Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Browser closing with no reason


  • Please log in to reply

#1
collateral

collateral

    Member

  • Member
  • PipPip
  • 13 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:50 PM, on 4/18/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\GamingSquared\Gaming2\G2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\HP\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT1098640
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (Gaming)2 - {971F630E-AD68-4d6e-B0C3-1C627AAC80F1} - C:\Program Files\GamingSquared\Gaming2\G2IE_v1042.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [G2] "C:\Program Files\GamingSquared\Gaming2\G2.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Zumie Search Service - Zumie.com - C:\Program Files\Zumie\zumie.exe

--
End of file - 9968 bytes

Edited by collateral, 18 April 2008 - 09:26 PM.

  • 0

Advertisements


#2
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Welcome to the site

I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

I want you to show hidden files. There are instructions HERE to help you do this.
You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time.
Please dont use any of the tools without specific instructions. Some of them are dangerous (and could leave your computer in worse condition that it is when infected) if used incorrectly.
These instuctions should be read first, then followed. If you do not understand something, don't be afraid to ask, or see if I'm on chat. :)
  • 0

#3
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Hi,
1.
Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below:

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT1098640
O2 - BHO: (Gaming)2 - {971F630E-AD68-4d6e-B0C3-1C627AAC80F1} - C:\Program Files\GamingSquared\Gaming2\G2IE_v1042.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll



2.
Download this file to your desktop and double click to run it:
http://www.pc-offens...leteservice.bat


3.
Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    C:\Program Files\free-downloads.net
    C:\Program Files\Zumie
    C:\Users\HP\Desktop\deleteservice.bat
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Reply with the OT Move It log and a freshly scanned Hijack This log.

Edited by sarahw, 18 April 2008 - 10:03 PM.

  • 0

#4
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
C:\Program Files\free-downloads.net moved successfully.
File/Folder C:\Program Files\Zumie moved successfully.
C:\Users\HP\Desktop\deleteservice.bat moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04182008_235308

Edited by collateral, 18 April 2008 - 10:10 PM.

  • 0

#5
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:11:52 AM, on 4/19/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\GamingSquared\Gaming2\G2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\HP\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [G2] "C:\Program Files\GamingSquared\Gaming2\G2.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Zumie Search Service - Unknown owner - C:\Program Files\Zumie\zumie.exe (file missing)

--
End of file - 9295 bytes
  • 0

#6
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
1.
First download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.


2.
Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
Do not Run it yet, we will use it later. Save it somewhere you will remember, like your desktop.


3.
Reboot into Safe Mode by continuously tapping the F8 key as soon as the computer begins to boot. A menu should come up where you will be given the option to enter Safe Mode.


4.
Please open ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.


5.
  • IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.

6.
Click HERE and run an online scan with Kaspersky WebScanner
  • Click on Kaspersky Online Scanner
  • You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
  • Scan Options:
    Scan Archives
    Scan Mail Bases
[*]Click OK
[*]Now under select a target to scan:Select My Computer
[*]This will program will start and scan your system.
[*]The scan will take a while so be patient and let it run.
[*]Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button:
[*]Save the file to your desktop.
[*]Copy and paste that information into your next post.
[/list]
  • 0

#7
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
logger.banker done high
trackingcookie.doubleclick done medium
trackingcookie.skype done medium
trackingcookie.tacoda done medium
Not-A-Virus.adware.onestep done low
  • 0

#8
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
KASPERSKY ONLINE SCANNER REPORT
Saturday, April 19, 2008 1:52:47 PM
Operating System: Microsoft Windows Vista Home Edition, Service Pack 1 (Build 6001)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 19/04/2008
Kaspersky Anti-Virus database records: 715414
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Scan Statistics
Total number of scanned objects 149966
Number of viruses found 3
Number of infected objects 7
Number of suspicious objects 0
Duration of the scan process 01:53:51

