Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Pop ups, slower internet and problems typing :/ [RESOLVED]


  • This topic is locked This topic is locked

#1
Phantasy66

Phantasy66

    Member

  • Member
  • PipPip
  • 26 posts
Hey,
Ive just been recently suffering from pop ups, slower internet and repeatedly having to press the letters on my keyboard! Ive tried using Spy bot search an destroy, Ad-aware and AVG, but none have worked. Any help is appreciated, thanks :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56, on 2008-06-01
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\mIRC\mirc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Carlos\AppData\Local\Temp\cbXpMFvW.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Carlos\AppData\Local\Temp\tuvVMghg.dll,c
O4 - HKCU\..\Run: [BM39f244ae] Rundll32.exe "C:\Users\Carlos\AppData\Local\Temp\ymheiksl.dll",s
O4 - HKCU\..\Run: [3ac17732] rundll32.exe "C:\Users\Carlos\AppData\Local\Temp\hqjvypwe.dll",b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1202162478483
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.madonion....ark/tc/MSC3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 10452 bytes
  • 0

Advertisements


#2
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.




Please visit this web page for instructions for downloading and running ComboFix

http://www.bleepingc...to-use-combofix

This includes installing the Windows XP Recovery Console in case you have not installed it yet.

For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.

Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. Don't select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.





Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner and click Accept

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#3
Phantasy66

Phantasy66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
thanks very much for your help

ComboFix 08-06-01.6 - Carlos 2008-06-02 1:15:05.5 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1877 [GMT 1:00]
Running from: C:\Users\Carlos\Downloads\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-05-02 to 2008-06-02 )))))))))))))))))))))))))))))))
.

2008-06-01 23:25 . 2008-06-01 23:25 <DIR> d-------- C:\Windows\System32\Kaspersky Lab
2008-06-01 20:07 . 2008-06-01 20:07 <DIR> d-------- C:\Program Files\Atari
2008-05-29 12:31 . 2006-11-08 13:44 525,624 --a------ C:\Users\Public\WindowsXP-KB922120-v5-x86-ENU.exe
2008-05-28 10:33 . 2008-03-08 03:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-28 10:33 . 2008-03-08 05:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-05-20 17:25 . 2008-05-20 17:25 <DIR> d-------- C:\Users\All Users\Ubisoft
2008-05-20 17:25 . 2008-05-20 17:25 <DIR> d-------- C:\ProgramData\Ubisoft
2008-05-11 21:50 . 2004-08-03 22:03 88,448 --a------ C:\Windows\nwlnkipx.sys
2008-05-11 21:50 . 2001-08-23 13:00 63,232 --a------ C:\Windows\nwlnknb.sys
2008-05-11 21:50 . 2001-08-23 13:00 55,936 --a------ C:\Windows\nwlnkspx.sys
2008-05-11 21:50 . 2001-08-23 13:00 32,512 --a------ C:\Windows\nwlnkfwd.sys
2008-05-11 21:50 . 2001-08-23 13:00 12,416 --a------ C:\Windows\nwlnkflt.sys
2008-05-10 19:32 . 2008-05-11 17:40 <DIR> d-------- C:\Westwood
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Real
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Common Files\Real
2008-05-05 11:22 . 2008-05-05 11:22 <DIR> d-------- C:\Program Files\EVGA Precision

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-01 19:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-01 12:18 --------- d-----w C:\Program Files\Steam
2008-05-31 17:54 --------- d-----w C:\Program Files\Common Files\Steam
2008-05-28 14:27 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-05-28 14:27 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-05-26 21:00 --------- d-----w C:\Program Files\Sega
2008-05-26 17:57 --------- d-----w C:\Program Files\Microsoft Games
2008-05-26 14:35 --------- d-----w C:\Program Files\Uplink
2008-05-26 14:33 --------- d-----w C:\Program Files\EA SPORTS
2008-05-26 14:25 --------- d-----w C:\Program Files\Sierra Entertainment
2008-05-26 14:23 --------- d-----w C:\Program Files\KONAMI
2008-05-26 14:22 --------- d-----w C:\Program Files\Ubisoft
2008-05-23 14:15 --------- d-----w C:\Program Files\LucasArts
2008-05-21 09:27 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-20 16:25 2,337,865 ----a-w C:\Windows\System32\pbsvc.exe
2008-05-15 08:29 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-15 08:29 --------- d-----w C:\Program Files\Windows Mail
2008-05-14 13:06 --------- d-----w C:\Program Files\DivX
2008-05-05 20:06 306,432 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-05-05 20:06 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-05-01 21:10 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-26 21:21 --------- d-----w C:\Program Files\DOSBox-0.72
2008-04-26 21:04 --------- d-----w C:\Program Files\ImgBurn
2008-04-26 20:57 --------- d-----w C:\Program Files\IPX-SPX Protocol
2008-04-26 18:04 --------- d-----w C:\Program Files\GameSpy Arcade
2008-04-23 15:28 --------- d-----w C:\Program Files\QuickTime
2008-04-23 15:28 --------- d-----w C:\Program Files\iTunes
2008-04-23 15:28 --------- d-----w C:\Program Files\iPod
2008-04-18 21:52 --------- d-----w C:\Program Files\7-Zip
2008-04-18 18:35 --------- d-----w C:\Program Files\MSXML 4.0
2008-04-17 22:44 --------- d-----w C:\ProgramData\Microsoft Games
2008-04-12 10:13 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-10 17:32 --------- d-----w C:\Program Files\Yamicsoft
2008-03-31 21:25 831,488 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-03-21 20:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-03-19 12:56 174 --sha-w C:\Program Files\desktop.ini
2008-03-19 12:42 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-19 12:42 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-19 12:14 47,560 ----a-w C:\Windows\System32\SPReview.exe
2008-03-19 12:14 152,576 ----a-w C:\Windows\System32\SPWizUI.dll
2008-03-08 04:19 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-03-08 04:19 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-03-08 04:19 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-03-08 04:19 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-03-08 01:58 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-03-05 15:49 86,016 ----a-w C:\Windows\System32\OpenAL32.dll
2008-03-05 15:49 262,144 ----a-w C:\Windows\System32\wrap_oal.dll
2008-01-06 00:47 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-06 00:47 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-06 00:47 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 00:33 1233920]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-17 13:10 171448]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 05:40 218032]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-19 21:13 486856]
"cmds"="C:\Users\Carlos\AppData\Local\Temp\tuvVMghg.dll" [2008-06-01 20:10 278016]
"BM39f244ae"="C:\Users\Carlos\AppData\Local\Temp\ymheiksl.dll" [2008-06-01 20:11 88576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05 734264]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 00:52 849280]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-15 10:48 579584]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2008-01-17 12:43 63712]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-02-13 18:34 170528]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-02-13 18:34 13507104]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-02-13 18:34 92704]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-05-09 15:26 185896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-17 12:56 219136]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-17 13:10 171448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-01-17 12:56 9216 C:\Windows\System32\avgwlntf.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{C72F60AC-EB0A-4E9E-B7A2-A74493BFB93F}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{569CB1A1-FBCD-474F-8666-3A398801DF23}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{9305BCDC-90B3-4AF7-9D3F-5FB4B932EAC8}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict
"{70661BE0-A78F-4518-8AEB-06A9AD0F4274}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict
"{C7DB1A6A-5F70-484D-8990-3990EE584720}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only
"{F2525A21-2299-4280-8877-68F12DEA3779}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only
"{B6F2C2FF-0058-41FE-9C41-013328423B98}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server
"{2C58C5E2-C7CB-46C2-BC85-B13B7F10384E}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server
"TCP Query User{1271E388-7EA3-4916-9520-AC2084FDA9DA}C:\\program files\\morpheus\\morpheus.exe"= UDP:C:\program files\morpheus\morpheus.exe:Morpheus
"UDP Query User{F09BC7E2-4B34-48A7-9486-8015B375DCC8}C:\\program files\\morpheus\\morpheus.exe"= TCP:C:\program files\morpheus\morpheus.exe:Morpheus
"TCP Query User{EC950C13-6FEF-4D53-8962-1768248468E7}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"UDP Query User{77C85A1A-DA86-4354-8AE2-FB5748B14AC7}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"{3AF321EC-50AF-491E-9B62-DAD476F2AF71}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0A9F4D30-8F2F-4089-81F0-369403C72ACD}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E4A051D7-37F2-451B-8442-F794BAEB0D84}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{03E2D523-A261-4ED3-969E-6E007B93BE42}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2EADC144-106B-4C4F-9C51-256FCA684359}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{80571E39-B7F8-467C-A911-4827BE8C0FD5}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{A8E8FA15-2F06-4F9C-9057-83DFFD9838E5}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"TCP Query User{C75DB72F-A291-4049-89E9-E0B505CFAA64}C:\\program files\\steam\\steam.exe"= UDP:C:\program files\steam\steam.exe:Steam
"UDP Query User{DD4FA32B-148E-4A5B-BF94-2D6FEDD878AA}C:\\program files\\steam\\steam.exe"= TCP:C:\program files\steam\steam.exe:Steam
"TCP Query User{3F668D4B-D565-41F8-91DE-3052E5E2B612}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"UDP Query User{5738288A-C4CF-45DB-B742-A20DC48F7906}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"TCP Query User{584C0A75-E2F2-4294-B9FA-AD9C10550BF3}C:\\program files\\thq\\dawn of war\\w40k.exe"= UDP:C:\program files\thq\dawn of war\w40k.exe:W40K
"UDP Query User{E5F3CD9A-4AC9-4A97-AECC-D2BB4229D8DA}C:\\program files\\thq\\dawn of war\\w40k.exe"= TCP:C:\program files\thq\dawn of war\w40k.exe:W40K
"{8AB650CF-21FB-497D-9E25-C43F190FDD9B}"= UDP:C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"{49FD9142-6F8B-4E36-8899-962F40347928}"= TCP:C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"{C9F025B6-AAD8-49B0-85D1-BA320E3641DB}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{EE649523-60A3-4E46-997A-29E1E19BEAA5}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{4DDC7555-6B42-4F9A-BAC6-3617AF2EB3E0}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{78AAE553-6F90-47D5-B0F1-A7B548329BD4}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{F85E4799-1132-4C5C-9257-DDAC5DDE0DF0}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{B4E6D669-A148-450A-BDF4-77869706E10E}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{86FCDBF9-0541-4874-901E-43FD6C5A05B7}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{932163BE-26E1-40F7-944C-45723C066467}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{41C9EC60-E3D0-4F31-896E-E47B97839E24}C:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= UDP:C:\program files\activision value\soldier of fortune payback\sof3.exe:sof3
"UDP Query User{A9180082-5ED4-46C2-A678-62701BB2D679}C:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= TCP:C:\program files\activision value\soldier of fortune payback\sof3.exe:sof3
"{9BE07A1D-17B9-4438-B524-F687472219BB}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™
"{C6F22C76-B079-420D-B7E3-211A67ABCB5C}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™
"{9E3B3A09-425C-4D93-8FC9-2D4B06A0143B}"= UDP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{290BBCE9-FF30-4994-98F5-3D8107BAB15F}"= TCP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"TCP Query User{4D2EFEEE-AA0C-4226-824B-3DB1546B9C26}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"UDP Query User{990DD344-7A62-4262-B104-DC1824C12F5D}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"TCP Query User{6ACF7283-7205-41B3-85AB-6A7CC201C8A2}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{62598F99-3904-430A-882D-DD8E178FA834}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{FFFD47B0-5A06-4980-9FA3-613C6403DAEB}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{15245573-D530-4D6C-A2E1-4FA1734088C6}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{3F921223-99F0-43A7-ACF9-EE2A552D5C0A}C:\\program files\\konami\\pro evolution soccer 2008\\pes2008.exe"= UDP:C:\program files\konami\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008
"UDP Query User{67085499-75B2-4C80-8B1F-592B20265B52}C:\\program files\\konami\\pro evolution soccer 2008\\pes2008.exe"= TCP:C:\program files\konami\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008
"TCP Query User{7095FAA1-AE37-4C50-8141-885A6B651631}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"UDP Query User{6A77451B-F080-483C-9718-274F26FCA251}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"TCP Query User{5C0EE67B-1278-4F5D-8BCD-B32B0ADF60B3}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{FCCD517D-742A-4135-98C4-968E7768AD9D}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{EBA0B598-A364-41A8-8D07-CCADA183E541}C:\\program files\\morpheus\\morpheus.exe"= UDP:C:\program files\morpheus\morpheus.exe:Morpheus
"UDP Query User{56B5917D-C918-4D07-84C2-054A718660C6}C:\\program files\\morpheus\\morpheus.exe"= TCP:C:\program files\morpheus\morpheus.exe:Morpheus
"TCP Query User{928DF438-9A06-4015-BF08-9941B2B6475A}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= UDP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"UDP Query User{AACFB53D-D97C-42DE-A6EE-4080C1E5CC57}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= TCP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"TCP Query User{15C107B8-F1D1-45F8-A697-945E573965F3}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= UDP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"UDP Query User{9E7A96EA-12D7-43C9-A329-C208893583B6}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= TCP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"{0750682D-D29C-47CA-9AFB-5077CC947AA3}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{1B16BB7F-5271-47F8-B259-B65505286215}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{7C749142-2A50-4E35-A7D9-E26EED4AD9C8}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{48ED0821-DB49-48B7-B925-9FD14659CF29}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{A6318397-F218-4A0B-A7F0-D91FC65495FA}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{DC246361-F6A4-43ED-B7C6-3BCF97CDC97A}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"{442331D0-8E5E-402A-A9AF-DE4CA935F6B6}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{F479D72B-DFA4-489C-ACD8-4DE7686CE120}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{DF0E65A4-1CE9-49BF-A39C-7C8E66EF93BA}"= UDP:C:\Program Files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"{3E1A678D-9262-44FE-8C41-2B424982BA9C}"= TCP:C:\Program Files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"{0161053D-515E-4C0B-8D27-CED1D186D435}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{F8BA689E-18C8-4DDB-BC39-3B4AECC9BF08}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{284DFE1D-2753-4A72-89B4-54A3A1AD3545}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{00268AFC-7425-4235-AB73-81D8523F8947}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{23278241-1CA2-46D6-B5E5-6574110C1F3B}"= UDP:C:\Program Files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
"{8FA6CADB-1B13-4BCB-BE26-3D26F79B9A6E}"= TCP:C:\Program Files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
"{8D6A602A-0F41-4645-80C9-D1F9F2FB0A3D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{B8DFE811-7D3F-4555-B0F8-C5B154CB0D23}C:\\program files\\thq\\dawn of war - soulstorm\\soulstorm.exe"= UDP:C:\program files\thq\dawn of war - soulstorm\soulstorm.exe:Soulstorm
"UDP Query User{F0D65ED4-D687-4DDB-A429-0B4FAC1ED503}C:\\program files\\thq\\dawn of war - soulstorm\\soulstorm.exe"= TCP:C:\program files\thq\dawn of war - soulstorm\soulstorm.exe:Soulstorm
"TCP Query User{214D93E7-6162-4B1A-86BD-2817884D83FC}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"UDP Query User{3BE60B0A-E6C6-4CD3-8C91-B4D9F77E3CDE}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"TCP Query User{395CE574-B948-4F87-8707-65B6489A538D}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"UDP Query User{46786539-9BFF-404B-95FA-CDADFC049B4F}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"TCP Query User{ECC20284-9994-4FE9-BA3F-843047F3C307}C:\\program files\\mirc\\mirc.exe"= UDP:C:\program files\mirc\mirc.exe:mIRC
"UDP Query User{13C24F23-4996-4E9C-AAA9-80422A1E95BF}C:\\program files\\mirc\\mirc.exe"= TCP:C:\program files\mirc\mirc.exe:mIRC
"TCP Query User{A2895B32-3FA8-4499-94BC-BAC1564BB267}C:\\program files\\mirc\\mirc.exe"= UDP:C:\program files\mirc\mirc.exe:mIRC
"UDP Query User{63BE9D13-D22A-47E3-8F30-9F6A1CB9B91D}C:\\program files\\mirc\\mirc.exe"= TCP:C:\program files\mirc\mirc.exe:mIRC
"TCP Query User{B383F84F-BC2E-42F1-8A49-D3257A68CCE1}C:\\program files\\flashget\\flashget.exe"= UDP:C:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{099D9840-4D20-4159-8768-838B01B8F438}C:\\program files\\flashget\\flashget.exe"= TCP:C:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{6E9BB26A-ABA9-4C70-964B-BCAF2C7EE8D6}C:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{B658465F-8873-4110-BCFB-CC89E1FE43BB}C:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"TCP Query User{AB034572-BCDC-45CB-9D35-EBC7D493E481}C:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{7BAC1276-1639-460B-A04B-21BF74C2D1EE}C:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"{15135B5D-1B01-46B7-8333-703EDFA06472}"= UDP:C:\Program Files\Microsoft Games\Halo 2\halo2.exe:Halo 2
"{076C8591-E037-458A-9547-EAA3CCC5FF42}"= TCP:C:\Program Files\Microsoft Games\Halo 2\halo2.exe:Halo 2
"TCP Query User{3C579C19-0D71-448B-9F2A-CF2542B27A0A}C:\\program files\\microsoft games\\halo\\halo.exe"= UDP:C:\program files\microsoft games\halo\halo.exe:Halo
"UDP Query User{A3A09D67-8865-4A18-8F5A-6C970D25140F}C:\\program files\\microsoft games\\halo\\halo.exe"= TCP:C:\program files\microsoft games\halo\halo.exe:Halo
"{565DE84F-26B6-4417-8B5F-911CF37A22CB}"= UDP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{DF8F4534-BC6E-4240-BFD8-63F2E358C2B6}"= TCP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{DC0BB67A-2665-45D2-AE6E-B75C6B236E09}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{D0E6DFA5-33EB-4064-A909-9C5244927AE9}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{C66504CB-56A4-491B-8399-107DD9C27F2C}C:\\program files\\sega\\iron man\\ironman.exe"= UDP:C:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{8344115E-BE6D-42CB-B2AD-721538ABD356}C:\\program files\\sega\\iron man\\ironman.exe"= TCP:C:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{AD65C4A7-6FD2-4027-BC31-62412F76DEAB}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{2D7C2179-2F2D-4184-BC00-565216CF70F4}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{F9688401-F968-4197-9113-B8C63F13AAE7}C:\\westwood\\ra2\\game.exe"= UDP:C:\westwood\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{74995070-7EFD-4354-917D-01B0372E5301}C:\\westwood\\ra2\\game.exe"= TCP:C:\westwood\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{56B7818C-D9CA-4EE9-9FED-4B35060DD66A}C:\\program files\\orbitdownloader\\orbitdm.exe"= UDP:C:\program files\orbitdownloader\orbitdm.exe:Orbit Downloader
"UDP Query User{9ACFCC5F-531D-48C8-9983-8EEC8EBAED75}C:\\program files\\orbitdownloader\\orbitdm.exe"= TCP:C:\program files\orbitdownloader\orbitdm.exe:Orbit Downloader
"{FE6E5FE9-3FC8-4027-886B-49B1BE9F554B}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{F95C8E52-291D-4E5A-92F1-0E163E8EBEDF}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{9DF769D6-170E-4966-A757-6C7E137A5468}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{D5C92D4A-9A67-4D6C-BD79-CDD0FAE5ABBC}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"TCP Query User{44C95779-8680-4082-BFDF-873CAD17A169}C:\\program files\\microsoft games\\age of empires ii\\age2_x1.exe"= UDP:C:\program files\microsoft games\age of empires ii\age2_x1.exe:Age of Empires II Expansion
"UDP Query User{C435409D-6627-43F6-90AA-D44494539AFD}C:\\program files\\microsoft games\\age of empires ii\\age2_x1.exe"= TCP:C:\program files\microsoft games\age of empires ii\age2_x1.exe:Age of Empires II Expansion
"TCP Query User{DEDA15AE-5655-4DED-A854-2DC34E082313}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"UDP Query User{94557A45-532E-4AF9-8E59-F32791B6A99F}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"{96C7E22A-A217-4A56-B3A5-BAB5D4EF29F7}"= UDP:C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:Age of Empires II
"{F94BA9E6-EE14-4FD6-B9D3-1F86D7FD7B25}"= TCP:C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:Age of Empires II
"{526FE062-9F27-4640-B40E-0930BE02DE65}"= UDP:C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{1A3488E1-616C-48D8-8827-E6A732E0A2E1}"= TCP:C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{4FB880F4-2C31-43A5-A6F7-0AE7D9B2945B}"= UDP:C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{884961CD-BA4C-4A6F-8709-D81A213290AE}"= TCP:C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{220B157A-2FCD-4F7A-B1F6-D41C30024BCE}"= UDP:C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{5A0AF970-22FF-4C21-A13D-B3B3F2A0FD73}"= TCP:C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{7A5017BF-3046-4F28-B8EE-33712EC21394}"= UDP:C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
"{859BB015-C7F7-4945-9B53-9997D60A9731}"= TCP:C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Orbitdownloader\\orbitdm.exe"= C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit
"C:\\Program Files\\Orbitdownloader\\orbitnet.exe"= C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 00:33]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28u.sys [2007-08-15 23:49]
S3 rt61x86;Sitecom RT61 Wireless Network Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr61.sys [2007-09-28 14:37]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-05-30 18:04]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-05-05 21:06]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fd2a4df-7cef-11dc-bdc5-001966354afe}]
\shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9eb02c1b-df0c-11dc-9af4-001966354afe}]
\shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c26d7ac1-9158-11dc-9855-001966354afe}]
\shell\AutoRun\command - E:\autorun.exe

