
2009-05-17 16:04 . 2008-04-13 17:27 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2009-05-17 16:04 . 2008-09-10 01:14 1307648 -c----w- c:\windows\system32\dllcache\msxml6.dll
2009-05-17 16:04 . 2008-04-14 00:12 155136 ------w- c:\windows\system32\mssha.dll
2009-05-17 16:04 . 2008-04-13 18:14 76800 ------w- c:\windows\system32\msshavmsg.dll
2009-05-17 16:03 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2009-05-17 16:03 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2009-05-17 16:03 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2009-05-17 16:03 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2009-05-17 16:03 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2009-05-17 16:03 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2009-05-17 16:03 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2009-05-17 16:03 . 2008-04-14 00:10 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2009-05-17 16:03 . 2008-04-14 00:09 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 13:56 . 2005-04-16 14:12 5780 ----a-w- c:\windows\bthservsdp.dat
2009-06-08 15:48 . 2007-07-01 05:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-04 11:45 . 2005-07-06 04:30 -------- d-----w- c:\program files\iTunes
2009-06-03 16:30 . 2008-02-22 06:07 -------- d-----w- c:\program files\Common Files\Apple
2009-06-01 11:32 . 2009-05-06 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-29 05:36 . 2009-03-18 15:34 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-05-29 05:36 . 2008-11-01 09:35 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-05-26 05:20 . 2009-05-06 14:48 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 05:19 . 2009-05-06 14:48 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-19 16:55 . 2005-04-15 09:04 89007 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\52309\Application Data\Malwarebytes
2009-05-06 14:48 . 2009-05-06 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-01 12:52 . 2009-05-01 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-29 11:20 . 2009-04-29 11:20 -------- d-----w- c:\program files\Trend Micro
2009-04-29 04:56 . 2004-08-04 12:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-27 15:17 . 2009-04-27 13:10 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-04-27 15:17 . 2006-01-01 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-27 14:10 . 2005-04-15 14:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-27 14:09 . 2008-02-28 06:04 -------- d-----w- c:\program files\Windows Live
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-04-27 13:30 . 2009-04-27 13:30 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-04-27 13:28 . 2009-04-27 13:28 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-04-27 13:07 . 2007-01-05 01:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-04-27 13:05 . 2006-07-02 08:12 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-20 16:39 . 2009-04-20 16:39 -------- d-----w- c:\program files\MP3 Converter Simple
2009-04-20 16:36 . 2008-06-27 08:45 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-04-15 14:51 . 2004-08-04 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-14 16:41 . 2009-03-18 16:31 40 ----a-w- c:\windows\tmp.dat
2009-03-19 08:32 . 2009-03-19 08:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 08:32 . 2008-01-29 04:01 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-06-08_14.45.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-15 13:58 . 2009-06-15 13:58 16384 c:\windows\temp\Perflib_Perfdata_264.dat
+ 2004-08-04 12:00 . 2009-04-29 04:56 44544 c:\windows\system32\pngfilt.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 44544 c:\windows\system32\pngfilt.dll
- 2006-11-07 13:03 . 2009-02-20 18:09 52224 c:\windows\system32\msfeedsbs.dll
+ 2006-11-07 13:03 . 2009-04-29 04:55 52224 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 27648 c:\windows\system32\jsproxy.dll
- 2006-10-26 18:44 . 2009-02-20 10:20 13824 c:\windows\system32\ieudinit.exe
+ 2006-10-26 18:44 . 2009-04-28 09:05 13824 c:\windows\system32\ieudinit.exe
- 2004-08-04 12:00 . 2009-02-20 18:09 44544 c:\windows\system32\iernonce.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 44544 c:\windows\system32\iernonce.dll
- 2004-08-04 12:00 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 12:00 . 2009-04-28 09:05 70656 c:\windows\system32\ie4uinit.exe
- 2006-10-17 03:58 . 2009-02-20 18:09 63488 c:\windows\system32\icardie.dll
+ 2006-10-17 03:58 . 2009-04-29 04:55 63488 c:\windows\system32\icardie.dll
+ 2009-05-26 15:07 . 2009-06-10 13:41 28520 c:\windows\system32\drivers\ssmdrv.sys
- 2004-08-04 12:00 . 2009-02-20 18:09 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-04-25 08:41 . 2009-04-29 04:55 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-04-25 08:41 . 2009-02-20 18:09 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2007-04-24 14:26 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-04-24 14:26 . 2009-04-28 09:05 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2004-08-04 12:00 . 2009-04-29 04:55 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-04 12:00 . 2009-04-28 09:05 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-04 12:00 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-08-20 10:04 . 2009-04-29 04:55 63488 c:\windows\system32\dllcache\icardie.dll
- 2007-08-20 10:04 . 2009-02-20 18:09 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 44544 c:\windows\ie7updates\KB969897-IE7\pngfilt.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 52224 c:\windows\ie7updates\KB969897-IE7\msfeedsbs.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 27648 c:\windows\ie7updates\KB969897-IE7\jsproxy.dll
+ 2009-06-15 13:40 . 2009-02-20 10:20 13824 c:\windows\ie7updates\KB969897-IE7\ieudinit.exe
+ 2009-06-15 13:40 . 2009-02-20 18:09 44544 c:\windows\ie7updates\KB969897-IE7\iernonce.dll
+ 2009-06-15 13:41 . 2009-02-20 18:09 78336 c:\windows\ie7updates\KB969897-IE7\ieencode.dll
+ 2009-06-15 13:41 . 2009-02-20 10:20 70656 c:\windows\ie7updates\KB969897-IE7\ie4uinit.exe
+ 2009-06-15 13:41 . 2009-02-20 18:09 63488 c:\windows\ie7updates\KB969897-IE7\icardie.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 233472 c:\windows\system32\webcheck.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 233472 c:\windows\system32\webcheck.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 105984 c:\windows\system32\url.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 102912 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 102912 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 671232 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 671232 c:\windows\system32\mstime.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 193024 c:\windows\system32\msrating.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 193024 c:\windows\system32\msrating.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 477696 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 477696 c:\windows\system32\mshtmled.dll
- 2006-11-07 13:03 . 2009-02-20 18:09 459264 c:\windows\system32\msfeeds.dll
+ 2006-11-07 13:03 . 2009-04-29 04:55 459264 c:\windows\system32\msfeeds.dll
+ 2009-05-04 17:01 . 2009-06-15 14:00 220220 c:\windows\system32\inetsrv\MetaBase.bin
+ 2006-10-17 03:57 . 2009-04-29 04:55 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 03:57 . 2009-02-20 18:09 268288 c:\windows\system32\iertutil.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 385024 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 385024 c:\windows\system32\iedkcs32.dll
- 2006-10-17 03:27 . 2009-02-20 18:09 383488 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 03:27 . 2009-04-29 04:55 383488 c:\windows\system32\ieapfltr.dll
+ 2004-08-04 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\ieakui.dll
- 2004-08-04 12:00 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 230400 c:\windows\system32\ieaksie.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 153088 c:\windows\system32\ieakeng.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 153088 c:\windows\system32\ieakeng.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 133120 c:\windows\system32\extmgr.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 133120 c:\windows\system32\extmgr.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 214528 c:\windows\system32\dxtrans.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 214528 c:\windows\system32\dxtrans.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 827392 c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 105984 c:\windows\system32\dllcache\url.dll
+ 2009-04-15 14:51 . 2009-04-15 14:51 585216 c:\windows\system32\dllcache\rpcrt4.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 102912 c:\windows\system32\dllcache\occache.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-04-25 08:41 . 2009-04-29 04:55 459264 c:\windows\system32\dllcache\msfeeds.dll
- 2007-04-25 08:41 . 2009-02-20 18:09 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2005-04-15 09:01 . 2009-04-25 05:27 636088 c:\windows\system32\dllcache\iexplore.exe
+ 2007-04-25 08:41 . 2009-04-29 04:55 268288 c:\windows\system32\dllcache\iertutil.dll
- 2007-04-25 08:41 . 2009-02-20 18:09 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-04-25 08:41 . 2009-04-29 04:55 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2007-04-25 08:41 . 2009-02-20 18:09 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2004-08-04 12:00 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-04 12:00 . 2009-04-29 04:55 124928 c:\windows\system32\dllcache\advpack.dll
+ 2009-06-15 13:43 . 2009-06-15 13:43 389120 c:\windows\system32\CF32468.exe
+ 2004-08-04 12:00 . 2009-04-29 04:55 124928 c:\windows\system32\advpack.dll
- 2004-08-04 12:00 . 2009-02-20 18:09 124928 c:\windows\system32\advpack.dll
+ 2009-06-15 13:40 . 2009-03-03 00:18 826368 c:\windows\ie7updates\KB969897-IE7\wininet.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 233472 c:\windows\ie7updates\KB969897-IE7\webcheck.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 105984 c:\windows\ie7updates\KB969897-IE7\url.dll
+ 2009-06-15 13:41 . 2008-07-09 07:38 382840 c:\windows\ie7updates\KB969897-IE7\spuninst\updspapi.dll
+ 2009-06-15 13:41 . 2008-07-09 07:38 231288 c:\windows\ie7updates\KB969897-IE7\spuninst\spuninst.exe
+ 2009-06-15 13:40 . 2009-02-20 18:09 102912 c:\windows\ie7updates\KB969897-IE7\occache.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 671232 c:\windows\ie7updates\KB969897-IE7\mstime.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 193024 c:\windows\ie7updates\KB969897-IE7\msrating.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 477696 c:\windows\ie7updates\KB969897-IE7\mshtmled.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 459264 c:\windows\ie7updates\KB969897-IE7\msfeeds.dll
+ 2009-06-15 13:41 . 2009-02-28 04:54 636072 c:\windows\ie7updates\KB969897-IE7\iexplore.exe
+ 2009-06-15 13:40 . 2009-02-20 18:09 268288 c:\windows\ie7updates\KB969897-IE7\iertutil.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 385024 c:\windows\ie7updates\KB969897-IE7\iedkcs32.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 383488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dll
+ 2009-06-15 13:41 . 2009-02-20 05:14 161792 c:\windows\ie7updates\KB969897-IE7\ieakui.dll
+ 2009-06-15 13:41 . 2009-02-20 18:09 230400 c:\windows\ie7updates\KB969897-IE7\ieaksie.dll
+ 2009-06-15 13:41 . 2009-02-20 18:09 153088 c:\windows\ie7updates\KB969897-IE7\ieakeng.dll
+ 2009-06-15 13:41 . 2009-02-20 18:09 133120 c:\windows\ie7updates\KB969897-IE7\extmgr.dll
+ 2009-06-15 13:41 . 2009-02-20 18:09 214528 c:\windows\ie7updates\KB969897-IE7\dxtrans.dll
+ 2009-06-15 13:41 . 2009-02-20 18:09 347136 c:\windows\ie7updates\KB969897-IE7\dxtmsft.dll
+ 2009-06-15 13:41 . 2009-02-20 18:09 124928 c:\windows\ie7updates\KB969897-IE7\advpack.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 1159680 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 3596288 c:\windows\system32\mshtml.dll
+ 2006-11-07 13:03 . 2009-04-29 04:55 6066176 c:\windows\system32\ieframe.dll
- 2006-11-07 13:03 . 2009-02-20 18:09 6066176 c:\windows\system32\ieframe.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 1159680 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 12:00 . 2009-04-29 04:56 3596288 c:\windows\system32\dllcache\mshtml.dll
+ 2007-04-25 08:41 . 2009-04-29 04:55 6066176 c:\windows\system32\dllcache\ieframe.dll
- 2007-04-25 08:41 . 2009-02-20 18:09 6066176 c:\windows\system32\dllcache\ieframe.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 1160192 c:\windows\ie7updates\KB969897-IE7\urlmon.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 3595264 c:\windows\ie7updates\KB969897-IE7\mshtml.dll
+ 2009-06-15 13:40 . 2009-02-20 18:09 6066176 c:\windows\ie7updates\KB969897-IE7\ieframe.dll
+ 2009-06-15 13:40 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dat
+ 2005-07-05 15:51 . 2009-06-01 16:51 23635392 c:\windows\system32\MRT.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-06-17 155648]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-09-17 290816]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]

c:\documents and settings\52309\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\0\0]
"Script"=advclient.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-839522115-1801674531-725345543-16836\Scripts\Logon\1\0]
"Script"=rpstorage.bat

[HKLM\~\startupfolder\C:^Documents and Settings^52309^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\52309\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^UTAgent 4.0.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\UTAgent 4.0.lnk
backup=c:\windows\pss\UTAgent 4.0.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\iERP60\\SEGSVR03\\IERP60\\DotNet\\Intuitive2.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\lxczcoms.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\sopvod.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23775:TCP"= 23775:TCP:BitComet 23775 TCP
"23775:UDP"= 23775:UDP:BitComet 23775 UDP

R0 4nzed7v;4nzed7;c:\windows\System32\DRIVERS\4nzed7v.sys [x]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
R2 pciinfo;HP Pci Information;c:\docume~1\52309\LOCALS~1\Temp\HPISPz\hpdom\pciinfo.sys [x]
R3 cdspacex;cdspacex;c:\windows\system32\DRIVERS\CDSPACEX.sys [2003-07-31 22570]
R3 WRSWanDD;iVasion PoET Adapter;c:\windows\system32\DRIVERS\WrKPoETNic2000.sys [2002-10-28 65604]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
S3 dfmirage;dfmirage;c:\windows\system32\DRIVERS\dfmirage.sys [2006-05-02 26624]

.
Contents of the 'Scheduled Tasks' folder

2009-05-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 04:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myrp.edu.sg/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} - hxxp://www.tvkoo.com/update/KooPlayer.ocx
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-15 22:07
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(860)
c:\windows\system32\klogon.dll

- - - - - - - > 'explorer.exe'(1104)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxczcoms.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\CCM\CcmExec.exe
c:\windows\system32\CF32468.exe
c:\program files\3M\PSNLite\PsnLite.exe
c:\progra~1\3M\PSNLite\PSNGive.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-06-15 22:14 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-15 14:14
ComboFix2.txt 2009-06-08 14:53
ComboFix3.txt 2009-06-01 11:23

Pre-Run: 617,459,712 bytes free
Post-Run: 646,270,976 bytes free

371 --- E O F --- 2009-06-15 13:44

 

You’re looking good.. Almost there.. Just a little touch up.


Step # 1: Remove Hijackthis Entries

• Run HijackThis
• Click on the Scan button
• Put a check beside all of the items listed below (if present):

O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)

O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)

• Close all open windows and browsers/email, etc...
• Click on the "Fix Checked" button
• When completed, close the application.


Step # 2: Delete Bad Services

Please open Notepad. Ensure that word wrap is turned off. Click on Format and make sure that there is not a tick next to Word Wrap. If there's one, click on Word Wrap to remove it. Copy and paste the following in the quote box into Notepad:

Click on File > Save As....

In the File Name box, copy and paste in fix.bat
In the Save as type box, select All Files from the drop-down list.

Click Save and save it to your Desktop.

Double click on fix.bat. A Command Prompt window will open and close quickly. That is normal.



Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Please go into the Control Panel, Add/Remove and for now remove ALL versions of JAVA

Then run this tool to help cleanup any left over Java
Remove Old Java using JavaRa


Download JavaRa and unzip it to your desktop.
***Please close any instances of Internet Explorer before continuing!***
• Double-click on JavaRa.exe to start the program
• From the drop-down menu, choose English and click on Select
• JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer
• Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK
• A logfile will pop up. Save it to a convenient location
• Click on Additional Tasks then tick Remove Useless JRE Files
• Click Go then OK when prompted & close the program.
Update Java Runtime
• Go to http://java.sun.com/javase/downloads/index.jsp
• Scroll down to Java Runtime Environment (JRE) 6 Update 14 and click on the Download button
• In the Platform box choose Windows
• Check the box to Accept License Agreement and click Continue
• Click on Windows Offline Installation, click on the link under it which says "jre-6u14-windows-i586.exe" and save the downloaded file to your desktop
• Install the new version by running the downloaded file with the Java icon & follow the on-screen instructions
• Reboot your computer

You shouldn’t be having any problems now.. Your HJT Log is clean and I see no infection that can harm you..

Let me know how you are running… any problems?

2oG

 

@2oldGeek

Sorry to butt in, but I have got to say, you are some type of saint! I was looking over the logs...man you are great. Nice to see good people still exist!

/end pointless intrusion

 

Thanks stang, but Saints can’t clean computers; they can’t say the bad words needed to complete the job….. lamo

This one has been a real challenge…. There are a lot of duplicate .dll files left over but they are not going to cause any problems.. Un-registered as indicated by the minus sign next to them in the snapshot by combofix, and not using enough memory to even be concerned with..

Thanks for your recognition, that makes the work worthwhile.. : )

2oG

 

Yup...dude...nowadays it's really difficult to find someone offering unconditional help to stranger up to such GREAT lengths.

Many thanks man.

Generally the whole comp is working NORMALLY...I'll do a weekly virus & malware scan to remove any undetected threats, if there's any.

Great job man! Totally appreciate your help & effort.

 

@ yeapkl,

You are very welcome; appreciate the thanks because the pay here sucks! lol
Run a scan once a week with Avira and MBAM and watch what you download..

Uninstall Combofix <-- This is a very powerful tool and not a general cleaning tool, if you run this on your own without supervision you could bork your system.



This may or may not work if you did not follow the instructions to download it to your desktop, if it does not work, then go to where you have Combofix and drag it to the trash.
• Click START then RUN
• Now type Combofix /u in the runbox and click OK. Note the space between the X and the /U, it needs to be there.


• When shown the disclaimer, Select "2"

The above procedure will:
• Delete ComboFix and its associated files and folders.
• Reset the clock settings.
• Hide file extensions, if required.
• Hide System/Hidden files, if required.
• Reset System Restore.


In my business, I can say this: “Hope I don’t see you again.” lol
Enjoy your clean machine and have a “Happy” whatever and do stop in occasionally to say hi and let me know how things are going……

2oG

 

Cheers 2oG,

You’ve been a big help!


yeapkl =)