Infected Object Name Virus Name Last Action
C:\Boot\BCD Object is locked skipped
C:\Boot\BCD.LOG Object is locked skipped
C:\Downloads\AC-DC Discography\1975 - '74 Jailbreak\03 - Show Business.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1975 - '74 Jailbreak\04 - Soul Stripper.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1975 - '74 Jailbreak\05 - Baby, Please Don't Go.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1976 - High Voltage\01 - It's A Long Way To The Top (If You Wanna Rock 'N' Roll).mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1976 - High Voltage\07 - Little Lover.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1978 - Powerage\07 - Gone Shootin'.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1980 - Back In Black\06 - Back In Black.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1982 - For Those About To Rock (We Salute You)\09 - Night Of The Long Knives.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1983 - Flick Of The Switch\07 - Deep In The Hole.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1985 - Fly On The Wall\01 - Fly On The Wall.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1986 - Who Made Who\02 - You Shook Me All Night Long.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1986 - Who Made Who\06 - Hells Bells.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1986 - Who Made Who\07 - Shake Your Foundations.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1990 - The Razors Edge\12 - If You Dare.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1991 - Live at Donington\01 Thunderstruck.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1991 - Live at Donington\10 Moneytalks.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1991 - Live at Donington\17 Highway To [bleep].mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1992 - Live 2 Disc Collectors Edition\Disc 1\02 - Shoot To Thrill.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1992 - Live 2 Disc Collectors Edition\Disc 1\05 - Who Made Who.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1992 - Live 2 Disc Collectors Edition\Disc 1\11 - Dirty Deeds Done Dirt Cheap.mp3.bc! Object is locked skipped
C:\Downloads\AC-DC Discography\1992 - Live 2 Disc Collectors Edition\Disc 2\04 - High Voltage.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1975 - T.N.T\AC-DC - It's A Long Way To The Top (If You Wanna Rock 'n' Roll).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1975 - T.N.T\AC-DC - The Jack(#01).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1976 - Dirty Deeds Done Dirt Cheap\AC-DC - Ain't No Fun (Waiting Round To Be A Millionaire ).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1976 - Dirty Deeds Done Dirt Cheap\AC-DC - Problem Child(#01).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1976 - Dirty Deeds Done Dirt Cheap (Australian)\AC-DC - Problem Child(#01).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1976 - Dirty Deeds Done Dirt Cheap (Australian)\AC-DC - Ride On.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1976 - Dirty Deeds Done Dirt Cheap (Australian)\AC-DC - Squealer.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1976 - High Voltage\AC-DC - Little Lover.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1977 - Live At The Old Waldorf In San Francisco (Bootleg)\AC_DC - Live At The Old Waldorf In San Fran 4-3-77 - 04 - She's Got The Jack.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1978 - If You Want Blood You've Got It\AC-DC - [bleep] Ain't A Bad Place To Be(#01).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1978 - If You Want Blood You've Got It\AC-DC - Whole Lotta Rosie(#01).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1979 - Highway To [bleep]\AC-DC - Highway To [bleep](#01).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1980 - Back In Black\AC-DC - Have A Drink On Me.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1980 - Back In Black\AC-DC - Let Me Put My Love Into You.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1980 - Back In Black\AC-DC - Shoot To Thrill.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1980 - Back In Black\AC-DC - You Shook Me All Night Long.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1981 - For Those About To Rock\AC-DC - Evil Walks.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1981 - For Those About To Rock\AC-DC - For Those About To Rock (We Salute You).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1983 - Flick Of The Switch\AC-DC - This House Is On Fire.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1986 - Who Made Who\AC-DC - Acdc - For Those About to Rock (we Salute You).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1990 - The Razors Edge\AC-DC - Let's Make It.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1991 - Live In Switzerland (Bootleg 2 Cd)\1991-08-25 Live In Switzerland CD1 (Bootleg)\AC_DC - 1991-08-25 Live In Switzerland CD1 - 03 - Back In Black.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1991 - Live In Switzerland (Bootleg 2 Cd)\1991-08-25 Live In Switzerland CD1 (Bootleg)\AC_DC - 1991-08-25 Live In Switzerland CD1 - 04 - [bleep] Ain't A Bad Place To Be.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1991 - Live In Switzerland (Bootleg 2 Cd)\1991-08-25 Live In Switzerland CD1 (Bootleg)\AC_DC - 1991-08-25 Live In Switzerland CD1 - 07 - The Jack.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1991 - Live In Switzerland (Bootleg 2 Cd)\1991-08-25 Live In Switzerland CD1 (Bootleg)\AC_DC - 1991-08-25 Live In Switzerland CD1 - 09 - Hells Bells.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1992 - Live (2 Cd Collectors Edition)\Cd 2\AC-DC - High Voltage(#01).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1992 - Live (2 Cd Collectors Edition)\Cd 2\AC-DC - Highway To [bleep](#02).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1995 - Ballbreaker\AC-DC - Ballbreaker.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1995 - Ballbreaker\AC-DC - Boogie Man.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1997 - Bonfire (5 Cd Bon Scott Tribute)\Live From The Atlantic Studios\AC-DC - Dog Eat Dog.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\1997 - Bonfire (5 Cd Bon Scott Tribute)\Volts\AC-DC - Touch Too Much.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\2000 - Stiff Upper Lip\08 - Satellite Blues.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\2000 - Stiff Upper Lip\09 - Damned.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\2000 - Stiff Upper Lip\12 - Give It Up.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\2001 - Stiff Upper Lip Tour Edition\Cd 2 - Tour Edition Bonus CD\02 - ACDC - Back In Black (Live).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\2001 - Stiff Upper Lip Tour Edition\Cd 2 - Tour Edition Bonus CD\03 - ACDC - Hard As A Rock (Live).mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\2003 - Live At The Roseland Ballroom (Bootleg)\AC_DC - Live At The Roseland Ballroom 3-11-03 - 14 - Shoot To Thrill.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Dirty Eyes [Outtake 1977].mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Guns For Hire [Live].mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Rare Trax\ac-dc - rare trax - 09 - Johnny B Goode.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Rare Trax\ac-dc - rare trax - 15 - Down on the borderline.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Rare Trax\ac-dc - rare trax - 17 - Boom boom boom - Dimples - unplugged.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Rare Trax\ac-dc - rare trax - 25 - Big gun.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Shot In The Head Angus And Malcom With Marcus Hook Band.mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\Sin City [Live].mp3.bc! Object is locked skipped