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-05-30 16:55:26 C:\Windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-02 01:17:31
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


folder error: C:\Documents and Settings\ReleaseEngineer.MACROVISION\Application Data\

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\Windows\Explorer.exe
-> C:\Users\Carlos\AppData\Local\Temp\hqjvypwe.dll
-> C:\Users\Carlos\AppData\Local\Temp\ymheiksl.dll
-> C:\Users\Carlos\AppData\Local\Temp\tuvVMghg.dll
.
Completion time: 2008-06-02 1:18:21
ComboFix-quarantined-files.txt 2008-06-02 00:18:12

Pre-Run: 105,767,550,976 bytes free
Post-Run: 105,771,626,496 bytes free

306 --- E O F --- 2008-05-30 08:18:26

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, June 02, 2008 3:02:57 AM
Operating System: Microsoft Windows Vista Home Edition, Service Pack 1 (Build 6001)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 1/06/2008
Kaspersky Anti-Virus database records: 821471
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 177031
Number of viruses found: 3
Number of infected objects: 9
Number of suspicious objects: 0
Duration of the scan process: 01:39:02

Infected Object Name / Virus Name / Last Action
C:\Boot\BCD Object is locked skipped
C:\Boot\BCD.LOG Object is locked skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Program Files\Morpheus\morpheustoolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\Program Files\Morpheus\mymorpheusToolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\ProgramData\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\ProgramData\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\10e63d15a50c33585a147191bf4e6bc5_60c8249f-be9c-48a7-99ae-6b5e15f4b0e8 Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008060220080603\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPH0QR45\kb635111[1] Infected: Trojan.Win32.Obfuscated.auw skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\29KCS8MF\PPRKCAMDT18BCAPHZR4NCAYZE4HLCAX2LTAKCAF6RWFFCAHOMCJZCAYJZAR1CA56SB9UCA5TELR
PCA1Y9F37CA8L8OIICABOUXJYCAEHMITBCA2P8RCPCARO4UM0CALNLE5NCAM60JXLCA53SSV0CA8YOHBW Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat{778bc740-72ce-11dc-b0cf-001966354afe}.TM.blf Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat{778bc740-72ce-11dc-b0cf-001966354afe}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat{778bc740-72ce-11dc-b0cf-001966354afe}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\dfsr.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\fsr.log Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\fsrtmp.log Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\tmp.edb Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows Live Contacts\[email protected]\real\members.stg Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows Live Contacts\[email protected]\shadow\members.stg Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\Low\~DFCDEC.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\Low\~DFCE06.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\~DF1518.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\~DF181A.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\~DFDC64.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\~DFEDDB.tmp Object is locked skipped
C:\Users\Carlos\AppData\Roaming\microsoft\Internet Explorer\UserData\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Roaming\microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Roaming\microsoft\Windows\Cookies\Low\index.dat Object is locked skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream/data0001/stream/data0014 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream/data0001/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream/data0001 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe NSIS: infected - 4 skipped
C:\Users\Carlos\NTUSER.DAT Object is locked skipped
C:\Users\Carlos\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Carlos\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Carlos\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Users\Carlos\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Carlos\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\Logs\CBS\CBS.log Object is locked skipped
C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped
C:\Windows\Logs\DPX\setupact.log Object is locked skipped
C:\Windows\Logs\DPX\setuperr.log Object is locked skipped
C:\Windows\MEMORY.DMP Object is locked skipped
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped
C:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped
C:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped
C:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped
C:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped
C:\Windows\security\database\secedit.sdb Object is locked skipped
C:\Windows\SoftwareDistribution\EventCache\{3C55DE79-409F-43A9-8B60-97CAF43592DB}.bin Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\drivers\sptd.sys Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\0296C47314AB746EC35476488248FCD9.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\040270F850D5C3C91057DDDA2DA294D8.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\0DF617D6737A7561E732F853792261C3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\1E2E58C73053C7775EB226DB5E739137.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2A811E5CCC22CC9D7AE2B04EF0402688.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2CE523184A801AA7361A7039E2D6B41D.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2D57A7682ACD19214C258D31A06D008F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\3460B7617E0429A960E481B197F238A3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\376786241A5443E41378D25CF812FCC1.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\3DC0BABDCA20E5E319117C21BD4BD795.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\494C62FAA08CD5217399BAA555FF491B.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\4A01E0F376B5833EBA98F0D1D5F60CD1.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\4B471F64BAF831EC7945C820FD5A16E5.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\4CB32C0A77CD4D9B0C9618F73F786C32.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\5774C77265BE4C55B5C6C9718979E015.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\5966D45C7B25EACA46E87DD8E5703964.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\5B5D21CF62E70BACF9D085E6AA6CE143.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\69554D930FCA40B0304B9A43A8036F2D.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\75054C3771DF289038069A9BB1C1FB6E.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\7851AF96EA828F912853F32DB0D96138.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\7F417E1A6D819A9B2FEB55DA6858EA0A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\87AA2A001CE3E89926688B93E4DC2992.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\8C718B5AFD373885B68D2836088CAF9A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\903E49C444C46FEF5F2C3A189C9CEF71.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\96ABB1671705F680578FE240427CBD4F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9A72EE7775E8021F75961342B8AFD1B4.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9CD33F0956942860B50AA1B9330DEFAF.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9E06E4FE97F0CBB8D659894823F805D7.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\A80FF2DC09487ECD60AFB147B262BDD7.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\AA6E0E396C238977CA909EFD82299737.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\AA742824DCADA846BA4B665D686DD5D6.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\BBF206490BAA431B592F9A13534F43F6.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\D1A1B12A7DA3F9675C01397A26DBF4B3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\D4C4BA54B6A8FA6211E60E2ADFF7426A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\DE391013DA56ABA39FFF40A9ABDF052F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\DF80FD3849FFF74B4BF43E2EA8ADEC8A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E9D8A460B2C986DD5FF19F299F4A27EC.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\EC45C70F2A3D9DED718E71631C38E2FE.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\F01326692CC5736EBAC31B9FC2381CF2.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\F81E6BEBC3067C406E6C491608474198.mof Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DateTimeControlPanel%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticResolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Forwarding%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skippe
  • 0

#4
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Can you post the Kaspersky log again, some of it is missing



1. Close any open browsers.

2. Open notepad and copy/paste the text in the quotebox below into it:

File::
G:\LaunchU3.exe
F:\LaunchU3.exe
E:\autorun.exe

Folder::

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fd2a4df-7cef-11dc-bdc5-001966354afe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9eb02c1b-df0c-11dc-9af4-001966354afe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c26d7ac1-9158-11dc-9855-001966354afe}]

Driver::


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at "C:\ComboFix.txt"

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall




Also post a new HijackThis log
  • 0

#5
Phantasy66

Phantasy66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, June 02, 2008 4:13:12 PM
Operating System: Microsoft Windows Vista Home Edition, Service Pack 1 (Build 6001)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 2/06/2008
Kaspersky Anti-Virus database records: 821881
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 176849
Number of viruses found: 3
Number of infected objects: 9
Number of suspicious objects: 0
Duration of the scan process: 01:30:45

Infected Object Name / Virus Name / Last Action
C:\Boot\BCD Object is locked skipped
C:\Boot\BCD.LOG Object is locked skipped
C:\Bug.txt Object is locked skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Program Files\Morpheus\morpheustoolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\Program Files\Morpheus\mymorpheusToolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\ProgramData\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\ProgramData\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\10e63d15a50c33585a147191bf4e6bc5_60c8249f-be9c-48a7-99ae-6b5e15f4b0e8 Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012008060220080603\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPH0QR45\kb635111[1] Infected: Trojan.Win32.Obfuscated.auw skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{46339A14-B889-4868-92E0-BB009EDEB69D}.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7Q3B6C7Y\CAO5DXYACA3ZCU3QCAVY076ICAL3K1HWCALLNR5SCAFYX7VWCAJ4LHZCCAJXOTOICA3O5A8RCA3
V3TR1CAJA8J3ICAC0740QCAQH3A6UCAY2AB93CAYIDAVGCAZPB7TVCASWDJF4CAB6ZSN0CAPWNWVN.htm Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7Q3B6C7Y\CAZL3JE3CA6NIHBTCARNTNX7CAA7JHEUCAXG3L10CAGE1XRLCA6OPPHJCAUUO8FCCA6FQNMDCA7
QZA1MCAFQ5007CAISRQ0ICA0YC1B6CA0174LTCA6ZCD7KCAIDAI36CASLEN9VCAH0CWY3CA4UPT5D.htm Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7Q3B6C7Y\heatherwoodandwexham_nhs_uk[1].htm Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat{778bc740-72ce-11dc-b0cf-001966354afe}.TM.blf Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat{778bc740-72ce-11dc-b0cf-001966354afe}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows\UsrClass.dat{778bc740-72ce-11dc-b0cf-001966354afe}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\dfsr.db Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\fsr.log Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\fsrtmp.log Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_723A_C1B6_3AC1_779D\tmp.edb Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows Live Contacts\[email protected]\real\members.stg Object is locked skipped
C:\Users\Carlos\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\Acr8F9C.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\Low\~DF4B19.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\Low\~DF4B39.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\~DF4F59.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\~DF670F.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Temp\~DF6716.tmp Object is locked skipped
C:\Users\Carlos\AppData\Local\Adobe\Acrobat\8.0\Updater\updater.log Object is locked skipped
C:\Users\Carlos\AppData\Local\Adobe\Updater5\aumLib.log Object is locked skipped
C:\Users\Carlos\AppData\Roaming\microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Roaming\microsoft\Windows\Cookies\Low\index.dat Object is locked skipped
C:\Users\Carlos\AppData\Roaming\microsoft\Templates\Normal.dotm Object is locked skipped
C:\Users\Carlos\AppData\Roaming\microsoft\Word\AutoRecovery save of Document1.asd Object is locked skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream/data0001/stream/data0014 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream/data0001/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream/data0001 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
C:\Users\Carlos\Downloads\mirc631.exe NSIS: infected - 4 skipped
C:\Users\Carlos\NTUSER.DAT Object is locked skipped
C:\Users\Carlos\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Carlos\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Carlos\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Users\Carlos\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Carlos\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\Logs\CBS\CBS.log Object is locked skipped
C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped
C:\Windows\Logs\DPX\setupact.log Object is locked skipped
C:\Windows\Logs\DPX\setuperr.log Object is locked skipped
C:\Windows\MEMORY.DMP Object is locked skipped
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped
C:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped
C:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped
C:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped
C:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped
C:\Windows\security\database\secedit.sdb Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\drivers\sptd.sys Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\0296C47314AB746EC35476488248FCD9.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\040270F850D5C3C91057DDDA2DA294D8.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\0DF617D6737A7561E732F853792261C3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\1E2E58C73053C7775EB226DB5E739137.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2A811E5CCC22CC9D7AE2B04EF0402688.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2CE523184A801AA7361A7039E2D6B41D.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2D57A7682ACD19214C258D31A06D008F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\3460B7617E0429A960E481B197F238A3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\376786241A5443E41378D25CF812FCC1.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\3DC0BABDCA20E5E319117C21BD4BD795.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\494C62FAA08CD5217399BAA555FF491B.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\4A01E0F376B5833EBA98F0D1D5F60CD1.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\4B471F64BAF831EC7945C820FD5A16E5.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\4CB32C0A77CD4D9B0C9618F73F786C32.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\5774C77265BE4C55B5C6C9718979E015.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\5966D45C7B25EACA46E87DD8E5703964.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\5B5D21CF62E70BACF9D085E6AA6CE143.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\69554D930FCA40B0304B9A43A8036F2D.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\75054C3771DF289038069A9BB1C1FB6E.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\7851AF96EA828F912853F32DB0D96138.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\7F417E1A6D819A9B2FEB55DA6858EA0A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\87AA2A001CE3E89926688B93E4DC2992.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\8C718B5AFD373885B68D2836088CAF9A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\903E49C444C46FEF5F2C3A189C9CEF71.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\96ABB1671705F680578FE240427CBD4F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9A72EE7775E8021F75961342B8AFD1B4.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9CD33F0956942860B50AA1B9330DEFAF.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\9E06E4FE97F0CBB8D659894823F805D7.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\A80FF2DC09487ECD60AFB147B262BDD7.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\AA6E0E396C238977CA909EFD82299737.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\AA742824DCADA846BA4B665D686DD5D6.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\BBF206490BAA431B592F9A13534F43F6.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\D1A1B12A7DA3F9675C01397A26DBF4B3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\D4C4BA54B6A8FA6211E60E2ADFF7426A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\DE391013DA56ABA39FFF40A9ABDF052F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\DF80FD3849FFF74B4BF43E2EA8ADEC8A.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E9D8A460B2C986DD5FF19F299F4A27EC.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\EC45C70F2A3D9DED718E71631C38E2FE.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\F01326692CC5736EBAC31B9FC2381CF2.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\F81E6BEBC3067C406E6C491608474198.mof Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DateTimeControlPanel%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticResolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Forwarding%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Metrics.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Wired-AutoConfig%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\Tasks\1-Click Maintenance.job Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18000_none_d12e90ac35ffb753\dnary.xsd Object is locked skipped

Scan process completed.

ComboFix 08-06-01.6 - Carlos 2008-06-02 11:55:35.6 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2115 [GMT 1:00]
Running from: C:\Users\Carlos\Downloads\ComboFix.exe
Command switches used :: C:\Users\Carlos\Desktop\CFScript.txt

FILE ::
E:\autorun.exe
F:\LaunchU3.exe
G:\LaunchU3.exe
.

((((((((((((((((((((((((( Files Created from 2008-05-02 to 2008-06-02 )))))))))))))))))))))))))))))))
.

2008-06-01 23:25 . 2008-06-01 23:25 <DIR> d-------- C:\Windows\System32\Kaspersky Lab
2008-06-01 20:07 . 2008-06-01 20:07 <DIR> d-------- C:\Program Files\Atari
2008-05-29 12:31 . 2006-11-08 13:44 525,624 --a------ C:\Users\Public\WindowsXP-KB922120-v5-x86-ENU.exe
2008-05-28 10:33 . 2008-03-08 03:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-28 10:33 . 2008-03-08 05:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-05-20 17:25 . 2008-05-20 17:25 <DIR> d-------- C:\Users\All Users\Ubisoft
2008-05-20 17:25 . 2008-05-20 17:25 <DIR> d-------- C:\ProgramData\Ubisoft
2008-05-11 21:50 . 2004-08-03 22:03 88,448 --a------ C:\Windows\nwlnkipx.sys
2008-05-11 21:50 . 2001-08-23 13:00 63,232 --a------ C:\Windows\nwlnknb.sys
2008-05-11 21:50 . 2001-08-23 13:00 55,936 --a------ C:\Windows\nwlnkspx.sys
2008-05-11 21:50 . 2001-08-23 13:00 32,512 --a------ C:\Windows\nwlnkfwd.sys
2008-05-11 21:50 . 2001-08-23 13:00 12,416 --a------ C:\Windows\nwlnkflt.sys
2008-05-10 19:32 . 2008-05-11 17:40 <DIR> d-------- C:\Westwood
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Real
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Common Files\Real
2008-05-05 11:22 . 2008-05-05 11:22 <DIR> d-------- C:\Program Files\EVGA Precision

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-01 19:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-01 12:18 --------- d-----w C:\Program Files\Steam
2008-05-31 17:54 --------- d-----w C:\Program Files\Common Files\Steam
2008-05-28 14:27 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-05-28 14:27 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-05-26 21:00 --------- d-----w C:\Program Files\Sega
2008-05-26 17:57 --------- d-----w C:\Program Files\Microsoft Games
2008-05-26 14:35 --------- d-----w C:\Program Files\Uplink
2008-05-26 14:33 --------- d-----w C:\Program Files\EA SPORTS
2008-05-26 14:25 --------- d-----w C:\Program Files\Sierra Entertainment
2008-05-26 14:23 --------- d-----w C:\Program Files\KONAMI
2008-05-26 14:22 --------- d-----w C:\Program Files\Ubisoft
2008-05-23 14:15 --------- d-----w C:\Program Files\LucasArts
2008-05-21 09:27 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-20 16:25 2,337,865 ----a-w C:\Windows\System32\pbsvc.exe
2008-05-15 08:29 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-15 08:29 --------- d-----w C:\Program Files\Windows Mail
2008-05-14 13:06 --------- d-----w C:\Program Files\DivX
2008-05-05 20:06 306,432 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-05-05 20:06 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-05-01 21:10 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-26 21:21 --------- d-----w C:\Program Files\DOSBox-0.72
2008-04-26 21:04 --------- d-----w C:\Program Files\ImgBurn
2008-04-26 20:57 --------- d-----w C:\Program Files\IPX-SPX Protocol
2008-04-26 18:04 --------- d-----w C:\Program Files\GameSpy Arcade
2008-04-23 15:28 --------- d-----w C:\Program Files\QuickTime
2008-04-23 15:28 --------- d-----w C:\Program Files\iTunes
2008-04-23 15:28 --------- d-----w C:\Program Files\iPod
2008-04-18 21:52 --------- d-----w C:\Program Files\7-Zip
2008-04-18 18:35 --------- d-----w C:\Program Files\MSXML 4.0
2008-04-17 22:44 --------- d-----w C:\ProgramData\Microsoft Games
2008-04-12 10:13 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-10 17:32 --------- d-----w C:\Program Files\Yamicsoft
2008-03-31 21:25 831,488 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-03-21 20:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-03-19 12:56 174 --sha-w C:\Program Files\desktop.ini
2008-03-19 12:42 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-19 12:42 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-19 12:14 47,560 ----a-w C:\Windows\System32\SPReview.exe
2008-03-19 12:14 152,576 ----a-w C:\Windows\System32\SPWizUI.dll
2008-03-08 04:19 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-03-08 04:19 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-03-08 04:19 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-03-08 04:19 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-03-08 01:58 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-03-05 15:49 86,016 ----a-w C:\Windows\System32\OpenAL32.dll
2008-03-05 15:49 262,144 ----a-w C:\Windows\System32\wrap_oal.dll
2008-01-06 00:47 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-06 00:47 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-06 00:47 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((( [email protected]_ 1.17.52.26 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-01 17:22:25 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-06-02 10:50:28 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-06-01 17:22:26 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-06-02 10:50:28 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-06-01 17:22:26 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-06-02 10:50:28 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-06-01 17:24:44 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-06-02 10:52:49 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-06-01 17:24:49 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-06-02 10:52:44 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-06-01 22:19:44 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-06-02 10:52:47 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-06-01 22:19:44 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-02 10:52:47 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-06-01 22:19:44 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-06-02 10:52:47 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-06-01 10:45:35 10,698 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2384733316-1052832952-1687537222-1000_UserData.bin
+ 2008-06-02 10:53:10 10,698 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2384733316-1052832952-1687537222-1000_UserData.bin
- 2008-06-01 10:45:35 79,868 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-06-02 10:53:10 80,062 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 00:33 1233920]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-17 13:10 171448]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 05:40 218032]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-19 21:13 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05 734264]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 00:52 849280]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-15 10:48 579584]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2008-01-17 12:43 63712]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-02-13 18:34 170528]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-02-13 18:34 13507104]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-02-13 18:34 92704]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-05-09 15:26 185896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-17 12:56 219136]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-17 13:10 171448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-01-17 12:56 9216 C:\Windows\System32\avgwlntf.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{C72F60AC-EB0A-4E9E-B7A2-A74493BFB93F}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{569CB1A1-FBCD-474F-8666-3A398801DF23}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{9305BCDC-90B3-4AF7-9D3F-5FB4B932EAC8}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict
"{70661BE0-A78F-4518-8AEB-06A9AD0F4274}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict
"{C7DB1A6A-5F70-484D-8990-3990EE584720}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only
"{F2525A21-2299-4280-8877-68F12DEA3779}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only
"{B6F2C2FF-0058-41FE-9C41-013328423B98}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server
"{2C58C5E2-C7CB-46C2-BC85-B13B7F10384E}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server
"TCP Query User{1271E388-7EA3-4916-9520-AC2084FDA9DA}C:\\program files\\morpheus\\morpheus.exe"= UDP:C:\program files\morpheus\morpheus.exe:Morpheus
"UDP Query User{F09BC7E2-4B34-48A7-9486-8015B375DCC8}C:\\program files\\morpheus\\morpheus.exe"= TCP:C:\program files\morpheus\morpheus.exe:Morpheus
"TCP Query User{EC950C13-6FEF-4D53-8962-1768248468E7}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"UDP Query User{77C85A1A-DA86-4354-8AE2-FB5748B14AC7}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"{3AF321EC-50AF-491E-9B62-DAD476F2AF71}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0A9F4D30-8F2F-4089-81F0-369403C72ACD}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E4A051D7-37F2-451B-8442-F794BAEB0D84}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{03E2D523-A261-4ED3-969E-6E007B93BE42}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2EADC144-106B-4C4F-9C51-256FCA684359}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{80571E39-B7F8-467C-A911-4827BE8C0FD5}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{A8E8FA15-2F06-4F9C-9057-83DFFD9838E5}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"TCP Query User{C75DB72F-A291-4049-89E9-E0B505CFAA64}C:\\program files\\steam\\steam.exe"= UDP:C:\program files\steam\steam.exe:Steam
"UDP Query User{DD4FA32B-148E-4A5B-BF94-2D6FEDD878AA}C:\\program files\\steam\\steam.exe"= TCP:C:\program files\steam\steam.exe:Steam
"TCP Query User{3F668D4B-D565-41F8-91DE-3052E5E2B612}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"UDP Query User{5738288A-C4CF-45DB-B742-A20DC48F7906}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"TCP Query User{584C0A75-E2F2-4294-B9FA-AD9C10550BF3}C:\\program files\\thq\\dawn of war\\w40k.exe"= UDP:C:\program files\thq\dawn of war\w40k.exe:W40K
"UDP Query User{E5F3CD9A-4AC9-4A97-AECC-D2BB4229D8DA}C:\\program files\\thq\\dawn of war\\w40k.exe"= TCP:C:\program files\thq\dawn of war\w40k.exe:W40K
"{8AB650CF-21FB-497D-9E25-C43F190FDD9B}"= UDP:C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"{49FD9142-6F8B-4E36-8899-962F40347928}"= TCP:C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"{C9F025B6-AAD8-49B0-85D1-BA320E3641DB}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{EE649523-60A3-4E46-997A-29E1E19BEAA5}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{4DDC7555-6B42-4F9A-BAC6-3617AF2EB3E0}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{78AAE553-6F90-47D5-B0F1-A7B548329BD4}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{F85E4799-1132-4C5C-9257-DDAC5DDE0DF0}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{B4E6D669-A148-450A-BDF4-77869706E10E}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{86FCDBF9-0541-4874-901E-43FD6C5A05B7}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{932163BE-26E1-40F7-944C-45723C066467}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{41C9EC60-E3D0-4F31-896E-E47B97839E24}C:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= UDP:C:\program files\activision value\soldier of fortune payback\sof3.exe:sof3
"UDP Query User{A9180082-5ED4-46C2-A678-62701BB2D679}C:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= TCP:C:\program files\activision value\soldier of fortune payback\sof3.exe:sof3
"{9BE07A1D-17B9-4438-B524-F687472219BB}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™
"{C6F22C76-B079-420D-B7E3-211A67ABCB5C}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™
"{9E3B3A09-425C-4D93-8FC9-2D4B06A0143B}"= UDP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{290BBCE9-FF30-4994-98F5-3D8107BAB15F}"= TCP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"TCP Query User{4D2EFEEE-AA0C-4226-824B-3DB1546B9C26}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"UDP Query User{990DD344-7A62-4262-B104-DC1824C12F5D}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"TCP Query User{6ACF7283-7205-41B3-85AB-6A7CC201C8A2}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{62598F99-3904-430A-882D-DD8E178FA834}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{FFFD47B0-5A06-4980-9FA3-613C6403DAEB}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{15245573-D530-4D6C-A2E1-4FA1734088C6}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{3F921223-99F0-43A7-ACF9-EE2A552D5C0A}C:\\program files\\konami\\pro evolution soccer 2008\\pes2008.exe"= UDP:C:\program files\konami\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008
"UDP Query User{67085499-75B2-4C80-8B1F-592B20265B52}C:\\program files\\konami\\pro evolution soccer 2008\\pes2008.exe"= TCP:C:\program files\konami\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008
"TCP Query User{7095FAA1-AE37-4C50-8141-885A6B651631}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"UDP Query User{6A77451B-F080-483C-9718-274F26FCA251}C:\\program files\\steam\\steamapps\\artic666devil\\team fortress 2\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\team fortress 2\hl2.exe:hl2
"TCP Query User{5C0EE67B-1278-4F5D-8BCD-B32B0ADF60B3}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{FCCD517D-742A-4135-98C4-968E7768AD9D}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{EBA0B598-A364-41A8-8D07-CCADA183E541}C:\\program files\\morpheus\\morpheus.exe"= UDP:C:\program files\morpheus\morpheus.exe:Morpheus
"UDP Query User{56B5917D-C918-4D07-84C2-054A718660C6}C:\\program files\\morpheus\\morpheus.exe"= TCP:C:\program files\morpheus\morpheus.exe:Morpheus
"TCP Query User{928DF438-9A06-4015-BF08-9941B2B6475A}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= UDP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"UDP Query User{AACFB53D-D97C-42DE-A6EE-4080C1E5CC57}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= TCP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"TCP Query User{15C107B8-F1D1-45F8-A697-945E573965F3}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= UDP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"UDP Query User{9E7A96EA-12D7-43C9-A329-C208893583B6}C:\\program files\\namco bandai games\\warhammer mark of chaos\\warhammer.exe"= TCP:C:\program files\namco bandai games\warhammer mark of chaos\warhammer.exe:Warhammer®: Mark of Chaos™
"{0750682D-D29C-47CA-9AFB-5077CC947AA3}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{1B16BB7F-5271-47F8-B259-B65505286215}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{7C749142-2A50-4E35-A7D9-E26EED4AD9C8}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{48ED0821-DB49-48B7-B925-9FD14659CF29}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{A6318397-F218-4A0B-A7F0-D91FC65495FA}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{DC246361-F6A4-43ED-B7C6-3BCF97CDC97A}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"{442331D0-8E5E-402A-A9AF-DE4CA935F6B6}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{F479D72B-DFA4-489C-ACD8-4DE7686CE120}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{DF0E65A4-1CE9-49BF-A39C-7C8E66EF93BA}"= UDP:C:\Program Files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"{3E1A678D-9262-44FE-8C41-2B424982BA9C}"= TCP:C:\Program Files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"{0161053D-515E-4C0B-8D27-CED1D186D435}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{F8BA689E-18C8-4DDB-BC39-3B4AECC9BF08}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{284DFE1D-2753-4A72-89B4-54A3A1AD3545}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{00268AFC-7425-4235-AB73-81D8523F8947}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{23278241-1CA2-46D6-B5E5-6574110C1F3B}"= UDP:C:\Program Files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
"{8FA6CADB-1B13-4BCB-BE26-3D26F79B9A6E}"= TCP:C:\Program Files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
"{8D6A602A-0F41-4645-80C9-D1F9F2FB0A3D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{B8DFE811-7D3F-4555-B0F8-C5B154CB0D23}C:\\program files\\thq\\dawn of war - soulstorm\\soulstorm.exe"= UDP:C:\program files\thq\dawn of war - soulstorm\soulstorm.exe:Soulstorm
"UDP Query User{F0D65ED4-D687-4DDB-A429-0B4FAC1ED503}C:\\program files\\thq\\dawn of war - soulstorm\\soulstorm.exe"= TCP:C:\program files\thq\dawn of war - soulstorm\soulstorm.exe:Soulstorm
"TCP Query User{214D93E7-6162-4B1A-86BD-2817884D83FC}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"UDP Query User{3BE60B0A-E6C6-4CD3-8C91-B4D9F77E3CDE}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"TCP Query User{395CE574-B948-4F87-8707-65B6489A538D}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"UDP Query User{46786539-9BFF-404B-95FA-CDADFC049B4F}C:\\program files\\steam\\steamapps\\artic666devil\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\artic666devil\counter-strike source\hl2.exe:hl2
"TCP Query User{ECC20284-9994-4FE9-BA3F-843047F3C307}C:\\program files\\mirc\\mirc.exe"= UDP:C:\program files\mirc\mirc.exe:mIRC
"UDP Query User{13C24F23-4996-4E9C-AAA9-80422A1E95BF}C:\\program files\\mirc\\mirc.exe"= TCP:C:\program files\mirc\mirc.exe:mIRC
"TCP Query User{A2895B32-3FA8-4499-94BC-BAC1564BB267}C:\\program files\\mirc\\mirc.exe"= UDP:C:\program files\mirc\mirc.exe:mIRC
"UDP Query User{63BE9D13-D22A-47E3-8F30-9F6A1CB9B91D}C:\\program files\\mirc\\mirc.exe"= TCP:C:\program files\mirc\mirc.exe:mIRC
"TCP Query User{B383F84F-BC2E-42F1-8A49-D3257A68CCE1}C:\\program files\\flashget\\flashget.exe"= UDP:C:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{099D9840-4D20-4159-8768-838B01B8F438}C:\\program files\\flashget\\flashget.exe"= TCP:C:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{6E9BB26A-ABA9-4C70-964B-BCAF2C7EE8D6}C:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{B658465F-8873-4110-BCFB-CC89E1FE43BB}C:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"TCP Query User{AB034572-BCDC-45CB-9D35-EBC7D493E481}C:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{7BAC1276-1639-460B-A04B-21BF74C2D1EE}C:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"{15135B5D-1B01-46B7-8333-703EDFA06472}"= UDP:C:\Program Files\Microsoft Games\Halo 2\halo2.exe:Halo 2
"{076C8591-E037-458A-9547-EAA3CCC5FF42}"= TCP:C:\Program Files\Microsoft Games\Halo 2\halo2.exe:Halo 2
"TCP Query User{3C579C19-0D71-448B-9F2A-CF2542B27A0A}C:\\program files\\microsoft games\\halo\\halo.exe"= UDP:C:\program files\microsoft games\halo\halo.exe:Halo
"UDP Query User{A3A09D67-8865-4A18-8F5A-6C970D25140F}C:\\program files\\microsoft games\\halo\\halo.exe"= TCP:C:\program files\microsoft games\halo\halo.exe:Halo
"{565DE84F-26B6-4417-8B5F-911CF37A22CB}"= UDP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{DF8F4534-BC6E-4240-BFD8-63F2E358C2B6}"= TCP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{DC0BB67A-2665-45D2-AE6E-B75C6B236E09}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{D0E6DFA5-33EB-4064-A909-9C5244927AE9}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{C66504CB-56A4-491B-8399-107DD9C27F2C}C:\\program files\\sega\\iron man\\ironman.exe"= UDP:C:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{8344115E-BE6D-42CB-B2AD-721538ABD356}C:\\program files\\sega\\iron man\\ironman.exe"= TCP:C:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{AD65C4A7-6FD2-4027-BC31-62412F76DEAB}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{2D7C2179-2F2D-4184-BC00-565216CF70F4}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{F9688401-F968-4197-9113-B8C63F13AAE7}C:\\westwood\\ra2\\game.exe"= UDP:C:\westwood\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{74995070-7EFD-4354-917D-01B0372E5301}C:\\westwood\\ra2\\game.exe"= TCP:C:\westwood\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{56B7818C-D9CA-4EE9-9FED-4B35060DD66A}C:\\program files\\orbitdownloader\\orbitdm.exe"= UDP:C:\program files\orbitdownloader\orbitdm.exe:Orbit Downloader
"UDP Query User{9ACFCC5F-531D-48C8-9983-8EEC8E
  • 0

#6
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

1. Close any open browsers.

2. Open notepad and copy/paste the text in the quotebox below into it:

File::
C:\Program Files\Morpheus\morpheustoolbar.exe
C:\Program Files\Morpheus\mymorpheusToolbar.exe

DirLook::
C:\Users\Carlos\Downloads

Registry::

Driver::


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at "C:\ComboFix.txt"

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

  • 0

#7
Phantasy66

Phantasy66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
hey :)

ComboFix 08-06-01.6 - Carlos 2008-06-02 18:59:07.7 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2151 [GMT 1:00]
Running from: C:\Users\Carlos\Downloads\ComboFix.exe
Command switches used :: C:\Users\Carlos\Desktop\CFScript.txt

FILE ::
C:\Program Files\Morpheus\morpheustoolbar.exe
C:\Program Files\Morpheus\mymorpheusToolbar.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Morpheus\morpheustoolbar.exe
C:\Program Files\Morpheus\mymorpheusToolbar.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-02 to 2008-06-02 )))))))))))))))))))))))))))))))
.

2008-06-01 23:25 . 2008-06-01 23:25 <DIR> d-------- C:\Windows\System32\Kaspersky Lab
2008-06-01 20:07 . 2008-06-01 20:07 <DIR> d-------- C:\Program Files\Atari
2008-05-29 12:31 . 2006-11-08 13:44 525,624 --a------ C:\Users\Public\WindowsXP-KB922120-v5-x86-ENU.exe
2008-05-28 10:33 . 2008-03-08 03:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-28 10:33 . 2008-03-08 05:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-05-20 17:25 . 2008-05-20 17:25 <DIR> d-------- C:\Users\All Users\Ubisoft
2008-05-20 17:25 . 2008-05-20 17:25 <DIR> d-------- C:\ProgramData\Ubisoft
2008-05-11 21:50 . 2004-08-03 22:03 88,448 --a------ C:\Windows\nwlnkipx.sys
2008-05-11 21:50 . 2001-08-23 13:00 63,232 --a------ C:\Windows\nwlnknb.sys
2008-05-11 21:50 . 2001-08-23 13:00 55,936 --a------ C:\Windows\nwlnkspx.sys
2008-05-11 21:50 . 2001-08-23 13:00 32,512 --a------ C:\Windows\nwlnkfwd.sys
2008-05-11 21:50 . 2001-08-23 13:00 12,416 --a------ C:\Windows\nwlnkflt.sys
2008-05-10 19:32 . 2008-05-11 17:40 <DIR> d-------- C:\Westwood
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Real
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-05-09 15:26 . 2008-05-09 15:26 <DIR> d-------- C:\Program Files\Common Files\Real
2008-05-05 11:22 . 2008-05-05 11:22 <DIR> d-------- C:\Program Files\EVGA Precision

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-02 17:59 --------- d-----w C:\Program Files\Morpheus
2008-06-01 19:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-01 12:18 --------- d-----w C:\Program Files\Steam
2008-05-31 17:54 --------- d-----w C:\Program Files\Common Files\Steam
2008-05-28 14:27 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-05-28 14:27 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-05-26 21:00 --------- d-----w C:\Program Files\Sega
2008-05-26 17:57 --------- d-----w C:\Program Files\Microsoft Games
2008-05-26 14:35 --------- d-----w C:\Program Files\Uplink
2008-05-26 14:33 --------- d-----w C:\Program Files\EA SPORTS
2008-05-26 14:25 --------- d-----w C:\Program Files\Sierra Entertainment
2008-05-26 14:23 --------- d-----w C:\Program Files\KONAMI
2008-05-26 14:22 --------- d-----w C:\Program Files\Ubisoft
2008-05-23 14:15 --------- d-----w C:\Program Files\LucasArts
2008-05-21 09:27 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-20 16:25 2,337,865 ----a-w C:\Windows\System32\pbsvc.exe
2008-05-15 08:29 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-15 08:29 --------- d-----w C:\Program Files\Windows Mail
2008-05-14 13:06 --------- d-----w C:\Program Files\DivX
2008-05-05 20:06 306,432 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-05-05 20:06 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-05-01 21:10 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-26 21:21 --------- d-----w C:\Program Files\DOSBox-0.72
2008-04-26 21:04 --------- d-----w C:\Program Files\ImgBurn
2008-04-26 20:57 --------- d-----w C:\Program Files\IPX-SPX Protocol
2008-04-26 18:04 --------- d-----w C:\Program Files\GameSpy Arcade
2008-04-23 15:28 --------- d-----w C:\Program Files\QuickTime
2008-04-23 15:28 --------- d-----w C:\Program Files\iTunes
2008-04-23 15:28 --------- d-----w C:\Program Files\iPod
2008-04-18 21:52 --------- d-----w C:\Program Files\7-Zip
2008-04-18 18:35 --------- d-----w C:\Program Files\MSXML 4.0
2008-04-17 22:44 --------- d-----w C:\ProgramData\Microsoft Games
2008-04-12 10:13 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-10 17:32 --------- d-----w C:\Program Files\Yamicsoft
2008-03-31 21:25 831,488 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-03-21 20:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-03-19 12:56 174 --sha-w C:\Program Files\desktop.ini
2008-03-19 12:42 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-19 12:42 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-19 12:14 47,560 ----a-w C:\Windows\System32\SPReview.exe
2008-03-19 12:14 152,576 ----a-w C:\Windows\System32\SPWizUI.dll
2008-03-08 04:19 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-03-08 04:19 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-03-08 04:19 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-03-08 04:19 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-03-08 01:58 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-03-05 15:49 86,016 ----a-w C:\Windows\System32\OpenAL32.dll
2008-03-05 15:49 262,144 ----a-w C:\Windows\System32\wrap_oal.dll
2008-01-06 00:47 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-06 00:47 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-06 00:47 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Users\Carlos\Downloads ----

2098-01-01 00:59 365828140 --a------ C:\Users\Carlos\Downloads\lost.4x12.theres_no_place_like_home.hdtv_xvid-fov.avi
2098-01-01 00:59 183322722 --a------ C:\Users\Carlos\Downloads\my_name_is_earl.3x18.killerball.hdtv_xvid-fov.avi
2098-01-01 00:00 183789598 --a------ C:\Users\Carlos\Downloads\my_name_is_earl.3x17.no_heads_and_a_duffel_bag.hdtv_xvid-fov.avi
2008-07-25 12:50 51 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\downloaded_from_www.guru3d.com.nfo
2008-07-25 12:50 51 --a------ C:\Users\Carlos\Downloads\Guru3D.com\downloaded_from_www.guru3d.com.nfo
2008-07-25 12:50 148 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\guru3d.url
2008-07-25 12:50 148 --a------ C:\Users\Carlos\Downloads\Guru3D.com\guru3d.url
2008-06-01 23:45 1950874 --a------ C:\Users\Carlos\Downloads\ComboFix.exe
2008-05-30 05:06 733763344 --a------ C:\Users\Carlos\Downloads\Lost.S04E13-E14.HDTV.XviD-2HD.avi
2008-05-28 04:13 367278050 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e09.hdtv.xvid-shizzle\hells.kitchen.us.s04e09.hdtv.xvid-shizzle.avi
2008-05-27 19:50 368046080 --a------ C:\Users\Carlos\Downloads\The.Gadget.Show.S08E09.WS.PDTV.XviD-PVR.avi
2008-05-27 12:20 71462292 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part15.rar
2008-05-27 12:19 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part14.rar
2008-05-27 12:18 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part13.rar
2008-05-27 12:16 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part12.rar
2008-05-27 12:15 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part11.rar
2008-05-27 12:13 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part10.rar
2008-05-27 12:12 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part09.rar
2008-05-27 12:09 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part08.rar
2008-05-27 12:08 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part07.rar
2008-05-27 12:06 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part06.rar
2008-05-27 12:05 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part05.rar
2008-05-27 12:03 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part04.rar
2008-05-27 12:02 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part03.rar
2008-05-27 12:00 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part02.rar
2008-05-27 11:58 104857600 --a------ C:\Users\Carlos\Downloads\r0ad.ru1ers.r5.hq.part01.rar
2008-05-27 11:56 70196076 --a------ C:\Users\Carlos\Downloads\10k.dc.part15.rar
2008-05-27 11:55 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part14.rar
2008-05-27 11:54 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part13.rar
2008-05-27 11:51 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part12.rar
2008-05-27 11:50 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part11.rar
2008-05-27 11:46 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part10.rar
2008-05-27 11:45 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part09.rar
2008-05-27 11:41 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part08.rar
2008-05-27 11:41 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part07.rar
2008-05-27 11:36 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part06.rar
2008-05-27 11:36 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part05.rar
2008-05-27 11:30 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part04.rar
2008-05-27 11:29 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part03.rar
2008-05-27 01:03 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part02.rar
2008-05-27 01:03 104857600 --a------ C:\Users\Carlos\Downloads\10k.dc.part01.rar
2008-05-27 00:49 104857598 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part7.rar
2008-05-27 00:47 2023536 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part8.rar
2008-05-27 00:47 104857598 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part6.rar
2008-05-27 00:45 104857598 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part5.rar
2008-05-27 00:44 104857598 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part4.rar
2008-05-27 00:42 104857598 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part3.rar
2008-05-27 00:41 104857598 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part2.rar
2008-05-27 00:39 104857598 --a------ C:\Users\Carlos\Downloads\What.Happens.In.Vegas.PROPER.R5.XviD-iAPULA_M2.part1.rar
2008-05-23 18:32 733720576 --a------ C:\Users\Carlos\Downloads\espise-semipro-xvid.avi
2008-05-23 16:48 1565 --a------ C:\Users\Carlos\Downloads\Tom_Clancy_Rainbow_Six_Vegas_2_Keygen_Serial_Only.torrent
2008-05-23 09:02 812344 --a------ C:\Users\Carlos\Downloads\HJTInstall(1).exe
2008-05-21 04:18 366298714 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e08.hdtv.xvid-xor.avi
2008-05-21 01:41 12130304 --a------ C:\Users\Carlos\Downloads\Meet.The.Spartans.UNRATED.DVDRip.XviD-Larceny\Sample\l-mts-sample.avi
2008-05-21 01:40 1787 --a------ C:\Users\Carlos\Downloads\Meet.The.Spartans.UNRATED.DVDRip.XviD-Larceny\l-mts.nfo
2008-05-21 00:09 730863616 --a------ C:\Users\Carlos\Downloads\Meet.The.Spartans.UNRATED.DVDRip.XviD-Larceny\l-mts.avi
2008-05-20 08:21 733900800 --a------ C:\Users\Carlos\Downloads\Ultimate.Avengers.DVDRip\Ultimate Avengers.avi
2008-05-19 22:14 366217882 --a------ C:\Users\Carlos\Downloads\the.gadget.show.s08e08.ws.pdtv.xvid-remax.avi
2008-05-19 22:02 366794752 --a------ C:\Users\Carlos\Downloads\house.416.hdtv-lol.avi
2008-05-19 03:29 321 --a------ C:\Users\Carlos\Downloads\The.Simpsons.S19E20.PROPER.PDTV.XviD-E7\e7-simpsons.s19e20-xvid.nfo
2008-05-18 21:14 183427072 --a------ C:\Users\Carlos\Downloads\The.Simpsons.S19E20.PROPER.PDTV.XviD-E7\e7-simpsons.s19e20-xvid.avi
2008-05-18 19:43 366534656 --a------ C:\Users\Carlos\Downloads\433-gladiators.uk.2008.s01e02.read.nfo.ws.pdtv.xvid.avi
2008-05-18 16:36 68096 --ahs---- C:\Users\Carlos\Downloads\Hellsing\Thumbs.db
2008-05-18 10:56 170921984 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.10.Master.Of.Monster.avi
2008-05-18 10:56 169494528 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.09.Red.House.Vertig.avi
2008-05-18 10:55 174282752 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.11. Transcend.Force.avi
2008-05-18 10:55 162422784 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.07.Dual.avi
2008-05-18 10:50 160403456 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.12.Total.Destruction.avi
2008-05-18 10:48 217655296 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.13.Hellfire.avi
2008-05-18 00:55 181628928 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.05.Brotherhood.avi
2008-05-18 00:53 162277376 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.08.Kill.House.avi
2008-05-18 00:52 163014656 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.02.Club.avi
2008-05-18 00:51 166619136 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.04.Innocent.As.A.Human.avi
2008-05-18 00:49 240685056 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.01.The.Undead.avi
2008-05-18 00:43 170627072 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.03.Sword.Dancer.avi
2008-05-18 00:02 175073280 --a------ C:\Users\Carlos\Downloads\Hellsing\Hellsing.Order.06.Dead.Zone.avi
2008-05-16 03:17 366879590 --a------ C:\Users\Carlos\Downloads\xor-my.name.is.earl.s03e21-e22.hdtv.xvid-xor\my.name.is.earl.s03e21-e22.hdtv.xvid-xor.avi
2008-05-14 04:17 366280326 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us\hells.kitchen.us.s04e07.hdtv.xvid-xor.avi
2008-05-13 22:27 28909568 --a------ C:\Users\Carlos\Downloads\R6Vegas2_Game.exe
2008-05-13 05:31 44 --a------ C:\Users\Carlos\Downloads\House.S04E15.HDTV.XviD-0TV.nfo
2008-05-13 03:56 367434214 --a------ C:\Users\Carlos\Downloads\House.S04E15.HDTV.XviD-0TV.avi
2008-05-12 22:12 366673588 --a------ C:\Users\Carlos\Downloads\the.gadget.show.s08e07.ws.pdtv.xvid-remax.avi
2008-05-12 01:37 0 --a------ C:\Users\Carlos\Downloads\DOWNLOADED FROM ONEDDL.COM
2008-05-12 01:18 183989214 --a------ C:\Users\Carlos\Downloads\simp1919\the.simpsons.s19e19.pdtv.xvid-2hd.avi
2008-05-11 23:54 731336704 --a------ C:\Users\Carlos\Downloads\p-21.avi
2008-05-11 19:48 366647296 --a------ C:\Users\Carlos\Downloads\433-gladiators.uk.2008.s01e01.ws.pdtv.xvid.avi
2008-05-09 04:09 368844274 --a------ C:\Users\Carlos\Downloads\lost.s04e11.hdtv.xvid-2hd.avi
2008-05-08 20:31 182734848 --a------ C:\Users\Carlos\Downloads\my.name.is.earl.320\my.name.is.earl.320.hdtv-lol.avi
2008-05-07 04:57 366302064 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.406\hells.kitchen.us.s04e06.hdtv.xvid-xor.avi
2008-05-06 04:11 366762580 --a------ C:\Users\Carlos\Downloads\house.s04e14.hdtv.xvid-notv.avi
2008-05-05 21:03 367125022 --a------ C:\Users\Carlos\Downloads\The.Gadget.Show.S08E06.WS.PDTV.XviD-PVR.avi
2008-05-05 04:37 194905356 --a------ C:\Users\Carlos\Downloads\e7-americandad.s03e14.hr-x264.mkv
2008-05-05 01:37 183721720 --a------ C:\Users\Carlos\Downloads\the.simpsons.s19e18.pdtv.xvid-2hd.avi
2008-05-02 05:34 367520056 --a------ C:\Users\Carlos\Downloads\lost.s04e10.proper.hdtv.xvid-dot.avi
2008-05-01 20:32 182601728 --a------ C:\Users\Carlos\Downloads\my.name.is.earl.319.hdtv-lol.avi
2008-04-30 22:58 52963549 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Fergie_-_Fergalicious__BanksVideos__XviD-2006.rar
2008-04-30 03:10 368316742 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e05\hells.kitchen.us.s04e05.hdtv.xvid-2hd.avi
2008-04-28 23:40 395664252 --a------ C:\Users\Carlos\Downloads\[UKTV] The Gadget Show S08E05 (28th April 2008).avi
2008-04-28 22:00 367290730 --a------ C:\Users\Carlos\Downloads\xor-house.413\house.s04e13.hdtv.xvid-xor.avi
2008-04-28 07:12 12797 --a------ C:\Users\Carlos\Downloads\123360.png
2008-04-28 02:38 182906000 --a------ C:\Users\Carlos\Downloads\the.simpsons.s19e17.pdtv.xvid-xor.avi
2008-04-27 23:00 183416092 --a------ C:\Users\Carlos\Downloads\american.dad.s03e13.pdtv.xvid-xor.avi
2008-04-26 18:27 195616 --a------ C:\Users\Carlos\Downloads\Halo - KeyGen by DerMunch.zip
2008-04-25 14:44 0 --a------ C:\Users\Carlos\Downloads\ONEDDL.COM AND PLUBE.COM
2008-04-25 14:29 733510220 --a------ C:\Users\Carlos\Downloads\ip-ntbos.avi
2008-04-25 04:27 367408218 --a------ C:\Users\Carlos\Downloads\lost.s04e09.hdtv.xvid-2hd\lost.s04e09.hdtv.xvid-2hd.avi
2008-04-24 04:24 182800888 --a------ C:\Users\Carlos\Downloads\south.park.1207.dsr-0tv.avi
2008-04-23 22:47 734023680 --a------ C:\Users\Carlos\Downloads\Diary.of.the.Dead.2007.LiMiTED.DVDRiP.XviD-SUNSPOT.avi
2008-04-22 22:00 366260876 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.404\hells.kitchen.us.s04e04.hdtv.xvid-xor.avi
2008-04-22 16:36 365307904 --a------ C:\Users\Carlos\Downloads\the.gadget.show.s08e04.ws.pdtv.xvid-waters.avi
2008-04-21 14:37 135741 --a------ C:\Users\Carlos\Downloads\UFMAXPHB06.pdf
2008-04-17 04:27 183178768 --a------ C:\Users\Carlos\Downloads\south.park.1206.dsr-0tv.avi
2008-04-17 00:34 847 --a------ C:\Users\Carlos\Downloads\donnelly.nfo
2008-04-16 06:55 365686064 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e03\hells.kitchen.us.s04e03.hdtv.xvid-2hd.avi
2008-04-15 23:28 24577777 --a------ C:\Users\Carlos\Downloads\Untraceable.2008.DVDRip.x264-TDM\Sample\tdm-untraceable-sample.mkv
2008-04-15 23:26 1204 --a------ C:\Users\Carlos\Downloads\Untraceable.2008.DVDRip.x264-TDM\tdm-untraceable.nfo
2008-04-15 22:01 732764054 --a------ C:\Users\Carlos\Downloads\Untraceable.2008.DVDRip.x264-TDM\CD2\tdm-untraceableb.mkv
2008-04-15 22:00 734287331 --a------ C:\Users\Carlos\Downloads\Untraceable.2008.DVDRip.x264-TDM\CD1\tdm-untraceablea.mkv
2008-04-14 22:53 395323768 --a------ C:\Users\Carlos\Downloads\The.Gadget Show.S08E03.DIVX-PLUBE.avi
2008-04-13 19:31 183535616 --a------ C:\Users\Carlos\Downloads\the.simpsons.1916.pdtv-lol.avi
2008-04-13 14:45 735227904 --a------ C:\Users\Carlos\Downloads\devise-stt\devise-stt.cd2.avi
2008-04-13 14:38 730222592 --a------ C:\Users\Carlos\Downloads\devise-stt\devise-stt.cd1.avi
2008-04-10 18:32 5720702 --a------ C:\Users\Carlos\Downloads\Yamicsoft.Vista.Manager.v1.4.8.Incl.Keymaker-CORE.rar
2008-04-10 18:31 182011904 --a------ C:\Users\Carlos\Downloads\my.name.is.earl.316.hdtv-lol.avi
2008-04-10 12:23 4006 --a------ C:\Users\Carlos\Downloads\reloaded.nfo
2008-04-10 05:05 183092950 --a------ C:\Users\Carlos\Downloads\south.park.1215.repack.dsr-0tv.avi
2008-04-08 23:07 369033216 --a------ C:\Users\Carlos\Downloads\Beauty.And.The.Geek.S05E05.PDTV.XViD-YesTV.avi
2008-04-08 22:00 366310586 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.402\hells.kitchen.us.s04e02.hdtv.xvid-xor.avi
2008-04-07 22:46 367886586 --a------ C:\Users\Carlos\Downloads\the.gadget.show.s08e02.pdtv.xvid-opptak.avi
2008-04-04 21:34 8004 --a------ C:\Users\Carlos\Downloads\DEViSE-C N-joi\Cloverfield.DVDRip.XviD.AC3.iNT-DEViSE\devise-cloverfield.nfo
2008-04-04 20:59 735670272 --a------ C:\Users\Carlos\Downloads\DEViSE-C N-joi\Cloverfield.DVDRip.XviD.AC3.iNT-DEViSE\CD2\devise-cloverfield.cd2.avi
2008-04-04 20:58 732778496 --a------ C:\Users\Carlos\Downloads\DEViSE-C N-joi\Cloverfield.DVDRip.XviD.AC3.iNT-DEViSE\CD1\devise-cloverfield.cd1.avi
2008-04-03 20:02 365864960 --a------ C:\Users\Carlos\Downloads\My.Name.is.Earl.S03E14E15.HDTV.XviD-LOL.avi
2008-04-03 07:11 366393552 --a------ C:\Users\Carlos\Downloads\Beauty.and.the.Geek.s05e04.pdtv.xvid-stfu.avi
2008-04-03 04:27 183207336 --a------ C:\Users\Carlos\Downloads\south.park.s12e04.dsr.xvid-0tv.avi
2008-04-02 14:24 1950858 --a------ C:\Users\Carlos\Downloads\SetupImgBurn_2.4.1.0.exe
2008-04-02 10:14 980 --a------ C:\Users\Carlos\Downloads\DEViSE-C N-joi\Read_Me_Please.rar
2008-04-01 22:00 366356374 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.401\hells.kitchen.us.s04e01.hdtv.xvid-xor.avi
2008-04-01 16:45 211320832 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\making.the.video.danity.kane.show.stopper.dsr.xvid-if03.avi
2008-03-31 12:43 2138216 --a------ C:\Users\Carlos\Downloads\OrbitDownloaderSetup.exe
2008-03-31 12:30 4653448 --a------ C:\Users\Carlos\Downloads\fgen_305.exe
2008-03-30 20:30 183501910 --a------ C:\Users\Carlos\Downloads\the.simpsons.s19e15.pdtv.xvid-xor.avi
2008-03-28 00:07 1725000 --a------ C:\Users\Carlos\Downloads\mirc631.exe
2008-03-27 04:28 182735192 --a------ C:\Users\Carlos\Downloads\south.park.1203.dsr-0tv.avi
2008-03-23 17:45 105447428 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\rihanna - shut up and drive (gotv-dvb-pal-dc-v4a).m2v
2008-03-21 04:09 367589082 --a------ C:\Users\Carlos\Downloads\lost.s04e08.hdtv.xvid-dot.avi
2008-03-21 03:26 366766362 --a------ C:\Users\Carlos\Downloads\[www.BayW.org].the.apprentice.s07e13.pdtv.xvid.dgas.avi
2008-03-20 04:29 182761326 --a------ C:\Users\Carlos\Downloads\south.park.1202.dsr-0tv.avi
2008-03-19 13:10 2732032 --a------ C:\Users\Carlos\Downloads\ventrilo-3.0.1-Windows-i386.exe
2008-03-19 12:54 455611504 --a------ C:\Users\Carlos\Downloads\Windows6.0-KB936330-X86-wave0.exe
2008-03-19 12:17 1454656 --a------ C:\Users\Carlos\Downloads\Silverlight.exe
2008-03-13 21:30 366917182 --a------ C:\Users\Carlos\Downloads\[Voldemort]The.Apprentice.S07E11.pdtv.xvid-xor.avi
2008-03-13 19:26 2000 --a------ C:\Users\Carlos\Downloads\Support\localization.ini
2008-03-13 19:26 1784320 --a------ C:\Users\Carlos\Downloads\autorun.dat
2008-03-13 19:26 146 --a------ C:\Users\Carlos\Downloads\Autorun.inf
2008-03-13 19:21 88497795 --a------ C:\Users\Carlos\Downloads\Group3.cab
2008-03-13 19:15 81922 --a------ C:\Users\Carlos\Downloads\data\audio\audio.big
2008-03-13 04:32 183074824 --a------ C:\Users\Carlos\Downloads\south.park.1201.dsr-0tv.avi
2008-03-13 02:17 14358528 --a------ C:\Users\Carlos\Downloads\Sample\mvs-eyer5-sample.avi
2008-03-12 15:50 9446 --a------ C:\Users\Carlos\Downloads\Support\readme.en-uk.txt
2008-03-12 15:50 10371 --a------ C:\Users\Carlos\Downloads\Support\readme.de.txt
2008-03-12 02:15 366694514 --a------ C:\Users\Carlos\Downloads\beauty.geek.s05e01.pdtv.xvid-stfu.avi
2008-03-11 18:49 47443968 --a------ C:\Users\Carlos\Downloads\154_20The_20Fate_20of_20Two_20Worlds.avi
2008-03-11 18:48 46407680 --a------ C:\Users\Carlos\Downloads\153_20Now_20Apocalymon.avi
2008-03-11 17:42 46960640 --a------ C:\Users\Carlos\Downloads\151_20The_20Crest_20of_20Friendship.avi
2008-03-11 17:41 45922304 --a------ C:\Users\Carlos\Downloads\148_20My_20Sister_27s_20Keeper.avi
2008-03-11 17:41 45787136 --a------ C:\Users\Carlos\Downloads\150_20Joe_27s_20Battle.avi
2008-03-11 17:31 45897728 --a------ C:\Users\Carlos\Downloads\147_20Ogremon_27s_20Honor.avi
2008-03-11 17:30 46888960 --a------ C:\Users\Carlos\Downloads\146_20Etemon_27s_20Comeback_20Tour.avi
2008-03-11 17:30 45692928 --a------ C:\Users\Carlos\Downloads\145_20The_20Ultimate_20Clash.avi
2008-03-11 15:53 47523840 --a------ C:\Users\Carlos\Downloads\143_20Playing_20Games.avi
2008-03-11 15:53 46534656 --a------ C:\Users\Carlos\Downloads\144_20Trash_20Day.avi
2008-03-11 15:53 45254656 --a------ C:\Users\Carlos\Downloads\116_20The_20Arrival_20of_20SkullGreymon.avi
2008-03-11 15:50 41975808 --a------ C:\Users\Carlos\Downloads\142_20Under_20Pressure.avi
2008-03-11 15:46 46602240 --a------ C:\Users\Carlos\Downloads\140_20Enter_20the_20Dark_20Masters.avi
2008-03-11 15:46 46524416 --a------ C:\Users\Carlos\Downloads\139_20The_20Battle_20for_20Earth.avi
2008-03-11 15:44 7980 --a------ C:\Users\Carlos\Downloads\s.asp
2008-03-11 15:44 43206656 --a------ C:\Users\Carlos\Downloads\141_20Sea-Sick_20and_20Tired.avi
2008-03-11 15:26 46411776 --a------ C:\Users\Carlos\Downloads\138_20Prophecy.avi
2008-03-11 15:19 46147584 --a------ C:\Users\Carlos\Downloads\136_20City_20Under_20Siege.avi
2008-03-11 15:14 46643200 --a------ C:\Users\Carlos\Downloads\135_20Flower_20Power.avi
2008-03-11 15:13 46098432 --a------ C:\Users\Carlos\Downloads\134_20The_20Eighth_20Child_20Revealed.avi
2008-03-11 15:04 46141440 --a------ C:\Users\Carlos\Downloads\133_20Out_20on_20the_20Town.avi
2008-03-11 15:04 46125056 --a------ C:\Users\Carlos\Downloads\131_20The_20Eighth_20Digivice.avi
2008-03-11 14:57 46241792 --a------ C:\Users\Carlos\Downloads\128_20It_27s_20All_20in_20the_20Cards.avi
2008-03-11 14:56 46442496 --a------ C:\Users\Carlos\Downloads\130_20Almost_20Home_20Free.avi
2008-03-11 14:55 46135296 --a------ C:\Users\Carlos\Downloads\129_20Return_20to_20Highton_20View_20Terrace.avi
2008-03-11 14:46 46213120 --a------ C:\Users\Carlos\Downloads\127_20The_20Gateway_20to_20Home.avi
2008-03-11 14:45 46135296 --a------ C:\Users\Carlos\Downloads\125_20Princess_20Karaoke.avi
2008-03-11 14:44 46166016 --a------ C:\Users\Carlos\Downloads\124_20No_20Questions_20Please.avi
2008-03-11 14:38 95129600 --a------ C:\Users\Carlos\Downloads\121_20Home_20Away_20from_20Home.avi
2008-03-11 14:33 46163968 --a------ C:\Users\Carlos\Downloads\123_20WereGarurumon_27s_20Diner.avi
2008-03-11 14:32 46155776 --a------ C:\Users\Carlos\Downloads\122_20Forget_20About_20It_.avi
2008-03-11 14:28 44992512 --a------ C:\Users\Carlos\Downloads\120_20The_20Earthquake_20of_20MetalGreymon.avi
2008-03-11 14:27 48011264 --a------ C:\Users\Carlos\Downloads\118_20The_20Piximon_20Cometh.avi
2008-03-11 14:27 45066240 --a------ C:\Users\Carlos\Downloads\119_20The_20Prisoner_20of_20the_20Pyramid.avi
2008-03-11 14:25 45012992 --a------ C:\Users\Carlos\Downloads\117_20The_20Crest_20of_20Sincerity.avi
2008-03-11 14:24 45424640 --a------ C:\Users\Carlos\Downloads\115_20The_20Dark_20Network_20of_20Etemon.avi
2008-03-11 14:22 46178304 --a------ C:\Users\Carlos\Downloads\113_20The_20Legend_20of_20the_20DigiDestined.avi
2008-03-11 14:20 46157824 --a------ C:\Users\Carlos\Downloads\111_20The_20Dancing_20Digimon.avi
2008-03-11 14:19 46188544 --a------ C:\Users\Carlos\Downloads\112_20Digibaby_20Boom.avi
2008-03-11 14:16 46495744 --a------ C:\Users\Carlos\Downloads\109_20Subzero_20Ice_20Punch.avi
2008-03-11 14:15 46190592 --a------ C:\Users\Carlos\Downloads\110_20A_20Clue_20from_20the_20Digi-Past.avi
2008-03-11 14:13 46176256 --a------ C:\Users\Carlos\Downloads\108_20Evil_20Shows_20His_20Face.avi
2008-03-11 14:09 46174208 --a------ C:\Users\Carlos\Downloads\107_20Ikkakumon_27s_20Harpoon_20Torpedo.avi
2008-03-11 14:08 46374912 --a------ C:\Users\Carlos\Downloads\105_20Kabuterimon_27s_20Electro_20Shocker.avi
2008-03-11 13:53 46190592 --a------ C:\Users\Carlos\Downloads\104_20Biyomon_20Gets_20Firepower.avi
2008-03-11 13:52 46190592 --a------ C:\Users\Carlos\Downloads\102_20The_20Birth_20of_20Greymon.avi
2008-03-11 13:52 45035520 --a------ C:\Users\Carlos\Downloads\103_20Garurumon.avi
2008-03-10 21:43 46921728 --a------ C:\Users\Carlos\Downloads\101_20And_20So_20It_20Begins....avi
2008-03-09 21:57 193758267 --a------ C:\Users\Carlos\Downloads\the.simpsons.1914.hr-dimension.mkv
2008-03-08 17:47 33280 --a------ C:\Users\Carlos\Downloads\CV_example_13.doc
2008-03-08 17:44 30208 --a------ C:\Users\Carlos\Downloads\CV_example_16.doc
2008-03-08 17:44 26624 --a------ C:\Users\Carlos\Downloads\sample_CV_5.doc
2008-03-08 07:32 3029 --a------ C:\Users\Carlos\Downloads\BayW.org.nfo
2008-03-08 01:18 329264 --a------ C:\Users\Carlos\Downloads\RealPlayer11GOLD.exe
2008-03-07 23:08 362235904 --a------ C:\Users\Carlos\Downloads\stargate.atlantis.s04e20.hdtv.xvid-gnarly.avi
2008-03-07 15:40 5423104 --a------ C:\Users\Carlos\Downloads\EURO08.exe
2008-03-07 15:35 21060 --a------ C:\Users\Carlos\Downloads\config.dat
2008-03-07 10:16 976582656 --a------ C:\Users\Carlos\Downloads\[Apricot]Hellsing_Ultimate_OVA_Vol_4_[DE052C30].avi
2008-03-06 19:38 8604 --a------ C:\Users\Carlos\Downloads\heartbeats_ver2.gp3
2008-03-06 18:46 23608 --a------ C:\Users\Carlos\Downloads\data\file.fat
2008-03-06 18:42 296878 --a------ C:\Users\Carlos\Downloads\data\eaglrm.big
2008-03-06 18:28 46356981 --a------ C:\Users\Carlos\Downloads\data\gui\gui.big
2008-03-06 13:32 171212 --a------ C:\Users\Carlos\Downloads\RT-C2DTemp-[Guru3D.com].exe
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\xor-house.413\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.406\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.404\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.402\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.401\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\simp1919\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\my.name.is.earl.320\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\lost.s04e09.hdtv.xvid-2hd\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e05\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e03\Direct Download.txt
2008-03-06 06:51 168 --a------ C:\Users\Carlos\Downloads\devise-stt\Direct Download.txt
2008-03-05 23:58 1282759 --a------ C:\Users\Carlos\Downloads\MBM5370.exe
2008-03-05 23:31 12540 --a------ C:\Users\Carlos\Downloads\te.nfo
2008-03-05 22:55 10085472 --a------ C:\Users\Carlos\Downloads\ashampoo_winoptimizer500_sm.exe
2008-03-05 21:32 1093008 --a------ C:\Users\Carlos\Downloads\pstrip.exe
2008-03-05 21:11 49001481 --a------ C:\Users\Carlos\Downloads\174.20_Vista_32bit_[Guru3D.com].exe
2008-03-05 19:47 33413672 --a------ C:\Users\Carlos\Downloads\169.25_forceware_winvista_32bit_english_whql.exe
2008-03-04 18:25 995804 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0581.asf
2008-03-04 18:25 989176 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0575.asf
2008-03-04 18:25 985532 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0538.asf
2008-03-04 18:25 971800 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0516.asf
2008-03-04 18:25 963920 --a------ C:\Users\Carlos\Downloads\data\audio\GER0543.asf
2008-03-04 18:25 961680 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0513.asf
2008-03-04 18:25 932208 --a------ C:\Users\Carlos\Downloads\data\audio\ITA0509.asf
2008-03-04 18:25 929276 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_012.asf
2008-03-04 18:25 922620 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_014.asf
2008-03-04 18:25 915392 --a------ C:\Users\Carlos\Downloads\data\audio\ITA0716.asf
2008-03-04 18:25 898888 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0537.asf
2008-03-04 18:25 893752 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0514.asf
2008-03-04 18:25 880880 --a------ C:\Users\Carlos\Downloads\data\audio\ITA0508.asf
2008-03-04 18:25 841560 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0503.asf
2008-03-04 18:25 750972 --a------ C:\Users\Carlos\Downloads\data\audio\FRE0702.asf
2008-03-04 18:25 750760 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0522.asf
2008-03-04 18:25 741540 --a------ C:\Users\Carlos\Downloads\data\audio\Everto01.asf
2008-03-04 18:25 708668 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0527.asf
2008-03-04 18:25 678180 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_002.asf
2008-03-04 18:25 627068 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_017.asf
2008-03-04 18:25 620404 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_001.asf
2008-03-04 18:25 613744 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_004.asf
2008-03-04 18:25 598188 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_006.asf
2008-03-04 18:25 591412 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_022.asf
2008-03-04 18:25 586552 --a------ C:\Users\Carlos\Downloads\data\audio\France.asf
2008-03-04 18:25 556716 --a------ C:\Users\Carlos\Downloads\data\audio\England.asf
2008-03-04 18:25 540412 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_010.asf
2008-03-04 18:25 538180 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_009.asf
2008-03-04 18:25 530004 --a------ C:\Users\Carlos\Downloads\data\audio\Austria.asf
2008-03-04 18:25 513936 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_018.asf
2008-03-04 18:25 509304 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_011.asf
2008-03-04 18:25 507708 --a------ C:\Users\Carlos\Downloads\data\audio\Switzerland.asf
2008-03-04 18:25 493504 --a------ C:\Users\Carlos\Downloads\data\audio\Germany.asf
2008-03-04 18:25 482524 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_016.asf
2008-03-04 18:25 482524 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_008.asf
2008-03-04 18:25 462636 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_005.asf
2008-03-04 18:25 458192 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_021.asf
2008-03-04 18:25 447080 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_000.asf
2008-03-04 18:25 442636 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_013.asf
2008-03-04 18:25 442636 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_003.asf
2008-03-04 18:25 440424 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_015.asf
2008-03-04 18:25 438212 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_007.asf
2008-03-04 18:25 402628 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_019.asf
2008-03-04 18:25 287104 --a------ C:\Users\Carlos\Downloads\data\audio\gen_06_020.asf
2008-03-04 18:25 1170444 --a------ C:\Users\Carlos\Downloads\data\audio\ITA0717.asf
2008-03-04 18:25 1068064 --a------ C:\Users\Carlos\Downloads\data\audio\ITA0721.asf
2008-03-04 18:25 1048592 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0563.asf
2008-03-04 18:25 1038764 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0580.asf
2008-03-04 18:25 1015992 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0504.asf
2008-03-04 18:25 1006312 --a------ C:\Users\Carlos\Downloads\data\audio\ENG0574.asf
2008-03-04 04:14 735002624 --a------ C:\Users\Carlos\Downloads\stl-cropthisb.avi
2008-03-04 04:13 733069312 --a------ C:\Users\Carlos\Downloads\stl-cropthisa.avi
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\xor-house.413\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.406\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.404\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.402\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\xor-hells.kitchen.us.401\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\simp1919\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\my.name.is.earl.320\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\lost.s04e09.hdtv.xvid-2hd\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e05\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e03\Latest Download ....url
2008-03-03 04:55 73 --a------ C:\Users\Carlos\Downloads\devise-stt\Latest Download ....url
2008-03-03 03:06 183152502 --a------ C:\Users\Carlos\Downloads\the.simpsons.1913-caph.avi
2008-03-02 20:20 34892 --------- C:\Users\Carlos\Downloads\Guru3D.com\Setup\RivaTuner207Drv.rtu
2008-03-02 20:20 2215919 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\RivaTuner207.exe
2008-03-01 15:41 35538 --a------ C:\Users\Carlos\Downloads\thrombin 1.BMP
2008-03-01 15:41 29164 --a------ C:\Users\Carlos\Downloads\thromin 2.BMP
2008-03-01 11:34 37171 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv_disp.inf
2008-03-01 00:46 366768128 --a------ C:\Users\Carlos\Downloads\stargate.atlantis.419.hdtv-lol.avi
2008-02-28 19:34 290816 --a------ C:\Users\Carlos\Downloads\workshops EXAMS 2008.doc
2008-02-28 18:05 6734721 --a------ C:\Users\Carlos\Downloads\data\zdata_02.big
2008-02-28 18:05 45856943 --a------ C:\Users\Carlos\Downloads\data\zdata_04.big
2008-02-28 18:05 44977692 --a------ C:\Users\Carlos\Downloads\data\zdata_03.big
2008-02-28 18:05 4016 --a------ C:\Users\Carlos\Downloads\data\zdata_03.bh
2008-02-28 18:05 4016 --a------ C:\Users\Carlos\Downloads\data\zdata_02.bh
2008-02-28 18:05 4016 --a------ C:\Users\Carlos\Downloads\data\zdata_01.bh
2008-02-28 18:05 2680 --a------ C:\Users\Carlos\Downloads\data\zdata_04.bh
2008-02-28 18:05 14440589 --a------ C:\Users\Carlos\Downloads\data\zdata_01.big
2008-02-28 17:44 51857423 --a------ C:\Users\Carlos\Downloads\data\zdata_05.big
2008-02-28 17:44 2864 --a------ C:\Users\Carlos\Downloads\data\zdata_05.bh
2008-02-27 19:30 1491592 --a------ C:\Users\Carlos\Downloads\install_flash_player.exe
2008-02-27 19:04 5829600 --a------ C:\Users\Carlos\Downloads\Firefox Setup 2.0.0.12.exe
2008-02-27 17:02 88941976 --a------ C:\Users\Carlos\Downloads\data\gui\assets.big
2008-02-27 17:02 18300469 --a------ C:\Users\Carlos\Downloads\data\gui\assetCmn.big
2008-02-27 12:07 3141 --a------ C:\Users\Carlos\Downloads\rzr-ffow.nfo
2008-02-26 22:16 10 --a------ C:\Users\Carlos\Downloads\data\cl.bin
2008-02-26 12:40 91507760 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Girls_Aloud_-_Sound_Of_The_Underground_tour.avi
2008-02-26 11:52 1 --a------ C:\Users\Carlos\Downloads\data\zdata_00.big
2008-02-26 11:52 1 --a------ C:\Users\Carlos\Downloads\data\zdata_00.bh
2008-02-26 03:34 537 --a------ C:\Users\Carlos\Downloads\data\big.fat
2008-02-26 03:31 4419 --a------ C:\Users\Carlos\Downloads\data\FEscene.cs
2008-02-26 03:31 148692 --a------ C:\Users\Carlos\Downloads\data\bescene.cs
2008-02-25 18:59 2975 --a------ C:\Users\Carlos\Downloads\that_70s_show_theme_intro.gp3
2008-02-25 12:35 210432 --a------ C:\Users\Carlos\Downloads\Final_finished_project.doc
2008-02-23 01:18 366757888 --a------ C:\Users\Carlos\Downloads\stargate.atlantis.s04e18.hdtv.xvid-lol.avi
2008-02-20 15:57 1567232 --a------ C:\Users\Carlos\Downloads\SteamInstall.msi
2008-02-15 23:04 733102080 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e18-19.hdtv.xvid-lol.avi
2008-02-15 17:51 200 --a------ C:\Users\Carlos\Downloads\Visit_Us.url
2008-02-13 18:34 99423 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dSLV.chm
2008-02-13 18:34 98738 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dRUS.chm
2008-02-13 18:34 97334 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dFIN.chm
2008-02-13 18:34 96797 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dITA.chm
2008-02-13 18:34 96463 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dFRA.chm
2008-02-13 18:34 96396 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dDEU.chm
2008-02-13 18:34 96328 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\OEMDSPIF.dl_
2008-02-13 18:34 96102 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dPTG.chm
2008-02-13 18:34 95298 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dPTB.chm
2008-02-13 18:34 94119 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvsvc.dl_
2008-02-13 18:34 93447 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dNLD.chm
2008-02-13 18:34 93338 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dSVE.chm
2008-02-13 18:34 93296 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dDAN.chm
2008-02-13 18:34 92350 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\NvColor.ex_
2008-02-13 18:34 91972 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dNOR.chm
2008-02-13 18:34 91652 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3d.chm
2008-02-13 18:34 91647 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dENG.chm
2008-02-13 18:34 9086 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmccsrs.dl_
2008-02-13 18:34 862 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\setup.ini
2008-02-13 18:34 7702165 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\NvCpl.dl_
2008-02-13 18:34 7449 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdisp.nvu
2008-02-13 18:34 695728 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvMoblS.dl_
2008-02-13 18:34 68593 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\setup.skin
2008-02-13 18:34 60357 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobJPN.chm
2008-02-13 18:34 59261 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobCHT.chm
2008-02-13 18:34 59225 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobTHA.chm
2008-02-13 18:34 59100 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobELL.chm
2008-02-13 18:34 59061 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobKOR.chm
2008-02-13 18:34 58607 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobCHS.chm
2008-02-13 18:34 58340 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobHEB.chm
2008-02-13 18:34 57545 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobSKY.chm
2008-02-13 18:34 57512 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobHUN.chm
2008-02-13 18:34 57450 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobTRK.chm
2008-02-13 18:34 57387 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobCSY.chm
2008-02-13 18:34 57380 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobSLV.chm
2008-02-13 18:34 57376 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobPLK.chm
2008-02-13 18:34 57339 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobRUS.chm
2008-02-13 18:34 57328 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobARA.chm
2008-02-13 18:34 56934 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobFIN.chm
2008-02-13 18:34 56175 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobITA.chm
2008-02-13 18:34 56087 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobFRA.chm
2008-02-13 18:34 56087 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobDEU.chm
2008-02-13 18:34 55992 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobESM.chm
2008-02-13 18:34 55946 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobPTB.chm
2008-02-13 18:34 55845 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobPTG.chm
2008-02-13 18:34 55693 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobSVE.chm
2008-02-13 18:34 55669 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobESN.chm
2008-02-13 18:34 55622 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobDAN.chm
2008-02-13 18:34 55525 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobNOR.chm
2008-02-13 18:34 5548 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\NvwsApps.xm_
2008-02-13 18:34 55475 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobNLD.chm
2008-02-13 18:34 55103 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmobENG.chm
2008-02-13 18:34 54988 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvmob.chm
2008-02-13 18:34 54551 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvHotkey.dl_
2008-02-13 18:34 5325106 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvDispS.dl_
2008-02-13 18:34 512 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\data2.cab
2008-02-13 18:34 510 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\layout.bin
2008-02-13 18:34 50047 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\NvMCTray.dl_
2008-02-13 18:34 4961153 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\data1.cab
2008-02-13 18:34 459544 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\engine32.cab
2008-02-13 18:34 435969 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\setup.ibt
2008-02-13 18:34 431 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\setup.iss
2008-02-13 18:34 4290888 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvoglv32.dl_
2008-02-13 18:34 415634 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvcplui.ex_
2008-02-13 18:34 4006394 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvlddmkm.sy_
2008-02-13 18:34 38247 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdm.inf
2008-02-13 18:34 376722 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\DPInst.ex_
2008-02-13 18:34 37132 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\modes.txt
2008-02-13 18:34 36521 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\NvApps.xm_
2008-02-13 18:34 360448 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvudisp.exe
2008-02-13 18:34 346980 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvcpluir.dl_
2008-02-13 18:34 3381729 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvDispSR.dl_
2008-02-13 18:34 3339102 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvd3dum.dl_
2008-02-13 18:34 3184034 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvViTvS.dl_
2008-02-13 18:34 2938131 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvViTvSR.dl_
2008-02-13 18:34 29080 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\data1.hdr
2008-02-13 18:34 253156 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspJPN.chm
2008-02-13 18:34 253026 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\setup.inx
2008-02-13 18:34 235086 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspKOR.chm
2008-02-13 18:34 23374 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvcod.dl_
2008-02-13 18:34 233031 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspTHA.chm
2008-02-13 18:34 226935 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspELL.chm
2008-02-13 18:34 224902 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspCHT.chm
2008-02-13 18:34 221563 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspSKY.chm
2008-02-13 18:34 220248 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspHEB.chm
2008-02-13 18:34 220004 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspCHS.chm
2008-02-13 18:34 218971 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspTRK.chm
2008-02-13 18:34 2186942 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvGameS.dl_
2008-02-13 18:34 218165 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspHUN.chm
2008-02-13 18:34 217341 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspCSY.chm
2008-02-13 18:34 214866 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspESM.chm
2008-02-13 18:34 212333 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspARA.chm
2008-02-13 18:34 212296 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspFIN.chm
2008-02-13 18:34 211672 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspSLV.chm
2008-02-13 18:34 211459 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspPLK.chm
2008-02-13 18:34 209643 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspRUS.chm
2008-02-13 18:34 205515 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspITA.chm
2008-02-13 18:34 203587 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspDEU.chm
2008-02-13 18:34 203323 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspPTG.chm
2008-02-13 18:34 202994 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspESN.chm
2008-02-13 18:34 200365 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspPTB.chm
2008-02-13 18:34 198615 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspFRA.chm
2008-02-13 18:34 196437 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspSVE.chm
2008-02-13 18:34 196212 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvapi.dl_
2008-02-13 18:34 194849 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspNLD.chm
2008-02-13 18:34 193249 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspDAN.chm
2008-02-13 18:34 191978 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspENG.chm
2008-02-13 18:34 191504 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdspNOR.chm
2008-02-13 18:34 190367 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvdsp.chm
2008-02-13 18:34 174650 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvwks.chm
2008-02-13 18:34 173647 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nvMccsSR.dl_
2008-02-13 18:34 168999 --a------ C:\U
  • 0

#8
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Can you attach the ComboFix log, it is too big to post
  • 0

#9
Phantasy66

Phantasy66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
heh sorry here's the rest :)
C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dESN.chm
2008-02-13 18:34 102115 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dHEB.chm
2008-02-13 18:34 101813 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dPLK.chm
2008-02-13 18:34 101744 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dHUN.chm
2008-02-13 18:34 101344 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dESM.chm
2008-02-13 18:34 101322 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dCSY.chm
2008-02-13 18:34 101247 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dCHS.chm
2008-02-13 18:34 101091 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dTRK.chm
2008-02-13 18:34 100077 --a------ C:\Users\Carlos\Downloads\Guru3D.com\Setup\nv3dARA.chm
2008-02-13 17:32 154749 --a------ C:\Users\Carlos\Downloads\through_the_fire_and_flames.gp3
2008-02-12 14:45 48 --a------ C:\Users\Carlos\Downloads\readme.bat
2008-02-11 15:23 52183040 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Cascada_-_A_Neverending_Dream.avi
2008-02-11 15:21 72450048 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\cascada-miracle-dvdrip-xvid-2006-hdmv.avi
2008-02-11 15:19 44812288 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\cascada-truly_madly_deeply-dvdrip-xvid-2006-se.avi
2008-02-11 15:14 101183488 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Cascada_-_Miracle_-_DMK.mpg
2008-02-11 15:09 60231680 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Cascada_-_Everytime_We_Touch.avi
2008-02-08 22:19 366319616 --a------ C:\Users\Carlos\Downloads\las.vegas.517.hdtv-lol.avi
2008-02-08 11:34 6569424 --a------ C:\Users\Carlos\Downloads\data\audio\S801.sng
2008-02-08 11:34 5250764 --a------ C:\Users\Carlos\Downloads\data\audio\S800.sng
2008-02-04 23:14 42253 --a------ C:\Users\Carlos\Downloads\you_give_me_something_ver2.gp3
2008-02-03 20:27 133088 --a------ C:\Users\Carlos\Downloads\application%2f.zip
2008-02-02 21:44 183603200 --a------ C:\Users\Carlos\Downloads\pokemon orange islands s02e35-the rivalry revival [jds].avi
2008-02-02 04:04 366194688 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e16.hdtv.xvid-lol.avi
2008-01-31 16:59 50688 --a------ C:\Users\Carlos\Downloads\ATF-Cleaner.exe
2008-01-30 18:17 7014 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Atomic_kitten-anyone_who_had_a_heart-xvid-2008-mVa\atomic_kitten-anyone_who_had_a_heart-xvid-2008-mva.nfo
2008-01-30 18:17 65 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Atomic_kitten-anyone_who_had_a_heart-xvid-2008-mVa\atomic_kitten-anyone_who_had_a_heart-xvid-2008-mva.sfv
2008-01-30 18:17 33132744 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Atomic_kitten-anyone_who_had_a_heart-xvid-2008-mVa\atomic_kitten-anyone_who_had_a_heart-xvid-2008-mva.avi
2008-01-28 11:54 397312 -ra------ C:\Users\Carlos\Downloads\AutoRun.exe
2008-01-28 11:54 380928 -ra------ C:\Users\Carlos\Downloads\EASetup.exe
2008-01-25 22:22 366700544 --a------ C:\Users\Carlos\Downloads\las.vegas.515.hdtv-lol.avi
2008-01-25 00:44 44032 --a------ C:\Users\Carlos\Downloads\AM2Z35_TEST_MARKS_bb_07-08.xls
2008-01-23 16:42 4491 --a------ C:\Users\Carlos\Downloads\HiO.nfo
2008-01-23 16:36 1000504 --a------ C:\Users\Carlos\Downloads\alocale\eal_p.vp6
2008-01-22 11:02 10446 -ra------ C:\Users\Carlos\Downloads\clpc.ico
2008-01-22 02:26 69330944 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\gwen_stefani_-_2007_-_the_sweet_escape.avi
2008-01-21 21:26 221816 -ra------ C:\Users\Carlos\Downloads\Autorun\AutoRun.bmp
2008-01-21 01:19 0 --a------ C:\Users\Carlos\Downloads\DOWNLOADED FROM PLUBE.COM
2008-01-18 22:52 366307328 --a------ C:\Users\Carlos\Downloads\las.vegas.514.hdtv-lol.avi
2008-01-17 20:25 30270 --a------ C:\Users\Carlos\Downloads\data\input\devdata.dat
2008-01-17 17:46 812344 --a------ C:\Users\Carlos\Downloads\HJTInstall.exe
2008-01-17 12:55 32981120 --a------ C:\Users\Carlos\Downloads\avg75free_516a1225.exe
2008-01-17 07:56 61821416 --a------ C:\Users\Carlos\Downloads\alocale\tu_engp.vp6
2008-01-17 07:56 61810104 --a------ C:\Users\Carlos\Downloads\alocale\tu_gerp.vp6
2008-01-12 10:35 58 --a------ C:\Users\Carlos\Downloads\www.BayW.org.txt
2008-01-11 23:23 366168064 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e13.hdtv.xvid-lol.avi
2008-01-09 07:46 472296157 --a------ C:\Users\Carlos\Downloads\[mahou]_Hellsing_Ultimate_-_01_[DVD][h264+AAC5.1][243F220E].mkv
2008-01-09 07:35 471330199 --a------ C:\Users\Carlos\Downloads\[mahou]_Hellsing_Ultimate_-_02_[DVD][h264+AAC5.1][5EB329F5].mkv
2008-01-09 07:23 471076941 --a------ C:\Users\Carlos\Downloads\[mahou]_Hellsing_Ultimate_-_03_[DVD][h264+AAC5.1][1EB4C066].mkv
2008-01-07 22:34 367 ---hs---- C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\desktop.ini
2008-01-07 20:42 34 --a------ C:\Users\Carlos\Downloads\czytaj!.txt
2008-01-07 19:57 73055832 --a------ C:\Users\Carlos\Downloads\data\audio\aemsstrm.big
2008-01-07 19:57 5498128 --a------ C:\Users\Carlos\Downloads\data\audio\aemsbank.big
2008-01-06 12:37 54330664 --a------ C:\Users\Carlos\Downloads\iTunesSetup.exe
2008-01-04 22:14 366307328 --a------ C:\Users\Carlos\Downloads\las_vegas_512_hdtv-lol.avi
2007-12-29 23:12 10913 --a------ C:\Users\Carlos\Downloads\The.Bourne.Ultimatum.720p.HDDVD.x264-SEPTiC\s-tbu.nfo
2007-12-27 18:48 2632648 --a------ C:\Users\Carlos\Downloads\daemon4111-lite-x86.exe
2007-12-25 01:24 6563768 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\10 Mika - Happy Ending.mp3
2007-12-24 23:24 3651 ---hs---- C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\AlbumArtSmall.jpg
2007-12-24 23:24 3651 ---hs---- C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\AlbumArt_{88536029-C7DA-411D-A241-0EEBFD6CE37F}_Small.jpg
2007-12-24 23:24 17739 ---hs---- C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\Folder.jpg
2007-12-24 23:24 17739 ---hs---- C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\AlbumArt_{88536029-C7DA-411D-A241-0EEBFD6CE37F}_Large.jpg
2007-12-22 20:23 11222 --a------ C:\Users\Carlos\Downloads\TuneUp.Utilities.2008.v7.0.7991-TE\te.nfo
2007-12-22 20:22 14089472 --a------ C:\Users\Carlos\Downloads\TuneUp.Utilities.2008.v7.0.7991-TE\TU2008TrialEN.exe
2007-12-22 19:37 197 --a------ C:\Users\Carlos\Downloads\TuneUp.Utilities.2008.v7.0.7991-TE\Crack\Registration.reg
2007-12-22 19:35 54272 --a------ C:\Users\Carlos\Downloads\TuneUp.Utilities.2008.v7.0.7991-TE\Crack\AppInitialization.bpl
2007-12-22 19:35 44032 --a------ C:\Users\Carlos\Downloads\TuneUp.Utilities.2008.v7.0.7991-TE\Crack\CommonForms.bpl
2007-12-19 15:01 124416 --a------ C:\Users\Carlos\Downloads\Lecture1007SJJ.ppt
2007-12-18 17:57 921028 --a------ C:\Users\Carlos\Downloads\ConRoe1333-DVIH.pdf
2007-12-17 17:43 364879872 --a------ C:\Users\Carlos\Downloads\americas_most_smartest_model_111_dsr_xvid-sys.avi
2007-12-14 17:56 668 --a------ C:\Users\Carlos\Downloads\data\memcard\eng_memc.loc
2007-12-13 11:39 78521 --a------ C:\Users\Carlos\Downloads\jenova.zip
2007-12-13 08:43 3975 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\flt-pes8.nfo
2007-12-10 14:33 105203712 --a------ C:\Users\Carlos\Downloads\aaf-rc.s03e14.avi
2007-12-08 11:02 367762200 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e11.repack.hdtv.xvid-notv.avi
2007-12-06 08:09 860391 --a------ C:\Users\Carlos\Downloads\7z457.exe
2007-12-05 15:52 4696188868 --a------ C:\Users\Carlos\Downloads\The.Bourne.Ultimatum.720p.HDDVD.x264-SEPTiC\s-tbu.mkv
2007-12-04 01:44 4868 --a------ C:\Users\Carlos\Downloads\battery.nfo
2007-12-04 01:00 31236496 --a------ C:\Users\Carlos\Downloads\PES2008.exe
2007-12-03 06:36 73 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e09.hdtv.xvid-shizzle\Download More ....url
2007-12-03 06:36 141 --a------ C:\Users\Carlos\Downloads\hells.kitchen.us.s04e09.hdtv.xvid-shizzle\Read Me First !!.txt
2007-12-02 15:46 53505426 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\giraloseno07\Girls_Aloud_-_Sexy__No_No_No.avi
2007-12-01 07:19 366698496 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e10.hdtv-lol.avi
2007-11-29 23:51 44544 --a------ C:\Users\Carlos\Downloads\Essay.doc
2007-11-20 00:02 109056 --a------ C:\Users\Carlos\Downloads\portrait_template02.ppt
2007-11-20 00:01 107008 --a------ C:\Users\Carlos\Downloads\portrait_template01.ppt
2007-11-16 22:38 366471168 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e09.hdtv.xvid-lol.avi
2007-11-12 21:46 1866184 --a------ C:\Users\Carlos\Downloads\daemon410-x86.exe
2007-11-12 16:49 105119744 --a------ C:\Users\Carlos\Downloads\aaf-rc.s03e13.avi
2007-11-09 23:37 366424064 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e08.hdtv-lol.avi
2007-11-09 17:08 12234 --a------ C:\Users\Carlos\Downloads\unintended.gp3
2007-11-08 20:06 30643 --a------ C:\Users\Carlos\Downloads\exit_music_for_a_film_ver3.gp4
2007-11-07 10:16 111551802 --a------ C:\Users\Carlos\Downloads\Mika_Life_In_Cartoon_Motion\avril lavigne -- hot HD 720p.avi
2007-11-05 23:49 5632 --a------ C:\Users\Carlos\Downloads\Effluent.MTW
2007-11-04 21:28 113918560 --a------ C:\Users\Carlos\Downloads\mtb15_standardsetup.exe
2007-11-04 14:00 4096 --a------ C:\Users\Carlos\Downloads\station.MTW
2007-11-03 21:56 2819584 --a------ C:\Users\Carlos\Downloads\GGS718.msi
2007-11-03 21:55 1519476 --a------ C:\Users\Carlos\Downloads\Premier League Emblems.rar
2007-11-03 05:18 367271044 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e07.hdtv.xvid.notv.avi
2007-11-03 01:48 386523 --a------ C:\Users\Carlos\Downloads\pl_kits_for_pes2008_PC__by_gottih.rar
2007-11-02 00:17 2662 --a------ C:\Users\Carlos\Downloads\cannonball.gp5
2007-11-01 13:38 282 --ahs---- C:\Users\Carlos\Downloads\desktop.ini
2007-11-01 10:34 247568 --a------ C:\Users\Carlos\Downloads\data\gui\EA05_Bod.ttf
2007-11-01 07:48 3318 --a------ C:\Users\Carlos\Downloads\flt-tshf.nfo
2007-10-29 01:01 458887 --a------ C:\Users\Carlos\Downloads\Windows6.0-KB940105-x86.msu
2007-10-28 12:33 73 --a------ C:\Users\Carlos\Downloads\readme!.txt
2007-10-26 23:08 1632 --a------ C:\Users\Carlos\Downloads\INFO.txt
2007-10-26 23:03 366452736 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e06.hdtv.xvid-lol.avi
2007-10-24 23:39 958204 --a------ C:\Users\Carlos\Downloads\flags_128x128_8092.bin
2007-10-24 23:39 587708 --a------ C:\Users\Carlos\Downloads\flags_64x64_8093.bin
2007-10-22 16:46 9949696 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe
2007-10-22 16:46 9949696 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\Fairlight\PES2008.exe
2007-10-22 04:49 867848 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_d3dx10_36_x64.cab
2007-10-22 04:49 807132 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_d3dx10_36_x86.cab
2007-10-22 04:49 49392 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_X3DAudio_x64.cab
2007-10-22 04:49 44850 -ra------ C:\Users\Carlos\Downloads\DirectX\dxdllreg_x86.cab
2007-10-22 04:49 21744 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_X3DAudio_x86.cab
2007-10-22 04:49 200010 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_XACT_x64.cab
2007-10-22 04:49 1805306 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_d3dx9_36_x64.cab
2007-10-22 04:49 1712608 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_d3dx9_36_x86.cab
2007-10-22 04:49 151512 -ra------ C:\Users\Carlos\Downloads\DirectX\NOV2007_XACT_x86.cab
2007-10-22 04:31 976020 -ra------ C:\Users\Carlos\Downloads\DirectX\BDAXP.cab
2007-10-22 04:31 917318 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_MDX1_x86.cab
2007-10-22 04:31 88102 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2006_xinput_x64.cab
2007-10-22 04:31 87989 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_xinput_x64.cab
2007-10-22 04:31 86925 -ra------ C:\Users\Carlos\Downloads\DirectX\Oct2005_xinput_x64.cab
2007-10-22 04:31 86802 -ra------ C:\Users\Carlos\Downloads\DirectX\dxupdate.cab
2007-10-22 04:31 855886 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2007_d3dx10_35_x64.cab
2007-10-22 04:31 800467 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2007_d3dx10_35_x86.cab
2007-10-22 04:31 76808 -ra------ C:\Users\Carlos\Downloads\DirectX\DSETUP.dll
2007-10-22 04:31 702644 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2007_d3dx10_34_x64.cab
2007-10-22 04:31 702212 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_d3dx10_33_x64.cab
2007-10-22 04:31 702072 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2007_d3dx10_34_x86.cab
2007-10-22 04:31 699465 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_d3dx10_33_x86.cab
2007-10-22 04:31 56902 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_xinput_x86.cab
2007-10-22 04:31 502792 -ra------ C:\Users\Carlos\Downloads\DirectX\DXSETUP.exe
2007-10-22 04:31 47018 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2006_xinput_x86.cab
2007-10-22 04:31 46898 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_xinput_x86.cab
2007-10-22 04:31 46247 -ra------ C:\Users\Carlos\Downloads\DirectX\Oct2005_xinput_x86.cab
2007-10-22 04:31 4163518 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_MDX1_x86_Archive.cab
2007-10-22 04:31 213767 -ra------ C:\Users\Carlos\Downloads\DirectX\DEC2006_d3dx10_00_x64.cab
2007-10-22 04:31 201696 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2007_XACT_x64.cab
2007-10-22 04:31 200722 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2007_XACT_x64.cab
2007-10-22 04:31 199366 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_XACT_x64.cab
2007-10-22 04:31 198275 -ra------ C:\Users\Carlos\Downloads\DirectX\FEB2007_XACT_x64.cab
2007-10-22 04:31 193435 -ra------ C:\Users\Carlos\Downloads\DirectX\DEC2006_XACT_x64.cab
2007-10-22 04:31 192680 -ra------ C:\Users\Carlos\Downloads\DirectX\DEC2006_d3dx10_00_x86.cab
2007-10-22 04:31 183863 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2006_XACT_x64.cab
2007-10-22 04:31 183321 -ra------ C:\Users\Carlos\Downloads\DirectX\OCT2006_XACT_x64.cab
2007-10-22 04:31 181745 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2006_XACT_x64.cab
2007-10-22 04:31 1803760 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2007_d3dx9_35_x64.cab
2007-10-22 04:31 180021 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_XACT_x64.cab
2007-10-22 04:31 179247 -ra------ C:\Users\Carlos\Downloads\DirectX\Feb2006_XACT_x64.cab
2007-10-22 04:31 1711752 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2007_d3dx9_35_x86.cab
2007-10-22 04:31 1673224 -ra------ C:\Users\Carlos\Downloads\DirectX\dsetup32.dll
2007-10-22 04:31 1611374 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2007_d3dx9_34_x64.cab
2007-10-22 04:31 1610958 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_d3dx9_33_x64.cab
2007-10-22 04:31 1610886 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2007_d3dx9_34_x86.cab
2007-10-22 04:31 1609639 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_d3dx9_33_x86.cab
2007-10-22 04:31 1575336 -ra------ C:\Users\Carlos\Downloads\DirectX\DEC2006_d3dx9_32_x86.cab
2007-10-22 04:31 1572114 -ra------ C:\Users\Carlos\Downloads\DirectX\DEC2006_d3dx9_32_x64.cab
2007-10-22 04:31 156612 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2007_XACT_x86.cab
2007-10-22 04:31 156509 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2007_XACT_x86.cab
2007-10-22 04:31 154825 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_XACT_x86.cab
2007-10-22 04:31 151583 -ra------ C:\Users\Carlos\Downloads\DirectX\FEB2007_XACT_x86.cab
2007-10-22 04:31 146559 -ra------ C:\Users\Carlos\Downloads\DirectX\DEC2006_XACT_x86.cab
2007-10-22 04:31 1413862 -ra------ C:\Users\Carlos\Downloads\DirectX\OCT2006_d3dx9_31_x64.cab
2007-10-22 04:31 1398718 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_d3dx9_30_x64.cab
2007-10-22 04:31 138977 -ra------ C:\Users\Carlos\Downloads\DirectX\OCT2006_XACT_x86.cab
2007-10-22 04:31 138195 -ra------ C:\Users\Carlos\Downloads\DirectX\AUG2006_XACT_x86.cab
2007-10-22 04:31 1363684 -ra------ C:\Users\Carlos\Downloads\DirectX\Feb2006_d3dx9_29_x64.cab
2007-10-22 04:31 1358864 -ra------ C:\Users\Carlos\Downloads\DirectX\Dec2005_d3dx9_28_x64.cab
2007-10-22 04:31 1351430 -ra------ C:\Users\Carlos\Downloads\DirectX\Aug2005_d3dx9_27_x64.cab
2007-10-22 04:31 1348242 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2005_d3dx9_25_x64.cab
2007-10-22 04:31 134631 -ra------ C:\Users\Carlos\Downloads\DirectX\JUN2006_XACT_x86.cab
2007-10-22 04:31 133991 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_XACT_x86.cab
2007-10-22 04:31 1336890 -ra------ C:\Users\Carlos\Downloads\DirectX\Jun2005_d3dx9_26_x64.cab
2007-10-22 04:31 133297 -ra------ C:\Users\Carlos\Downloads\DirectX\Feb2006_XACT_x86.cab
2007-10-22 04:31 13265040 -ra------ C:\Users\Carlos\Downloads\DirectX\dxnt.cab
2007-10-22 04:31 1248387 -ra------ C:\Users\Carlos\Downloads\DirectX\Feb2005_d3dx9_24_x64.cab
2007-10-22 04:31 1156363 -ra------ C:\Users\Carlos\Downloads\DirectX\BDANT.cab
2007-10-22 04:31 1128177 -ra------ C:\Users\Carlos\Downloads\DirectX\OCT2006_d3dx9_31_x86.cab
2007-10-22 04:31 1116109 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2006_d3dx9_30_x86.cab
2007-10-22 04:31 1085608 -ra------ C:\Users\Carlos\Downloads\DirectX\Feb2006_d3dx9_29_x86.cab
2007-10-22 04:31 1080344 -ra------ C:\Users\Carlos\Downloads\DirectX\Dec2005_d3dx9_28_x86.cab
2007-10-22 04:31 1079850 -ra------ C:\Users\Carlos\Downloads\DirectX\Apr2005_d3dx9_25_x86.cab
2007-10-22 04:31 1078532 -ra------ C:\Users\Carlos\Downloads\DirectX\Aug2005_d3dx9_27_x86.cab
2007-10-22 04:31 1065813 -ra------ C:\Users\Carlos\Downloads\DirectX\Jun2005_d3dx9_26_x86.cab
2007-10-22 04:31 1014113 -ra------ C:\Users\Carlos\Downloads\DirectX\Feb2005_d3dx9_24_x86.cab
2007-10-22 04:31 100417 -ra------ C:\Users\Carlos\Downloads\DirectX\APR2007_xinput_x64.cab
2007-10-21 23:39 582 --a------ C:\Users\Carlos\Downloads\hjsplit\readme.txt
2007-10-21 23:39 313344 --a------ C:\Users\Carlos\Downloads\hjsplit\hjsplit.exe
2007-10-21 22:35 52167 --a------ C:\Users\Carlos\Downloads\youre_beautiful.gp4
2007-10-19 23:38 366635008 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e05.HDTV.XviD-LOL.avi
2007-10-17 20:02 7467056 --a------ C:\Users\Carlos\Downloads\spybotsd15.exe
2007-10-17 18:50 8948880 --a------ C:\Users\Carlos\Downloads\IC_A0001_1.mp3
2007-10-17 18:50 7731792 --a------ C:\Users\Carlos\Downloads\IC_B0001_1.mp3
2007-10-16 10:01 991 --a------ C:\Users\Carlos\Downloads\GH3D.txt
2007-10-16 10:01 142 --a------ C:\Users\Carlos\Downloads\GamersHell.url
2007-10-15 18:14 21434 --a------ C:\Users\Carlos\Downloads\creep_acoustic_ver2.gp4
2007-10-15 18:13 8960 --a------ C:\Users\Carlos\Downloads\spanish_romance.gp3
2007-10-15 17:10 190064 --a------ C:\Users\Carlos\Downloads\Morpheus.exe
2007-10-15 11:45 18796432 --a------ C:\Users\Carlos\Downloads\Xbox360_32Eng.exe
2007-10-13 05:40 367708160 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e04.HDTV.XViD-Caph.avi
2007-10-12 12:09 31948072 --a------ C:\Users\Carlos\Downloads\163.75_Vista32.exe
2007-10-06 06:15 367851860 --a------ C:\Users\Carlos\Downloads\las.vegas.s05e03.proper.hdtv.xvid-notv.avi
2007-09-14 01:30 4770280 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\setup.exe
2007-09-14 01:26 90624 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\1031.mst
2007-09-14 01:26 89600 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\1040.mst
2007-09-14 01:26 87552 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\1034.mst
2007-09-14 01:26 86528 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\2070.mst
2007-09-14 01:26 54272 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\1033.mst
2007-09-14 01:26 461824 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\Pro Evolution Soccer 2008.msi
2007-09-14 01:26 101376 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\1036.mst
2007-09-14 01:16 3447787 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\ISSetup.dll
2007-09-12 15:47 282005 --a------ C:\Users\Carlos\Downloads\ipx-setup.exe
2007-09-12 01:31 657379328 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\cv_1.img
2007-09-12 01:29 1620504576 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\cv_0.img
2007-09-12 01:20 10809344 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rv_i.img
2007-09-12 01:20 10803200 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rv_f.img
2007-09-12 01:20 10799104 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rv_g.img
2007-09-12 01:20 10782720 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rv_q.img
2007-09-12 01:20 10772480 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rv_s.img
2007-09-12 01:20 10758144 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rv_e.img
2007-09-07 03:34 15994 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\readme.html
2007-09-07 03:34 14863 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\readme.html
2007-09-07 03:33 16429 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\readme.html
2007-09-07 03:33 16234 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\readme.html
2007-09-07 03:33 15297 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\readme.html
2007-09-07 03:33 13658 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\readme.html
2007-09-06 04:44 907 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\readme.html
2007-09-06 01:37 205161 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\header_prt.jpg
2007-09-03 04:13 66170884 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\title
2007-09-03 01:34 218440 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\autorun_PES2008.exe
2007-09-01 01:56 709960 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\settings.exe
2007-08-29 09:44 82 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\User Registration.url
2007-08-23 22:43 952021 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\bg.gif
2007-08-23 22:43 43 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\spacer.gif
2007-08-23 22:43 4147 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\item_bg_02.gif
2007-08-23 22:43 2546 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\item_bg_01.gif
2007-08-23 22:43 213938 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\header_fre.jpg
2007-08-23 22:43 213799 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\header_ger.jpg
2007-08-23 22:43 213707 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\header_ita.jpg
2007-08-23 22:43 213416 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\header_eng.jpg
2007-08-23 22:43 213399 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\images\header_spa.jpg
2007-08-23 22:42 1293 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\style.css
2007-08-22 17:13 768 --a------ C:\Users\Carlos\Downloads\data\gui\font_col.txt
2007-08-22 10:23 921656 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\bg.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_07.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_06.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_05.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_04.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_03_uninstall.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_03.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_02.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_01.bmp
2007-08-22 10:21 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\active\btn_00.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_07.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_06.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_05.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_04.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_03_uninstall.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_03.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_02.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_01.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\active\btn_00.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_07.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_06.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_05.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_04.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_03_uninstall.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_03.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_02.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_01.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\active\btn_00.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_07.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_06.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_05.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_04.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_03_uninstall.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_03.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_02.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_01.bmp
2007-08-22 10:20 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\active\btn_00.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_07.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_06.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_05.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_04.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_03_uninstall.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_03.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_02.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_01.bmp
2007-08-22 10:19 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\active\btn_00.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_07.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_06.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_05.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_04.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_03_uninstall.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_03.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_02.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_01.bmp
2007-08-22 10:18 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\active\btn_00.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_03_uninstall.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_07.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_06.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_05.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_04.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_03_uninstall.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_03.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_02.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_01.bmp
2007-08-22 10:16 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\normal\btn_00.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_07.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_06.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_05.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_04.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_03.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_02.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_01.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\normal\btn_00.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_07.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_06.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_05.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_04.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_03_uninstall.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_03.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_02.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_01.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\normal\btn_00.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_07.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_06.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_05.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_04.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_03_uninstall.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_03.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_02.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_01.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\normal\btn_00.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_07.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_06.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_05.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_04.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_03_uninstall.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_03.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_02.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_01.bmp
2007-08-22 10:15 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\normal\btn_00.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_07.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_06.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_05.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_04.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_03_uninstall.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_03.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_02.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_01.bmp
2007-08-22 10:14 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\normal\btn_00.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_07.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_06.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_05.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_04.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_03_uninstall.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_03.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_02.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_01.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\spanish\inactive\btn_00.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_07.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_06.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_05.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_04.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_03_uninstall.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_03.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_02.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_01.bmp
2007-08-22 10:12 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\portuguese\inactive\btn_00.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_07.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_06.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_05.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_04.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_03_uninstall.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_03.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_02.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_01.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\italian\inactive\btn_00.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_07.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_06.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_05.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_04.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_03_uninstall.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_03.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_02.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_01.bmp
2007-08-22 10:11 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\german\inactive\btn_00.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_07.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_06.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_05.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_04.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_03_uninstall.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_03.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_02.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_01.bmp
2007-08-22 10:10 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\french\inactive\btn_00.bmp
2007-08-22 10:07 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_03_uninstall.bmp
2007-08-22 10:06 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_07.bmp
2007-08-22 10:06 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_06.bmp
2007-08-22 10:06 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_05.bmp
2007-08-22 10:05 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_04.bmp
2007-08-22 10:05 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_03.bmp
2007-08-22 10:05 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_02.bmp
2007-08-22 10:04 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_01.bmp
2007-08-22 10:04 73016 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\launcher\english\inactive\btn_00.bmp
2007-08-22 05:34 16121 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\pes2008.PNG
2007-08-15 10:49 1183088640 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\cs.img
2007-08-15 05:50 444696576 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rs_e.img
2007-08-15 05:50 346068992 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rs_f.img
2007-08-15 05:49 442140672 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rs_i.img
2007-08-15 05:49 386027520 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rs_s.img
2007-08-15 05:48 414617600 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\rs_g.img
2007-08-07 07:16 70612996 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\intro
2007-08-07 06:13 3102724 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\eye04
2007-08-02 10:21 3872772 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\eye02
2007-07-27 11:48 107516 --a------ C:\Users\Carlos\Downloads\data\gui\EASSanCB.ttf
2007-07-25 15:37 120072 --a------ C:\Users\Carlos\Downloads\data\input\XPadLib.dll
2007-07-17 17:52 5544 --a------ C:\Users\Carlos\Downloads\data\system\config.dat
2007-07-17 17:06 68652 --a------ C:\Users\Carlos\Downloads\data\gui\EA05_Tit.ttf
2007-07-09 06:14 2824196 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\eye01
2007-07-09 06:09 3338244 --a------ C:\Users\Carlos\Downloads\Pro_Evolution_Soccer_2008-FLT\program files\KONAMI\Pro Evolution Soccer 2008\img\eye03
2007-07-08 19:24 734179328 --a------ C:\Users\Carlos\Downloads\SpazCreations.comufc73.cd1.avi
2007-07-08 13:14 734191616 --a------ C:\Users\Carlos\Downloads\SpazCreations.comufc73.cd2.avi
2007-07-03 18:55 888 --a------ C:\Users\Carlos\Downloads\data\memcard\gre_memc.loc
2007-07-03 18:55 800 --a------ C:\Users\Carlos\Downloads\data\memcard\dut_memc.loc
2007-07-03 18:55 796 --a------ C:\Users\Carlos\Downloads\data\memcard\ger_memc.loc
2007-07-03 18:55 788 --a------ C:\Users\Carlos\Downloads\data\memcard\por_memc.loc
2007-07-03 18:55 776 --a------ C:\Users\Carlos\Downloads\data\memcard\mex_memc.loc
2007-07-03 18:55 776 --a------ C:\Users\Carlos\Downloads\data\memcard\jpn_memc.loc
2007-07-03 18:55 752 --a------ C:\Users\Carlos\Downloads\data\memcard\ita_memc.loc
2007-07-03 18:55 740 --a------ C:\Users\Carlos\Downloads\data\memcard\fre_memc.loc
2007-07-03 18:55 728 --a------ C:\Users\Carlos\Downloads\data\memcard\rus_memc.loc
2007-07-03 18:55 720 --a------ C:\Users\Carlos\Downloads\data\memcard\swe_memc.loc
2007-07-03 18:55 720 --a------ C:\Users\Carlos\Downloads\data\memcard\spa_memc.loc
2007-07-03 18:55 696 --a------ C:\Users\Carlos\Downloads\data\memcard\hun_memc.loc
2007-07-03 18:55 696 --a------ C:\Users\Carlos\Downloads\data\memcard\cze_memc.loc
2007-07-03 18:55 688 --a------ C:\Users\Carlos\Downloads\data\memcard\pol_memc.loc
2007-07-03 18:55 684 --a------ C:\Users\Carlos\Downloads\data\memcard\dan_memc.loc
2007-07-03 18:55 684 --a------ C:\Users\Carlos\Downloads\data\memcard\brp_memc.loc
2007-07-03 18:55 668 --a------ C:\Users\Carlos\Downloads\data\memcard\nor_memc.loc
2007-07-03 18:55 496 --a------ C:\Users\Carlos\Downloads\data\memcard\kor_memc.loc
2007-06-15 20:44 122 --a------ C:\Users\Carlos\Downloads\DOA-Dead.Or.Alive[2006]DvDrip.AC3[Eng]-aXXo\RapidShare Links (www.rslinks.org).url
2007-06-15 20:39 7980 --a------ C:\Users\Carlos\Downloads\DOA-Dead.Or.Alive[2006]DvDrip.AC3[Eng]-aXXo\doa-dead.or.alive-aXXo.nfo
2007-06-11 13:07 118038528 --a------ C:\Users&
  • 0

#10
Phantasy66

Phantasy66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
lol sorry here's attachment :) thanks

Attached Files


  • 0

Advertisements


#11
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
You got infected because you downloaded cracks and keygens. You will get infected every time if you keep doing that


1. Close any open browsers.

2. Open notepad and copy/paste the text in the quotebox below into it:

File::
C:\Users\Carlos\Downloads\Halo - KeyGen by DerMunch.zip
C:\Users\Carlos\Downloads\Age2XPatch.exe
C:\Users\Carlos\Downloads\ra2keys
C:\Users\Carlos\Downloads\Tom_Clancy_Rainbow_Six_Vegas_2_Keygen_Serial_Only.torrent
C:\Users\Carlos\Downloads\TuneUp.Utilities.2008.v7.0.7991-TE\Crack

Folder::
C:\Users\Carlos\Downloads\Halo - KeyGen by DerMunch.zip
C:\Users\Carlos\Downloads\Age2XPatch.exe
C:\Users\Carlos\Downloads\ra2keys
C:\Users\Carlos\Downloads\Tom_Clancy_Rainbow_Six_Vegas_2_Keygen_Serial_Only.torrent
C:\Users\Carlos\Downloads\TuneUp.Utilities.2008.v7.0.7991-TE\Crack

Registry::

Driver::


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at "C:\ComboFix.txt"

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall





Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



Also post a new HijackThis log
  • 0

#12
Phantasy66

Phantasy66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
whenever i try installing and running MBAM it keeps coming up with " Run time error 339 Component 'comctl32.oxc' or one of its dependencies is not correctly registered: a file is missing or invalid' ive uninstalled downloaded it again but it says the same thing.

Im going to stop download cracks and keygens from now on:)

Attached Files


  • 0

#13
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Do this

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.


Also post a new HijackThis log
  • 0

#14
Phantasy66

Phantasy66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42, on 2008-06-03
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\mIRC\mirc.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1202162478483
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.madonion....ark/tc/MSC3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 9774 bytes

00936921.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
01329156.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
01454406.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
01812171.FIL;C:\$VAULT$.AVG;Trojan.DownLoader.36395;Deleted.;
01995546.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
02107828.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
02855546.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
04030156.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
04033203.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
04033390.FIL;C:\$VAULT$.AVG;Trojan.Packed.155;Deleted.;
04033437.FIL;C:\$VAULT$.AVG;Trojan.EzulaAd;Deleted.;
04033812.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.263;Deleted.;
04033843.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.260;Deleted.;
04033875.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.based;Incurable.Moved.;
04033937.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.263;Deleted.;
04033984.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.260;Deleted.;
04034437.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04034468.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04034515.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
04034875.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035406.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035468.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035515.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035703.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035734.FIL;C:\$VAULT$.AVG;Trojan.Mezzia.77;Deleted.;
04035796.FIL;C:\$VAULT$.AVG;Trojan.Mezzia.77;Deleted.;
04035843.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035875.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.based;Incurable.Moved.;
04035906.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035953.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04035968.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036046.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036281.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036312.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036343.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036375.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036437.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036468.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036515.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036546.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036578.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036609.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036640.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036671.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036781.FIL;C:\$VAULT$.AVG;Trojan.EzulaAd;Deleted.;
04036828.FIL;C:\$VAULT$.AVG;Trojan.Virtumod.240;Deleted.;
04036859.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
06188203.FIL;C:\$VAULT$.AVG;Trojan.DownLoader.55602;Deleted.;
07923703.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
08009828.FIL;C:\$VAULT$.AVG;Trojan.MulDrop.11190;Deleted.;
12556078.FIL;C:\$VAULT$.AVG;Trojan.LowZones.884;Deleted.;
regLocal.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
RegUBP2b-Carlos.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Deleted.;
regLocal.reg;C:\Documents and Settings\All Users\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
kb635111[1];C:\Documents and Settings\Carlos\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPH0QR45;Trojan.Virtumod.411;Deleted.;
flyout_fav.js;C:\Documents and Settings\Carlos\AppData\Local\Application Data\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3.7.gadget\js;Probably SCRIPT.Virus;;
flyout_fav.js;C:\Documents and Settings\Carlos\AppData\Local\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3.7.gadget\js;Probably SCRIPT.Virus;;
04033875.FIL;C:\Documents and Settings\Carlos\DoctorWeb\Quarantine;Trojan.Virtumod.based;Incurable.Moved.;
04035875.FIL;C:\Documents and Settings\Carlos\DoctorWeb\Quarantine;Trojan.Virtumod.based;Incurable.Moved.;
GAME.EXE;C:\Documents and Settings\Carlos\Downloads;Trojan.DownLoader.44960;Deleted.;
flyout_fav.js;C:\Documents and Settings\Carlos\Local Settings\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3.7.gadget\js;Probably SCRIPT.Virus;;
Startup.exe;C:\Program Files\Microsoft Games\Gears of War\Binaries;Adware.MDH.7;;
mirc.exe;C:\Program Files\mIRC;Program.mIRC.623;;
regLocal.reg;C:\ProgramData\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
data001\data001;C:\QooBox\Quarantine\C\Program Files\Morpheus\morpheustoolbar.exe.vir\data001;Adware.Msearch;;
data001\data004;C:\QooBox\Quarantine\C\Program Files\Morpheus\morpheustoolbar.exe.vir\data001;Adware.Msearch;;
data001;C:\QooBox\Quarantine\C\Program Files\Morpheus\morpheustoolbar.exe.vir;Archive contains infected objects;;
morpheustoolbar.exe.vir;C:\QooBox\Quarantine\C\Program Files\Morpheus;Archive contains infected objects;Moved.;
data001\data001;C:\QooBox\Quarantine\C\Program Files\Morpheus\mymorpheusToolbar.exe.vir\data001;Adware.Msearch;;
data001\data004;C:\QooBox\Quarantine\C\Program Files\Morpheus\mymorpheusToolbar.exe.vir\data001;Adware.Msearch;;
data001;C:\QooBox\Quarantine\C\Program Files\Morpheus\mymorpheusToolbar.exe.vir;Archive contains infected objects;;
mymorpheusToolbar.exe.vir;C:\QooBox\Quarantine\C\Program Files\Morpheus;Archive contains infected objects;Moved.;
regLocal.reg;C:\Users\All Users\Application Data\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
regLocal.reg;C:\Users\All Users\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
flyout_fav.js;C:\Users\Carlos\AppData\Local\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3.7.gadget\js;Probably SCRIPT.Virus;;
flyout_fav.js;C:\Users\Carlos\Local Settings\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3.7.gadget\js;Probably SCRIPT.Virus;;
PSEXESVC.EXE;C:\Windows;Program.PsExec.170;;
regLocal.reg;C:\Windows.old\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
regLocal.reg;C:\Windows.old\Documents and Settings\All Users\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
flyout_fav.js;C:\Windows.old\Documents and Settings\Carlos\AppData\Local\Application Data\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3;Probably SCRIPT.Virus;;
flyout_fav.js;C:\Windows.old\Documents and Settings\Carlos\AppData\Local\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3.7.gadget\js;Probably SCRIPT.Virus;;
04033870.FIL;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine;Trojan.Virtumod.based;Incurable.Moved.;
04035870.FIL;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine;Trojan.Virtumod.based;Incurable.Moved.;
data001\data001;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine\morpheustoolbar.exe.vir\data001;Adware.Msearch;;
data001\data004;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine\morpheustoolbar.exe.vir\data001;Adware.Msearch;;
data001;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine\morpheustoolbar.exe.vir;Archive contains infected objects;;
morpheustoolbar.exe.vir;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine;Archive contains infected objects;Moved.;
data001\data001;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine\mymorpheusToolbar.exe.vir\data001;Adware.Msearch;;
data001\data004;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine\mymorpheusToolbar.exe.vir\data001;Adware.Msearch;;
data001;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine\mymorpheusToolbar.exe.vir;Archive contains infected objects;;
mymorpheusToolbar.exe.vir;C:\Windows.old\Documents and Settings\Carlos\DoctorWeb\Quarantine;Archive contains infected objects;Moved.;
flyout_fav.js;C:\Windows.old\Documents and Settings\Carlos\Local Settings\Microsoft\Windows Sidebar\Gadgets\AppLauncherV3.3.3.7.gadget\js;Probably SCRIPT.Virus;;
regLocal.reg;C:\Windows.old\ProgramData\Application Data\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
regLocal.reg;C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
regLocal.reg;C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Backups;Probably SCRIPT.Virus;;
  • 0

#15
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present):

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)


2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.



Reboot and post a new HijackThis log
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP