hope this is in the right place, malwareytes result

Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

2 Pages

1 2 >

hope this is in the right place, malwareytes result

Options

stushine View Member Profile	Sep 26 2008, 10:50 AM Post #1
Member Posts: 13 OS: xp	Malwarebytes' Anti-Malware 1.28 Database version: 1210 Windows 5.1.2600 Service Pack 3 26/09/2008 17:47:39 mbam-log-2008-09-26 (17-47-39).txt Scan type: Quick Scan Objects scanned: 48803 Time elapsed: 8 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 7 Registry Keys Infected: 19 Registry Values Infected: 3 Registry Data Items Infected: 2 Folders Infected: 6 Files Infected: 32 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\gcmlnito.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\ljJyVnOG.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\mcuxibor.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\wlhwjo.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\awturRif.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\jouywfcd.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\vjlodu.dll (Trojan.Vundo) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a5529ed-26a2-47a6-a06e-68f301490dd7} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{0a5529ed-26a2-47a6-a06e-68f301490dd7} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f5fda83-4379-4c6a-94ad-cc7bc688505a} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awturrif (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{1f5fda83-4379-4c6a-94ad-cc7bc688505a} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a6d61fa8-c559-41b0-9942-ace881cde0d2} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a6d61fa8-c559-41b0-9942-ace881cde0d2} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\845bc8d5 (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm8768fb49 (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{1f5fda83-4379-4c6a-94ad-cc7bc688505a} (Trojan.Vundo.H) -> Delete on reboot. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjyvnog -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjyvnog -> Delete on reboot. Folders Infected: C:\Program Files\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully. C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Files Infected: C:\WINDOWS\system32\ljJyVnOG.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\GOnVyJjl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\GOnVyJjl.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\awturRif.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\vjlodu.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\defwxfjf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fjfxwfed.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\gcmlnito.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\otinlmcg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcuxibor.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\wlhwjo.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\jouywfcd.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\lipxcpwu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\awttqnmM.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\clxpmwwg.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\eoswsfrx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\icskva.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qauvif.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wyyywfce.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Local Settings\Temp\v2h616xp.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Application Data\WinTouch\wintouch.cfg (Adware.WinPop) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Application Data\WinTouch\WTUninstaller.exe (Adware.WinPop) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\Application Data\RegistrySmart\Registry Backups\2007-12-24_01-21-40.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\n.bat (Malware.Trace) -> Quarantined and deleted successfully. C:\x.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\z.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM8768fb49.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM8768fb49.txt (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\stu\SETUP.EXE (Trojan.Agent) -> Quarantined and deleted successfully.

Rorschach112 View Member Profile	Sep 26 2008, 10:52 AM Post #2
GeekU Teacher Posts: 21,845 From: Dublin OS: XP	Hello Disable resident protections (Antivirus...); you'll re-enable them after the scan Download Lop S&D < here Double-click Lop S&D.exe Choose the language, then choose Option 1 (Search) Wait till the end of the scan Post the log which is created: (%SystemDrive%\lopR.txt)

stushine View Member Profile	Sep 26 2008, 11:00 AM Post #3
Member Posts: 13 OS: xp	done --------------------\\ Lop S&D 4.2.4-4 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Opteron™ Processor 146 ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : stu ( Administrator ) BOOT : Normal boot Antivirus : AVG 7.5.523 7.5.523 (Activated) Firewall : NVIDIA Firewall 1.0 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total : 127 Go Free : 5 Go D:\ (CD or DVD) E:\ (Local Disk) - NTFS - Total : 76 Go Free : 15 Go F:\ (Local Disk) - NTFS - Total : 127 Go Free : 100 Go G:\ (Local Disk) - NTFS - Total : 104 Go Free : 26 Go H:\ (CD or DVD) J:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go "C:\Lop SD" ( MAJ : 19-09-2008\|22:20 ) Option : [1] ( 26/09/2008\|17:54 ) --------------------\\ Listing folders in APPLIC~1 [05/08/2008\|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [06/11/2007\|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems [23/08/2008\|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Affinegy [07/12/2007\|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [07/12/2007\|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [22/09/2008\|00:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7 [07/11/2007\|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [25/06/2008\|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [10/04/2008\|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [31/10/2007\|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [21/09/2008\|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [23/08/2008\|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [06/11/2007\|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [26/09/2008\|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [31/10/2007\|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [22/09/2008\|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [22/09/2008\|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SITEguard [22/09/2008\|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [22/09/2008\|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla! [23/11/2007\|00:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com [22/09/2008\|00:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [07/05/2008\|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [21/09/2008\|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [10/04/2008\|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [31/10/2007\|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [29/02/2008\|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [02/03/2008\|01:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [21/09/2008\|23:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7 [21/09/2008\|23:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [22/09/2008\|11:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [21/09/2008\|22:59] C:\DOCUME~1\stu\APPLIC~1\Adobe [26/09/2008\|02:02] C:\DOCUME~1\stu\APPLIC~1\Affinegy [07/12/2007\|10:09] C:\DOCUME~1\stu\APPLIC~1\Apple Computer [26/09/2008\|13:44] C:\DOCUME~1\stu\APPLIC~1\AVG7 [07/07/2008\|22:01] C:\DOCUME~1\stu\APPLIC~1\Azureus [08/12/2007\|02:02] C:\DOCUME~1\stu\APPLIC~1\BearShare [22/09/2008\|10:29] C:\DOCUME~1\stu\APPLIC~1\BitTorrent [21/03/2008\|00:58] C:\DOCUME~1\stu\APPLIC~1\Creative [21/12/2007\|21:58] C:\DOCUME~1\stu\APPLIC~1\DAEMON Tools [21/12/2007\|21:58] C:\DOCUME~1\stu\APPLIC~1\DAEMON Tools Pro [05/08/2008\|22:18] C:\DOCUME~1\stu\APPLIC~1\deskPDF [20/11/2007\|18:25] C:\DOCUME~1\stu\APPLIC~1\DivX [22/09/2008\|04:31] C:\DOCUME~1\stu\APPLIC~1\DNA [30/12/2007\|01:58] C:\DOCUME~1\stu\APPLIC~1\dvdcss [09/05/2008\|20:34] C:\DOCUME~1\stu\APPLIC~1\EPSON [16/03/2008\|12:10] C:\DOCUME~1\stu\APPLIC~1\FileZilla [31/10/2007\|12:33] C:\DOCUME~1\stu\APPLIC~1\Google [31/10/2007\|09:35] C:\DOCUME~1\stu\APPLIC~1\Identities [22/01/2008\|17:21] C:\DOCUME~1\stu\APPLIC~1\InstallShield [22/01/2008\|17:22] C:\DOCUME~1\stu\APPLIC~1\LG Electronics [29/07/2008\|15:59] C:\DOCUME~1\stu\APPLIC~1\LimeWire [31/10/2007\|10:00] C:\DOCUME~1\stu\APPLIC~1\Macromedia [26/09/2008\|17:36] C:\DOCUME~1\stu\APPLIC~1\Malwarebytes [14/07/2008\|23:07] C:\DOCUME~1\stu\APPLIC~1\Microsoft [07/05/2008\|12:30] C:\DOCUME~1\stu\APPLIC~1\Mozilla [05/11/2007\|16:10] C:\DOCUME~1\stu\APPLIC~1\Sun [23/11/2007\|00:32] C:\DOCUME~1\stu\APPLIC~1\SUPERAntiSpyware.com [07/05/2008\|12:30] C:\DOCUME~1\stu\APPLIC~1\TomTom [04/11/2007\|19:13] C:\DOCUME~1\stu\APPLIC~1\vlc [16/12/2007\|17:47] C:\DOCUME~1\stu\APPLIC~1\WinRAR --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [26/09/2008 17:48][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job [24/09/2008 12:08][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [26/09/2008 10:28][--ah-----] C:\WINDOWS\tasks\SA.DAT [23/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing Folders in C:\Program Files [05/08/2008\|16:59] C:\Program Files\activePDF [05/08/2008\|16:15] C:\Program Files\Adobe [20/11/2007\|18:48] C:\Program Files\Ahead [22/02/2008\|00:36] C:\Program Files\Alcohol Soft [07/12/2007\|10:08] C:\Program Files\Apple Software Update [03/05/2008\|11:57] C:\Program Files\Azureus [22/09/2008\|23:15] C:\Program Files\BearShare [08/12/2007\|02:02] C:\Program Files\BearShare Applications [22/09/2008\|09:55] C:\Program Files\BitTorrent [08/08/2008\|14:49] C:\Program Files\Bullfrog [22/09/2008\|00:47] C:\Program Files\Bus Simulator [26/09/2008\|17:36] C:\Program Files\Common Files [31/10/2007\|09:27] C:\Program Files\ComPlus Applications [20/03/2008\|21:29] C:\Program Files\Creative [21/12/2007\|10:10] C:\Program Files\DAEMON Tools Lite [21/12/2007\|22:01] C:\Program Files\DAEMON Tools Pro [21/02/2008\|18:02] C:\Program Files\DivX [31/10/2007\|18:58] C:\Program Files\DivXCodec [21/09/2008\|00:39] C:\Program Files\DNA [05/08/2008\|22:17] C:\Program Files\Docudesk [25/06/2008\|14:54] C:\Program Files\DVD Shrink [10/04/2008\|18:14] C:\Program Files\EPSON [10/04/2008\|18:14] C:\Program Files\EPSON Print CD [21/09/2008\|20:22] C:\Program Files\Euro Truck Simulator [16/03/2008\|11:59] C:\Program Files\FileZilla FTP Client [31/10/2007\|18:58] C:\Program Files\Gabest [26/08/2008\|09:20] C:\Program Files\Google [31/10/2007\|18:58] C:\Program Files\GordianKnot [21/09/2008\|23:52] C:\Program Files\Grisoft [23/09/2008\|00:22] C:\Program Files\InstallShield Installation Information [14/08/2008\|10:01] C:\Program Files\Internet Explorer [20/02/2008\|00:45] C:\Program Files\iTunes [05/11/2007\|16:11] C:\Program Files\Java [21/02/2008\|18:03] C:\Program Files\K-Lite Codec Pack [22/01/2008\|17:22] C:\Program Files\LG Electronics [22/01/2008\|17:21] C:\Program Files\LG PC Suite 2 [08/06/2008\|00:17] C:\Program Files\LimeWire [23/09/2008\|00:22] C:\Program Files\MadOnion.com [22/09/2008\|00:27] C:\Program Files\MagicDisc [21/09/2008\|22:59] C:\Program Files\MagicISO [26/09/2008\|17:36] C:\Program Files\Malwarebytes' Anti-Malware [31/10/2007\|09:46] C:\Program Files\Marvell [15/09/2008\|08:38] C:\Program Files\Messenger [03/09/2008\|21:18] C:\Program Files\Messenger Plus! Live [31/10/2007\|11:44] C:\Program Files\Microsoft ActiveSync [31/10/2007\|09:30] C:\Program Files\microsoft frontpage [14/08/2008\|18:53] C:\Program Files\Microsoft Office [19/08/2008\|10:00] C:\Program Files\Microsoft Silverlight [29/02/2008\|14:52] C:\Program Files\Microsoft SQL Server Compact Edition [15/09/2008\|08:33] C:\Program Files\Movie Maker [26/09/2008\|14:35] C:\Program Files\Mozilla Firefox [31/10/2007\|09:27] C:\Program Files\MSN [22/11/2007\|21:35] C:\Program Files\MSN Gaming Zone [15/09/2008\|08:30] C:\Program Files\NetMeeting [31/10/2007\|09:43] C:\Program Files\NVIDIA Corporation [31/10/2007\|09:29] C:\Program Files\Online Services [15/09/2008\|08:30] C:\Program Files\Outlook Express [21/09/2008\|11:26] C:\Program Files\PowerISO [20/02/2008\|00:43] C:\Program Files\QuickTime [12/08/2008\|16:22] C:\Program Files\Replay Converter [17/11/2007\|15:58] C:\Program Files\Samsung [20/11/2007\|18:52] C:\Program Files\SmartSoftVideoConverter [20/11/2007\|19:29] C:\Program Files\SmartSoftVideoConverterPro [22/09/2008\|22:34] C:\Program Files\Spybot - Search & Destroy [23/11/2007\|21:08] C:\Program Files\SUPERAntiSpyware [21/09/2008\|11:01] C:\Program Files\Switlle [03/09/2008\|13:42] C:\Program Files\TomTom DesktopSuite [07/05/2008\|12:30] C:\Program Files\TomTom HOME 2 [22/12/2007\|21:02] C:\Program Files\UAZ Racing 4x4 [31/10/2007\|09:35] C:\Program Files\Uninstall Information [04/11/2007\|19:12] C:\Program Files\VideoLAN [23/08/2008\|12:59] C:\Program Files\Virgin Broadband Wireless [23/08/2008\|13:07] C:\Program Files\Virgin Media Broadband [23/09/2008\|22:41] C:\Program Files\Vstep [31/10/2007\|10:25] C:\Program Files\Windows Journal Viewer [02/03/2008\|01:14] C:\Program Files\Windows Live [29/02/2008\|14:47] C:\Program Files\Windows Live Favorites [02/02/2008\|00:40] C:\Program Files\Windows Live Safety Center [29/02/2008\|14:48] C:\Program Files\Windows Live Toolbar [31/10/2007\|10:50] C:\Program Files\Windows Media Connect 2 [15/09/2008\|08:30] C:\Program Files\Windows Media Player [15/09/2008\|08:30] C:\Program Files\Windows NT [31/10/2007\|10:02] C:\Program Files\WindowsUpdate [23/08/2008\|12:59] C:\Program Files\WinPcap [16/12/2007\|17:44] C:\Program Files\WinRAR [31/10/2007\|09:30] C:\Program Files\xerox --------------------\\ Listing Folders in C:\Program Files\Common Files [05/08/2008\|16:15] C:\Program Files\Common Files\Adobe [06/11/2007\|19:38] C:\Program Files\Common Files\Adobe Systems Shared [20/11/2007\|18:48] C:\Program Files\Common Files\Ahead [07/12/2007\|10:07] C:\Program Files\Common Files\Apple [31/10/2007\|11:44] C:\Program Files\Common Files\Designer [26/09/2008\|17:36] C:\Program Files\Common Files\Download Manager [10/04/2008\|18:16] C:\Program Files\Common Files\InstallShield [22/09/2008\|00:01] C:\Program Files\Common Files\iS3 [05/11/2007\|16:10] C:\Program Files\Common Files\Java [14/08/2008\|18:53] C:\Program Files\Common Files\Microsoft Shared [31/10/2007\|09:28] C:\Program Files\Common Files\MSSoap [31/10/2007\|03:52] C:\Program Files\Common Files\ODBC [31/10/2007\|09:28] C:\Program Files\Common Files\Services [31/10/2007\|03:52] C:\Program Files\Common Files\SpeechEngines [15/09/2008\|08:30] C:\Program Files\Common Files\System [29/02/2008\|14:41] C:\Program Files\Common Files\WindowsLiveInstaller --------------------\\ Process ( 46 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders No Lop folder found ! --------------------\\ Searching within the Registry ..... OK ! --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-26 17:56:48 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Searching for other infections C:\WINDOWS\system32\gfhkj.bak2 C:\WINDOWS\system32\gfhkj.ini2 C:\WINDOWS\system32\gfhkj.tmp C:\WINDOWS\system32\EKQAyyay.ini C:\WINDOWS\system32\EKQAyyay.ini2 C:\WINDOWS\system32\GOnVyJjl.ini C:\WINDOWS\system32\GOnVyJjl.ini2 C:\WINDOWS\system32\wxaHOqru.ini C:\WINDOWS\system32\wxaHOqru.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\stu\Application Data\BitTorrent\Euro Truck Simulator 2008 (PC Edition) Crack ZIP.torrent C:\DOCUME~1\stu\Application Data\BitTorrent\Power ISO v3.8 + keygen [h33t] [Original].torrent C:\DOCUME~1\stu\Application Data\BitTorrent\Spyware Doctor 2009.,. With Antivirus 8.0.0.739.,.- (XP & Vista) + Patc+crack.,.torrent C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT [www[1].Fulldls.com].torrent C:\DOCUME~1\stu\Desktop\desktop\photoshop_cs2_keygen.exe C:\DOCUME~1\stu\Desktop\desktop\photoshop_cs2_keygen.zip C:\DOCUME~1\stu\Desktop\desktop\121212\bussinesscardpro\keygen C:\DOCUME~1\stu\Desktop\desktop\121212\bussinesscardpro\keygen\embrace.nfo C:\DOCUME~1\stu\Desktop\desktop\121212\bussinesscardpro\keygen\keygen.exe C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator\CurrentMap.dat C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator\data.chk C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator\data41.chk C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator\data41.vif C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator\navigator.cfg C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator\TomTom Navigator.exe C:\DOCUME~1\stu\Desktop\desktop\Grand Theft Auto San Andreas DVD\Grand Theft Auto San Andreas DVD with CRACK.daa C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT\Ipswitch Ws Ftp Professional 2006+keygenZWT.rar C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT\password.ws.ftp..zip C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT\Torrent downloaded from Demonoid.com.txt C:\DOCUME~1\stu\Desktop\desktop\Ipswitch.WS.FTP.Pro.2007.Incl.Keymaker-CORE\Ipswitch.WS.FTP.Pro.2007.Incl.Keymaker-CORE\keygen.exe C:\DOCUME~1\stu\My Documents\Azureus Downloads\UAZ 4X4 Racing [English][PCDVD][WwW.GamesTorrents.CoM]\UAZ-Racing 4x4\UAZ-racing 4x4 crack C:\DOCUME~1\stu\My Documents\Azureus Downloads\UAZ 4X4 Racing [English][PCDVD][WwW.GamesTorrents.CoM]\UAZ-Racing 4x4\UAZ-racing 4x4 crack.rar C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\1) Keygen C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\2) Key Changer C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\3) Windows Genuine Validation C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\1) Keygen\info.txt C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\2) Key Changer\XPPID.exe C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\3) Windows Genuine Validation\WGA.exe C:\DOCUME~1\stu\My Documents\Downloads\Euro Truck Simulator 2008 (PC Edition) Crack ZIP C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original] C:\DOCUME~1\stu\My Documents\Downloads\Euro Truck Simulator 2008 (PC Edition) Crack ZIP\Euro Truck Simulator 2008 (PC Edition) Crack ZIP.zip C:\DOCUME~1\stu\My Documents\Downloads\Magic ISO Maker v5.5 Build 0272 Final - Multilingual - Full\Magic ISO Maker 5.5.Build.272\crack C:\DOCUME~1\stu\My Documents\Downloads\Magic ISO Maker v5.5 Build 0272 Final - Multilingual - Full\Magic ISO Maker 5.5.Build.272\crack\patch.exe C:\DOCUME~1\stu\My Documents\Downloads\Magic ISO Maker v5.5 Build 0272 Final - Multilingual - Full\Magic ISO Maker 5.5.Build.272\crack\Thumbs.db C:\DOCUME~1\stu\My Documents\Downloads\Magic ISO Maker v5.5 Build 0272 Final - Multilingual - Full\Magic ISO Maker 5.5.Build.272\crack\Wallpaper.jpg C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original]\PowerISO.3.8_KEYGEN-FFF.zip C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original]\PowerISO38.exe C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original]\readme.txt C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original]\tracked_by_h33t_com.txt C:\DOCUME~1\stu\Recent\Euro_Truck_Simulator_2008_PC_Edition_Crack_ZIP [mininova].torrent.lnk C:\DOCUME~1\stu\Recent\Power ISO v3.8 + keygen [h33t] [Original].lnk C:\DOCUME~1\stu\Recent\Spyware_Doctor_2009._._With_Antivirus_8.0.0.739._.-_XP_Vista_Patc_crack._ [mininova].torrent.lnk [F:36][D:28]-> C:\DOCUME~1\stu\LOCALS~1\Temp [F:8][D:0]-> C:\DOCUME~1\stu\Cookies [F:1707][D:28]-> C:\DOCUME~1\stu\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 26/09/2008\|18:00 - Option : [1] --------------------\\ Scan completed at 18:00:15

Rorschach112 View Member Profile	Sep 26 2008, 11:04 AM Post #4
GeekU Teacher Posts: 21,845 From: Dublin OS: XP	Hello Please download the OTMoveIt3 by OldTimer. Save it to your desktop. Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): CODE :Processes explorer.exe :Files C:\WINDOWS\system32\gfhkj.bak2 C:\WINDOWS\system32\gfhkj.ini2 C:\WINDOWS\system32\gfhkj.tmp C:\WINDOWS\system32\EKQAyyay.ini C:\WINDOWS\system32\EKQAyyay.ini2 C:\WINDOWS\system32\GOnVyJjl.ini C:\WINDOWS\system32\GOnVyJjl.ini2 C:\WINDOWS\system32\wxaHOqru.ini C:\WINDOWS\system32\wxaHOqru.ini2 C:\DOCUME~1\stu\Application Data\BitTorrent\Euro Truck Simulator 2008 (PC Edition) Crack ZIP.torrent C:\DOCUME~1\stu\Application Data\BitTorrent\Power ISO v3.8 + keygen [h33t] [Original].torrent C:\DOCUME~1\stu\Application Data\BitTorrent\Spyware Doctor 2009.,. With Antivirus 8.0.0.739.,.- (XP & Vista) + Patc+crack.,.torrent C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT [www[1].Fulldls.com].torrent C:\DOCUME~1\stu\Desktop\desktop\photoshop_cs2_keygen.exe C:\DOCUME~1\stu\Desktop\desktop\photoshop_cs2_keygen.zip C:\DOCUME~1\stu\Desktop\desktop\121212\bussinesscardpro\keygen C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK C:\DOCUME~1\stu\Desktop\desktop\Grand Theft Auto San Andreas DVD\Grand Theft Auto San Andreas DVD with CRACK.daa C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT C:\DOCUME~1\stu\Desktop\desktop\Ipswitch.WS.FTP.Pro.2007.Incl.Keymaker-CORE C:\DOCUME~1\stu\My Documents\Azureus Downloads\UAZ 4X4 Racing [English][PCDVD][WwW.GamesTorrents.CoM]\UAZ-Racing 4x4\UAZ-racing 4x4 crack C:\DOCUME~1\stu\My Documents\Azureus Downloads\UAZ 4X4 Racing [English][PCDVD][WwW.GamesTorrents.CoM]\UAZ-Racing 4x4\UAZ-racing 4x4 crack.rar C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation C:\DOCUME~1\stu\My Documents\Downloads\Euro Truck Simulator 2008 (PC Edition) Crack ZIP C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original] C:\DOCUME~1\stu\My Documents\Downloads\Euro Truck Simulator 2008 (PC Edition) Crack ZIP\Euro Truck Simulator 2008 (PC Edition) Crack ZIP.zip C:\DOCUME~1\stu\My Documents\Downloads\Magic ISO Maker v5.5 Build 0272 Final - Multilingual - Full\Magic ISO Maker 5.5.Build.272\crack C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original] C:\DOCUME~1\stu\Recent\Euro_Truck_Simulator_2008_PC_Edition_Crack_ZIP [mininova].torrent.lnk C:\DOCUME~1\stu\Recent\Power ISO v3.8 + keygen [h33t] [Original].lnk C:\DOCUME~1\stu\Recent\Spyware_Doctor_2009._._With_Antivirus_8.0.0.739._.-_XP_Vista_Patc_crack._ [mininova].torrent.lnk :Commands [purity] [emptytemp] [start explorer] [Reboot] Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste. Click the red Moveit! button. Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply. Close OTMoveIt3 Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter .log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles* folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. Please run the MGA Diagnostic Tool and post back the report it shall produce: Download MGADiag to your desktop. Double-click on MGADiag.exe to launch the program Click "Continue" Ensure that the "Windows" tab is selected (it should be by default). Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard. Paste the MGA Diagnostic Report back here in your next reply.

stushine View Member Profile	Sep 26 2008, 11:17 AM Post #5
Member Posts: 13 OS: xp	========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\WINDOWS\system32\gfhkj.bak2 moved successfully. C:\WINDOWS\system32\gfhkj.ini2 moved successfully. C:\WINDOWS\system32\gfhkj.tmp moved successfully. C:\WINDOWS\system32\EKQAyyay.ini moved successfully. C:\WINDOWS\system32\EKQAyyay.ini2 moved successfully. C:\WINDOWS\system32\GOnVyJjl.ini moved successfully. C:\WINDOWS\system32\GOnVyJjl.ini2 moved successfully. C:\WINDOWS\system32\wxaHOqru.ini moved successfully. C:\WINDOWS\system32\wxaHOqru.ini2 moved successfully. C:\DOCUME~1\stu\Application Data\BitTorrent\Euro Truck Simulator 2008 (PC Edition) Crack ZIP.torrent moved successfully. C:\DOCUME~1\stu\Application Data\BitTorrent\Power ISO v3.8 + keygen [h33t] [Original].torrent moved successfully. C:\DOCUME~1\stu\Application Data\BitTorrent\Spyware Doctor 2009.,. With Antivirus 8.0.0.739.,.- (XP & Vista) + Patc+crack.,.torrent moved successfully. C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT moved successfully. C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT [www[1].Fulldls.com].torrent moved successfully. C:\DOCUME~1\stu\Desktop\desktop\photoshop_cs2_keygen.exe moved successfully. C:\DOCUME~1\stu\Desktop\desktop\photoshop_cs2_keygen.zip moved successfully. C:\DOCUME~1\stu\Desktop\desktop\121212\bussinesscardpro\keygen moved successfully. C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK\Navigator moved successfully. C:\DOCUME~1\stu\Desktop\desktop\55555\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TomTom NAVIGATOR 6 + GB_plus_major_roads_of_WE\TTN6\CRACK moved successfully. C:\DOCUME~1\stu\Desktop\desktop\Grand Theft Auto San Andreas DVD\Grand Theft Auto San Andreas DVD with CRACK.daa moved successfully. File/Folder C:\DOCUME~1\stu\Desktop\desktop\Ipswitch Ws Ftp Professional 2006+keygenZWT not found. C:\DOCUME~1\stu\Desktop\desktop\Ipswitch.WS.FTP.Pro.2007.Incl.Keymaker-CORE\Ipswitch.WS.FTP.Pro.2007.Incl.Keymaker-CORE moved successfully. C:\DOCUME~1\stu\Desktop\desktop\Ipswitch.WS.FTP.Pro.2007.Incl.Keymaker-CORE moved successfully. C:\DOCUME~1\stu\My Documents\Azureus Downloads\UAZ 4X4 Racing [English][PCDVD][WwW.GamesTorrents.CoM]\UAZ-Racing 4x4\UAZ-racing 4x4 crack moved successfully. C:\DOCUME~1\stu\My Documents\Azureus Downloads\UAZ 4X4 Racing [English][PCDVD][WwW.GamesTorrents.CoM]\UAZ-Racing 4x4\UAZ-racing 4x4 crack.rar moved successfully. C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\3) Windows Genuine Validation moved successfully. C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\2) Key Changer moved successfully. C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\1) Keygen moved successfully. C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation moved successfully. C:\DOCUME~1\stu\My Documents\docs\My Received Files\Windows XP SP2 Keygen + Key Changer + Windows Genuine Validation moved successfully. C:\DOCUME~1\stu\My Documents\Downloads\Euro Truck Simulator 2008 (PC Edition) Crack ZIP moved successfully. C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original] moved successfully. File/Folder C:\DOCUME~1\stu\My Documents\Downloads\Euro Truck Simulator 2008 (PC Edition) Crack ZIP\Euro Truck Simulator 2008 (PC Edition) Crack ZIP.zip not found. C:\DOCUME~1\stu\My Documents\Downloads\Magic ISO Maker v5.5 Build 0272 Final - Multilingual - Full\Magic ISO Maker 5.5.Build.272\crack moved successfully. File/Folder C:\DOCUME~1\stu\My Documents\Downloads\Power ISO v3.8 + keygen [h33t] [Original] not found. C:\DOCUME~1\stu\Recent\Euro_Truck_Simulator_2008_PC_Edition_Crack_ZIP [mininova].torrent.lnk moved successfully. C:\DOCUME~1\stu\Recent\Power ISO v3.8 + keygen [h33t] [Original].lnk moved successfully. C:\DOCUME~1\stu\Recent\Spyware_Doctor_2009._._With_Antivirus_8.0.0.739._.-_XP_Vista_Patc_crack._ [mininova].torrent.lnk moved successfully. ========== COMMANDS ========== C:\WINDOWS\WіnSxS\WіnSxS moved successfully. C:\WINDOWS\WіnSxS moved successfully. C:\WINDOWS\system32\ѕеcurity moved successfully. File delete failed. C:\DOCUME~1\stu\LOCALS~1\Temp\~DF2E28.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\stu\LOCALS~1\Temp\~DF2E33.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\stu\LOCALS~1\Temp\~DF578D.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\stu\LOCALS~1\Temp\~DF5847.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\stu\LOCALS~1\Temp\~DF9D05.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\stu\LOCALS~1\Temp\~WRD0000.doc scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.2.2 log created on 09262008_180931 Files moved on Reboot... File C:\DOCUME~1\stu\LOCALS~1\Temp\~DF2E28.tmp not found! File C:\DOCUME~1\stu\LOCALS~1\Temp\~DF2E33.tmp not found! File C:\DOCUME~1\stu\LOCALS~1\Temp\~DF578D.tmp not found! File C:\DOCUME~1\stu\LOCALS~1\Temp\~DF5847.tmp not found! File C:\DOCUME~1\stu\LOCALS~1\Temp\~DF9D05.tmp not found! File C:\DOCUME~1\stu\LOCALS~1\Temp\~WRD0000.doc not found! C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\stu\Local Settings\Application Data\Mozilla\Firefox\Profiles\qhekdpzg.default\Cache\_CACHE_MAP_ moved successfully. Diagnostic Report (1.7.0095.0): ----------------------------------------- WGA Data--> Validation Status: Genuine Validation Code: 0 Online Validation Code: N/A Cached Validation Code: N/A Windows Product Key: ***-*-3R89F-D2KXW-VPK3J Windows Product Key Hash: Ro/Y7HENE9CfW7lW+QtlNbYQEE8= Windows Product ID: 55274-640-8365391-23221 Windows Product ID Type: 1 Windows License Type: Volume Windows OS version: 5.1.2600.2.00010100.3.0.pro CSVLK Server: N/A CSVLK PID: N/A ID: {A21C0E53-92EF-4217-9162-7C87F7AC8EA7}(3) Is Admin: Yes TestCab: 0x0 WGA Version: Registered, 1.7.59.1 Signed By: Microsoft Product Name: N/A Architecture: N/A Build lab: N/A TTS Error: N/A Validation Diagnostic: 025D1FF3-171-1 Resolution Status: N/A WgaER Data--> ThreatID(s): N/A Version: N/A WGA Notifications Data--> Cached Result: 0 File Exists: Yes Version: 1.7.18.7 WgaTray.exe Signed By: Microsoft WgaLogon.dll Signed By: Microsoft OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 WGATray.exe Signed By: Microsoft OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 114 Blocked VLK 2 Microsoft Publisher 2002 - 100 Genuine Microsoft Office XP Professional with FrontPage - 114 Blocked VLK 2 OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-171-1 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32) Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{A21C0E53-92EF-4217-9162-7C87F7AC8EA7}</UGUID><Version>1.7.0095.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*-*-*-***-VPK3J</PKey><PID>55274-640-8365391-23221</PID><PIDType>1</PIDType><SID>S-1-5-21-1123561945-602609370-725345543</SID><SYSTEM><Manufacturer>NVIDIA</Manufacturer><Model>AWRDACPI</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="2"/><Date>20050623000000.000000+000</Date></BIOS><HWID>52B23FEF01844E66</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><BRT/></MachineData><Software><Office><Result>114</Result><Products><Product GUID="{90190409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Publisher 2002</Name><Ver>10</Ver><Val>BABFAAD4C4D61B0</Val><Hash>SEishkJimZrBR/u8NT774CIf0yg=</Hash><Pid>54197-640-0698487-16787</Pid><PidType>14</PidType></Product><Product GUID="{90280409-6000-11D3-8CFE-0050048383C9}"><LegitResult>114</LegitResult><Name>Microsoft Office XP Professional with FrontPage</Name><Ver>10</Ver><Val>39476F84C4B4004</Val><Hash>4iCnywwNW1w4s9ukTIwGMGxyGic=</Hash><Pid>54185-640-0000025-17823</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="10" Result="114"/><App Id="16" Version="10" Result="114"/><App Id="17" Version="10" Result="114"/><App Id="18" Version="10" Result="114"/><App Id="19" Version="10" Result="100"/><App Id="1A" Version="10" Result="114"/><App Id="1B" Version="10" Result="114"/></Applications></Office></Software></GenuineResults>

Rorschach112 View Member Profile	Sep 26 2008, 11:50 AM Post #6
GeekU Teacher Posts: 21,845 From: Dublin OS: XP	Hello Please download DirLook by jpshortstuff from here. Double-click DirLook.exe to run it. Ensure that Show Hidden Files/Folders and BBCode Ouput are both checked. Copy the content of the following codebox into the main textfield: CODE C:\DOCUME~1\stu\My Documents\docs\My Received Files C:\DOCUME~1\stu\Application Data\BitTorrent C:\DOCUME~1\stu\Desktop\desktop C:\DOCUME~1\stu\My Documents\Downloads C:\DOCUME~1\stu\Recent Click the DirLook button to start the scan. When finished, a notepad window will open with the results of the scan. Please post this log in your next reply. (Note: The log can also be found at C:\dl_log.txt) Note: Scanning may take longer for large folders.

stushine

Sep 26 2008, 11:55 AM

Post #7

Member

Posts: 13
OS: xp

DirLook.exe by jpshortstuff
Log created at 18:54:40 on 26/09/2008

==============================

Contents of "C:\DOCUME~1\stu\My Documents\docs\My Received Files" (inc. hidden/system files/folders)

---FOLDERS---

Landy V8 (created: 31/10/2007 12:43) d--------

---FILES---

_H0J0096.jpg (69564 bytes, created: 25/06/2007 23:24) --a------
~$rsa_crew.rtf (162 bytes, created: 31/05/2006 00:56) --ah-----
00_1[1].jpg (33196 bytes, created: 08/08/2006 23:08) --a------
01102007013.jpg (754154 bytes, created: 02/10/2007 00:13) --a------
04-akala-shakespeare.mp3 (8355037 bytes, created: 20/07/2006 18:36) --a------
10.jpg (87518 bytes, created: 15/10/2006 00:01) --a------
100_0161.JPG (1243531 bytes, created: 05/06/2006 18:06) --a------
100_0171.JPG (1303769 bytes, created: 05/06/2006 18:06) --a------
1024x864-lowered2 copy.jpg (767889 bytes, created: 08/11/2006 00:51) --a------
107_1[1].jpg (63132 bytes, created: 08/12/2006 21:00) --a------
17022006097.jpg (451083 bytes, created: 22/06/2006 00:13) --a------
17x9.5 all round, ET15 on the front and ET9 on the rear, with 225 45 17's.jpg (169391 bytes, created: 07/11/2006 00:01) --a------
18112005.jpg (343243 bytes, created: 28/01/2007 16:12) --a------
18s.bmp (589878 bytes, created: 26/05/2006 12:22) --a------
21dc4c85-5d52-47f1-95a5-7ca0a7c8f4f0.jpg (88267 bytes, created: 02/07/2007 17:26) --a------
221_0[1](1).jpg (52456 bytes, created: 08/12/2006 20:29) --a------
221_0[1].jpg (52456 bytes, created: 08/12/2006 20:29) --a------
222_0[1].jpg (75175 bytes, created: 08/12/2006 20:34) --a------
226_0[1].jpg (162822 bytes, created: 08/12/2006 20:46) --a------
250_0[1].jpg (71847 bytes, created: 08/12/2006 20:55) --a------
250_1[1].jpg (45012 bytes, created: 08/12/2006 20:55) --a------
250_2[1].jpg (40929 bytes, created: 08/12/2006 20:55) --a------
27102006006.jpg (982064 bytes, created: 28/10/2006 20:51) --a------
28082007374.jpg (341103 bytes, created: 28/08/2007 18:48) --a------
28082007374copy-vi.jpg (343558 bytes, created: 28/08/2007 18:42) --a------
28102006015.jpg (605047 bytes, created: 28/10/2006 21:17) --a------
2872_3.JPG (82090 bytes, created: 12/09/2007 18:16) --a------
29a9_3.JPG (94107 bytes, created: 12/09/2007 18:18) --a------
29qC71.tmp.jpg (174949 bytes, created: 30/10/2007 22:49) --a------
3.jpg (38386 bytes, created: 09/12/2006 01:16) --a------
376.jpg (107459 bytes, created: 23/10/2006 23:33) --a------
377-1.jpg (93919 bytes, created: 23/10/2006 23:34) --a------
39f[1].jpg (21742 bytes, created: 30/12/2006 13:23) --a------
3bxDE.tmp.jpg (223365 bytes, created: 17/08/2007 15:36) --a------
3lf2A3.tmp.jpg (127005 bytes, created: 09/08/2007 16:34) --a------
4.jpg (42822 bytes, created: 09/12/2006 01:16) --a------
4_Idiots.wm (1784892 bytes, created: 13/02/2007 19:45) --a------
40600117.JPG (291242 bytes, created: 18/10/2006 11:00) --a------
421_0[1].jpg (51333 bytes, created: 08/12/2006 20:50) --a------
57c3F6.tmp.jpg (240714 bytes, created: 29/06/2007 20:03) --a------
6 hair do's.JPG (53346 bytes, created: 04/08/2006 00:07) --a------
68f[1].jpg (21345 bytes, created: 30/12/2006 13:17) --a------
707_0[1].jpg (43023 bytes, created: 25/05/2006 21:20) --a------
716_0[1].jpg (22427 bytes, created: 25/05/2006 21:34) --a------
716_1[1].jpg (21788 bytes, created: 25/05/2006 21:33) --a------
75_1[1].jpg (30648 bytes, created: 14/11/2006 20:44) --a------
77_12[1].jpg (41331 bytes, created: 08/08/2006 23:07) --a------
882_0[1].jpg (43986 bytes, created: 25/05/2006 21:37) --a------
889_0[1].jpg (58856 bytes, created: 25/05/2006 21:41) --a------
88mph.gif (248449 bytes, created: 31/08/2006 23:33) --a------
8qm128.tmp.jpg (145146 bytes, created: 03/08/2007 00:52) --a------
a4w22.tmp.jpg (75675 bytes, created: 16/10/2007 01:34) --a------
adjust_turbo.pdf (1234687 bytes, created: 26/05/2006 14:50) --a------
aef6_27[1].jpg (77395 bytes, created: 16/10/2007 01:34) --a------
Aphotic.bmp (2359350 bytes, created: 11/06/2006 22:53) --a------
astra with t.jpg (206776 bytes, created: 02/11/2006 00:47) --a------
Autumnea.bmp (2359350 bytes, created: 11/06/2006 22:49) --a------
back.jpg (224201 bytes, created: 31/05/2006 00:29) --a------
bank.doc (29696 bytes, created: 20/07/2007 23:33) --a------
BBRPAGCAR90KQBCAVVAY50CA9HFDYQCAVPVAZXCAEDX2P7CARHB427CA710SVBCAO9WKGHCACL751NCA
5CCWI3CAA6E7UICAZF2GGUCA7OKLYOCAQW4AKPCACQQDG0CA6WHACRCAGOLF0ZCA58JBDWCA9CQEGP.jp
g (35840 bytes, created: 06/08/2007 19:12) --a------
be_1[1].jpg (30426 bytes, created: 14/11/2006 20:44) --a------
berlingo.jpg (238050 bytes, created: 13/08/2007 17:03) --a------
birk brow.jpg (57195 bytes, created: 26/09/2007 23:46) --a------
black gen2.jpg (1634129 bytes, created: 11/09/2006 17:50) --a------
black.jpg (609693 bytes, created: 04/01/2007 23:45) --a------
Blow_Off_Valve.mp3 (107041 bytes, created: 15/01/2007 20:22) --a------
bottom.gif (33087 bytes, created: 26/07/2006 00:10) --a------
bumper1top.jpg (242321 bytes, created: 23/08/2006 23:36) --a------
bumper2-scratch.jpg (205817 bytes, created: 23/08/2006 23:36) --a------
bvv8A.tmp.jpg (134845 bytes, created: 15/09/2007 18:33) --a------
c2.bmp (921654 bytes, created: 06/06/2007 01:09) --a------
camoberlingo.jpg (320324 bytes, created: 13/08/2007 17:18) --a------
camping.JPG (192121 bytes, created: 08/03/2007 00:26) --a------
cass.rtf (2529 bytes, created: 30/09/2006 12:07) --a------
charlie1(1).jpg (79635 bytes, created: 15/10/2007 18:31) --a------
charlie1.jpg (79635 bytes, created: 14/10/2007 10:57) --a------
chavin it.JPG (22327 bytes, created: 17/06/2006 00:11) --a------
chrome_black.jpg (610163 bytes, created: 04/01/2007 23:41) --a------
CHZJ1KCAE2AGRJCAHYDY32CAXRGR4GCAC3PIGYCA7DQI0LCAMSZJB9CAIFHTCGCADAT0K8CAE0LVKWCA
TOD8STCA0876NQCANV6AWRCA83SDWLCA1Z35A7CA8H8YJICAQ21IURCAXDTJDBCAYU10B8CA8NA4TD.jp
g (25600 bytes, created: 30/08/2007 00:33) --a------
CIMG1868.JPG (976855 bytes, created: 25/06/2006 11:53) --a------
CIMG1869.JPG (979908 bytes, created: 25/06/2006 11:53) --a------
CIMG1988.jpg (249975 bytes, created: 21/12/2006 18:57) --a------
civic3drs[1].gif (26694 bytes, created: 25/05/2006 21:37) --a------
civicback[1].jpg (21719 bytes, created: 25/05/2006 21:37) --a------
cli#35_stushine_double.jpg (403773 bytes, created: 04/08/2007 17:09) --a------
cli#35_stushine_logo_small.jpg (79891 bytes, created: 04/08/2007 17:05) --a------
C-Max (1).jpg (282059 bytes, created: 28/06/2007 11:30) --a------
confirm_asp.htm (6999 bytes, created: 24/10/2007 21:26) --a------
corsa_crew.rtf (4461 bytes, created: 31/05/2006 00:57) --a------
Craig+Stuarts-Car-Smaller.jpg (215301 bytes, created: 29/07/2007 23:52) --a------
craigphotoshop.jpg (483684 bytes, created: 03/12/2006 23:51) --a------
crx copy.jpg (195574 bytes, created: 07/08/2007 18:43) --a------
CrystalMobileProducer.exe (1169260 bytes, created: 04/10/2006 19:27) --a------
cupra 046.jpg (149776 bytes, created: 25/07/2006 18:26) --a------
CV.doc (42496 bytes, created: 23/11/2006 23:02) --a------
d1_ebisu_-(67).jpg (114708 bytes, created: 02/09/2006 20:01) --a------
Deep Purple - Guitar Solo (Steve Morse).mp3 (8355840 bytes, created: 20/07/2006 18:55) --a------
digi cam pics 029.jpg (226639 bytes, created: 10/05/2007 01:13) --a------
Dragonforce.mp3 (690690 bytes, created: 31/08/2006 23:29) --a------
drifting101tshirt_detail(1).jpg (15820 bytes, created: 30/12/2006 20:09) --a------
drifting101tshirt_detail.jpg (15820 bytes, created: 30/11/2006 01:15) --a------
DSC_0001(1).jpg (460787 bytes, created: 27/06/2007 10:46) --a------
DSC_0001(2).jpg (236248 bytes, created: 02/10/2007 23:50) --a------
DSC_0001.JPG (360192 bytes, created: 17/03/2007 17:12) --a------
DSC_0002(1).JPG (260813 bytes, created: 28/03/2007 19:39) --a------
DSC_0002(2).jpg (406289 bytes, created: 27/06/2007 10:48) --a------
DSC_0002.JPG (290576 bytes, created: 17/03/2007 17:08) --a------
DSC_0003(1).jpg (338378 bytes, created: 05/07/2007 20:21) --a------
DSC_0003.jpg (275605 bytes, created: 27/06/2007 10:49) --a------
DSC_0004.jpg (155900 bytes, created: 25/07/2007 16:19) --a------
DSC_0006.jpg (231324 bytes, created: 17/04/2007 23:24) --a------
DSC_0007.jpg (242285 bytes, created: 25/06/2007 17:17) --a------
DSC_0009-vi.jpg (348759 bytes, created: 20/09/2007 23:23) --a------
DSC_0012.jpg (447698 bytes, created: 23/05/2007 00:16) --a------
DSC_00120.jpg (191949 bytes, created: 11/03/2007 01:19) --a------
DSC_0016(1).jpg (357810 bytes, created: 13/09/2007 17:45) --a------
DSC_0016.jpg (432602 bytes, created: 23/05/2007 00:24) --a------
DSC_0020.jpg (355066 bytes, created: 11/03/2007 18:13) --a------
DSC_0022.jpg (159119 bytes, created: 17/04/2007 23:26) --a------
DSC_0035.jpg (251057 bytes, created: 15/08/2007 13:31) --a------
DSC_0036.jpg (326791 bytes, created: 13/08/2007 17:47) --a------
DSC_0099.jpg (184384 bytes, created: 31/05/2007 16:29) --a------
DSC_0103.jpg (432592 bytes, created: 19/06/2007 16:30) --a------
DSC_1 (1).jpg (207348 bytes, created: 31/05/2007 16:28) --a------
DSC_BEEDY.jpg (259578 bytes, created: 17/08/2007 23:25) --a------
DSC_bike.jpg (605662 bytes, created: 01/09/2007 14:45) --a------
DSC_WAX.jpg (164378 bytes, created: 13/08/2007 15:31) --a------
DSC00003.JPG (142941 bytes, created: 21/10/2007 23:13) --a------
DSC00005.JPG (151084 bytes, created: 15/05/2006 20:03) --a------
DSC00011(1).JPG (908818 bytes, created: 15/09/2007 23:52) --a------
DSC00011.JPG (159528 bytes, created: 10/07/2006 00:55) --a------
DSC00013.JPG (821161 bytes, created: 15/09/2007 23:52) --a------
DSC00015.JPG (263394 bytes, created: 16/05/2007 22:52) --a------
DSC00016.JPG (136379 bytes, created: 15/05/2006 20:04) --a------
DSC00019.JPG (767257 bytes, created: 05/08/2006 11:22) --a------
DSC00021.JPG (809554 bytes, created: 05/08/2006 11:23) --a------
DSC00022.JPG (142460 bytes, created: 10/07/2006 00:53) --a------
DSC00036.JPG (249120 bytes, created: 16/05/2007 22:52) --a------
DSC00038.JPG (192776 bytes, created: 28/11/2006 00:16) --a------
DSC00048.JPG (190559 bytes, created: 29/11/2006 01:35) --a------
DSC00049.JPG (184566 bytes, created: 29/11/2006 01:35) --a------
DSC00050.JPG (167380 bytes, created: 29/11/2006 01:33) --a------
DSC00063.JPG (158095 bytes, created: 03/11/2006 19:39) --a------
DSC00064.JPG (142384 bytes, created: 03/11/2006 19:39) --a------
DSC00068.JPG (864214 bytes, created: 20/08/2006 16:09) --a------
DSC00069.JPG (869165 bytes, created: 20/08/2006 16:09) --a------
DSC00070.JPG (793408 bytes, created: 20/08/2006 16:09) --a------
DSC00071.JPG (722018 bytes, created: 20/08/2006 16:09) --a------
DSC00098.JPG (448473 bytes, created: 21/10/2007 23:13) --a------
DSC00108.JPG (326627 bytes, created: 31/08/2007 01:25) --a------
DSC00111.jpg (35075 bytes, created: 19/11/2006 17:57) --a------
DSC00124.jpg (50631 bytes, created: 26/07/2006 00:23) --a------
DSC00134.JPG (237876 bytes, created: 27/10/2006 15:00) --a------
DSC00146(1).JPG (395835 bytes, created: 18/09/2007 23:55) --a------
DSC00146.JPG (50120 bytes, created: 29/05/2006 15:26) --a------
DSC00152.JPG (146187 bytes, created: 12/08/2007 23:43) --a------
DSC00155.JPG (366737 bytes, created: 18/09/2007 23:55) --a------
DSC00158.JPG (346964 bytes, created: 18/09/2007 23:55) --a------
DSC00162.JPG (839419 bytes, created: 27/09/2007 00:40) --a------
DSC00166.JPG (348794 bytes, created: 19/12/2006 21:37) --a------
DSC00169.jpg (484096 bytes, created: 15/08/2007 13:27) --a------
DSC00171.JPG (299346 bytes, created: 15/10/2007 23:06) --a------
DSC00178.JPG (343259 bytes, created: 28/07/2006 22:27) --a------
DSC00179.JPG (457568 bytes, created: 28/07/2006 22:16) --a------
DSC00180.JPG (504878 bytes, created: 28/07/2006 22:14) --a------
DSC00206.JPG (146890 bytes, created: 26/06/2006 23:23) --a------
DSC00207.JPG (374393 bytes, created: 03/09/2007 18:20) --a------
DSC00210.JPG (119957 bytes, created: 21/10/2007 23:15) --a------
DSC00224-vi.jpg (97791 bytes, created: 09/08/2006 11:49) --a------
DSC00227.JPG (540433 bytes, created: 08/03/2007 21:29) --a------
DSC00229.JPG (554410 bytes, created: 08/03/2007 21:29) --a------
DSC00242.JPG (442395 bytes, created: 12/08/2007 23:45) --a------
DSC00245.JPG (383545 bytes, created: 12/08/2007 23:42) --a------
DSC00292.JPG (212185 bytes, created: 26/06/2006 23:25) --a------
DSC00297.JPG (402671 bytes, created: 01/07/2007 12:31) --a------
DSC00298(1).JPG (401512 bytes, created: 01/07/2007 12:33) --a------
DSC00298.JPG (353777 bytes, created: 27/10/2006 15:00) --a------
DSC00315.JPG (318201 bytes, created: 04/11/2006 16:31) --a------
DSC00328.JPG (358565 bytes, created: 28/11/2006 00:15) --a------
DSC00331.JPG (285261 bytes, created: 28/11/2006 00:19) --a------
DSC00332.JPG (300132 bytes, created: 28/11/2006 00:14) --a------
DSC00336.JPG (316377 bytes, created: 28/11/2006 00:14) --a------
DSC00360.jpg (399056 bytes, created: 03/12/2006 18:42) --a------
DSC00398.JPG (830313 bytes, created: 12/08/2007 23:44) --a------
DSC00434.JPG (405982 bytes, created: 20/01/2007 14:27) --a------
DSC00437.JPG (408525 bytes, created: 18/10/2007 18:06) --a------
DSC00438.JPG (463692 bytes, created: 18/10/2007 18:07) --a------
DSC00446.JPG (361806 bytes, created: 28/01/2007 13:58) --a------
DSC00451.JPG (321653 bytes, created: 28/01/2007 14:00) --a------
DSC00454.JPG (310492 bytes, created: 28/01/2007 13:56) --a------
DSC00469.jpg (467778 bytes, created: 14/05/2006 23:39) --a------
DSC00474.jpg (454868 bytes, created: 14/05/2006 23:39) --a------
DSC00557.JPG (304664 bytes, created: 27/06/2006 23:16) --a------
DSC00558.JPG (442429 bytes, created: 27/06/2006 23:16) --a------
DSC00566_edited-smaller.jpg (135112 bytes, created: 06/07/2006 12:07) --a------
DSC00577.JPG (455025 bytes, created: 11/07/2006 23:06) --a------
DSC00698.JPG (469946 bytes, created: 31/10/2006 00:11) --a------
DSC00938.jpg (578203 bytes, created: 12/11/2006 01:58) --a------
DSC00949.JPG (544271 bytes, created: 15/08/2007 13:22) --a------
DSC00974.jpg (386257 bytes, created: 15/08/2007 13:20) --a------
DSC00976.jpg (322970 bytes, created: 15/08/2007 13:18) --a------
DSC01067.jpg (555421 bytes, created: 12/11/2006 01:56) --a------
DSC01119.JPG (585502 bytes, created: 12/11/2006 01:52) --a------
DSC01201.jpg (65467 bytes, created: 30/11/2006 19:22) --a------
DSC01252.jpg (551137 bytes, created: 12/11/2006 02:02) --a------
DSC01409.jpg (388376 bytes, created: 21/01/2007 23:58) --a------
DSC01623.jpg (366336 bytes, created: 15/08/2007 13:25) --a------
DSC01648.JPG (1067085 bytes, created: 30/11/2006 13:48) --a------
DSC01682.JPG (332816 bytes, created: 15/08/2007 13:24) --a------
DSC02234.jpg (361018 bytes, created: 08/07/2006 23:21) --a------
DSC02235.jpg (355890 bytes, created: 08/07/2006 23:21) --a------
DSC02237.jpg (312766 bytes, created: 08/07/2006 23:22) --a------
DSC02242.jpg (332013 bytes, created: 08/07/2006 23:21) --a------
DSC02243.jpg (318739 bytes, created: 08/07/2006 23:22) --a------
DSC02244.jpg (299582 bytes, created: 08/07/2006 23:22) --a------
DSC02245.jpg (315317 bytes, created: 08/07/2006 23:20) --a------
DSC02247.jpg (323749 bytes, created: 08/07/2006 23:17) --a------
DSC02272a.jpg (501308 bytes, created: 07/01/2007 14:35) --a------
DSC02272b.jpg (493112 bytes, created: 07/01/2007 14:35) --a------
DSC02282.jpg (545317 bytes, created: 24/07/2006 22:30) --a------
DSC02293.JPG (2067458 bytes, created: 03/08/2006 22:51) --a------
DSC02295.JPG (1947875 bytes, created: 03/08/2006 22:51) --a------
DSC02325.JPG (1737143 bytes, created: 07/08/2006 12:12) --a------
DSC02326.JPG (2450938 bytes, created: 07/08/2006 12:12) --a------
DSC02444b.jpg (42961 bytes, created: 02/10/2007 23:36) --a------
DSC02784.jpg (467302 bytes, created: 29/10/2006 23:33) --a------
DSC02786.jpg (516060 bytes, created: 29/10/2006 23:32) --a------
DSC02787.jpg (485211 bytes, created: 29/10/2006 23:33) --a------
DSC02788.jpg (487298 bytes, created: 29/10/2006 23:33) --a------
DSC02838-vi[1].jpg (601913 bytes, created: 08/12/2006 20:21) --a------
DSC02878.jpg (383320 bytes, created: 27/12/2006 01:10) --a------
DSC02878Start.jpg (487023 bytes, created: 27/12/2006 01:10) --a------
DSC02928.jpg (543611 bytes, created: 15/08/2007 13:29) --a------
DSC02942.JPG (367300 bytes, created: 04/12/2006 17:42) --a------
DSC02950.jpg (318154 bytes, created: 27/12/2006 13:44) --a------
DSC02954.jpg (384300 bytes, created: 27/12/2006 13:38) --a------
DSC02957.jpg (365701 bytes, created: 28/12/2006 18:47) --a------
DSC02985.jpg (351796 bytes, created: 03/01/2007 16:48) --a------
DSC02988.JPG (370875 bytes, created: 05/01/2007 16:00) --a------
DSC03061.JPG (345080 bytes, created: 16/01/2007 18:52) --a------
DSC03072.JPG (448883 bytes, created: 26/01/2007 16:08) --a------
DSC03118.JPG (266728 bytes, created: 08/02/2007 16:25) --a------
DSC03119.JPG (298370 bytes, created: 08/02/2007 16:24) --a------
DSC03123.jpg (403843 bytes, created: 20/03/2007 00:00) --a------
DSC03125.JPG (448809 bytes, created: 09/02/2007 17:09) --a------
DSC03154.jpg (442574 bytes, created: 11/02/2007 17:19) --a------
DSC03231(1).JPG (206273 bytes, created: 22/02/2007 17:20) --a------