C:\Downloads\ACDC Discography.www.lokotorrents.com\Rare\T.N.T. Recorded Live With Dave Evans.mp3.bc! Object is locked skipped
C:\Downloads\Barbie.Mermaidia.DVD5\DVD\VIDEO_TS\VTS_01_0.VOB.bc! Object is locked skipped
C:\Downloads\Barbie.Mermaidia.DVD5\DVD\VIDEO_TS\VTS_02_0.VOB.bc! Object is locked skipped
C:\Downloads\Barbie.Mermaidia.DVD5\DVD\VIDEO_TS\VTS_04_1.VOB.bc! Object is locked skipped
C:\Downloads\Barbie.Mermaidia.DVD5\DVD\VIDEO_TS\VTS_04_2.VOB.bc! Object is locked skipped
C:\Downloads\Barbie.Mermaidia.DVD5\DVD\VIDEO_TS\VTS_04_3.VOB.bc! Object is locked skipped
C:\Downloads\Barbie.Mermaidia.DVD5\DVD\VIDEO_TS\VTS_04_4.VOB.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Behind The Front\03 - Joints & Jam.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Bridging The Gap\03 - Get Original Fea. Chau2na.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Bridging The Gap\06 - Lil' Lil'.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Bridging The Gap\08 - Release.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Bridging The Gap\09 - Bridging The Gaps.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Bridging The Gap\10 - Go Go.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Bridging The Gap\13 - Tell Your Mama Come.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Bridging The Gap\14 - Request Line Fea. Macy Grey.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Elephunk\07 - Latin Girls.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Elephunk\08 - Sexy.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Elephunk\12 - Anxiety.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Elephunk\13 - Where Is The Love.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Elephunk\15 - The Elephunk Theme.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\04-don't_lie.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\06-like_that.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\07-dum_diddly.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\08-feel_it.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\09-gone_going_(feat_jack_johnson).mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\10-they_don't_want_music.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\13-ba_bump.mp3.bc! Object is locked skipped
C:\Downloads\Black Eyed Peas\Monkey Business\14-audio_delite_at_low_fidelity.mp3.bc! Object is locked skipped
C:\Downloads\Greatest Hits\06 Any Way You Want It.wma.bc! Object is locked skipped
C:\Downloads\Harry Potter\Harry Potter And The Chamber Of Secrets.avi.bc! Object is locked skipped
C:\Downloads\Harry Potter\Harry Potter and The Goblet Of Fire.avi.bc! Object is locked skipped
C:\Downloads\Harry Potter\Harry Potter And The Order Of The Phoenix.avi.bc! Object is locked skipped
C:\Downloads\Harry Potter\Harry Potter And The Philosopher's Stone.avi.bc! Object is locked skipped
C:\Downloads\Harry Potter\harry potter and the prisoner of azkaban.avi.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_01_1.VOB.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_01_2.VOB.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_01_3.VOB.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_01_4.VOB.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_01_5.VOB.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_01_6.VOB.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_03_0.VOB.bc! Object is locked skipped
C:\Downloads\House M.D. Season3 Disc1 www.dvdquorum.es\VIDEO_TS\VTS_03_1.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc2 www.dvdquorum.es\VIDEO_TS\VIDEO_TS.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc2 www.dvdquorum.es\VIDEO_TS\VTS_01_0.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc2 www.dvdquorum.es\VIDEO_TS\VTS_01_1.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc2 www.dvdquorum.es\VIDEO_TS\VTS_01_3.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc2 www.dvdquorum.es\VIDEO_TS\VTS_01_4.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc2 www.dvdquorum.es\VIDEO_TS\VTS_01_6.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VIDEO_TS.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_0.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_1.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_2.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_3.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_4.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_5.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_6.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc3 www.dvdquorum.es\VIDEO_TS\VTS_01_7.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VIDEO_TS.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_0.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_1.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_2.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_3.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_4.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_5.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_6.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc4 www.dvdquorum.es\VIDEO_TS\VTS_01_7.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VIDEO_TS.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_0.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_1.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_2.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_3.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_4.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_5.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_6.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_01_7.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc5 www.dvdquorum.es\VIDEO_TS\VTS_02_1.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\Caratulas\caratula1-2.jpg.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\Caratulas\caratula3-4.jpg.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\Caratulas\caratula5-6.jpg.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\VIDEO_TS\VTS_01_0.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\VIDEO_TS\VTS_01_1.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\VIDEO_TS\VTS_01_2.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\VIDEO_TS\VTS_01_4.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\VIDEO_TS\VTS_01_5.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\VIDEO_TS\VTS_01_6.VOB.bc! Object is locked skipped
C:\Downloads\House MD Season3 Disc6 www.dvdquorum.es\VIDEO_TS\VTS_03_2.VOB.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Bass-Ment Cuts\02 Set It Off.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Bass-Ment Cuts\05 Insian Like.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Bass-Ment Cuts\06 Play That Hoe.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Bizaar\Insane Clown Posse - Bizaar Question - 12 - The Pendulum's P.mp3.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Bizzar\Insane Clown Posse - Bizzar - 12 - Crystal Ball.mp3.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Carnival of Carnage\07 Guts on the Ceiling.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 1-2 Disc 1\08 Southwest Strangla.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 1-2 Disc 2\06 Mr. Rotten Treats.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 1-2 Disc 2\07 Piggy Pie (Old School).wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 1-2 Disc 2\08 I'm Not Alone.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 1-2 Disc 2\10 Halloween on Military Street.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 1\04 If I Was a King.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 1\05 Dear Icp.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 1\09 Staaaaaaaaale!!!.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 1\14 Nobody Move.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 1\17 Swallow This Nut.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\02 Dead Pumpkins.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\03 Mr. Rotten Treats.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\04 Holloween on Military Street.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\05 Mr. Johnson's Head [Remix].wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\06 Pumpkin Cover.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\07 Sleep Walkers.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\09 Every Halloween.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\10 Silence of the Hams.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Forgotten Freshness, Vol. 4 Disc 2\11 Thug Pit.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Hells Pit\17-insane_clown_posse_-_real_underground_baby-RiAA.mp3.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\Samplers\wraithsampler.zip.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\The Calm\01 Intro.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\The Calm\02 Rollin' Over.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\The Calm\06 We'll Be Alright.wma.bc! Object is locked skipped
C:\Downloads\Insane Clown Posse\The Calm\08 Off the Track.wma.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1978) Infinity\04 - La Do Da.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1978) Infinity\08 - Winds Of March.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1979) Evolution\03 - Lovin', Touchin', Squeezin'.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1980) Departure\04 - People And Places.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1980) Departure\05 - Precious Time.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1980) Dream After Dream\01 - Destiny.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1980) Dream After Dream\05 - Moon Theme.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Captured\02 - Where Were You (Live).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Captured\08 - Dixie Highway (Live).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Captured\09 - Feeling That Way (Live).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Captured\15 - Wheel In The Sky (Live).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Captured\16 - Any Way You Want It (Live).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Escape\04 - Keep On Runnin'.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Escape\07 - Lay It Down.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Escape\09 - Mother, Father.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1981) Escape\12 - Don't Stop Believin' [Live Version].mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1983) Frontiers\01 - Separate Ways (Worlds Apart).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1983) Frontiers\06 - Edge of the Blade.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1986) Raised On Radio\06 - Happy To Give.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1988) Greatest Hits\06 - Any Way You Want It.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1988) Greatest Hits\07 - Ask The Lonely.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1988) Greatest Hits\12 - Open Arms.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1988) Greatest Hits\13 - Girl Can't Help It.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1988) Greatest Hits\15 - Be Good To Yourself.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1991) The Ballade\07 - Who's Crying Now.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1992) Time³\Cd2\06 - Stay Awhile.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1992) Time³\Cd3\04 - Separate Ways (Worlds Apart).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1992) Time³\Cd3\16 - With A Tear.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1996) Trial By Fire\04 - If He Should Break Your Heart.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(1996) Trial By Fire\06 - Castles Burning.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(2001) Arrival\01 - Higher Place.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(2001) Arrival\06 - Livin' To Do.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(2001) Arrival\09 - Lifetime Of Dreams.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(2001) Arrival\13 - We Will Meet Again.mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(2005) Generations\05 - Butterfly (She Flies Alone).mp3.bc! Object is locked skipped
C:\Downloads\Journey Discography\(2006) Live Houston 1981 Escape Tour\18 - Anyway You Want It.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\01. Teach Me To Whisper.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\02. Serenity.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\03. Touching Calm.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\04. Awakening.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\05. Reflection.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\06. I Am Willing.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\07. Take Me Tenderly.mp3.bc! Object is locked skipped
C:\Downloads\Liquid Mind - Relax (mp3)\08. Lullaby for Grownups.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 13] The Day The World Went Away\02 - The Day The World Went Away (Quiet Version).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 13] The Day The World Went Away\03 - The Day The World Went Away (Porter Ricks Mix).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 14] The Fragile\104 - The Wretched.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 14] The Fragile\105 - We're In This Together.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 14] The Fragile\108 - Even Deeper.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 14] The Fragile\110 - No, You Don't.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 14] The Fragile\111 - La Mer.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 15] We're In This Together\302 - Complications Of The Flesh.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 16] Things Falling Apart\03 - The Wretched (Keith Hillebrand).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 17a] And All That Could Have Been\11 - Wish (AATCB).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 17b] Still\03 - The Fragile (Still).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 17b] Still\09 - Leaving Hope.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 18] The Hand That Feeds\03 - The Hand That Feeds (Photek Dub).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 22] Beside You In Time\15. Nine Inch Nails - Only (Live North American Winter Tour 2006).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 22] Beside You In Time\21. Nine Inch Nails - Closer (Live North American Summer Tour 2006).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 22] Beside You In Time\22. Nine Inch Nails - Help Me I Am In [bleep] (Live North American Summer Tour 2006).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 23] Survivalism\01-nine_inch_nails-survivalism_(album_version).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 23] Survivalism\02-nine_inch_nails-survivalism_(tardusted_remix).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 23] Survivalism\03-nine_inch_nails-the_greater_good_(instrumental_version).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 24] Year Zero\09 - Nine Inch Nails - The Warning.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 24] Year Zero\15 - Nine Inch Nails - In This Twilight.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 25] Year Zero Remixed\02-nine_inch_nails-the_great_destroyer_(modwheelmood).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 25] Year Zero Remixed\04-nine_inch_nails-the_beginning_of_the_end_(ladytron).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 25] Year Zero Remixed\05-nine_inch_nails-survivalism_(saul_williams).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 25] Year Zero Remixed\06-nine_inch_nails-capital_g_(epworth_phones).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 25] Year Zero Remixed\07-nine_inch_nails-vessel_(bill_laswell).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 25] Year Zero Remixed\11-nine_inch_nails-me_im_not_(olof_dreijer).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 25] Year Zero Remixed\14-nine_inch_nails-zero-sum_(stephen_morris_and_gillian_gilbert).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 2] Pretty Hate Machine\Ringfinger.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 2] Pretty Hate Machine\Sanctified.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 5] Broken\02 - Wish.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 5] Broken\03 - Last.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 6] Fixed\01 - Gave Up (Coil).mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 6] Fixed\04 - Throw This Away.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 8] The Downward Spiral\07 - The Becoming.mp3.bc! Object is locked skipped
C:\Downloads\nin\[Halo 8] The Downward Spiral\12 - Reptile.mp3.bc! Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20080419-035942.log Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\001.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\002.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\003.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\004.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\005.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\006.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\007.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\008.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\009.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\010.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\011.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\012.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\013.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\014.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\015.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\016.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\017.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\018.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\019.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\020.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\021.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\022.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\023.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\024.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\025.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\026.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\027.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\028.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\029.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\030.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\031.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\032.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\033.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\034.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\035.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\036.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\037.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\038.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\039.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\040.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\041.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\042.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\043.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\044.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\045.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\046.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\047.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\048.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\049.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\050.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\051.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\052.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\053.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\054.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\055.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\056.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\057.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\058.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\059.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\060.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\061.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\062.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\063.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\064.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\065.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\066.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\067.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\068.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\069.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\070.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\071.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\072.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\073.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\074.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\075.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\076.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\077.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\078.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\079.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\080.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\081.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\082.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\083.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\084.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\085.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\086.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\087.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\088.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\089.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\090.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\091.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\092.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\093.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\094.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\095.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\096.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\097.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\098.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\099.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\100.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\101.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\102.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\103.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\104.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\105.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\106.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\107.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\1072.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\108.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\109.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\110.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\111.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\112.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\113.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\114.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\115.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\116.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\117.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\118.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\1189.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\119.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\120.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\121.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\122.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\123.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\124.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\125.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\126.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\127.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\128.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\129.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\130.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\131.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\132.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\133.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\134.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\135.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\136.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\137.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\138.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\139.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\140.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\141.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\142.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\143.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\144.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\145.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\146.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\147.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\148.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\149.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\150.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\151.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\152.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\153.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\154.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\155.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\156.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\157.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\158.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\159.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\160.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\161.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\162.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\163.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\164.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\165.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\166.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\167.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\168.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\169.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\170.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\171.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\172.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\173.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\174.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\175.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\176.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\177.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\178.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\179.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\180.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\181.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\182.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\183.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\184.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\185.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\186.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\187.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\345.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\467.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\691.part Object is locked skipped
C:\Program Files\BitComet\plugin_emule\Temp\826.part Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped
C:\Program Files\Freeze.com Toolbar\freeze_us.dll Infected: not-a-virus:AdWare.Win32.Mostofate.dp skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.15.Crwl Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.15.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Win
  • 0

#9
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
The log seems to have been cut of after:
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped
Could you post the rest of that log in a reply please.
  • 0

#10
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.ci Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wsb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy45.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfE732.tmp Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfE733.tmp Object is locked skipped
C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log Object is locked skipped
C:\ProgramData\muvee Technologies\030625\0103\0399\ProductKey.val Object is locked skipped
C:\ProgramData\muvee Technologies\030625\0103\0399\template.mmdf Object is locked skipped
C:\ProgramData\Symantec\Common Client\settings.dat Object is locked skipped
C:\ProgramData\Symantec\LiveUpdate\2008-04-19_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\ProgramData\Symantec\SubEng\submissions.idx Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDALRT.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDCON.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDDBG.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDFW.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDIDS.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDSYS.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008041920080420\index.dat Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\UsrClass.dat{6eb53e56-0363-11dd-95f0-001bfc69d74c}.TM.blf Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\UsrClass.dat{6eb53e56-0363-11dd-95f0-001bfc69d74c}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows\UsrClass.dat{6eb53e56-0363-11dd-95f0-001bfc69d74c}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\HP\AppData\Local\Microsoft\Windows Defender\FileTracker\{2299F4BD-9F3E-4A37-A8D1-3D25D773A785} Object is locked skipped
C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\cbu9jbvk.default\Cache\_CACHE_001_ Object is locked skipped
C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\cbu9jbvk.default\Cache\_CACHE_002_ Object is locked skipped
C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\cbu9jbvk.default\Cache\_CACHE_003_ Object is locked skipped
C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\cbu9jbvk.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Users\HP\AppData\Local\Temp\hsperfdata_HP\5008 Object is locked skipped
C:\Users\HP\AppData\Local\Temp\logger.log Object is locked skipped
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbu9jbvk.default\cert8.db Object is locked skipped
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbu9jbvk.default\formhistory.dat Object is locked skipped
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbu9jbvk.default\history.dat Object is locked skipped
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbu9jbvk.default\key3.db Object is locked skipped
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbu9jbvk.default\parent.lock Object is locked skipped
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbu9jbvk.default\search.sqlite Object is locked skipped
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbu9jbvk.default\urlclassifier2.sqlite Object is locked skipped
C:\Users\HP\AppData\Roaming\Snapfish\Client\Log\detector.log Object is locked skipped
C:\Users\HP\Desktop\New Folder\Download_mbam-setup(2).exe Infected: not-a-virus:Downloader.Win32.WinFixer.fs skipped
C:\Users\HP\Desktop\New Folder\Download_mbam-setup.exe Infected: not-a-virus:Downloader.Win32.WinFixer.fs skipped
C:\Users\HP\NTUSER.DAT Object is locked skipped
C:\Users\HP\ntuser.dat.LOG1 Object is locked skipped
C:\Users\HP\ntuser.dat.LOG2 Object is locked skipped
C:\Users\HP\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Users\HP\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\HP\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Debug\WIA\wiatrace.log Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\WINDOWS\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\WINDOWS\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped
C:\WINDOWS\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped
C:\WINDOWS\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped
C:\WINDOWS\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\WINDOWS\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\WINDOWS\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{DC949CAA-0AD0-457B-A092-10E061CAC759}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\WINDOWS\System32\catroot2\edb.log Object is locked skipped
C:\WINDOWS\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\WINDOWS\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\WINDOWS\System32\config\COMPONENTS Object is locked skipped
C:\WINDOWS\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\WINDOWS\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\WINDOWS\System32\config\DEFAULT Object is locked skipped
C:\WINDOWS\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\WINDOWS\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\WINDOWS\System32\config\RegBack\COMPONENTS Object is locked skipped
C:\WINDOWS\System32\config\RegBack\DEFAULT Object is locked skipped
C:\WINDOWS\System32\config\RegBack\SAM Object is locked skipped
C:\WINDOWS\System32\config\RegBack\SECURITY Object is locked skipped
C:\WINDOWS\System32\config\RegBack\SOFTWARE Object is locked skipped
C:\WINDOWS\System32\config\RegBack\SYSTEM Object is locked skipped
C:\WINDOWS\System32\config\SAM Object is locked skipped
C:\WINDOWS\System32\config\SAM.LOG1 Object is locked skipped
C:\WINDOWS\System32\config\SAM.LOG2 Object is locked skipped
C:\WINDOWS\System32\config\SECURITY Object is locked skipped
C:\WINDOWS\System32\config\SECURITY.LOG1 Object is locked skipped
C:\WINDOWS\System32\config\SECURITY.LOG2 Object is locked skipped
C:\WINDOWS\System32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\WINDOWS\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\WINDOWS\System32\config\SYSTEM Object is locked skipped
C:\WINDOWS\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\WINDOWS\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRXCMXY\upgrade[1].cab/upgrade.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRXCMXY\upgrade[1].cab/upgrade.exe/stream Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRXCMXY\upgrade[1].cab/upgrade.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRXCMXY\upgrade[1].cab CAB: infected - 3 skipped
C:\WINDOWS\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms Object is locked skipped
C:\WINDOWS\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms Object is locked skipped
C:\WINDOWS\System32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\WINDOWS\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\System32\Msdtc\KtmRmTm.blf Object is locked skipped
C:\WINDOWS\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped
C:\WINDOWS\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped
C:\WINDOWS\System32\spool\SpoolerETW.etl Object is locked skipped
C:\WINDOWS\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\WINDOWS\System32\wbem\Repository\INDEX.BTR Object is locked skipped
C:\WINDOWS\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\System32\WDI\LogFiles\WdiContextLog.etl.003 Object is locked skipped
C:\WINDOWS\System32\wfp\wfpdiag.etl Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\ODiag.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\OSession.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\WINDOWS\System32\winevt\Logs\System.evtx Object is locked skipped
C:\WINDOWS\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\Desktop.ini Object is locked skipped
D:\System Volume Information\Protect.ed Object is locked skipped
Scan process completed.
  • 0

Advertisements


#11
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Thanks, lets remove what was found there:
1.
Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    C:\Program Files\Freeze.com Toolbar
    C:\Users\HP\Desktop\New Folder\Download_mbam-setup(2).exe
    C:\Users\HP\Desktop\New Folder\Download_mbam-setup.exe
    C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRXCMXY\upgrade[1].cab
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


2.
Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.


3.
Reply with the OTMoveIT2 log, the Uninstall list and a fresh Hijack This log.

Edited by sarahw, 21 April 2008 - 02:15 AM.

  • 0

#12
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
C:\Program Files\Freeze.com Toolbar moved successfully.
C:\Users\HP\Desktop\New Folder\Download_mbam-setup(2).exe moved successfully.
C:\Users\HP\Desktop\New Folder\Download_mbam-setup.exe moved successfully.
< C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRXCMXY\upgrade[1].cab >
File/Folder C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRXCMXY\upgrade[1].cab not found.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04212008_181607
  • 0

#13
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
#1 DVD Ripper 7.2.2
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.2
Advanced RAR Password Recovery (remove only)
AppCore
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio 7.21
Aurora Video Converter & VCD SVCD DVD Creator 5.1.1
AVG 8.0
BitComet 1.00
Blaze Media Pro
Blaze Media Pro
BlindWrite 6
Bonjour
Bug Doctor 3.0.3.8
ccCommon
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DVD Creator3
DVD Ripper Platinum 4
Enhanced Multimedia Keyboard Solution
free-downloads.net Toolbar
GamingSquared Console
Hardware Diagnostic Tools
HijackThis 2.0.2
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.0
HP Picasso Media Center Add-In
HP Total Care Advisor
HP Update
ImTOO DVD Ripper Platinum 4
InterVideo WinDVD 8
iTunes
Java™ 6 Update 5
Kaspersky Online Scanner
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (2.0.0.14)
MpcStar 2.2
MSRedist
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
muvee autoProducer 6.0
My HP Games
MySpaceIM
Norton Internet Security
Norton Internet Security (Symantec Corporation)
NVIDIA Drivers
Panda ActiveScan 2.0
Python 2.4.3
QuickTime
RealPlayer
Realtek High Definition Audio Driver
RedLightCenter
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Snapfish Media Detector
Soft Data Fax Modem with SmartCP
Spyware Doctor 5.5
Subliminal Mind 1.1
SUPERAntiSpyware Free Edition
SymNet
VeohTV BETA
Video Converter 3
WeatherBug
Windows Media Player Firefox Plugin
WinRAR archiver
Xvid 1.1.3 final uninstall
Yahoo! Toolbar for Internet Explorer
Zumie Search 1.0 build 126
  • 0

#14
collateral

collateral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:35:44 PM, on 4/21/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\GamingSquared\Gaming2\G2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\BitComet\plugin_emule\plugin_eMule.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\HP\Desktop\OTMoveIt2.exe
C:\Users\HP\Desktop\New Folder\HijackThis.exe
C:\WINDOWS\System32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {185A85A2-5C17-444F-A9AC-933F9DA42FD3} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5D755A72-DA14-4E52-B7CA-5FF3390BFE0A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {96F8931D-BB55-41DE-9AF7-257A7EB43D2A} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [G2] "C:\Program Files\GamingSquared\Gaming2\G2.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Zumie Search Service - Unknown owner - C:\Program Files\Zumie\zumie.exe (file missing)

--
End of file - 11273 bytes
  • 0

#15
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
  • Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below:

    O2 - BHO: (no name) - {185A85A2-5C17-444F-A9AC-933F9DA42FD3} - (no file)
    O23 - Service: Zumie Search Service - Unknown owner - C:\Program Files\Zumie\zumie.exe (file missing)


  • Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.
  • Please click on >> Start >> Control Panel Go to Add/Remove Programs locate and then uninstall the following programs(if present):

    free-downloads.net Toolbar
    Zumie Search 1.0 build 126


    Please tell me of any other programs that you dont recognize in that list or any errors you recieve in your next response

Edited by sarahw, 22 April 2008 - 01:23 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP