Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable To Install Antivirus/spyware Of Any Kind


  • This topic is locked This topic is locked
11 replies to this topic

#1 anticus50

anticus50

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 01 February 2008 - 10:39 AM

Hi guys, I recently had mcafee antivirus installed on my system. All of a sudden it dissapeared and i am unable to remove/reinstall the program. Various uninstallers have been used to no avail. Now i am unable to install ANY anti virus software/spyware of any kind. This is frustrating me to the max, i download software, get halfway through the installation only to find that a specific .exe file is missing that is vital to the installation.

BLEEPING COMPUTER!

Please help!

all the aforementioned tests have been run on my system, the main infection file is something called "Win32.Bagle.SUM@mm"

here is my hijackthis log file


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:24:57, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\flec006.exe
C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Program Files\Ahead\nero\nero.exe
C:\WINDOWS\System32\imapi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\system32\IETie.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GhostSurf.lnk = C:\Program Files\GhostSurf\GhostSurf.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suitcase Startup.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {578FC4E3-151E-456c-AF8E-B63061EFE228}} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145569446546
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1145786588906
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O21 - SSODL: hubbsi - {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - (no file)
O22 - SharedTaskScheduler: {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - hubbsi - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 10058 bytes

Edited by anticus50, 01 February 2008 - 01:51 PM.


BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:12 AM

Posted 12 February 2008 - 07:40 AM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Also make sure you have already followed the steps outlined below:

Preparation Guide For Use Before Posting A Hijackthis Log

Thank you for your patience.

#3 anticus50

anticus50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 12 February 2008 - 12:10 PM

Yes please I still need help!

the Virus that is pestering me at the moment is called "WORM_BAKLE.CO" and nothing i do seems to get rid of the pseky varmit!

Thanks for your time, here's my hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:06:36, on 12/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\system32\IETie.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suitcase Startup.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/ho...ivex/hcImpl.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145569446546
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1145786588906
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O21 - SSODL: hubbsi - {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - (no file)
O22 - SharedTaskScheduler: {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - hubbsi - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 10023 bytes

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:12 AM

Posted 12 February 2008 - 12:44 PM

  • Download Combofix to your desktop.

  • Doubleclick combofix.exe

  • Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.

When finished, and after reboot if it asks for one, combofix will open again to gather the necessary information for the log. This may take a while so please be patient. When done, Combofix will close and a log should open called combofix.txt.

Post the contents of this log in your next reply along with a new hijackthislog.

Please do not post the ComboFix-quarantined-files.txt unless I ask you to.

#5 anticus50

anticus50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 12 February 2008 - 01:36 PM

COMBOFIX REPORT
ComboFix 08-02-13.1 - Tony 2008-02-12 17:52:08.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.817 [GMT 0:00]
Running from: C:\Documents and Settings\Tony.TONY-00UYRL42JL\Local Settings\Temporary Internet Files\Content.IE5\U5SJY470\ComboFix[1].exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100156.exe
C:\WINDOWS\system32\drivers\down\100375.exe
C:\WINDOWS\system32\drivers\down\1007406.exe
C:\WINDOWS\system32\drivers\down\101562.exe
C:\WINDOWS\system32\drivers\down\101867421.exe
C:\WINDOWS\system32\drivers\down\101869156.exe
C:\WINDOWS\system32\drivers\down\101873140.exe
C:\WINDOWS\system32\drivers\down\101892000.exe
C:\WINDOWS\system32\drivers\down\101892015.exe
C:\WINDOWS\system32\drivers\down\101899312.exe
C:\WINDOWS\system32\drivers\down\101901125.exe
C:\WINDOWS\system32\drivers\down\101902843.exe
C:\WINDOWS\system32\drivers\down\101904046.exe
C:\WINDOWS\system32\drivers\down\101905640.exe
C:\WINDOWS\system32\drivers\down\101911093.exe
C:\WINDOWS\system32\drivers\down\101913125.exe
C:\WINDOWS\system32\drivers\down\101914000.exe
C:\WINDOWS\system32\drivers\down\101915703.exe
C:\WINDOWS\system32\drivers\down\101917328.exe
C:\WINDOWS\system32\drivers\down\101920968.exe
C:\WINDOWS\system32\drivers\down\101922656.exe
C:\WINDOWS\system32\drivers\down\101949093.exe
C:\WINDOWS\system32\drivers\down\101950734.exe
C:\WINDOWS\system32\drivers\down\102125.exe
C:\WINDOWS\system32\drivers\down\102187.exe
C:\WINDOWS\system32\drivers\down\103437.exe
C:\WINDOWS\system32\drivers\down\103546.exe
C:\WINDOWS\system32\drivers\down\103718.exe
C:\WINDOWS\system32\drivers\down\103828.exe
C:\WINDOWS\system32\drivers\down\104187.exe
C:\WINDOWS\system32\drivers\down\105000.exe
C:\WINDOWS\system32\drivers\down\106296.exe
C:\WINDOWS\system32\drivers\down\107156.exe
C:\WINDOWS\system32\drivers\down\107453.exe
C:\WINDOWS\system32\drivers\down\108250.exe
C:\WINDOWS\system32\drivers\down\108359.exe
C:\WINDOWS\system32\drivers\down\108546.exe
C:\WINDOWS\system32\drivers\down\108593.exe
C:\WINDOWS\system32\drivers\down\109218.exe
C:\WINDOWS\system32\drivers\down\109765.exe
C:\WINDOWS\system32\drivers\down\109859.exe
C:\WINDOWS\system32\drivers\down\110375.exe
C:\WINDOWS\system32\drivers\down\111281.exe
C:\WINDOWS\system32\drivers\down\111296.exe
C:\WINDOWS\system32\drivers\down\111625.exe
C:\WINDOWS\system32\drivers\down\112015.exe
C:\WINDOWS\system32\drivers\down\112640.exe
C:\WINDOWS\system32\drivers\down\112656.exe
C:\WINDOWS\system32\drivers\down\113703.exe
C:\WINDOWS\system32\drivers\down\113781.exe
C:\WINDOWS\system32\drivers\down\114109.exe
C:\WINDOWS\system32\drivers\down\114531.exe
C:\WINDOWS\system32\drivers\down\114906.exe
C:\WINDOWS\system32\drivers\down\115187.exe
C:\WINDOWS\system32\drivers\down\115734.exe
C:\WINDOWS\system32\drivers\down\116281.exe
C:\WINDOWS\system32\drivers\down\116369312.exe
C:\WINDOWS\system32\drivers\down\116383171.exe
C:\WINDOWS\system32\drivers\down\116385656.exe
C:\WINDOWS\system32\drivers\down\116388875.exe
C:\WINDOWS\system32\drivers\down\116405343.exe
C:\WINDOWS\system32\drivers\down\116405390.exe
C:\WINDOWS\system32\drivers\down\116410750.exe
C:\WINDOWS\system32\drivers\down\116412125.exe
C:\WINDOWS\system32\drivers\down\116413828.exe
C:\WINDOWS\system32\drivers\down\116415203.exe
C:\WINDOWS\system32\drivers\down\116418046.exe
C:\WINDOWS\system32\drivers\down\116422703.exe
C:\WINDOWS\system32\drivers\down\116425062.exe
C:\WINDOWS\system32\drivers\down\116425390.exe
C:\WINDOWS\system32\drivers\down\116426859.exe
C:\WINDOWS\system32\drivers\down\116427078.exe
C:\WINDOWS\system32\drivers\down\116428671.exe
C:\WINDOWS\system32\drivers\down\116430078.exe
C:\WINDOWS\system32\drivers\down\116464343.exe
C:\WINDOWS\system32\drivers\down\116466359.exe
C:\WINDOWS\system32\drivers\down\117203.exe
C:\WINDOWS\system32\drivers\down\117265.exe
C:\WINDOWS\system32\drivers\down\117421.exe
C:\WINDOWS\system32\drivers\down\117531.exe
C:\WINDOWS\system32\drivers\down\118406.exe
C:\WINDOWS\system32\drivers\down\118593.exe
C:\WINDOWS\system32\drivers\down\118984.exe
C:\WINDOWS\system32\drivers\down\119171.exe
C:\WINDOWS\system32\drivers\down\119578.exe
C:\WINDOWS\system32\drivers\down\119937.exe
C:\WINDOWS\system32\drivers\down\120468.exe
C:\WINDOWS\system32\drivers\down\120718.exe
C:\WINDOWS\system32\drivers\down\121703.exe
C:\WINDOWS\system32\drivers\down\123171.exe
C:\WINDOWS\system32\drivers\down\123828.exe
C:\WINDOWS\system32\drivers\down\124000.exe
C:\WINDOWS\system32\drivers\down\124046.exe
C:\WINDOWS\system32\drivers\down\124171.exe
C:\WINDOWS\system32\drivers\down\124281.exe
C:\WINDOWS\system32\drivers\down\125218.exe
C:\WINDOWS\system32\drivers\down\126109.exe
C:\WINDOWS\system32\drivers\down\126265.exe
C:\WINDOWS\system32\drivers\down\126796.exe
C:\WINDOWS\system32\drivers\down\127046.exe
C:\WINDOWS\system32\drivers\down\127078.exe
C:\WINDOWS\system32\drivers\down\127093.exe
C:\WINDOWS\system32\drivers\down\127843.exe
C:\WINDOWS\system32\drivers\down\128031.exe
C:\WINDOWS\system32\drivers\down\128234.exe
C:\WINDOWS\system32\drivers\down\128250.exe
C:\WINDOWS\system32\drivers\down\128406.exe
C:\WINDOWS\system32\drivers\down\128625.exe
C:\WINDOWS\system32\drivers\down\128984.exe
C:\WINDOWS\system32\drivers\down\129062.exe
C:\WINDOWS\system32\drivers\down\129125.exe
C:\WINDOWS\system32\drivers\down\129390.exe
C:\WINDOWS\system32\drivers\down\130234.exe
C:\WINDOWS\system32\drivers\down\130437.exe
C:\WINDOWS\system32\drivers\down\130812.exe
C:\WINDOWS\system32\drivers\down\130921.exe
C:\WINDOWS\system32\drivers\down\131078031.exe
C:\WINDOWS\system32\drivers\down\131082406.exe
C:\WINDOWS\system32\drivers\down\131107031.exe
C:\WINDOWS\system32\drivers\down\131141312.exe
C:\WINDOWS\system32\drivers\down\131142015.exe
C:\WINDOWS\system32\drivers\down\131147921.exe
C:\WINDOWS\system32\drivers\down\131150078.exe
C:\WINDOWS\system32\drivers\down\131153921.exe
C:\WINDOWS\system32\drivers\down\131155671.exe
C:\WINDOWS\system32\drivers\down\131160093.exe
C:\WINDOWS\system32\drivers\down\131165468.exe
C:\WINDOWS\system32\drivers\down\131167671.exe
C:\WINDOWS\system32\drivers\down\131168093.exe
C:\WINDOWS\system32\drivers\down\131172812.exe
C:\WINDOWS\system32\drivers\down\131173187.exe
C:\WINDOWS\system32\drivers\down\131177031.exe
C:\WINDOWS\system32\drivers\down\131178953.exe
C:\WINDOWS\system32\drivers\down\131206031.exe
C:\WINDOWS\system32\drivers\down\131217609.exe
C:\WINDOWS\system32\drivers\down\131312.exe
C:\WINDOWS\system32\drivers\down\131468.exe
C:\WINDOWS\system32\drivers\down\131890.exe
C:\WINDOWS\system32\drivers\down\132328.exe
C:\WINDOWS\system32\drivers\down\132468.exe
C:\WINDOWS\system32\drivers\down\133796.exe
C:\WINDOWS\system32\drivers\down\134140.exe
C:\WINDOWS\system32\drivers\down\134265.exe
C:\WINDOWS\system32\drivers\down\134453.exe
C:\WINDOWS\system32\drivers\down\134531.exe
C:\WINDOWS\system32\drivers\down\134937.exe
C:\WINDOWS\system32\drivers\down\135171.exe
C:\WINDOWS\system32\drivers\down\135203.exe
C:\WINDOWS\system32\drivers\down\135328.exe
C:\WINDOWS\system32\drivers\down\135578.exe
C:\WINDOWS\system32\drivers\down\135859.exe
C:\WINDOWS\system32\drivers\down\136234.exe
C:\WINDOWS\system32\drivers\down\136390.exe
C:\WINDOWS\system32\drivers\down\136718.exe
C:\WINDOWS\system32\drivers\down\137171.exe
C:\WINDOWS\system32\drivers\down\137718.exe
C:\WINDOWS\system32\drivers\down\137828.exe
C:\WINDOWS\system32\drivers\down\138468.exe
C:\WINDOWS\system32\drivers\down\138703.exe
C:\WINDOWS\system32\drivers\down\138750.exe
C:\WINDOWS\system32\drivers\down\138859.exe
C:\WINDOWS\system32\drivers\down\139312.exe
C:\WINDOWS\system32\drivers\down\139640.exe
C:\WINDOWS\system32\drivers\down\140000.exe
C:\WINDOWS\system32\drivers\down\140156.exe
C:\WINDOWS\system32\drivers\down\140359.exe
C:\WINDOWS\system32\drivers\down\140437.exe
C:\WINDOWS\system32\drivers\down\140515.exe
C:\WINDOWS\system32\drivers\down\140578.exe
C:\WINDOWS\system32\drivers\down\141312.exe
C:\WINDOWS\system32\drivers\down\141750.exe
C:\WINDOWS\system32\drivers\down\142156.exe
C:\WINDOWS\system32\drivers\down\142281.exe
C:\WINDOWS\system32\drivers\down\142687.exe
C:\WINDOWS\system32\drivers\down\142734.exe
C:\WINDOWS\system32\drivers\down\142750.exe
C:\WINDOWS\system32\drivers\down\142796.exe
C:\WINDOWS\system32\drivers\down\143171.exe
C:\WINDOWS\system32\drivers\down\143281.exe
C:\WINDOWS\system32\drivers\down\143468.exe
C:\WINDOWS\system32\drivers\down\143484.exe
C:\WINDOWS\system32\drivers\down\143578.exe
C:\WINDOWS\system32\drivers\down\143734.exe
C:\WINDOWS\system32\drivers\down\143750.exe
C:\WINDOWS\system32\drivers\down\144000.exe
C:\WINDOWS\system32\drivers\down\144531.exe
C:\WINDOWS\system32\drivers\down\144546.exe
C:\WINDOWS\system32\drivers\down\144562.exe
C:\WINDOWS\system32\drivers\down\144593.exe
C:\WINDOWS\system32\drivers\down\144890.exe
C:\WINDOWS\system32\drivers\down\14497984.exe
C:\WINDOWS\system32\drivers\down\145046.exe
C:\WINDOWS\system32\drivers\down\14513390.exe
C:\WINDOWS\system32\drivers\down\145156.exe
C:\WINDOWS\system32\drivers\down\14521515.exe
C:\WINDOWS\system32\drivers\down\145328.exe
C:\WINDOWS\system32\drivers\down\145406.exe
C:\WINDOWS\system32\drivers\down\145437.exe
C:\WINDOWS\system32\drivers\down\145578.exe
C:\WINDOWS\system32\drivers\down\14560093.exe
C:\WINDOWS\system32\drivers\down\14562828.exe
C:\WINDOWS\system32\drivers\down\14563734.exe
C:\WINDOWS\system32\drivers\down\145640.exe
C:\WINDOWS\system32\drivers\down\145667671.exe
C:\WINDOWS\system32\drivers\down\145671.exe
C:\WINDOWS\system32\drivers\down\145672609.exe
C:\WINDOWS\system32\drivers\down\145680078.exe
C:\WINDOWS\system32\drivers\down\14568687.exe
C:\WINDOWS\system32\drivers\down\145701609.exe
C:\WINDOWS\system32\drivers\down\145702140.exe
C:\WINDOWS\system32\drivers\down\145710625.exe
C:\WINDOWS\system32\drivers\down\145714234.exe
C:\WINDOWS\system32\drivers\down\145718171.exe
C:\WINDOWS\system32\drivers\down\145720046.exe
C:\WINDOWS\system32\drivers\down\145722125.exe
C:\WINDOWS\system32\drivers\down\145734265.exe
C:\WINDOWS\system32\drivers\down\145737890.exe
C:\WINDOWS\system32\drivers\down\145738468.exe
C:\WINDOWS\system32\drivers\down\145739812.exe
C:\WINDOWS\system32\drivers\down\145740593.exe
C:\WINDOWS\system32\drivers\down\145744953.exe
C:\WINDOWS\system32\drivers\down\145748234.exe
C:\WINDOWS\system32\drivers\down\145776500.exe
C:\WINDOWS\system32\drivers\down\145778031.exe
C:\WINDOWS\system32\drivers\down\14585078.exe
C:\WINDOWS\system32\drivers\down\14602484.exe
C:\WINDOWS\system32\drivers\down\146078.exe
C:\WINDOWS\system32\drivers\down\14611031.exe
C:\WINDOWS\system32\drivers\down\14613000.exe
C:\WINDOWS\system32\drivers\down\14614078.exe
C:\WINDOWS\system32\drivers\down\14614796.exe
C:\WINDOWS\system32\drivers\down\14620953.exe
C:\WINDOWS\system32\drivers\down\14623078.exe
C:\WINDOWS\system32\drivers\down\146234.exe
C:\WINDOWS\system32\drivers\down\146250.exe
C:\WINDOWS\system32\drivers\down\14628031.exe
C:\WINDOWS\system32\drivers\down\14632062.exe
C:\WINDOWS\system32\drivers\down\14634968.exe
C:\WINDOWS\system32\drivers\down\14637828.exe
C:\WINDOWS\system32\drivers\down\14639937.exe
C:\WINDOWS\system32\drivers\down\14640578.exe
C:\WINDOWS\system32\drivers\down\14641046.exe
C:\WINDOWS\system32\drivers\down\14644812.exe
C:\WINDOWS\system32\drivers\down\14646578.exe
C:\WINDOWS\system32\drivers\down\14648250.exe
C:\WINDOWS\system32\drivers\down\14648265.exe
C:\WINDOWS\system32\drivers\down\14648296.exe
C:\WINDOWS\system32\drivers\down\14648937.exe
C:\WINDOWS\system32\drivers\down\14649906.exe
C:\WINDOWS\system32\drivers\down\14653796.exe
C:\WINDOWS\system32\drivers\down\14654015.exe
C:\WINDOWS\system32\drivers\down\14655875.exe
C:\WINDOWS\system32\drivers\down\14657156.exe
C:\WINDOWS\system32\drivers\down\14657609.exe
C:\WINDOWS\system32\drivers\down\14659859.exe
C:\WINDOWS\system32\drivers\down\14661046.exe
C:\WINDOWS\system32\drivers\down\14661625.exe
C:\WINDOWS\system32\drivers\down\14663218.exe
C:\WINDOWS\system32\drivers\down\14663890.exe
C:\WINDOWS\system32\drivers\down\14664625.exe
C:\WINDOWS\system32\drivers\down\146656.exe
C:\WINDOWS\system32\drivers\down\14667296.exe
C:\WINDOWS\system32\drivers\down\14667562.exe
C:\WINDOWS\system32\drivers\down\14668640.exe
C:\WINDOWS\system32\drivers\down\14668687.exe
C:\WINDOWS\system32\drivers\down\14670546.exe
C:\WINDOWS\system32\drivers\down\14670640.exe
C:\WINDOWS\system32\drivers\down\14670859.exe
C:\WINDOWS\system32\drivers\down\14671281.exe
C:\WINDOWS\system32\drivers\down\14672062.exe
C:\WINDOWS\system32\drivers\down\14672656.exe
C:\WINDOWS\system32\drivers\down\14673468.exe
C:\WINDOWS\system32\drivers\down\14674468.exe
C:\WINDOWS\system32\drivers\down\14674843.exe
C:\WINDOWS\system32\drivers\down\14676453.exe
C:\WINDOWS\system32\drivers\down\14679656.exe
C:\WINDOWS\system32\drivers\down\14683703.exe
C:\WINDOWS\system32\drivers\down\14690031.exe
C:\WINDOWS\system32\drivers\down\14693468.exe
C:\WINDOWS\system32\drivers\down\14697546.exe
C:\WINDOWS\system32\drivers\down\14698140.exe
C:\WINDOWS\system32\drivers\down\14698515.exe
C:\WINDOWS\system32\drivers\down\14698687.exe
C:\WINDOWS\system32\drivers\down\14699234.exe
C:\WINDOWS\system32\drivers\down\14700312.exe
C:\WINDOWS\system32\drivers\down\14700843.exe
C:\WINDOWS\system32\drivers\down\14701421.exe
C:\WINDOWS\system32\drivers\down\14701562.exe
C:\WINDOWS\system32\drivers\down\14703593.exe
C:\WINDOWS\system32\drivers\down\14704015.exe
C:\WINDOWS\system32\drivers\down\14705109.exe
C:\WINDOWS\system32\drivers\down\14705984.exe
C:\WINDOWS\system32\drivers\down\14706781.exe
C:\WINDOWS\system32\drivers\down\14706921.exe
C:\WINDOWS\system32\drivers\down\14707359.exe
C:\WINDOWS\system32\drivers\down\14707531.exe
C:\WINDOWS\system32\drivers\down\14707546.exe
C:\WINDOWS\system32\drivers\down\14708890.exe
C:\WINDOWS\system32\drivers\down\14710515.exe
C:\WINDOWS\system32\drivers\down\14710750.exe
C:\WINDOWS\system32\drivers\down\14710781.exe
C:\WINDOWS\system32\drivers\down\14711375.exe
C:\WINDOWS\system32\drivers\down\14713406.exe
C:\WINDOWS\system32\drivers\down\14713453.exe
C:\WINDOWS\system32\drivers\down\14713656.exe
C:\WINDOWS\system32\drivers\down\14715062.exe
C:\WINDOWS\system32\drivers\down\14715453.exe
C:\WINDOWS\system32\drivers\down\14716250.exe
C:\WINDOWS\system32\drivers\down\14717125.exe
C:\WINDOWS\system32\drivers\down\14717265.exe
C:\WINDOWS\system32\drivers\down\14717406.exe
C:\WINDOWS\system32\drivers\down\14718906.exe
C:\WINDOWS\system32\drivers\down\14719859.exe
C:\WINDOWS\system32\drivers\down\147203.exe
C:\WINDOWS\system32\drivers\down\14720406.exe
C:\WINDOWS\system32\drivers\down\14720890.exe
C:\WINDOWS\system32\drivers\down\14722093.exe
C:\WINDOWS\system32\drivers\down\14722406.exe
C:\WINDOWS\system32\drivers\down\14722671.exe
C:\WINDOWS\system32\drivers\down\14724609.exe
C:\WINDOWS\system32\drivers\down\14725250.exe
C:\WINDOWS\system32\drivers\down\14725281.exe
C:\WINDOWS\system32\drivers\down\14725671.exe
C:\WINDOWS\system32\drivers\down\14725937.exe
C:\WINDOWS\system32\drivers\down\14728687.exe
C:\WINDOWS\system32\drivers\down\14730953.exe
C:\WINDOWS\system32\drivers\down\14730968.exe
C:\WINDOWS\system32\drivers\down\14731843.exe
C:\WINDOWS\system32\drivers\down\14732500.exe
C:\WINDOWS\system32\drivers\down\14732687.exe
C:\WINDOWS\system32\drivers\down\14732890.exe
C:\WINDOWS\system32\drivers\down\14733171.exe
C:\WINDOWS\system32\drivers\down\14733656.exe
C:\WINDOWS\system32\drivers\down\147343.exe
C:\WINDOWS\system32\drivers\down\14734500.exe
C:\WINDOWS\system32\drivers\down\14735515.exe
C:\WINDOWS\system32\drivers\down\14735843.exe
C:\WINDOWS\system32\drivers\down\14736296.exe
C:\WINDOWS\system32\drivers\down\14737593.exe
C:\WINDOWS\system32\drivers\down\14738437.exe
C:\WINDOWS\system32\drivers\down\14740046.exe
C:\WINDOWS\system32\drivers\down\14742890.exe
C:\WINDOWS\system32\drivers\down\14744156.exe
C:\WINDOWS\system32\drivers\down\14744421.exe
C:\WINDOWS\system32\drivers\down\14745187.exe
C:\WINDOWS\system32\drivers\down\14745234.exe
C:\WINDOWS\system32\drivers\down\147453.exe
C:\WINDOWS\system32\drivers\down\14746125.exe
C:\WINDOWS\system32\drivers\down\14746531.exe
C:\WINDOWS\system32\drivers\down\14746546.exe
C:\WINDOWS\system32\drivers\down\14746843.exe
C:\WINDOWS\system32\drivers\down\14747875.exe
C:\WINDOWS\system32\drivers\down\14748015.exe
C:\WINDOWS\system32\drivers\down\147484.exe
C:\WINDOWS\system32\drivers\down\14749750.exe
C:\WINDOWS\system32\drivers\down\147500.exe
C:\WINDOWS\system32\drivers\down\14750921.exe
C:\WINDOWS\system32\drivers\down\14751062.exe
C:\WINDOWS\system32\drivers\down\14751546.exe
C:\WINDOWS\system32\drivers\down\14752640.exe
C:\WINDOWS\system32\drivers\down\14753906.exe
C:\WINDOWS\system32\drivers\down\14754671.exe
C:\WINDOWS\system32\drivers\down\14754796.exe
C:\WINDOWS\system32\drivers\down\14755953.exe
C:\WINDOWS\system32\drivers\down\14756546.exe
C:\WINDOWS\system32\drivers\down\14756640.exe
C:\WINDOWS\system32\drivers\down\14757265.exe
C:\WINDOWS\system32\drivers\down\14757453.exe
C:\WINDOWS\system32\drivers\down\14758109.exe
C:\WINDOWS\system32\drivers\down\14758437.exe
C:\WINDOWS\system32\drivers\down\14758453.exe
C:\WINDOWS\system32\drivers\down\14758734.exe
C:\WINDOWS\system32\drivers\down\14759109.exe
C:\WINDOWS\system32\drivers\down\14759156.exe
C:\WINDOWS\system32\drivers\down\14760281.exe
C:\WINDOWS\system32\drivers\down\14760812.exe
C:\WINDOWS\system32\drivers\down\14761093.exe
C:\WINDOWS\system32\drivers\down\14761937.exe
C:\WINDOWS\system32\drivers\down\14762125.exe
C:\WINDOWS\system32\drivers\down\14762359.exe
C:\WINDOWS\system32\drivers\down\14762937.exe
C:\WINDOWS\system32\drivers\down\14762968.exe
C:\WINDOWS\system32\drivers\down\14763750.exe
C:\WINDOWS\system32\drivers\down\14763843.exe
C:\WINDOWS\system32\drivers\down\14764109.exe
C:\WINDOWS\system32\drivers\down\14764812.exe
C:\WINDOWS\system32\drivers\down\14765046.exe
C:\WINDOWS\system32\drivers\down\14765468.exe
C:\WINDOWS\system32\drivers\down\14765687.exe
C:\WINDOWS\system32\drivers\down\14767953.exe
C:\WINDOWS\system32\drivers\down\14767984.exe
C:\WINDOWS\system32\drivers\down\14768671.exe
C:\WINDOWS\system32\drivers\down\14768875.exe
C:\WINDOWS\system32\drivers\down\14769000.exe
C:\WINDOWS\system32\drivers\down\14769375.exe
C:\WINDOWS\system32\drivers\down\14769812.exe
C:\WINDOWS\system32\drivers\down\14769921.exe
C:\WINDOWS\system32\drivers\down\14771703.exe
C:\WINDOWS\system32\drivers\down\14772406.exe
C:\WINDOWS\system32\drivers\down\14772531.exe
C:\WINDOWS\system32\drivers\down\14773000.exe
C:\WINDOWS\system32\drivers\down\14773031.exe
C:\WINDOWS\system32\drivers\down\14773437.exe
C:\WINDOWS\system32\drivers\down\14773843.exe
C:\WINDOWS\system32\drivers\down\14774125.exe
C:\WINDOWS\system32\drivers\down\14774546.exe
C:\WINDOWS\system32\drivers\down\14775015.exe
C:\WINDOWS\system32\drivers\down\14775953.exe
C:\WINDOWS\system32\drivers\down\14776546.exe
C:\WINDOWS\system32\drivers\down\14777125.exe
C:\WINDOWS\system32\drivers\down\14777187.exe
C:\WINDOWS\system32\drivers\down\14778343.exe
C:\WINDOWS\system32\drivers\down\14778656.exe
C:\WINDOWS\system32\drivers\down\14778781.exe
C:\WINDOWS\system32\drivers\down\14778843.exe
C:\WINDOWS\system32\drivers\down\14779281.exe
C:\WINDOWS\system32\drivers\down\14781109.exe
C:\WINDOWS\system32\drivers\down\14783781.exe
C:\WINDOWS\system32\drivers\down\14784062.exe
C:\WINDOWS\system32\drivers\down\14785046.exe
C:\WINDOWS\system32\drivers\down\14786531.exe
C:\WINDOWS\system32\drivers\down\14786640.exe
C:\WINDOWS\system32\drivers\down\14786875.exe
C:\WINDOWS\system32\drivers\down\14787234.exe
C:\WINDOWS\system32\drivers\down\14787406.exe
C:\WINDOWS\system32\drivers\down\14788875.exe
C:\WINDOWS\system32\drivers\down\14789953.exe
C:\WINDOWS\system32\drivers\down\14791343.exe
C:\WINDOWS\system32\drivers\down\14791906.exe
C:\WINDOWS\system32\drivers\down\14793421.exe
C:\WINDOWS\system32\drivers\down\147937.exe
C:\WINDOWS\system32\drivers\down\14794109.exe
C:\WINDOWS\system32\drivers\down\14795890.exe
C:\WINDOWS\system32\drivers\down\14797312.exe
C:\WINDOWS\system32\drivers\down\14797328.exe
C:\WINDOWS\system32\drivers\down\14797437.exe
C:\WINDOWS\system32\drivers\down\14798640.exe
C:\WINDOWS\system32\drivers\down\14798984.exe
C:\WINDOWS\system32\drivers\down\14799359.exe
C:\WINDOWS\system32\drivers\down\14800218.exe
C:\WINDOWS\system32\drivers\down\14802062.exe
C:\WINDOWS\system32\drivers\down\14802125.exe
C:\WINDOWS\system32\drivers\down\14802234.exe
C:\WINDOWS\system32\drivers\down\14802828.exe
C:\WINDOWS\system32\drivers\down\14803281.exe
C:\WINDOWS\system32\drivers\down\14804234.exe
C:\WINDOWS\system32\drivers\down\14805312.exe
C:\WINDOWS\system32\drivers\down\14805453.exe
C:\WINDOWS\system32\drivers\down\14805953.exe
C:\WINDOWS\system32\drivers\down\14806671.exe
C:\WINDOWS\system32\drivers\down\14806828.exe
C:\WINDOWS\system32\drivers\down\14808703.exe
C:\WINDOWS\system32\drivers\down\14809625.exe
C:\WINDOWS\system32\drivers\down\148125.exe
C:\WINDOWS\system32\drivers\down\14813437.exe
C:\WINDOWS\system32\drivers\down\14813828.exe
C:\WINDOWS\system32\drivers\down\14814484.exe
C:\WINDOWS\system32\drivers\down\14815921.exe
C:\WINDOWS\system32\drivers\down\14817140.exe
C:\WINDOWS\system32\drivers\down\14817234.exe
C:\WINDOWS\system32\drivers\down\14818218.exe
C:\WINDOWS\system32\drivers\down\14818421.exe
C:\WINDOWS\system32\drivers\down\14818843.exe
C:\WINDOWS\system32\drivers\down\14819000.exe
C:\WINDOWS\system32\drivers\down\14819343.exe
C:\WINDOWS\system32\drivers\down\14820250.exe
C:\WINDOWS\system32\drivers\down\14821156.exe
C:\WINDOWS\system32\drivers\down\14821546.exe
C:\WINDOWS\system32\drivers\down\14821640.exe
C:\WINDOWS\system32\drivers\down\14822390.exe
C:\WINDOWS\system32\drivers\down\14822500.exe
C:\WINDOWS\system32\drivers\down\14825109.exe
C:\WINDOWS\system32\drivers\down\14825312.exe
C:\WINDOWS\system32\drivers\down\14825671.exe
C:\WINDOWS\system32\drivers\down\14825796.exe
C:\WINDOWS\system32\drivers\down\14827015.exe
C:\WINDOWS\system32\drivers\down\14827312.exe
C:\WINDOWS\system32\drivers\down\14829171.exe
C:\WINDOWS\system32\drivers\down\14829703.exe
C:\WINDOWS\system32\drivers\down\14830921.exe
C:\WINDOWS\system32\drivers\down\14832843.exe
C:\WINDOWS\system32\drivers\down\14832906.exe
C:\WINDOWS\system32\drivers\down\14833843.exe
C:\WINDOWS\system32\drivers\down\148390.exe
C:\WINDOWS\system32\drivers\down\14839703.exe
C:\WINDOWS\system32\drivers\down\14839734.exe
C:\WINDOWS\system32\drivers\down\14840062.exe
C:\WINDOWS\system32\drivers\down\14842250.exe
C:\WINDOWS\system32\drivers\down\14842437.exe
C:\WINDOWS\system32\drivers\down\14842937.exe
C:\WINDOWS\system32\drivers\down\14843703.exe
C:\WINDOWS\system32\drivers\down\14844734.exe
C:\WINDOWS\system32\drivers\down\14846375.exe
C:\WINDOWS\system32\drivers\down\14847781.exe
C:\WINDOWS\system32\drivers\down\14849250.exe
C:\WINDOWS\system32\drivers\down\14850656.exe
C:\WINDOWS\system32\drivers\down\14851406.exe
C:\WINDOWS\system32\drivers\down\14851593.exe
C:\WINDOWS\system32\drivers\down\14853656.exe
C:\WINDOWS\system32\drivers\down\14855171.exe
C:\WINDOWS\system32\drivers\down\14855250.exe
C:\WINDOWS\system32\drivers\down\14856921.exe
C:\WINDOWS\system32\drivers\down\14857406.exe
C:\WINDOWS\system32\drivers\down\14860062.exe
C:\WINDOWS\system32\drivers\down\14863437.exe
C:\WINDOWS\system32\drivers\down\14864828.exe
C:\WINDOWS\system32\drivers\down\14865578.exe
C:\WINDOWS\system32\drivers\down\14866859.exe
C:\WINDOWS\system32\drivers\down\148671.exe
C:\WINDOWS\system32\drivers\down\14867453.exe
C:\WINDOWS\system32\drivers\down\14867484.exe
C:\WINDOWS\system32\drivers\down\14869656.exe
C:\WINDOWS\system32\drivers\down\14870656.exe
C:\WINDOWS\system32\drivers\down\14872140.exe
C:\WINDOWS\system32\drivers\down\14875234.exe
C:\WINDOWS\system32\drivers\down\14877125.exe
C:\WINDOWS\system32\drivers\down\148796.exe
C:\WINDOWS\system32\drivers\down\14885703.exe
C:\WINDOWS\system32\drivers\down\14890921.exe
C:\WINDOWS\system32\drivers\down\14891031.exe
C:\WINDOWS\system32\drivers\down\14891234.exe
C:\WINDOWS\system32\drivers\down\14895843.exe
C:\WINDOWS\system32\drivers\down\14897984.exe
C:\WINDOWS\system32\drivers\down\14898187.exe
C:\WINDOWS\system32\drivers\down\14900187.exe
C:\WINDOWS\system32\drivers\down\14901265.exe
C:\WINDOWS\system32\drivers\down\14901515.exe
C:\WINDOWS\system32\drivers\down\14903296.exe
C:\WINDOWS\system32\drivers\down\14904250.exe
C:\WINDOWS\system32\drivers\down\14905531.exe
C:\WINDOWS\system32\drivers\down\14906812.exe
C:\WINDOWS\system32\drivers\down\14909921.exe
C:\WINDOWS\system32\drivers\down\14910062.exe
C:\WINDOWS\system32\drivers\down\14910875.exe
C:\WINDOWS\system32\drivers\down\149125.exe
C:\WINDOWS\system32\drivers\down\14913140.exe
C:\WINDOWS\system32\drivers\down\14916625.exe
C:\WINDOWS\system32\drivers\down\149203.exe
C:\WINDOWS\system32\drivers\down\14921390.exe
C:\WINDOWS\system32\drivers\down\14921437.exe
C:\WINDOWS\system32\drivers\down\14925453.exe
C:\WINDOWS\system32\drivers\down\14925953.exe
C:\WINDOWS\system32\drivers\down\14930062.exe
C:\WINDOWS\system32\drivers\down\14941921.exe
C:\WINDOWS\system32\drivers\down\14941937.exe
C:\WINDOWS\system32\drivers\down\14944500.exe
C:\WINDOWS\system32\drivers\down\14946734.exe
C:\WINDOWS\system32\drivers\down\14951093.exe
C:\WINDOWS\system32\drivers\down\149515.exe
C:\WINDOWS\system32\drivers\down\14953546.exe
C:\WINDOWS\system32\drivers\down\14953625.exe
C:\WINDOWS\system32\drivers\down\14959593.exe
C:\WINDOWS\system32\drivers\down\14961218.exe
C:\WINDOWS\system32\drivers\down\14964140.exe
C:\WINDOWS\system32\drivers\down\14965031.exe
C:\WINDOWS\system32\drivers\down\14967906.exe
C:\WINDOWS\system32\drivers\down\14969562.exe
C:\WINDOWS\system32\drivers\down\149703.exe
C:\WINDOWS\system32\drivers\down\14971859.exe
C:\WINDOWS\system32\drivers\down\14983187.exe
C:\WINDOWS\system32\drivers\down\14986375.exe
C:\WINDOWS\system32\drivers\down\14987484.exe
C:\WINDOWS\system32\drivers\down\14987765.exe
C:\WINDOWS\system32\drivers\down\14988281.exe
C:\WINDOWS\system32\drivers\down\14989609.exe
C:\WINDOWS\system32\drivers\down\149906.exe
C:\WINDOWS\system32\drivers\down\14991281.exe
C:\WINDOWS\system32\drivers\down\14991687.exe
C:\WINDOWS\system32\drivers\down\14992375.exe
C:\WINDOWS\system32\drivers\down\14992546.exe
C:\WINDOWS\system32\drivers\down\14993953.exe
C:\WINDOWS\system32\drivers\down\150015.exe
C:\WINDOWS\system32\drivers\down\15029078.exe
C:\WINDOWS\system32\drivers\down\150343.exe
C:\WINDOWS\system32\drivers\down\15037281.exe
C:\WINDOWS\system32\drivers\down\150421.exe
C:\WINDOWS\system32\drivers\down\150796.exe
C:\WINDOWS\system32\drivers\down\150968.exe
C:\WINDOWS\system32\drivers\down\151296.exe
C:\WINDOWS\system32\drivers\down\15132828.exe
C:\WINDOWS\system32\drivers\down\15133875.exe
C:\WINDOWS\system32\drivers\down\151593.exe
C:\WINDOWS\system32\drivers\down\15159890.exe
C:\WINDOWS\system32\drivers\down\15164593.exe
C:\WINDOWS\system32\drivers\down\152359.exe
C:\WINDOWS\system32\drivers\down\152531.exe
C:\WINDOWS\system32\drivers\down\152984.exe
C:\WINDOWS\system32\drivers\down\153046.exe
C:\WINDOWS\system32\drivers\down\153062.exe
C:\WINDOWS\system32\drivers\down\153281.exe
C:\WINDOWS\system32\drivers\down\153421.exe
C:\WINDOWS\system32\drivers\down\153609.exe
C:\WINDOWS\system32\drivers\down\154328.exe
C:\WINDOWS\system32\drivers\down\154531.exe
C:\WINDOWS\system32\drivers\down\154546.exe
C:\WINDOWS\system32\drivers\down\155062.exe
C:\WINDOWS\system32\drivers\down\155078.exe
C:\WINDOWS\system32\drivers\down\156015.exe
C:\WINDOWS\system32\drivers\down\156281.exe
C:\WINDOWS\system32\drivers\down\156515.exe
C:\WINDOWS\system32\drivers\down\156843.exe
C:\WINDOWS\system32\drivers\down\156953.exe
C:\WINDOWS\system32\drivers\down\157078.exe
C:\WINDOWS\system32\drivers\down\157093.exe
C:\WINDOWS\system32\drivers\down\157343.exe
C:\WINDOWS\system32\drivers\down\157421.exe
C:\WINDOWS\system32\drivers\down\157531.exe
C:\WINDOWS\system32\drivers\down\157656.exe
C:\WINDOWS\system32\drivers\down\158000.exe
C:\WINDOWS\system32\drivers\down\158343.exe
C:\WINDOWS\system32\drivers\down\158796.exe
C:\WINDOWS\system32\drivers\down\158843.exe
C:\WINDOWS\system32\drivers\down\158921.exe
C:\WINDOWS\system32\drivers\down\158937.exe
C:\WINDOWS\system32\drivers\down\159609.exe
C:\WINDOWS\system32\drivers\down\159859.exe
C:\WINDOWS\system32\drivers\down\159921.exe
C:\WINDOWS\system32\drivers\down\160213281.exe
C:\WINDOWS\system32\drivers\down\160217015.exe
C:\WINDOWS\system32\drivers\down\160220000.exe
C:\WINDOWS\system32\drivers\down\160224125.exe
C:\WINDOWS\system32\drivers\down\160234.exe
C:\WINDOWS\system32\drivers\down\160242375.exe
C:\WINDOWS\system32\drivers\down\160242593.exe
C:\WINDOWS\system32\drivers\down\160248187.exe
C:\WINDOWS\system32\drivers\down\160250890.exe
C:\WINDOWS\system32\drivers\down\160253562.exe
C:\WINDOWS\system32\drivers\down\160254937.exe
C:\WINDOWS\system32\drivers\down\160257203.exe
C:\WINDOWS\system32\drivers\down\160265.exe
C:\WINDOWS\system32\drivers\down\160265156.exe
C:\WINDOWS\system32\drivers\down\160269203.exe
C:\WINDOWS\system32\drivers\down\160269687.exe
C:\WINDOWS\system32\drivers\down\160270093.exe
C:\WINDOWS\system32\drivers\down\160271218.exe
C:\WINDOWS\system32\drivers\down\160272906.exe
C:\WINDOWS\system32\drivers\down\160274531.exe
C:\WINDOWS\system32\drivers\down\160301812.exe
C:\WINDOWS\system32\drivers\down\160305203.exe
C:\WINDOWS\system32\drivers\down\160625.exe
C:\WINDOWS\system32\drivers\down\160781.exe
C:\WINDOWS\system32\drivers\down\160875.exe
C:\WINDOWS\system32\drivers\down\160921.exe
C:\WINDOWS\system32\drivers\down\162078.exe
C:\WINDOWS\system32\drivers\down\162140.exe
C:\WINDOWS\system32\drivers\down\162312.exe
C:\WINDOWS\system32\drivers\down\162375.exe
C:\WINDOWS\system32\drivers\down\162609.exe
C:\WINDOWS\system32\drivers\down\162671.exe
C:\WINDOWS\system32\drivers\down\162968.exe
C:\WINDOWS\system32\drivers\down\163921.exe
C:\WINDOWS\system32\drivers\down\164156.exe
C:\WINDOWS\system32\drivers\down\164281.exe
C:\WINDOWS\system32\drivers\down\164375.exe
C:\WINDOWS\system32\drivers\down\164421.exe
C:\WINDOWS\system32\drivers\down\164515.exe
C:\WINDOWS\system32\drivers\down\164640.exe
C:\WINDOWS\system32\drivers\down\164812.exe
C:\WINDOWS\system32\drivers\down\164984.exe
C:\WINDOWS\system32\drivers\down\165046.exe
C:\WINDOWS\system32\drivers\down\165453.exe
C:\WINDOWS\system32\drivers\down\165937.exe
C:\WINDOWS\system32\drivers\down\166000.exe
C:\WINDOWS\system32\drivers\down\166156.exe
C:\WINDOWS\system32\drivers\down\166281.exe
C:\WINDOWS\system32\drivers\down\166312.exe
C:\WINDOWS\system32\drivers\down\166750.exe
C:\WINDOWS\system32\drivers\down\166875.exe
C:\WINDOWS\system32\drivers\down\166937.exe
C:\WINDOWS\system32\drivers\down\167062.exe
C:\WINDOWS\system32\drivers\down\167312.exe
C:\WINDOWS\system32\drivers\down\168328.exe
C:\WINDOWS\system32\drivers\down\168343.exe
C:\WINDOWS\system32\drivers\down\168875.exe
C:\WINDOWS\system32\drivers\down\169000.exe
C:\WINDOWS\system32\drivers\down\169281.exe
C:\WINDOWS\system32\drivers\down\169390.exe
C:\WINDOWS\system32\drivers\down\169421.exe
C:\WINDOWS\system32\drivers\down\169484.exe
C:\WINDOWS\system32\drivers\down\169515.exe
C:\WINDOWS\system32\drivers\down\169546.exe
C:\WINDOWS\system32\drivers\down\169937.exe
C:\WINDOWS\system32\drivers\down\170015.exe
C:\WINDOWS\system32\drivers\down\170468.exe
C:\WINDOWS\system32\drivers\down\170625.exe
C:\WINDOWS\system32\drivers\down\170687.exe
C:\WINDOWS\system32\drivers\down\171078.exe
C:\WINDOWS\system32\drivers\down\171093.exe
C:\WINDOWS\system32\drivers\down\171156.exe
C:\WINDOWS\system32\drivers\down\171187.exe
C:\WINDOWS\system32\drivers\down\171234.exe
C:\WINDOWS\system32\drivers\down\171406.exe
C:\WINDOWS\system32\drivers\down\171562.exe
C:\WINDOWS\system32\drivers\down\171671.exe
C:\WINDOWS\system32\drivers\down\171703.exe
C:\WINDOWS\system32\drivers\down\172156.exe
C:\WINDOWS\system32\drivers\down\172265.exe
C:\WINDOWS\system32\drivers\down\172296.exe
C:\WINDOWS\system32\drivers\down\172406.exe
C:\WINDOWS\system32\drivers\down\172890.exe
C:\WINDOWS\system32\drivers\down\173062.exe
C:\WINDOWS\system32\drivers\down\173171.exe
C:\WINDOWS\system32\drivers\down\173343.exe
C:\WINDOWS\system32\drivers\down\173812.exe
C:\WINDOWS\system32\drivers\down\174000.exe
C:\WINDOWS\system32\drivers\down\174015.exe
C:\WINDOWS\system32\drivers\down\174140.exe
C:\WINDOWS\system32\drivers\down\174218.exe
C:\WINDOWS\system32\drivers\down\174265.exe
C:\WINDOWS\system32\drivers\down\174720078.exe
C:\WINDOWS\system32\drivers\down\174724796.exe
C:\WINDOWS\system32\drivers\down\174728156.exe
C:\WINDOWS\system32\drivers\down\174738937.exe
C:\WINDOWS\system32\drivers\down\174747609.exe
C:\WINDOWS\system32\drivers\down\174777812.exe
C:\WINDOWS\system32\drivers\down\174778750.exe
C:\WINDOWS\system32\drivers\down\174793734.exe
C:\WINDOWS\system32\drivers\down\174796828.exe
C:\WINDOWS\system32\drivers\down\174802890.exe
C:\WINDOWS\system32\drivers\down\174805140.exe
C:\WINDOWS\system32\drivers\down\174808781.exe
C:\WINDOWS\system32\drivers\down\174816406.exe
C:\WINDOWS\system32\drivers\down\174819906.exe
C:\WINDOWS\system32\drivers\down\174843.exe
C:\WINDOWS\system32\drivers\down\175002125.exe
C:\WINDOWS\system32\drivers\down\175005437.exe
C:\WINDOWS\system32\drivers\down\175008218.exe
C:\WINDOWS\system32\drivers\down\175012187.exe
C:\WINDOWS\system32\drivers\down\175015578.exe
C:\WINDOWS\system32\drivers\down\175047515.exe
C:\WINDOWS\system32\drivers\down\175054859.exe
C:\WINDOWS\system32\drivers\down\175093.exe
C:\WINDOWS\system32\drivers\down\175500.exe
C:\WINDOWS\system32\drivers\down\175718.exe
C:\WINDOWS\system32\drivers\down\175781.exe
C:\WINDOWS\system32\drivers\down\176203.exe
C:\WINDOWS\system32\drivers\down\176484.exe
C:\WINDOWS\system32\drivers\down\176703.exe
C:\WINDOWS\system32\drivers\down\176843.exe
C:\WINDOWS\system32\drivers\down\176921.exe
C:\WINDOWS\system32\drivers\down\177312.exe
C:\WINDOWS\system32\drivers\down\177343.exe
C:\WINDOWS\system32\drivers\down\177484.exe
C:\WINDOWS\system32\drivers\down\177515.exe
C:\WINDOWS\system32\drivers\down\177531.exe
C:\WINDOWS\system32\drivers\down\178109.exe
C:\WINDOWS\system32\drivers\down\178328.exe
C:\WINDOWS\system32\drivers\down\178406.exe
C:\WINDOWS\system32\drivers\down\178437.exe
C:\WINDOWS\system32\drivers\down\178593.exe
C:\WINDOWS\system32\drivers\down\179593.exe
C:\WINDOWS\system32\drivers\down\179937.exe
C:\WINDOWS\system32\drivers\down\179953.exe
C:\WINDOWS\system32\drivers\down\180281.exe
C:\WINDOWS\system32\drivers\down\180421.exe
C:\WINDOWS\system32\drivers\down\180578.exe
C:\WINDOWS\system32\drivers\down\180671.exe
C:\WINDOWS\system32\drivers\down\181140.exe
C:\WINDOWS\system32\drivers\down\181562.exe
C:\WINDOWS\system32\drivers\down\181671.exe
C:\WINDOWS\system32\drivers\down\181687.exe
C:\WINDOWS\system32\drivers\down\181843.exe
C:\WINDOWS\system32\drivers\down\182140.exe
C:\WINDOWS\system32\drivers\down\182375.exe
C:\WINDOWS\system32\drivers\down\182609.exe
C:\WINDOWS\system32\drivers\down\182906.exe
C:\WINDOWS\system32\drivers\down\183156.exe
C:\WINDOWS\system32\drivers\down\183578.exe
C:\WINDOWS\system32\drivers\down\183734.exe
C:\WINDOWS\system32\drivers\down\183859.exe
C:\WINDOWS\system32\drivers\down\184562.exe
C:\WINDOWS\system32\drivers\down\184812.exe
C:\WINDOWS\system32\drivers\down\185390.exe
C:\WINDOWS\system32\drivers\down\185890.exe
C:\WINDOWS\system32\drivers\down\185906.exe
C:\WINDOWS\system32\drivers\down\185921.exe
C:\WINDOWS\system32\drivers\down\185953.exe
C:\WINDOWS\system32\drivers\down\186046.exe
C:\WINDOWS\system32\drivers\down\186234.exe
C:\WINDOWS\system32\drivers\down\186390.exe
C:\WINDOWS\system32\drivers\down\186578.exe
C:\WINDOWS\system32\drivers\down\186906.exe
C:\WINDOWS\system32\drivers\down\186984.exe
C:\WINDOWS\system32\drivers\down\187031.exe
C:\WINDOWS\system32\drivers\down\187437.exe
C:\WINDOWS\system32\drivers\down\187781.exe
C:\WINDOWS\system32\drivers\down\187906.exe
C:\WINDOWS\system32\drivers\down\188125.exe
C:\WINDOWS\system32\drivers\down\188328.exe
C:\WINDOWS\system32\drivers\down\188593.exe
C:\WINDOWS\system32\drivers\down\188718.exe
C:\WINDOWS\system32\drivers\down\188781.exe
C:\WINDOWS\system32\drivers\down\188984.exe
C:\WINDOWS\system32\drivers\down\189390.exe
C:\WINDOWS\system32\drivers\down\189406.exe
C:\WINDOWS\system32\drivers\down\189473109.exe
C:\WINDOWS\system32\drivers\down\189475328.exe
C:\WINDOWS\system32\drivers\down\189480281.exe
C:\WINDOWS\system32\drivers\down\189482796.exe
C:\WINDOWS\system32\drivers\down\189486718.exe
C:\WINDOWS\system32\drivers\down\189503937.exe
C:\WINDOWS\system32\drivers\down\189504015.exe
C:\WINDOWS\system32\drivers\down\189512203.exe
C:\WINDOWS\system32\drivers\down\189513656.exe
C:\WINDOWS\system32\drivers\down\189515890.exe
C:\WINDOWS\system32\drivers\down\189517156.exe
C:\WINDOWS\system32\drivers\down\189523531.exe
C:\WINDOWS\system32\drivers\down\189530234.exe
C:\WINDOWS\system32\drivers\down\189533906.exe
C:\WINDOWS\system32\drivers\down\189534781.exe
C:\WINDOWS\system32\drivers\down\189535156.exe
C:\WINDOWS\system32\drivers\down\189535921.exe
C:\WINDOWS\system32\drivers\down\189539765.exe
C:\WINDOWS\system32\drivers\down\189541843.exe
C:\WINDOWS\system32\drivers\down\189574343.exe
C:\WINDOWS\system32\drivers\down\189577890.exe
C:\WINDOWS\system32\drivers\down\189703.exe
C:\WINDOWS\system32\drivers\down\189750.exe
C:\WINDOWS\system32\drivers\down\189828.exe
C:\WINDOWS\system32\drivers\down\190031.exe
C:\WINDOWS\system32\drivers\down\190125.exe
C:\WINDOWS\system32\drivers\down\190593.exe
C:\WINDOWS\system32\drivers\down\190640.exe
C:\WINDOWS\system32\drivers\down\190796.exe
C:\WINDOWS\system32\drivers\down\191078.exe
C:\WINDOWS\system32\drivers\down\191265.exe
C:\WINDOWS\system32\drivers\down\191468.exe
C:\WINDOWS\system32\drivers\down\191484.exe
C:\WINDOWS\system32\drivers\down\191546.exe
C:\WINDOWS\system32\drivers\down\191578.exe
C:\WINDOWS\system32\drivers\down\191875.exe
C:\WINDOWS\system32\drivers\down\191921.exe
C:\WINDOWS\system32\drivers\down\192078.exe
C:\WINDOWS\system32\drivers\down\192281.exe
C:\WINDOWS\system32\drivers\down\192687.exe
C:\WINDOWS\system32\drivers\down\192765.exe
C:\WINDOWS\system32\drivers\down\192937.exe
C:\WINDOWS\system32\drivers\down\193031.exe
C:\WINDOWS\system32\drivers\down\193296.exe
C:\WINDOWS\system32\drivers\down\193406.exe
C:\WINDOWS\system32\drivers\down\193437.exe
C:\WINDOWS\system32\drivers\down\193484.exe
C:\WINDOWS\system32\drivers\down\193656.exe
C:\WINDOWS\system32\drivers\down\193828.exe
C:\WINDOWS\system32\drivers\down\193875.exe
C:\WINDOWS\system32\drivers\down\194187.exe
C:\WINDOWS\system32\drivers\down\194265.exe
C:\WINDOWS\system32\drivers\down\194296.exe
C:\WINDOWS\system32\drivers\down\194687.exe
C:\WINDOWS\system32\drivers\down\194968.exe
C:\WINDOWS\system32\drivers\down\195062.exe
C:\WINDOWS\system32\drivers\down\195234.exe
C:\WINDOWS\system32\drivers\down\195390.exe
C:\WINDOWS\system32\drivers\down\195640.exe
C:\WINDOWS\system32\drivers\down\195718.exe
C:\WINDOWS\system32\drivers\down\196015.exe
C:\WINDOWS\system32\drivers\down\196187.exe
C:\WINDOWS\system32\drivers\down\196250.exe
C:\WINDOWS\system32\drivers\down\196328.exe
C:\WINDOWS\system32\drivers\down\196453.exe
C:\WINDOWS\system32\drivers\down\196984.exe
C:\WINDOWS\system32\drivers\down\197187.exe
C:\WINDOWS\system32\drivers\down\197359.exe
C:\WINDOWS\system32\drivers\down\197406.exe
C:\WINDOWS\system32\drivers\down\197546.exe
C:\WINDOWS\system32\drivers\down\197640.exe
C:\WINDOWS\system32\drivers\down\197671.exe
C:\WINDOWS\system32\drivers\down\197796.exe
C:\WINDOWS\system32\drivers\down\197921.exe
C:\WINDOWS\system32\drivers\down\197984.exe
C:\WINDOWS\system32\drivers\down\198015.exe
C:\WINDOWS\system32\drivers\down\198031.exe
C:\WINDOWS\system32\drivers\down\198515.exe
C:\WINDOWS\system32\drivers\down\199031.exe
C:\WINDOWS\system32\drivers\down\199171.exe
C:\WINDOWS\system32\drivers\down\199500.exe
C:\WINDOWS\system32\drivers\down\199875.exe
C:\WINDOWS\system32\drivers\down\199953.exe
C:\WINDOWS\system32\drivers\down\200078.exe
C:\WINDOWS\system32\drivers\down\200343.exe
C:\WINDOWS\system32\drivers\down\200562.exe
C:\WINDOWS\system32\drivers\down\200593.exe
C:\WINDOWS\system32\drivers\down\200625.exe
C:\WINDOWS\system32\drivers\down\200750.exe
C:\WINDOWS\system32\drivers\down\201296.exe
C:\WINDOWS\system32\drivers\down\201359.exe
C:\WINDOWS\system32\drivers\down\201515.exe
C:\WINDOWS\system32\drivers\down\201546.exe
C:\WINDOWS\system32\drivers\down\201953.exe
C:\WINDOWS\system32\drivers\down\202453.exe
C:\WINDOWS\system32\drivers\down\202750.exe
C:\WINDOWS\system32\drivers\down\202937.exe
C:\WINDOWS\system32\drivers\down\203250.exe
C:\WINDOWS\system32\drivers\down\203296.exe
C:\WINDOWS\system32\drivers\down\203437.exe
C:\WINDOWS\system32\drivers\down\203921.exe
C:\WINDOWS\system32\drivers\down\203992968.exe
C:\WINDOWS\system32\drivers\down\203994109.exe
C:\WINDOWS\system32\drivers\down\203997078.exe
C:\WINDOWS\system32\drivers\down\203999265.exe
C:\WINDOWS\system32\drivers\down\204002484.exe
C:\WINDOWS\system32\drivers\down\204015.exe
C:\WINDOWS\system32\drivers\down\204018656.exe
C:\WINDOWS\system32\drivers\down\204018687.exe
C:\WINDOWS\system32\drivers\down\204023421.exe
C:\WINDOWS\system32\drivers\down\204024750.exe
C:\WINDOWS\system32\drivers\down\204029437.exe
C:\WINDOWS\system32\drivers\down\204030468.exe
C:\WINDOWS\system32\drivers\down\204031984.exe
C:\WINDOWS\system32\drivers\down\204039093.exe
C:\WINDOWS\system32\drivers\down\204041328.exe
C:\WINDOWS\system32\drivers\down\204041453.exe
C:\WINDOWS\system32\drivers\down\204041562.exe
C:\WINDOWS\system32\drivers\down\204041796.exe
C:\WINDOWS\system32\drivers\down\204045625.exe
C:\WINDOWS\system32\drivers\down\204050000.exe
C:\WINDOWS\system32\drivers\down\204077328.exe
C:\WINDOWS\system32\drivers\down\204081296.exe
C:\WINDOWS\system32\drivers\down\204562.exe
C:\WINDOWS\system32\drivers\down\205375.exe
C:\WINDOWS\system32\drivers\down\205437.exe
C:\WINDOWS\system32\drivers\down\205718.exe
C:\WINDOWS\system32\drivers\down\205828.exe
C:\WINDOWS\system32\drivers\down\206000.exe
C:\WINDOWS\system32\drivers\down\206312.exe
C:\WINDOWS\system32\drivers\down\206546.exe
C:\WINDOWS\system32\drivers\down\206609.exe
C:\WINDOWS\system32\drivers\down\207062.exe
C:\WINDOWS\system32\drivers\down\207328.exe
C:\WINDOWS\system32\drivers\down\207343.exe
C:\WINDOWS\system32\drivers\down\207484.exe
C:\WINDOWS\system32\drivers\down\207546.exe
C:\WINDOWS\system32\drivers\down\207875.exe
C:\WINDOWS\system32\drivers\down\208109.exe
C:\WINDOWS\system32\drivers\down\208406.exe
C:\WINDOWS\system32\drivers\down\208437.exe
C:\WINDOWS\system32\drivers\down\208875.exe
C:\WINDOWS\system32\drivers\down\208984.exe
C:\WINDOWS\system32\drivers\down\209156.exe
C:\WINDOWS\system32\drivers\down\209250.exe
C:\WINDOWS\system32\drivers\down\209296.exe
C:\WINDOWS\system32\drivers\down\209656.exe
C:\WINDOWS\system32\drivers\down\209671.exe
C:\WINDOWS\system32\drivers\down\209718.exe
C:\WINDOWS\system32\drivers\down\209734.exe
C:\WINDOWS\system32\drivers\down\210078.exe
C:\WINDOWS\system32\drivers\down\210171.exe
C:\WINDOWS\system32\drivers\down\210218.exe
C:\WINDOWS\system32\drivers\down\210234.exe
C:\WINDOWS\system32\drivers\down\210250.exe
C:\WINDOWS\system32\drivers\down\210500.exe
C:\WINDOWS\system32\drivers\down\210812.exe
C:\WINDOWS\system32\drivers\down\211203.exe
C:\WINDOWS\system32\drivers\down\211281.exe
C:\WINDOWS\system32\drivers\down\211500.exe
C:\WINDOWS\system32\drivers\down\211531.exe
C:\WINDOWS\system32\drivers\down\211640.exe
C:\WINDOWS\system32\drivers\down\211781.exe
C:\WINDOWS\system32\drivers\down\211843.exe
C:\WINDOWS\system32\drivers\down\211875.exe
C:\WINDOWS\system32\drivers\down\212093.exe
C:\WINDOWS\system32\drivers\down\212203.exe
C:\WINDOWS\system32\drivers\down\212234.exe
C:\WINDOWS\system32\drivers\down\212468.exe
C:\WINDOWS\system32\drivers\down\212734.exe
C:\WINDOWS\system32\drivers\down\212890.exe
C:\WINDOWS\system32\drivers\down\213078.exe
C:\WINDOWS\system32\drivers\down\213406.exe
C:\WINDOWS\system32\drivers\down\213468.exe
C:\WINDOWS\system32\drivers\down\213515.exe
C:\WINDOWS\system32\drivers\down\213687.exe
C:\WINDOWS\system32\drivers\down\213734.exe
C:\WINDOWS\system32\drivers\down\213796.exe
C:\WINDOWS\system32\drivers\down\214468.exe
C:\WINDOWS\system32\drivers\down\215406.exe
C:\WINDOWS\system32\drivers\down\215578.exe
C:\WINDOWS\system32\drivers\down\215687.exe
C:\WINDOWS\system32\drivers\down\215750.exe
C:\WINDOWS\system32\drivers\down\215828.exe
C:\WINDOWS\system32\drivers\down\215875.exe
C:\WINDOWS\system32\drivers\down\215953.exe
C:\WINDOWS\system32\drivers\down\216812.exe
C:\WINDOWS\system32\drivers\down\217203.exe
C:\WINDOWS\system32\drivers\down\217265.exe
C:\WINDOWS\system32\drivers\down\217484.exe
C:\WINDOWS\system32\drivers\down\217625.exe
C:\WINDOWS\system32\drivers\down\217828.exe
C:\WINDOWS\system32\drivers\down\218203.exe
C:\WINDOWS\system32\drivers\down\218468.exe
C:\WINDOWS\system32\drivers\down\219203.exe
C:\WINDOWS\system32\drivers\down\219531.exe
C:\WINDOWS\system32\drivers\down\219546.exe
C:\WINDOWS\system32\drivers\down\220031.exe
C:\WINDOWS\system32\drivers\down\220078.exe
C:\WINDOWS\system32\drivers\down\220453.exe
C:\WINDOWS\system32\drivers\down\220750.exe
C:\WINDOWS\system32\drivers\down\220843.exe
C:\WINDOWS\system32\drivers\down\220859.exe
C:\WINDOWS\system32\drivers\down\221328.exe
C:\WINDOWS\system32\drivers\down\221703.exe
C:\WINDOWS\system32\drivers\down\222078.exe
C:\WINDOWS\system32\drivers\down\222406.exe
C:\WINDOWS\system32\drivers\down\222734.exe
C:\WINDOWS\system32\drivers\down\222890.exe
C:\WINDOWS\system32\drivers\down\223078.exe
C:\WINDOWS\system32\drivers\down\223312.exe
C:\WINDOWS\system32\drivers\down\223437.exe
C:\WINDOWS\system32\drivers\down\223468.exe
C:\WINDOWS\system32\drivers\down\224046.exe
C:\WINDOWS\system32\drivers\down\224218.exe
C:\WINDOWS\system32\drivers\down\224312.exe
C:\WINDOWS\system32\drivers\down\224765.exe
C:\WINDOWS\system32\drivers\down\224921.exe
C:\WINDOWS\system32\drivers\down\225390.exe
C:\WINDOWS\system32\drivers\down\225656.exe
C:\WINDOWS\system32\drivers\down\225796.exe
C:\WINDOWS\system32\drivers\down\225906.exe
C:\WINDOWS\system32\drivers\down\226062.exe
C:\WINDOWS\system32\drivers\down\226218.exe
C:\WINDOWS\system32\drivers\down\226421.exe
C:\WINDOWS\system32\drivers\down\226453.exe
C:\WINDOWS\system32\drivers\down\227015.exe
C:\WINDOWS\system32\drivers\down\227390.exe
C:\WINDOWS\system32\drivers\down\227578.exe
C:\WINDOWS\system32\drivers\down\227765.exe
C:\WINDOWS\system32\drivers\down\227812.exe
C:\WINDOWS\system32\drivers\down\227906.exe
C:\WINDOWS\system32\drivers\down\228171.exe
C:\WINDOWS\system32\drivers\down\228203.exe
C:\WINDOWS\system32\drivers\down\228250.exe
C:\WINDOWS\system32\drivers\down\229093.exe
C:\WINDOWS\system32\drivers\down\229125.exe
C:\WINDOWS\system32\drivers\down\229421.exe
C:\WINDOWS\system32\drivers\down\229468.exe
C:\WINDOWS\system32\drivers\down\229625.exe
C:\WINDOWS\system32\drivers\down\229656.exe
C:\WINDOWS\system32\drivers\down\229671.exe
C:\WINDOWS\system32\drivers\down\229703.exe
C:\WINDOWS\system32\drivers\down\230078.exe
C:\WINDOWS\system32\drivers\down\230171.exe
C:\WINDOWS\system32\drivers\down\230406.exe
C:\WINDOWS\system32\drivers\down\230515.exe
C:\WINDOWS\system32\drivers\down\230796.exe
C:\WINDOWS\system32\drivers\down\230828.exe
C:\WINDOWS\system32\drivers\down\231250.exe
C:\WINDOWS\system32\drivers\down\231453.exe
C:\WINDOWS\system32\drivers\down\231796.exe
C:\WINDOWS\system32\drivers\down\231859.exe
C:\WINDOWS\system32\drivers\down\231921.exe
C:\WINDOWS\system32\drivers\down\232046.exe
C:\WINDOWS\system32\drivers\down\232187.exe
C:\WINDOWS\system32\drivers\down\232312.exe
C:\WINDOWS\system32\drivers\down\232593.exe
C:\WINDOWS\system32\drivers\down\232937.exe
C:\WINDOWS\system32\drivers\down\233281.exe
C:\WINDOWS\system32\drivers\down\233312.exe
C:\WINDOWS\system32\drivers\down\233343.exe
C:\WINDOWS\system32\drivers\down\233406.exe
C:\WINDOWS\system32\drivers\down\233640.exe
C:\WINDOWS\system32\drivers\down\234218.exe
C:\WINDOWS\system32\drivers\down\234359.exe
C:\WINDOWS\system32\drivers\down\234562.exe
C:\WINDOWS\system32\drivers\down\235390.exe
C:\WINDOWS\system32\drivers\down\235921.exe
C:\WINDOWS\system32\drivers\down\236968.exe
C:\WINDOWS\system32\drivers\down\237250.exe
C:\WINDOWS\system32\drivers\down\237375.exe
C:\WINDOWS\system32\drivers\down\237843.exe
C:\WINDOWS\system32\drivers\down\237859.exe
C:\WINDOWS\system32\drivers\down\238203.exe
C:\WINDOWS\system32\drivers\down\238562.exe
C:\WINDOWS\system32\drivers\down\238750.exe
C:\WINDOWS\system32\drivers\down\239734.exe
C:\WINDOWS\system32\drivers\down\240406.exe
C:\WINDOWS\system32\drivers\down\241093.exe
C:\WINDOWS\system32\drivers\down\241500.exe
C:\WINDOWS\system32\drivers\down\241765.exe
C:\WINDOWS\system32\drivers\down\242406.exe
C:\WINDOWS\system32\drivers\down\242796.exe
C:\WINDOWS\system32\drivers\down\242921.exe
C:\WINDOWS\system32\drivers\down\243390.exe
C:\WINDOWS\system32\drivers\down\244812.exe
C:\WINDOWS\system32\drivers\down\245000.exe
C:\WINDOWS\system32\drivers\down\245109.exe
C:\WINDOWS\system32\drivers\down\245171.exe
C:\WINDOWS\system32\drivers\down\245234.exe
C:\WINDOWS\system32\drivers\down\245421.exe
C:\WINDOWS\system32\drivers\down\245703.exe
C:\WINDOWS\system32\drivers\down\246484.exe
C:\WINDOWS\system32\drivers\down\246578.exe
C:\WINDOWS\system32\drivers\down\246687.exe
C:\WINDOWS\system32\drivers\down\246812.exe
C:\WINDOWS\system32\drivers\down\247750.exe
C:\WINDOWS\system32\drivers\down\248671.exe
C:\WINDOWS\system32\drivers\down\248765.exe
C:\WINDOWS\system32\drivers\down\249453.exe
C:\WINDOWS\system32\drivers\down\249562.exe
C:\WINDOWS\system32\drivers\down\250750.exe
C:\WINDOWS\system32\drivers\down\251078.exe
C:\WINDOWS\system32\drivers\down\251125.exe
C:\WINDOWS\system32\drivers\down\251171.exe
C:\WINDOWS\system32\drivers\down\251187.exe
C:\WINDOWS\system32\drivers\down\251484.exe
C:\WINDOWS\system32\drivers\down\251859.exe
C:\WINDOWS\system32\drivers\down\252500.exe
C:\WINDOWS\system32\drivers\down\252828.exe
C:\WINDOWS\system32\drivers\down\253031.exe
C:\WINDOWS\system32\drivers\down\253359.exe
C:\WINDOWS\system32\drivers\down\254015.exe
C:\WINDOWS\system32\drivers\down\254343.exe
C:\WINDOWS\system32\drivers\down\255765.exe
C:\WINDOWS\system32\drivers\down\255781.exe
C:\WINDOWS\system32\drivers\down\256343.exe
C:\WINDOWS\system32\drivers\down\256812.exe
C:\WINDOWS\system32\drivers\down\257578.exe
C:\WINDOWS\system32\drivers\down\258484.exe
C:\WINDOWS\system32\drivers\down\259312.exe
C:\WINDOWS\system32\drivers\down\259734.exe
C:\WINDOWS\system32\drivers\down\259921.exe
C:\WINDOWS\system32\drivers\down\260812.exe
C:\WINDOWS\system32\drivers\down\260828.exe
C:\WINDOWS\system32\drivers\down\260906.exe
C:\WINDOWS\system32\drivers\down\261390.exe
C:\WINDOWS\system32\drivers\down\262375.exe
C:\WINDOWS\system32\drivers\down\262828.exe
C:\WINDOWS\system32\drivers\down\262843.exe
C:\WINDOWS\system32\drivers\down\263281.exe
C:\WINDOWS\system32\drivers\down\263546.exe
C:\WINDOWS\system32\drivers\down\263781.exe
C:\WINDOWS\system32\drivers\down\264093.exe
C:\WINDOWS\system32\drivers\down\265546.exe
C:\WINDOWS\system32\drivers\down\265593.exe
C:\WINDOWS\system32\drivers\down\265828.exe
C:\WINDOWS\system32\drivers\down\265890.exe
C:\WINDOWS\system32\drivers\down\266484.exe
C:\WINDOWS\system32\drivers\down\267296.exe
C:\WINDOWS\system32\drivers\down\267765.exe
C:\WINDOWS\system32\drivers\down\268375.exe
C:\WINDOWS\system32\drivers\down\268609.exe
C:\WINDOWS\system32\drivers\down\268843.exe
C:\WINDOWS\system32\drivers\down\268937.exe
C:\WINDOWS\system32\drivers\down\268968.exe
C:\WINDOWS\system32\drivers\down\269546.exe
C:\WINDOWS\system32\drivers\down\269625.exe
C:\WINDOWS\system32\drivers\down\269937.exe
C:\WINDOWS\system32\drivers\down\270421.exe
C:\WINDOWS\system32\drivers\down\271203.exe
C:\WINDOWS\system32\drivers\down\271453.exe
C:\WINDOWS\system32\drivers\down\272640.exe
C:\WINDOWS\system32\drivers\down\272781.exe
C:\WINDOWS\system32\drivers\down\273390.exe
C:\WINDOWS\system32\drivers\down\273937.exe
C:\WINDOWS\system32\drivers\down\274109.exe
C:\WINDOWS\system32\drivers\down\274500.exe
C:\WINDOWS\system32\drivers\down\274734.exe
C:\WINDOWS\system32\drivers\down\275156.exe
C:\WINDOWS\system32\drivers\down\275656.exe
C:\WINDOWS\system32\drivers\down\276218.exe
C:\WINDOWS\system32\drivers\down\277093.exe
C:\WINDOWS\system32\drivers\down\277343.exe
C:\WINDOWS\system32\drivers\down\278000.exe
C:\WINDOWS\system32\drivers\down\278250.exe
C:\WINDOWS\system32\drivers\down\278890.exe
C:\WINDOWS\system32\drivers\down\279343.exe
C:\WINDOWS\system32\drivers\down\279578.exe
C:\WINDOWS\system32\drivers\down\279609.exe
C:\WINDOWS\system32\drivers\down\280625.exe
C:\WINDOWS\system32\drivers\down\280687.exe
C:\WINDOWS\system32\drivers\down\281437.exe
C:\WINDOWS\system32\drivers\down\282031.exe
C:\WINDOWS\system32\drivers\down\282484.exe
C:\WINDOWS\system32\drivers\down\282750.exe
C:\WINDOWS\system32\drivers\down\283203.exe
C:\WINDOWS\system32\drivers\down\283328.exe
C:\WINDOWS\system32\drivers\down\283546.exe
C:\WINDOWS\system32\drivers\down\283953.exe
C:\WINDOWS\system32\drivers\down\284046.exe
C:\WINDOWS\system32\drivers\down\284421.exe
C:\WINDOWS\system32\drivers\down\284625.exe
C:\WINDOWS\system32\drivers\down\288250.exe
C:\WINDOWS\system32\drivers\down\288750.exe
C:\WINDOWS\system32\drivers\down\291046.exe
C:\WINDOWS\system32\drivers\down\29122625.exe
C:\WINDOWS\system32\drivers\down\29131187.exe
C:\WINDOWS\system32\drivers\down\29135281.exe
C:\WINDOWS\system32\drivers\down\29152109.exe
C:\WINDOWS\system32\drivers\down\29152156.exe
C:\WINDOWS\system32\drivers\down\29155234.exe
C:\WINDOWS\system32\drivers\down\29157125.exe
C:\WINDOWS\system32\drivers\down\29158750.exe
C:\WINDOWS\system32\drivers\down\29159765.exe
C:\WINDOWS\system32\drivers\down\29161406.exe
C:\WINDOWS\system32\drivers\down\29167562.exe
C:\WINDOWS\system32\drivers\down\29169500.exe
C:\WINDOWS\system32\drivers\down\29170953.exe
C:\WINDOWS\system32\drivers\down\29171109.exe
C:\WINDOWS\system32\drivers\down\29171437.exe
C:\WINDOWS\system32\drivers\down\29173062.exe
C:\WINDOWS\system32\drivers\down\29173578.exe
C:\WINDOWS\system32\drivers\down\29178859.exe
C:\WINDOWS\system32\drivers\down\29187843.exe
C:\WINDOWS\system32\drivers\down\29191734.exe
C:\WINDOWS\system32\drivers\down\29195843.exe
C:\WINDOWS\system32\drivers\down\29200593.exe
C:\WINDOWS\system32\drivers\down\29202343.exe
C:\WINDOWS\system32\drivers\down\29205593.exe
C:\WINDOWS\system32\drivers\down\29206875.exe
C:\WINDOWS\system32\drivers\down\29207015.exe
C:\WINDOWS\system32\drivers\down\29209843.exe
C:\WINDOWS\system32\drivers\down\29209890.exe
C:\WINDOWS\system32\drivers\down\29212171.exe
C:\WINDOWS\system32\drivers\down\29212781.exe
C:\WINDOWS\system32\drivers\down\29215921.exe
C:\WINDOWS\system32\drivers\down\29216359.exe
C:\WINDOWS\system32\drivers\down\29216468.exe
C:\WINDOWS\system32\drivers\down\29217515.exe
C:\WINDOWS\system32\drivers\down\29218859.exe
C:\WINDOWS\system32\drivers\down\29220203.exe
C:\WINDOWS\system32\drivers\down\29221953.exe
C:\WINDOWS\system32\drivers\down\29224093.exe
C:\WINDOWS\system32\drivers\down\29224625.exe
C:\WINDOWS\system32\drivers\down\29225984.exe
C:\WINDOWS\system32\drivers\down\29227531.exe
C:\WINDOWS\system32\drivers\down\29228687.exe
C:\WINDOWS\system32\drivers\down\29228796.exe
C:\WINDOWS\system32\drivers\down\29230656.exe
C:\WINDOWS\system32\drivers\down\29231468.exe
C:\WINDOWS\system32\drivers\down\29232093.exe
C:\WINDOWS\system32\drivers\down\29232218.exe
C:\WINDOWS\system32\drivers\down\29232296.exe
C:\WINDOWS\system32\drivers\down\29233750.exe
C:\WINDOWS\system32\drivers\down\29234875.exe
C:\WINDOWS\system32\drivers\down\29235390.exe
C:\WINDOWS\system32\drivers\down\29247812.exe
C:\WINDOWS\system32\drivers\down\29248359.exe
C:\WINDOWS\system32\drivers\down\29248500.exe
C:\WINDOWS\system32\drivers\down\29248593.exe
C:\WINDOWS\system32\drivers\down\29248625.exe
C:\WINDOWS\system32\drivers\down\29250156.exe
C:\WINDOWS\system32\drivers\down\29250171.exe
C:\WINDOWS\system32\drivers\down\29250265.exe
C:\WINDOWS\system32\drivers\down\29252281.exe
C:\WINDOWS\system32\drivers\down\29252312.exe
C:\WINDOWS\system32\drivers\down\29253078.exe
C:\WINDOWS\system32\drivers\down\29253609.exe
C:\WINDOWS\system32\drivers\down\29255015.exe
C:\WINDOWS\system32\drivers\down\29255750.exe
C:\WINDOWS\system32\drivers\down\29256234.exe
C:\WINDOWS\system32\drivers\down\29257218.exe
C:\WINDOWS\system32\drivers\down\29257390.exe
C:\WINDOWS\system32\drivers\down\29258843.exe
C:\WINDOWS\system32\drivers\down\29258937.exe
C:\WINDOWS\system32\drivers\down\29260187.exe
C:\WINDOWS\system32\drivers\down\29260671.exe
C:\WINDOWS\system32\drivers\down\29261734.exe
C:\WINDOWS\system32\drivers\down\29263640.exe
C:\WINDOWS\system32\drivers\down\29263812.exe
C:\WINDOWS\system32\drivers\down\29265453.exe
C:\WINDOWS\system32\drivers\down\29266328.exe
C:\WINDOWS\system32\drivers\down\29266500.exe
C:\WINDOWS\system32\drivers\down\29266687.exe
C:\WINDOWS\system32\drivers\down\29266859.exe
C:\WINDOWS\system32\drivers\down\29266890.exe
C:\WINDOWS\system32\drivers\down\29267109.exe
C:\WINDOWS\system32\drivers\down\29267156.exe
C:\WINDOWS\system32\drivers\down\29268031.exe
C:\WINDOWS\system32\drivers\down\29268515.exe
C:\WINDOWS\system32\drivers\down\29269640.exe
C:\WINDOWS\system32\drivers\down\29269968.exe
C:\WINDOWS\system32\drivers\down\29270312.exe
C:\WINDOWS\system32\drivers\down\29270390.exe
C:\WINDOWS\system32\drivers\down\29272156.exe
C:\WINDOWS\system32\drivers\down\29275640.exe
C:\WINDOWS\system32\drivers\down\29276671.exe
C:\WINDOWS\system32\drivers\down\29276875.exe
C:\WINDOWS\system32\drivers\down\29276921.exe
C:\WINDOWS\system32\drivers\down\29277859.exe
C:\WINDOWS\system32\drivers\down\29277953.exe
C:\WINDOWS\system32\drivers\down\29279312.exe
C:\WINDOWS\system32\drivers\down\29279328.exe
C:\WINDOWS\system32\drivers\down\29280156.exe
C:\WINDOWS\system32\drivers\down\29280390.exe
C:\WINDOWS\system32\drivers\down\29280734.exe
C:\WINDOWS\system32\drivers\down\29281890.exe
C:\WINDOWS\system32\drivers\down\29282046.exe
C:\WINDOWS\system32\drivers\down\29282343.exe
C:\WINDOWS\system32\drivers\down\29283671.exe
C:\WINDOWS\system32\drivers\down\29283906.exe
C:\WINDOWS\system32\drivers\down\29288953.exe
C:\WINDOWS\system32\drivers\down\29289921.exe
C:\WINDOWS\system32\drivers\down\29291203.exe
C:\WINDOWS\system32\drivers\down\29291484.exe
C:\WINDOWS\system32\drivers\down\29291703.exe
C:\WINDOWS\system32\drivers\down\29292031.exe
C:\WINDOWS\system32\drivers\down\29292125.exe
C:\WINDOWS\system32\drivers\down\29292250.exe
C:\WINDOWS\system32\drivers\down\29293078.exe
C:\WINDOWS\system32\drivers\down\292937.exe
C:\WINDOWS\system32\drivers\down\29294687.exe
C:\WINDOWS\system32\drivers\down\29295390.exe
C:\WINDOWS\system32\drivers\down\29295953.exe
C:\WINDOWS\system32\drivers\down\29296187.exe
C:\WINDOWS\system32\drivers\down\29297625.exe
C:\WINDOWS\system32\drivers\down\29297828.exe
C:\WINDOWS\system32\drivers\down\29297984.exe
C:\WINDOWS\system32\drivers\down\29298203.exe
C:\WINDOWS\system32\drivers\down\29298390.exe
C:\WINDOWS\system32\drivers\down\29298562.exe
C:\WINDOWS\system32\drivers\down\29298781.exe
C:\WINDOWS\system32\drivers\down\29299640.exe
C:\WINDOWS\system32\drivers\down\29300203.exe
C:\WINDOWS\system32\drivers\down\29301328.exe
C:\WINDOWS\system32\drivers\down\293015.exe
C:\WINDOWS\system32\drivers\down\29302796.exe
C:\WINDOWS\system32\drivers\down\293078.exe
C:\WINDOWS\system32\drivers\down\29310578.exe
C:\WINDOWS\system32\drivers\down\29313578.exe
C:\WINDOWS\system32\drivers\down\29314218.exe
C:\WINDOWS\system32\drivers\down\29316250.exe
C:\WINDOWS\system32\drivers\down\29319687.exe
C:\WINDOWS\system32\drivers\down\29322375.exe
C:\WINDOWS\system32\drivers\down\29322843.exe
C:\WINDOWS\system32\drivers\down\29322937.exe
C:\WINDOWS\system32\drivers\down\29328156.exe
C:\WINDOWS\system32\drivers\down\29329593.exe
C:\WINDOWS\system32\drivers\down\29329703.exe
C:\WINDOWS\system32\drivers\down\29331625.exe
C:\WINDOWS\system32\drivers\down\29331796.exe
C:\WINDOWS\system32\drivers\down\29331921.exe
C:\WINDOWS\system32\drivers\down\29333171.exe
C:\WINDOWS\system32\drivers\down\29334968.exe
C:\WINDOWS\system32\drivers\down\29335328.exe
C:\WINDOWS\system32\drivers\down\29337187.exe
C:\WINDOWS\system32\drivers\down\29337609.exe
C:\WINDOWS\system32\drivers\down\29340765.exe
C:\WINDOWS\system32\drivers\down\29344078.exe
C:\WINDOWS\system32\drivers\down\29348421.exe
C:\WINDOWS\system32\drivers\down\29349281.exe
C:\WINDOWS\system32\drivers\down\29350734.exe
C:\WINDOWS\system32\drivers\down\29350765.exe
C:\WINDOWS\system32\drivers\down\29352906.exe
C:\WINDOWS\system32\drivers\down\29354312.exe
C:\WINDOWS\system32\drivers\down\29355437.exe
C:\WINDOWS\system32\drivers\down\29356281.exe
C:\WINDOWS\system32\drivers\down\29356343.exe
C:\WINDOWS\system32\drivers\down\29357609.exe
C:\WINDOWS\system32\drivers\down\29359578.exe
C:\WINDOWS\system32\drivers\down\29360703.exe
C:\WINDOWS\system32\drivers\down\29363562.exe
C:\WINDOWS\system32\drivers\down\29364421.exe
C:\WINDOWS\system32\drivers\down\29365390.exe
C:\WINDOWS\system32\drivers\down\29366718.exe
C:\WINDOWS\system32\drivers\down\29367578.exe
C:\WINDOWS\system32\drivers\down\29369140.exe
C:\WINDOWS\system32\drivers\down\29370671.exe
C:\WINDOWS\system32\drivers\down\29372203.exe
C:\WINDOWS\system32\drivers\down\29373250.exe
C:\WINDOWS\system32\drivers\down\29373546.exe
C:\WINDOWS\system32\drivers\down\29373812.exe
C:\WINDOWS\system32\drivers\down\29373843.exe
C:\WINDOWS\system32\drivers\down\29375734.exe
C:\WINDOWS\system32\drivers\down\29375968.exe
C:\WINDOWS\system32\drivers\down\29376156.exe
C:\WINDOWS\system32\drivers\down\29376312.exe
C:\WINDOWS\system32\drivers\down\29376328.exe
C:\WINDOWS\system32\drivers\down\29376343.exe
C:\WINDOWS\system32\drivers\down\29376625.exe
C:\WINDOWS\system32\drivers\down\29376843.exe
C:\WINDOWS\system32\drivers\down\29377953.exe
C:\WINDOWS\system32\drivers\down\29378578.exe
C:\WINDOWS\system32\drivers\down\29378890.exe
C:\WINDOWS\system32\drivers\down\29379375.exe
C:\WINDOWS\system32\drivers\down\29379734.exe
C:\WINDOWS\system32\drivers\down\29381046.exe
C:\WINDOWS\system32\drivers\down\29385750.exe
C:\WINDOWS\system32\drivers\down\29386500.exe
C:\WINDOWS\system32\drivers\down\29387984.exe
C:\WINDOWS\system32\drivers\down\29388296.exe
C:\WINDOWS\system32\drivers\down\29388781.exe
C:\WINDOWS\system32\drivers\down\29388828.exe
C:\WINDOWS\system32\drivers\down\29389171.exe
C:\WINDOWS\system32\drivers\down\29390890.exe
C:\WINDOWS\system32\drivers\down\29393234.exe
C:\WINDOWS\system32\drivers\down\29394593.exe
C:\WINDOWS\system32\drivers\down\29396812.exe
C:\WINDOWS\system32\drivers\down\29398703.exe
C:\WINDOWS\system32\drivers\down\29399671.exe
C:\WINDOWS\system32\drivers\down\29399875.exe
C:\WINDOWS\system32\drivers\down\29401734.exe
C:\WINDOWS\system32\drivers\down\29402437.exe
C:\WINDOWS\system32\drivers\down\29404093.exe
C:\WINDOWS\system32\drivers\down\29404593.exe
C:\WINDOWS\system32\drivers\down\29406187.exe
C:\WINDOWS\system32\drivers\down\29406734.exe
C:\WINDOWS\system32\drivers\down\29407078.exe
C:\WINDOWS\system32\drivers\down\29407968.exe
C:\WINDOWS\system32\drivers\down\29409234.exe
C:\WINDOWS\system32\drivers\down\29409296.exe
C:\WINDOWS\system32\drivers\down\29409578.exe
C:\WINDOWS\system32\drivers\down\29409750.exe
C:\WINDOWS\system32\drivers\down\29410968.exe
C:\WINDOWS\system32\drivers\down\29411156.exe
C:\WINDOWS\system32\drivers\down\29411609.exe
C:\WINDOWS\system32\drivers\down\29412687.exe
C:\WINDOWS\system32\drivers\down\29413703.exe
C:\WINDOWS\system32\drivers\down\29414062.exe
C:\WINDOWS\system32\drivers\down\29414125.exe
C:\WINDOWS\system32\drivers\down\29414171.exe
C:\WINDOWS\system32\drivers\down\29414546.exe
C:\WINDOWS\system32\drivers\down\29416984.exe
C:\WINDOWS\system32\drivers\down\29420843.exe
C:\WINDOWS\system32\drivers\down\29422968.exe
C:\WINDOWS\system32\drivers\down\29425078.exe
C:\WINDOWS\system32\drivers\down\29426375.exe
C:\WINDOWS\system32\drivers\down\29428312.exe
C:\WINDOWS\system32\drivers\down\29434250.exe
C:\WINDOWS\system32\drivers\down\29437140.exe
C:\WINDOWS\system32\drivers\down\29437796.exe
C:\WINDOWS\system32\drivers\down\29438093.exe
C:\WINDOWS\system32\drivers\down\29438312.exe
C:\WINDOWS\system32\drivers\down\29439812.exe
C:\WINDOWS\system32\drivers\down\29440265.exe
C:\WINDOWS\system32\drivers\down\29441500.exe
C:\WINDOWS\system32\drivers\down\29441640.exe
C:\WINDOWS\system32\drivers\down\29443593.exe
C:\WINDOWS\system32\drivers\down\29443906.exe
C:\WINDOWS\system32\drivers\down\29446968.exe
C:\WINDOWS\system32\drivers\down\29447578.exe
C:\WINDOWS\system32\drivers\down\29460578.exe
C:\WINDOWS\system32\drivers\down\29469140.exe
C:\WINDOWS\system32\drivers\down\29472593.exe
C:\WINDOWS\system32\drivers\down\29505828.exe
C:\WINDOWS\system32\drivers\down\29509796.exe
C:\WINDOWS\system32\drivers\down\29518859.exe
C:\WINDOWS\system32\drivers\down\29524843.exe
C:\WINDOWS\system32\drivers\down\29527796.exe
C:\WINDOWS\system32\drivers\down\29527828.exe
C:\WINDOWS\system32\drivers\down\29533015.exe
C:\WINDOWS\system32\drivers\down\29535125.exe
C:\WINDOWS\system32\drivers\down\29537218.exe
C:\WINDOWS\system32\drivers\down\29538109.exe
C:\WINDOWS\system32\drivers\down\29539859.exe
C:\WINDOWS\system32\drivers\down\29554640.exe
C:\WINDOWS\system32\drivers\down\29556234.exe
C:\WINDOWS\system32\drivers\down\29557656.exe
C:\WINDOWS\system32\drivers\down\29560000.exe
C:\WINDOWS\system32\drivers\down\29560421.exe
C:\WINDOWS\system32\drivers\down\29563625.exe
C:\WINDOWS\system32\drivers\down\29565531.exe
C:\WINDOWS\system32\drivers\down\29566906.exe
C:\WINDOWS\system32\drivers\down\29595921.exe
C:\WINDOWS\system32\drivers\down\29599640.exe
C:\WINDOWS\system32\drivers\down\29606609.exe
C:\WINDOWS\system32\drivers\down\29609421.exe
C:\WINDOWS\system32\drivers\down\296156.exe
C:\WINDOWS\system32\drivers\down\29622296.exe
C:\WINDOWS\system32\drivers\down\29622312.exe
C:\WINDOWS\system32\drivers\down\29628093.exe
C:\WINDOWS\system32\drivers\down\29629234.exe
C:\WINDOWS\system32\drivers\down\29630781.exe
C:\WINDOWS\system32\drivers\down\29631890.exe
C:\WINDOWS\system32\drivers\down\29636046.exe
C:\WINDOWS\system32\drivers\down\29640312.exe
C:\WINDOWS\system32\drivers\down\29642421.exe
C:\WINDOWS\system32\drivers\down\29642578.exe
C:\WINDOWS\system32\drivers\down\29642890.exe
C:\WINDOWS\system32\drivers\down\29643078.exe
C:\WINDOWS\system32\drivers\down\29644062.exe
C:\WINDOWS\system32\drivers\down\29645328.exe
C:\WINDOWS\system32\drivers\down\29671031.exe
C:\WINDOWS\system32\drivers\down\29672421.exe
C:\WINDOWS\system32\drivers\down\297531.exe
C:\WINDOWS\system32\drivers\down\297656.exe
C:\WINDOWS\system32\drivers\down\300312.exe
C:\WINDOWS\system32\drivers\down\300453.exe
C:\WINDOWS\system32\drivers\down\300953.exe
C:\WINDOWS\system32\drivers\down\301203.exe
C:\WINDOWS\system32\drivers\down\301265.exe
C:\WINDOWS\system32\drivers\down\302671.exe
C:\WINDOWS\system32\drivers\down\303359.exe
C:\WINDOWS\system32\drivers\down\305078.exe
C:\WINDOWS\system32\drivers\down\305265.exe
C:\WINDOWS\system32\drivers\down\305578.exe
C:\WINDOWS\system32\drivers\down\306906.exe
C:\WINDOWS\system32\drivers\down\307093.exe
C:\WINDOWS\system32\drivers\down\307234.exe
C:\WINDOWS\system32\drivers\down\307687.exe
C:\WINDOWS\system32\drivers\down\307906.exe
C:\WINDOWS\system32\drivers\down\308281.exe
C:\WINDOWS\system32\drivers\down\309703.exe
C:\WINDOWS\system32\drivers\down\309734.exe
C:\WINDOWS\system32\drivers\down\311156.exe
C:\WINDOWS\system32\drivers\down\311187.exe
C:\WINDOWS\system32\drivers\down\313125.exe
C:\WINDOWS\system32\drivers\down\313640.exe
C:\WINDOWS\system32\drivers\down\314000.exe
C:\WINDOWS\system32\drivers\down\314171.exe
C:\WINDOWS\system32\drivers\down\314421.exe
C:\WINDOWS\system32\drivers\down\314656.exe
C:\WINDOWS\system32\drivers\down\316015.exe
C:\WINDOWS\system32\drivers\down\316375.exe
C:\WINDOWS\system32\drivers\down\317296.exe
C:\WINDOWS\system32\drivers\down\317796.exe
C:\WINDOWS\system32\drivers\down\318062.exe
C:\WINDOWS\system32\drivers\down\318343.exe
C:\WINDOWS\system32\drivers\down\319234.exe
C:\WINDOWS\system32\drivers\down\319500.exe
C:\WINDOWS\system32\drivers\down\320375.exe
C:\WINDOWS\system32\drivers\down\325421.exe
C:\WINDOWS\system32\drivers\down\327125.exe
C:\WINDOWS\system32\drivers\down\328296.exe
C:\WINDOWS\system32\drivers\down\330375.exe
C:\WINDOWS\system32\drivers\down\330828.exe
C:\WINDOWS\system32\drivers\down\330890.exe
C:\WINDOWS\system32\drivers\down\331453.exe
C:\WINDOWS\system32\drivers\down\332718.exe
C:\WINDOWS\system32\drivers\down\333359.exe
C:\WINDOWS\system32\drivers\down\334750.exe
C:\WINDOWS\system32\drivers\down\335000.exe
C:\WINDOWS\system32\drivers\down\335093.exe
C:\WINDOWS\system32\drivers\down\335531.exe
C:\WINDOWS\system32\drivers\down\335750.exe
C:\WINDOWS\system32\drivers\down\336046.exe
C:\WINDOWS\system32\drivers\down\336937.exe
C:\WINDOWS\system32\drivers\down\337968.exe
C:\WINDOWS\system32\drivers\down\338812.exe
C:\WINDOWS\system32\drivers\down\339500.exe
C:\WINDOWS\system32\drivers\down\339609.exe
C:\WINDOWS\system32\drivers\down\340578.exe
C:\WINDOWS\system32\drivers\down\342625.exe
C:\WINDOWS\system32\drivers\down\343093.exe
C:\WINDOWS\system32\drivers\down\343171.exe
C:\WINDOWS\system32\drivers\down\344843.exe
C:\WINDOWS\system32\drivers\down\345265.exe
C:\WINDOWS\system32\drivers\down\352750.exe
C:\WINDOWS\system32\drivers\down\356015.exe
C:\WINDOWS\system32\drivers\down\360406.exe
C:\WINDOWS\system32\drivers\down\365406.exe
C:\WINDOWS\system32\drivers\down\365656.exe
C:\WINDOWS\system32\drivers\down\368921.exe
C:\WINDOWS\system32\drivers\down\372687.exe
C:\WINDOWS\system32\drivers\down\372828.exe
C:\WINDOWS\system32\drivers\down\373171.exe
C:\WINDOWS\system32\drivers\down\376609.exe
C:\WINDOWS\system32\drivers\down\379000.exe
C:\WINDOWS\system32\drivers\down\387015.exe
C:\WINDOWS\system32\drivers\down\387609.exe
C:\WINDOWS\system32\drivers\down\390203.exe
C:\WINDOWS\system32\drivers\down\391750.exe
C:\WINDOWS\system32\drivers\down\393562.exe
C:\WINDOWS\system32\drivers\down\394359.exe
C:\WINDOWS\system32\drivers\down\395750.exe
C:\WINDOWS\system32\drivers\down\396531.exe
C:\WINDOWS\system32\drivers\down\400828.exe
C:\WINDOWS\system32\drivers\down\406843.exe
C:\WINDOWS\system32\drivers\down\413531.exe
C:\WINDOWS\system32\drivers\down\418437.exe
C:\WINDOWS\system32\drivers\down\422000.exe
C:\WINDOWS\system32\drivers\down\424421.exe
C:\WINDOWS\system32\drivers\down\425984.exe
C:\WINDOWS\system32\drivers\down\427734.exe
C:\WINDOWS\system32\drivers\down\427828.exe
C:\WINDOWS\system32\drivers\down\433187.exe
C:\WINDOWS\system32\drivers\down\433296.exe
C:\WINDOWS\system32\drivers\down\435265.exe
C:\WINDOWS\system32\drivers\down\43716250.exe
C:\WINDOWS\system32\drivers\down\43722921.exe
C:\WINDOWS\system32\drivers\down\43727234.exe
C:\WINDOWS\system32\drivers\down\43729906.exe
C:\WINDOWS\system32\drivers\down\43734093.exe
C:\WINDOWS\system32\drivers\down\43736296.exe
C:\WINDOWS\system32\drivers\down\43739218.exe
C:\WINDOWS\system32\drivers\down\43745765.exe
C:\WINDOWS\system32\drivers\down\43745843.exe
C:\WINDOWS\system32\drivers\down\43746406.exe
C:\WINDOWS\system32\drivers\down\43749968.exe
C:\WINDOWS\system32\drivers\down\43755093.exe
C:\WINDOWS\system32\drivers\down\43755437.exe
C:\WINDOWS\system32\drivers\down\43756718.exe
C:\WINDOWS\system32\drivers\down\43756750.exe
C:\WINDOWS\system32\drivers\down\43756906.exe
C:\WINDOWS\system32\drivers\down\43758828.exe
C:\WINDOWS\system32\drivers\down\43760734.exe
C:\WINDOWS\system32\drivers\down\43760812.exe
C:\WINDOWS\system32\drivers\down\43762109.exe
C:\WINDOWS\system32\drivers\down\43762125.exe
C:\WINDOWS\system32\drivers\down\43763234.exe
C:\WINDOWS\system32\drivers\down\43764218.exe
C:\WINDOWS\system32\drivers\down\43765578.exe
C:\WINDOWS\system32\drivers\down\43768000.exe
C:\WINDOWS\system32\drivers\down\43769890.exe
C:\WINDOWS\system32\drivers\down\43770828.exe
C:\WINDOWS\system32\drivers\down\43771125.exe
C:\WINDOWS\system32\drivers\down\43772156.exe
C:\WINDOWS\system32\drivers\down\43772390.exe
C:\WINDOWS\system32\drivers\down\43772578.exe
C:\WINDOWS\system32\drivers\down\43774203.exe
C:\WINDOWS\system32\drivers\down\43775656.exe
C:\WINDOWS\system32\drivers\down\43775828.exe
C:\WINDOWS\system32\drivers\down\43777468.exe
C:\WINDOWS\system32\drivers\down\43777750.exe
C:\WINDOWS\system32\drivers\down\43778734.exe
C:\WINDOWS\system32\drivers\down\43779718.exe
C:\WINDOWS\system32\drivers\down\43780562.exe
C:\WINDOWS\system32\drivers\down\43782796.exe
C:\WINDOWS\system32\drivers\down\43788812.exe
C:\WINDOWS\system32\drivers\down\43791843.exe
C:\WINDOWS\system32\drivers\down\43794421.exe
C:\WINDOWS\system32\drivers\down\43796468.exe
C:\WINDOWS\system32\drivers\down\43798343.exe
C:\WINDOWS\system32\drivers\down\43803734.exe
C:\WINDOWS\system32\drivers\down\43805640.exe
C:\WINDOWS\system32\drivers\down\43806062.exe
C:\WINDOWS\system32\drivers\down\43807078.exe
C:\WINDOWS\system32\drivers\down\43808781.exe
C:\WINDOWS\system32\drivers\down\43809953.exe
C:\WINDOWS\system32\drivers\down\43812671.exe
C:\WINDOWS\system32\drivers\down\43816515.exe
C:\WINDOWS\system32\drivers\down\43817421.exe
C:\WINDOWS\system32\drivers\down\43821187.exe
C:\WINDOWS\system32\drivers\down\43824937.exe
C:\WINDOWS\system32\drivers\down\43827609.exe
C:\WINDOWS\system32\drivers\down\43828265.exe
C:\WINDOWS\system32\drivers\down\43830968.exe
C:\WINDOWS\system32\drivers\down\43835000.exe
C:\WINDOWS\system32\drivers\down\43840000.exe
C:\WINDOWS\system32\drivers\down\43851312.exe
C:\WINDOWS\system32\drivers\down\43859812.exe
C:\WINDOWS\system32\drivers\down\43860562.exe
C:\WINDOWS\system32\drivers\down\43863343.exe
C:\WINDOWS\system32\drivers\down\43864187.exe
C:\WINDOWS\system32\drivers\down\43874734.exe
C:\WINDOWS\system32\drivers\down\43884218.exe
C:\WINDOWS\system32\drivers\down\43888500.exe
C:\WINDOWS\system32\drivers\down\43891312.exe
C:\WINDOWS\system32\drivers\down\43893218.exe
C:\WINDOWS\system32\drivers\down\43898953.exe
C:\WINDOWS\system32\drivers\down\43902843.exe
C:\WINDOWS\system32\drivers\down\43905156.exe
C:\WINDOWS\system32\drivers\down\43907765.exe
C:\WINDOWS\system32\drivers\down\43909546.exe
C:\WINDOWS\system32\drivers\down\43913703.exe
C:\WINDOWS\system32\drivers\down\43915531.exe
C:\WINDOWS\system32\drivers\down\43919125.exe
C:\WINDOWS\system32\drivers\down\43920953.exe
C:\WINDOWS\system32\drivers\down\43950890.exe
C:\WINDOWS\system32\drivers\down\43955125.exe
C:\WINDOWS\system32\drivers\down\44011765.exe
C:\WINDOWS\system32\drivers\down\44021937.exe
C:\WINDOWS\system32\drivers\down\44025906.exe
C:\WINDOWS\system32\drivers\down\44034437.exe
C:\WINDOWS\system32\drivers\down\44042453.exe
C:\WINDOWS\system32\drivers\down\44045062.exe
C:\WINDOWS\system32\drivers\down\44045812.exe
C:\WINDOWS\system32\drivers\down\44051203.exe
C:\WINDOWS\system32\drivers\down\44053250.exe
C:\WINDOWS\system32\drivers\down\44055281.exe
C:\WINDOWS\system32\drivers\down\44057312.exe
C:\WINDOWS\system32\drivers\down\44059859.exe
C:\WINDOWS\system32\drivers\down\44068546.exe
C:\WINDOWS\system32\drivers\down\44070125.exe
C:\WINDOWS\system32\drivers\down\44071203.exe
C:\WINDOWS\system32\drivers\down\44071484.exe
C:\WINDOWS\system32\drivers\down\44071906.exe
C:\WINDOWS\system32\drivers\down\44073437.exe
C:\WINDOWS\system32\drivers\down\44075062.exe
C:\WINDOWS\system32\drivers\down\44076796.exe
C:\WINDOWS\system32\drivers\down\44105640.exe
C:\WINDOWS\system32\drivers\down\44109703.exe
C:\WINDOWS\system32\drivers\down\458875.exe
C:\WINDOWS\system32\drivers\down\463703.exe
C:\WINDOWS\system32\drivers\down\47352078.exe
C:\WINDOWS\system32\drivers\down\47378328.exe
C:\WINDOWS\system32\drivers\down\47382937.exe
C:\WINDOWS\system32\drivers\down\47417828.exe
C:\WINDOWS\system32\drivers\down\47420281.exe
C:\WINDOWS\system32\drivers\down\47420312.exe
C:\WINDOWS\system32\drivers\down\47427281.exe
C:\WINDOWS\system32\drivers\down\47429187.exe
C:\WINDOWS\system32\drivers\down\47431625.exe
C:\WINDOWS\system32\drivers\down\47432625.exe
C:\WINDOWS\system32\drivers\down\47434515.exe
C:\WINDOWS\system32\drivers\down\47440234.exe
C:\WINDOWS\system32\drivers\down\47442328.exe
C:\WINDOWS\system32\drivers\down\47442640.exe
C:\WINDOWS\system32\drivers\down\47444375.exe
C:\WINDOWS\system32\drivers\down\47444593.exe
C:\WINDOWS\system32\drivers\down\47446765.exe
C:\WINDOWS\system32\drivers\down\47447906.exe
C:\WINDOWS\system32\drivers\down\47475375.exe
C:\WINDOWS\system32\drivers\down\47478078.exe
C:\WINDOWS\system32\drivers\down\47481765.exe
C:\WINDOWS\system32\drivers\down\480343.exe
C:\WINDOWS\system32\drivers\down\480421.exe
C:\WINDOWS\system32\drivers\down\481234.exe
C:\WINDOWS\system32\drivers\down\485484.exe
C:\WINDOWS\system32\drivers\down\490593.exe
C:\WINDOWS\system32\drivers\down\492484.exe
C:\WINDOWS\system32\drivers\down\494687.exe
C:\WINDOWS\system32\drivers\down\496390.exe
C:\WINDOWS\system32\drivers\down\499531.exe
C:\WINDOWS\system32\drivers\down\505750.exe
C:\WINDOWS\system32\drivers\down\509093.exe
C:\WINDOWS\system32\drivers\down\509781.exe
C:\WINDOWS\system32\drivers\down\511718.exe
C:\WINDOWS\system32\drivers\down\517515.exe
C:\WINDOWS\system32\drivers\down\522812.exe
C:\WINDOWS\system32\drivers\down\524890.exe
C:\WINDOWS\system32\drivers\down\551718.exe
C:\WINDOWS\system32\drivers\down\554156.exe
C:\WINDOWS\system32\drivers\down\58242625.exe
C:\WINDOWS\system32\drivers\down\58253125.exe
C:\WINDOWS\system32\drivers\down\58256859.exe
C:\WINDOWS\system32\drivers\down\58274437.exe
C:\WINDOWS\system32\drivers\down\58275125.exe
C:\WINDOWS\system32\drivers\down\58283562.exe
C:\WINDOWS\system32\drivers\down\58285921.exe
C:\WINDOWS\system32\drivers\down\58288671.exe
C:\WINDOWS\system32\drivers\down\58290015.exe
C:\WINDOWS\system32\drivers\down\58291609.exe
C:\WINDOWS\system32\drivers\down\58300578.exe
C:\WINDOWS\system32\drivers\down\58302906.exe
C:\WINDOWS\system32\drivers\down\58303171.exe
C:\WINDOWS\system32\drivers\down\58315421.exe
C:\WINDOWS\system32\drivers\down\58320250.exe
C:\WINDOWS\system32\drivers\down\58323046.exe
C:\WINDOWS\system32\drivers\down\58327328.exe
C:\WINDOWS\system32\drivers\down\58340781.exe
C:\WINDOWS\system32\drivers\down\58340937.exe
C:\WINDOWS\system32\drivers\down\58345625.exe
C:\WINDOWS\system32\drivers\down\58347265.exe
C:\WINDOWS\system32\drivers\down\58349015.exe
C:\WINDOWS\system32\drivers\down\58350156.exe
C:\WINDOWS\system32\drivers\down\58351500.exe
C:\WINDOWS\system32\drivers\down\58356687.exe
C:\WINDOWS\system32\drivers\down\58359187.exe
C:\WINDOWS\system32\drivers\down\58359656.exe
C:\WINDOWS\system32\drivers\down\58360281.exe
C:\WINDOWS\system32\drivers\down\58360703.exe
C:\WINDOWS\system32\drivers\down\58361828.exe
C:\WINDOWS\system32\drivers\down\58363234.exe
C:\WINDOWS\system32\drivers\down\58371750.exe
C:\WINDOWS\system32\drivers\down\58377562.exe
C:\WINDOWS\system32\drivers\down\58381109.exe
C:\WINDOWS\system32\drivers\down\58387812.exe
C:\WINDOWS\system32\drivers\down\58389453.exe
C:\WINDOWS\system32\drivers\down\58391734.exe
C:\WINDOWS\system32\drivers\down\58397609.exe
C:\WINDOWS\system32\drivers\down\58399656.exe
C:\WINDOWS\system32\drivers\down\58399671.exe
C:\WINDOWS\system32\drivers\down\58406093.exe
C:\WINDOWS\system32\drivers\down\58408718.exe
C:\WINDOWS\system32\drivers\down\58411390.exe
C:\WINDOWS\system32\drivers\down\58412156.exe
C:\WINDOWS\system32\drivers\down\58416281.exe
C:\WINDOWS\system32\drivers\down\58421296.exe
C:\WINDOWS\system32\drivers\down\58422609.exe
C:\WINDOWS\system32\drivers\down\58423546.exe
C:\WINDOWS\system32\drivers\down\58425500.exe
C:\WINDOWS\system32\drivers\down\58427140.exe
C:\WINDOWS\system32\drivers\down\58428562.exe
C:\WINDOWS\system32\drivers\down\58433406.exe
C:\WINDOWS\system32\drivers\down\58434562.exe
C:\WINDOWS\system32\drivers\down\58468562.exe
C:\WINDOWS\system32\drivers\down\58476625.exe
C:\WINDOWS\system32\drivers\down\61350984.exe
C:\WINDOWS\system32\drivers\down\61357812.exe
C:\WINDOWS\system32\drivers\down\61361640.exe
C:\WINDOWS\system32\drivers\down\61396609.exe
C:\WINDOWS\system32\drivers\down\61450421.exe
C:\WINDOWS\system32\drivers\down\61451156.exe
C:\WINDOWS\system32\drivers\down\61465718.exe
C:\WINDOWS\system32\drivers\down\61467812.exe
C:\WINDOWS\system32\drivers\down\61469921.exe
C:\WINDOWS\system32\drivers\down\61473781.exe
C:\WINDOWS\system32\drivers\down\61476140.exe
C:\WINDOWS\system32\drivers\down\61482671.exe
C:\WINDOWS\system32\drivers\down\61484906.exe
C:\WINDOWS\system32\drivers\down\61486140.exe
C:\WINDOWS\system32\drivers\down\61487828.exe
C:\WINDOWS\system32\drivers\down\61493000.exe
C:\WINDOWS\system32\drivers\down\61497828.exe
C:\WINDOWS\system32\drivers\down\61499484.exe
C:\WINDOWS\system32\drivers\down\61526703.exe
C:\WINDOWS\system32\drivers\down\61529531.exe
C:\WINDOWS\system32\drivers\down\61533281.exe
C:\WINDOWS\system32\drivers\down\61894171.exe
C:\WINDOWS\system32\drivers\down\61903484.exe
C:\WINDOWS\system32\drivers\down\61907687.exe
C:\WINDOWS\system32\drivers\down\61942843.exe
C:\WINDOWS\system32\drivers\down\61944781.exe
C:\WINDOWS\system32\drivers\down\61945421.exe
C:\WINDOWS\system32\drivers\down\61951031.exe
C:\WINDOWS\system32\drivers\down\61952593.exe
C:\WINDOWS\system32\drivers\down\61954640.exe
C:\WINDOWS\system32\drivers\down\61956000.exe
C:\WINDOWS\system32\drivers\down\61957375.exe
C:\WINDOWS\system32\drivers\down\61962843.exe
C:\WINDOWS\system32\drivers\down\61964765.exe
C:\WINDOWS\system32\drivers\down\61964984.exe
C:\WINDOWS\system32\drivers\down\61965421.exe
C:\WINDOWS\system32\drivers\down\61965843.exe
C:\WINDOWS\system32\drivers\down\61967171.exe
C:\WINDOWS\system32\drivers\down\61968687.exe
C:\WINDOWS\system32\drivers\down\61994953.exe
C:\WINDOWS\system32\drivers\down\61997265.exe
C:\WINDOWS\system32\drivers\down\62001046.exe
C:\WINDOWS\system32\drivers\down\72816187.exe
C:\WINDOWS\system32\drivers\down\72819296.exe
C:\WINDOWS\system32\drivers\down\72843859.exe
C:\WINDOWS\system32\drivers\down\72856906.exe
C:\WINDOWS\system32\drivers\down\72857078.exe
C:\WINDOWS\system32\drivers\down\72861125.exe
C:\WINDOWS\system32\drivers\down\72862750.exe
C:\WINDOWS\system32\drivers\down\72864718.exe
C:\WINDOWS\system32\drivers\down\72866031.exe
C:\WINDOWS\system32\drivers\down\72867515.exe
C:\WINDOWS\system32\drivers\down\72875187.exe
C:\WINDOWS\system32\drivers\down\72877500.exe
C:\WINDOWS\system32\drivers\down\72877984.exe
C:\WINDOWS\system32\drivers\down\72878406.exe
C:\WINDOWS\system32\drivers\down\72878828.exe
C:\WINDOWS\system32\drivers\down\72880015.exe
C:\WINDOWS\system32\drivers\down\72881828.exe
C:\WINDOWS\system32\drivers\down\72908015.exe
C:\WINDOWS\system32\drivers\down\72910484.exe
C:\WINDOWS\system32\drivers\down\75947406.exe
C:\WINDOWS\system32\drivers\down\75952984.exe
C:\WINDOWS\system32\drivers\down\75956796.exe
C:\WINDOWS\system32\drivers\down\75993953.exe
C:\WINDOWS\system32\drivers\down\75996171.exe
C:\WINDOWS\system32\drivers\down\75996328.exe
C:\WINDOWS\system32\drivers\down\76003640.exe
C:\WINDOWS\system32\drivers\down\76005765.exe
C:\WINDOWS\system32\drivers\down\76007546.exe
C:\WINDOWS\system32\drivers\down\76009015.exe
C:\WINDOWS\system32\drivers\down\76010593.exe
C:\WINDOWS\system32\drivers\down\76017765.exe
C:\WINDOWS\system32\drivers\down\76020078.exe
C:\WINDOWS\system32\drivers\down\76020765.exe
C:\WINDOWS\system32\drivers\down\76021437.exe
C:\WINDOWS\system32\drivers\down\76022125.exe
C:\WINDOWS\system32\drivers\down\76023593.exe
C:\WINDOWS\system32\drivers\down\76024796.exe
C:\WINDOWS\system32\drivers\down\76051734.exe
C:\WINDOWS\system32\drivers\down\76053640.exe
C:\WINDOWS\system32\drivers\down\76057468.exe
C:\WINDOWS\system32\drivers\down\84234.exe
C:\WINDOWS\system32\drivers\down\87332593.exe
C:\WINDOWS\system32\drivers\down\87333906.exe
C:\WINDOWS\system32\drivers\down\87336578.exe
C:\WINDOWS\system32\drivers\down\87340125.exe
C:\WINDOWS\system32\drivers\down\87344703.exe
C:\WINDOWS\system32\drivers\down\87380203.exe
C:\WINDOWS\system32\drivers\down\87380890.exe
C:\WINDOWS\system32\drivers\down\87386343.exe
C:\WINDOWS\system32\drivers\down\87388656.exe
C:\WINDOWS\system32\drivers\down\87390734.exe
C:\WINDOWS\system32\drivers\down\87392921.exe
C:\WINDOWS\system32\drivers\down\87394593.exe
C:\WINDOWS\system32\drivers\down\87400625.exe
C:\WINDOWS\system32\drivers\down\87403421.exe
C:\WINDOWS\system32\drivers\down\87405625.exe
C:\WINDOWS\system32\drivers\down\87407468.exe
C:\WINDOWS\system32\drivers\down\87410015.exe
C:\WINDOWS\system32\drivers\down\87416765.exe
C:\WINDOWS\system32\drivers\down\87419312.exe
C:\WINDOWS\system32\drivers\down\87446609.exe
C:\WINDOWS\system32\drivers\down\87449765.exe
C:\WINDOWS\system32\drivers\down\88796.exe
C:\WINDOWS\system32\drivers\down\90491671.exe
C:\WINDOWS\system32\drivers\down\90497890.exe
C:\WINDOWS\system32\drivers\down\90502187.exe
C:\WINDOWS\system32\drivers\down\90540500.exe
C:\WINDOWS\system32\drivers\down\90544343.exe
C:\WINDOWS\system32\drivers\down\90544359.exe
C:\WINDOWS\system32\drivers\down\90554234.exe
C:\WINDOWS\system32\drivers\down\90556421.exe
C:\WINDOWS\system32\drivers\down\90559031.exe
C:\WINDOWS\system32\drivers\down\90560062.exe
C:\WINDOWS\system32\drivers\down\90563687.exe
C:\WINDOWS\system32\drivers\down\90570140.exe
C:\WINDOWS\system32\drivers\down\90572921.exe
C:\WINDOWS\system32\drivers\down\90573937.exe
C:\WINDOWS\system32\drivers\down\90574390.exe
C:\WINDOWS\system32\drivers\down\90575296.exe
C:\WINDOWS\system32\drivers\down\90580125.exe
C:\WINDOWS\system32\drivers\down\90580875.exe
C:\WINDOWS\system32\drivers\down\90609843.exe
C:\WINDOWS\system32\drivers\down\90614140.exe
C:\WINDOWS\system32\drivers\down\90617750.exe
C:\WINDOWS\system32\drivers\down\92468.exe
C:\WINDOWS\system32\drivers\down\93984.exe
C:\WINDOWS\system32\drivers\down\94687.exe
C:\WINDOWS\system32\drivers\down\95515.exe
C:\WINDOWS\system32\drivers\down\95750.exe
C:\WINDOWS\system32\drivers\down\96140.exe
C:\WINDOWS\system32\drivers\down\96343.exe
C:\WINDOWS\system32\drivers\down\97250.exe
C:\WINDOWS\system32\drivers\down\98593.exe
C:\WINDOWS\system32\drivers\down\98625.exe
C:\WINDOWS\system32\drivers\down\99171.exe
C:\WINDOWS\system32\drivers\down\99312.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_SROSA
-------\srosa


((((((((((((((((((((((((( Files Created from 2008-01-13 to 2008-02-13 )))))))))))))))))))))))))))))))
.

2008-02-13 18:09 . 2008-02-13 18:09 0 --a------ C:\Perflib_Perfdata__754
2008-02-10 18:39 . 2008-02-10 18:39 <DIR> d-------- C:\WINDOWS\system32\HouseCall 6.6
2008-02-10 18:39 . 2008-02-12 17:11 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\HouseCall 6.6
2008-02-10 13:50 . 2008-02-10 13:50 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-02-10 13:49 . 2008-02-10 13:52 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\.housecall6.6
2008-02-09 22:13 . 2008-02-10 17:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-09 22:13 . 2008-02-09 22:13 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-07 23:12 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys
2008-02-07 22:36 . 2008-02-07 23:14 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-07 22:36 . 2008-02-07 22:36 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-07 22:36 . 2008-02-07 22:36 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-07 22:36 . 2008-02-07 22:36 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-07 22:29 . 2008-02-07 22:30 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-02-01 15:24 . 2008-02-01 15:24 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-01-31 22:29 . 2008-01-31 22:29 <DIR> d-------- C:\Program Files\Convar
2008-01-31 22:29 . 2003-07-18 13:58 516,784 -ra------ C:\WINDOWS\system32\XceedCry.dll
2008-01-31 22:29 . 2002-02-28 09:46 217,088 --a------ C:\WINDOWS\system32\DartSock.dll
2008-01-31 22:29 . 2002-02-21 10:12 118,784 --a------ C:\WINDOWS\system32\DartWeb.dll
2008-01-31 22:29 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-01-31 22:29 . 1998-06-13 22:53 44,544 --a------ C:\WINDOWS\system32\Gif89.dll
2008-01-31 22:29 . 2002-04-12 13:19 28,672 --a------ C:\WINDOWS\system32\DartWeb.oca
2008-01-31 16:09 . 2008-02-10 09:06 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-31 16:09 . 2008-02-13 18:12 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-01-31 16:08 . 2008-02-10 09:04 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-01-29 18:03 . 2008-01-29 18:11 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-01-29 18:03 . 2008-01-29 18:11 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-01-29 18:03 . 2008-01-29 18:03 <DIR> d-------- C:\Program Files\Zone Labs
2008-01-29 18:03 . 2008-01-29 18:11 354,796 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-01-22 16:16 . 2008-01-22 16:27 <DIR> d-------- C:\TMAcl
2008-01-22 16:07 . 2008-01-22 16:07 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
2008-01-21 23:19 . 2008-01-29 18:05 <DIR> d-------- C:\Program Files\ErrorSmart
2008-01-21 22:29 . 2008-01-25 21:22 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\ErrorSmart
2008-01-19 12:55 . 2008-01-19 12:55 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-01-17 17:46 . 2008-02-11 00:24 <DIR> d--h----- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m
2008-01-16 16:25 . 2008-01-27 17:39 57 --a------ C:\WINDOWS\uilib.INI
2008-01-16 06:29 . 2008-01-16 06:29 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\Tenebril
2008-01-16 06:28 . 2008-01-16 06:28 <DIR> d-------- C:\WINDOWS\system32\tenarchlib
2008-01-16 06:28 . 2008-02-08 08:10 <DIR> d-------- C:\Program Files\GhostSurf

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-09 22:02 --------- d-----w C:\Program Files\QuickTime
2008-02-09 22:00 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-07 22:29 --------- d-----w C:\Program Files\Lavasoft
2008-02-07 22:29 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-31 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-31 21:05 --------- d-----w C:\Program Files\eMule
2008-01-17 17:51 --------- d-----w C:\Program Files\BT Broadband Talk Softphone
2008-01-12 22:55 --------- d-----w C:\Program Files\Common Files\HP
2008-01-12 22:51 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-09 15:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-12-16 07:55 --------- d-----w C:\Program Files\Apple Software Update
2007-12-16 07:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2005-10-18 11:08 349,760 -c--a-w C:\Documents and Settings\LocalService.NT AUTHORITY.001\mcinsctl.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 16:24 1694208]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45 313472]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:56 15360]
"mule_st_key"="C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\flec006.exe" [2008-02-12 12:50 96260]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 10:15 106496]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 07:56 110592 C:\WINDOWS\system32\bthprops.cpl]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-10-22 11:22 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 15:24 54840]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 21:57 30208]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 10:09 49152]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32 53248]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 07:56 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-02-12 14:33:52 110592]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe [2005-08-24 13:06:54 577597]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Suitcase Startup.lnk - C:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe [2007-03-28 21:10:34 3354624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Bluetooth.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth.lnk
backup=C:\WINDOWS\pss\Bluetooth.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Broadband Desktop Help.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Broadband Desktop Help.lnk
backup=C:\WINDOWS\pss\Broadband Desktop Help.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^RealDownload.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\RealDownload.lnk
backup=C:\WINDOWS\pss\RealDownload.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2005-06-22 13:29 417792 C:\PROGRA~1\BTBROA~3\Help\SMARTB~1\BTHelpNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 09:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-06-18 14:10 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a--c--- 2005-10-11 09:00 2437120 C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe

R0 stwlfbus;stwlfbus;C:\WINDOWS\system32\DRIVERS\stwlfbus.sys [2003-04-27 11:39]
R3 st3wolf;st3wolf;C:\WINDOWS\system32\DRIVERS\st3wolf.sys [2003-04-27 10:43]
R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 06:01]

.
Contents of the 'Scheduled Tasks' folder
"2008-02-11 09:24:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-12 03:30:00 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart
"2008-02-13 18:18:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 18:12:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\cidaemon.exe
.
**************************************************************************
.
Completion time: 2008-02-13 18:20:07 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-13 18:20:04



HIJACKTHIS LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:06, on 13/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\flec006.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\system32\IETie.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\flec006.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suitcase Startup.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/ho...ivex/hcImpl.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145569446546
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1145786588906
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O21 - SSODL: hubbsi - {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - (no file)
O22 - SharedTaskScheduler: {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - hubbsi - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 10252 bytes

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:12 AM

Posted 12 February 2008 - 04:06 PM

You had a lot of infections but ComboFix got the lions share of em already. Just a little cleanup left.

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

File::
C:\WINDOWS\uilib.INI
C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job

Folder::
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\flec006.exe
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mule_st_key"=-


Save this as the txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.

#7 anticus50

anticus50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 12 February 2008 - 06:12 PM

COMBOFIX LOG

ComboFix 08-02-13.2 - Tony 2008-02-13 23:06:41.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.806 [GMT 0:00]
Running from: C:\Documents and Settings\Tony.TONY-00UYRL42JL\Desktop\antvirus\ComboFix.exe
Command switches used :: C:\Documents and Settings\Tony.TONY-00UYRL42JL\Desktop\antvirus\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE
C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job
C:\WINDOWS\uilib.INI
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\flec006.exe\
C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job
C:\WINDOWS\uilib.INI

.
((((((((((((((((((((((((( Files Created from 2008-01-13 to 2008-02-13 )))))))))))))))))))))))))))))))
.

2008-02-13 18:09 . 2008-02-13 18:09 0 --a------ C:\Perflib_Perfdata__754
2008-02-10 18:39 . 2008-02-10 18:39 <DIR> d-------- C:\WINDOWS\system32\HouseCall 6.6
2008-02-10 18:39 . 2008-02-12 17:11 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\HouseCall 6.6
2008-02-10 13:50 . 2008-02-10 13:50 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-02-10 13:49 . 2008-02-10 13:52 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\.housecall6.6
2008-02-09 22:13 . 2008-02-10 17:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-09 22:13 . 2008-02-09 22:13 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-07 23:12 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys
2008-02-07 22:36 . 2008-02-07 23:14 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-07 22:36 . 2008-02-07 22:36 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-07 22:36 . 2008-02-07 22:36 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-07 22:36 . 2008-02-07 22:36 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-07 22:29 . 2008-02-07 22:30 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-02-01 15:24 . 2008-02-01 15:24 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-01-31 22:29 . 2008-01-31 22:29 <DIR> d-------- C:\Program Files\Convar
2008-01-31 22:29 . 2003-07-18 13:58 516,784 -ra------ C:\WINDOWS\system32\XceedCry.dll
2008-01-31 22:29 . 2002-02-28 09:46 217,088 --a------ C:\WINDOWS\system32\DartSock.dll
2008-01-31 22:29 . 2002-02-21 10:12 118,784 --a------ C:\WINDOWS\system32\DartWeb.dll
2008-01-31 22:29 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-01-31 22:29 . 1998-06-13 22:53 44,544 --a------ C:\WINDOWS\system32\Gif89.dll
2008-01-31 22:29 . 2002-04-12 13:19 28,672 --a------ C:\WINDOWS\system32\DartWeb.oca
2008-01-31 16:09 . 2008-02-10 09:06 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-31 16:09 . 2008-02-13 18:19 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-01-31 16:08 . 2008-02-10 09:04 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-01-29 18:03 . 2008-01-29 18:11 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-01-29 18:03 . 2008-01-29 18:11 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-01-29 18:03 . 2008-01-29 18:03 <DIR> d-------- C:\Program Files\Zone Labs
2008-01-29 18:03 . 2008-01-29 18:11 354,796 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-01-22 16:16 . 2008-01-22 16:27 <DIR> d-------- C:\TMAcl
2008-01-22 16:07 . 2008-01-22 16:07 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
2008-01-21 23:19 . 2008-01-29 18:05 <DIR> d-------- C:\Program Files\ErrorSmart
2008-01-21 22:29 . 2008-01-25 21:22 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\ErrorSmart
2008-01-19 12:55 . 2008-01-19 12:55 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-01-17 17:46 . 2008-02-11 00:24 <DIR> d--h----- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m
2008-01-16 06:29 . 2008-01-16 06:29 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\Tenebril
2008-01-16 06:28 . 2008-01-16 06:28 <DIR> d-------- C:\WINDOWS\system32\tenarchlib
2008-01-16 06:28 . 2008-02-08 08:10 <DIR> d-------- C:\Program Files\GhostSurf

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-09 22:02 --------- d-----w C:\Program Files\QuickTime
2008-02-09 22:00 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-07 22:29 --------- d-----w C:\Program Files\Lavasoft
2008-02-07 22:29 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-31 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-31 21:05 --------- d-----w C:\Program Files\eMule
2008-01-17 17:51 --------- d-----w C:\Program Files\BT Broadband Talk Softphone
2008-01-12 22:55 --------- d-----w C:\Program Files\Common Files\HP
2008-01-12 22:51 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-09 15:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-12-16 07:55 --------- d-----w C:\Program Files\Apple Software Update
2007-12-16 07:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2007-12-14 11:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2005-10-18 11:08 349,760 -c--a-w C:\Documents and Settings\LocalService.NT AUTHORITY.001\mcinsctl.dll
2001-11-23 11:08 712,704 -c--a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 16:24 1694208]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45 313472]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:56 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 10:15 106496]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 07:56 110592 C:\WINDOWS\system32\bthprops.cpl]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-10-22 11:22 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 15:24 54840]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 21:57 30208]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 10:09 49152]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32 53248]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 07:56 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-02-12 14:33:52 110592]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe [2005-08-24 13:06:54 577597]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Suitcase Startup.lnk - C:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe [2007-03-28 21:10:34 3354624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Bluetooth.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth.lnk
backup=C:\WINDOWS\pss\Bluetooth.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Broadband Desktop Help.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Broadband Desktop Help.lnk
backup=C:\WINDOWS\pss\Broadband Desktop Help.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^RealDownload.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\RealDownload.lnk
backup=C:\WINDOWS\pss\RealDownload.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2005-06-22 13:29 417792 C:\PROGRA~1\BTBROA~3\Help\SMARTB~1\BTHelpNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 09:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-06-18 14:10 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a--c--- 2005-10-11 09:00 2437120 C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe

R0 stwlfbus;stwlfbus;C:\WINDOWS\system32\DRIVERS\stwlfbus.sys [2003-04-27 11:39]
R3 st3wolf;st3wolf;C:\WINDOWS\system32\DRIVERS\st3wolf.sys [2003-04-27 10:43]
R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 06:01]

.
Contents of the 'Scheduled Tasks' folder
"2008-02-11 09:24:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-13 23:08:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 23:09:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-13 23:10:28
ComboFix-quarantined-files.txt 2008-02-13 23:10:01
ComboFix2.txt 2008-02-13 18:20:08


HIJACKTHIS LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:10:51, on 13/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\flec006.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\system32\IETie.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suitcase Startup.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/ho...ivex/hcImpl.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145569446546
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1145786588906
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O21 - SSODL: hubbsi - {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - (no file)
O22 - SharedTaskScheduler: {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - hubbsi - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 10107 bytes

#8 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:12 AM

Posted 13 February 2008 - 11:50 AM

I made a mistake in that cfscript.

You had a lot of infections but ComboFix got the lions share of em already. Just a little cleanup left.

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

Folder::
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mule_st_key"=-


Save this as the txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.

#9 anticus50

anticus50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 13 February 2008 - 12:52 PM

No worries, thanks for your time with this!

COMBOFIX LOG

ComboFix 08-02-13.2 - Tony 2008-02-14 17:36:43.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.877 [GMT 0:00]
Running from: C:\Documents and Settings\Tony.TONY-00UYRL42JL\Desktop\antvirus\ComboFix.exe
Command switches used :: C:\Documents and Settings\Tony.TONY-00UYRL42JL\Desktop\antvirus\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\data.oct
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\flec006.exe
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\list.oct
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\1st Screensaver Flash Studio Professional 2.0.2.343 With Crack.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\1Z0-030 - Oracle9i New Features for Administrators Practice Test Questions 1.0 Key+Serial.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\3D Justice 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\absoluteTools-HTTP 1.0.3.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\ACA Audio Recorder 4.00.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Advanced Internet Kiosk 5.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\All Sea Screen Saver 1.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\American Flag Clock Screen Saver 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Amju Super Golf 2.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Any Video Converter 2.21 Cracked.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\AnyMini W 5.0 build 548.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\ASWSystems Toolbars Pack - Coloring 1-10 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\AT Screen Thief 3.8.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\AV Movie Morpher 2.0.29.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Avast.Professional.Edition.v4.6.603.Keygen.Only-ACME.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Avax Vector ActiveX 1.3 [Patch].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Avira.Premium.Security.Suite.Hbedv.2007-11-09.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Batch Video Joiner 4.0 (Key).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Batch WinFax2PDF 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Battery Time 1.3.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\BatteryMon 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Battle City 2.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Battlecruiser Millennium Gold patch 1.01.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Battlesport demo.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\BBallVB 3.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Bird Dog EIS 1.4.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Bitdefender.Antivirus.Plus.10.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Blue Commander 2.1.6 (Crack).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\BMS Business Music System 4.05.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Bookmark Notes 2.01 Serial.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Cartouche Maker 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\CD-ROM ToolKit Updater 3.0.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Cell Checkers 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Coin World 2.5.116.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Coloring Book 9 - Little Monsters 1.0.48 (KeyGen).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Commando The Schwarzenegger Sound Byte Assistant 0.8.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Confidential Business Suite 2.0.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\CS Codec Solution 1.00.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Desktop Security Rx 4.0 (Serial).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\DFX for RealPlayer 7.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\DHS FileMani 1.0 (Crack).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\DivX Create Bundle (incl. DivX Player) 6.6.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\DocJector 1.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Doom 3 OpenCoop mod 2.0 beta.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Drop Drawers 1.6.5.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\DVD EZWorkshop + iPod Video Suite 2.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\eMic Communicator 2.0.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Eureka Email 2.0i.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\EventReader 2.1.1.48.33.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\EZ Backup Photoshop Pro 4.7.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\File Shredder 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Finale PrintMusic 2007 (Crack).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Find and Run 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Finder's Friend 1.5.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Firebird MP3 1.1.0.399.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Flash Text Scroller Wizard 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\FlexCell Grid Control 5.6.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Flobo PSD Recovery 2.5.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Flymo Racers 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Formatta Designer 7.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\FortKnox 3.56.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\FreeWebStream 1.133.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\GeoBase 0.8.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\GetRight Pro 6c.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Ghost Clock 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Golden Gate Bridge Demo Screensaver 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Goofy Gokarts 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Graham Process Mapping 7.01.0226.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Graphic Converter 2003 build 635 [Patch].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Grooverider_Fabriclive_06_Album_(no_cover)_avg_256_kbps.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Guiffy 8.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\GVH File library 1.0 [KeyGen].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Halo Combat Evolved Beach Assault map.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\HEXtreme 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\IE Internet Security 7.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Ie Minder 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\IM-History 0.9.35.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\IM2 Indonesian Calendar 1.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Index.dat Scanner 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Ink 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Internet Password Pro 1.1 (KeyGen).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\iParis 3.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\iPodCopy for Mac 1.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Israel Calendar 1.5.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Jana Server 2.4.8.51 (Key).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Javascript Newsflash 1.0 (Key+Serial).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Job Management 2.8.0.654.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\JurikSoft Socks Proxy Provider 1.0 (Serial).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\KidsWatch Time Control Standard 3.5.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Kukuxumusu Kaput 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\LagMeter 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\LingvoSoft Dictionary 2007 German - Czech 4.0.22.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\LingvoSoft Talking Dictionary 2007 English - Slovak 4.0.22.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\LingvoSoft Talking Picture Dictionary 2007 French - Portuguese 1.1.18 [Key+Serial].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Liquid Backup 1.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Liveswif 2.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Locked! 5.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\M2Convert for myvu 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Magic Deformer 1.0 Key.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Manage Invest 2007.5 Key.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Manage Invest 2007.5.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Mandarin Learning Assistant 0.9.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\MARS 3.16.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Mathomatic 12.5.17.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\MB3-409 Practice Exam Testing Engine Software 1.0 Patch.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Medicine Buddha Screen Saver 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Mesh Booleans for AutoCAD 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Metal Gear Solid demo.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\minimonMule 0.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Modern Logos for Company Logo Designer 1.01 (Serial).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\MorphVOX 2.9.8.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\MP3 Compilation Center 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\MP3 Strip_It! Digital 5.7.0.223.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\MultiGrabber 3.6.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\MySharpCode 1.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Nazareth sites 1.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Neural Network Component 1.0 [Crack].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Nocturne demo #2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\NOD32.FiX.v2.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\NutriGenie Lower Your Cholesterol 4.3b.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\OptiVec for Borland C++ 4.4.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Outlook Anywhere 1.01.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Panorama Scroller 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Panzer Dragoon demo.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Partition Saving 3.40.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Password Protect Folders 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Perfect Day The Wedding Planning Suite 1.04.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Personal Trainer-PDA Multi-client 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Personnel Plus Training XP 2.56.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\PhotoSpark 1.0.1.0 With Crack.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\PowrClik Suite 2.7.4.110.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Printsheets 3.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Project Analyzer 8.0.04.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\ProjectArchitect 1.0.1.60.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Puzzle Championship Town and Country Edition 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\RB TimeTracker 3.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\ReaJPEG 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\River Past Crazi Video for Apple TV 2.5.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\RoboForm Companion 3.5.115.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\RoomDex 1.6 (Crack).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\RPS-Manager 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Saleen S7 Screensaver 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Sami HTTP Server 2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Scrapland demo.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SE Drawing Extractor 3.7.52 (Key+Serial).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SearchBlackBox SDK 1.2 (Crack).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SeaSideSoft Book Manager 1.0.3.2 With Crack.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Secret Caretaker 1.0.1032.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SecureBlackbox (VCL) 5.1 (Crack).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Sensatio Quick Version 1.1 [KeyGen].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Serial Port Redirector 1.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SerpentHead Revisited 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SharePoint Notification System 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Shareware Workshop 1.2.8.181 RC3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Shrek and Fiona Screensaver 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SilverSoft Speed 2005 [With Crack].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Smtp.NET 3.0.5 (Key).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Software and Order Administration 3.0.0.6 [Serial].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Speed Drills 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\SpiderRandom ScreenMate 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Star Wars Empire at War Assault on Echo Base map.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Star Wars Mara Jade Theme Package 1.4.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Stop Sight 1.0 Patch.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Symantec.Livestate.Recovery.Desktop.v3.0.(Bootable).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Symantec.Norton.Antivirus.2003.Ita.Full.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Syncronize Backup 1.37 (Key).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\System Pitstop 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Tab Effect 1.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Tabby 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Talking Calculator 1.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\TCP IP Quick Guide 2005.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\TFTPUtil 1.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\The Daily Show with Jon Stewart Screensaver.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\TinyCD 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\uCertify Collection M70-297 12.5.05 [Patch].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Ulove Photo Slideshow Maker 1.0.0.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\UnDo Crypter 1 Patch.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Upload To Your Mobile Phone 1.01.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Viyya Free Edition 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\VX 3.2.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\WallCalendar Component for Delphi 3-7 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Web Image Collector 2006 1.8.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\WebGrab! 3.6.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Win Nanny 1.01.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\WinaXe Windows X Server 7.4.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\WinBackup Professional 2.3.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Windows Media 9 Capture 9.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Word Spring 5.3.1 [Crack].zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\X2 1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Xlquotes 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\XMMS 1.2.7 (Crack).zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Xorlix 1.1.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\xTime Project 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\YS Elvan 1.5.3 KeyGen.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\ZionEdit 1.0.26.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Zoner Photo Print 1.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\Zortam ID3 Tag Editor 2.0.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\shared\ZylNMEAGenerator 1.45.zip
C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\m\\srvlist.oct

.
((((((((((((((((((((((((( Files Created from 2008-01-14 to 2008-02-14 )))))))))))))))))))))))))))))))
.

2008-02-13 18:09 . 2008-02-13 18:09 0 --a------ C:\Perflib_Perfdata__754
2008-02-10 18:39 . 2008-02-10 18:39 <DIR> d-------- C:\WINDOWS\system32\HouseCall 6.6
2008-02-10 18:39 . 2008-02-12 17:11 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\HouseCall 6.6
2008-02-10 13:50 . 2008-02-10 13:50 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-02-10 13:49 . 2008-02-10 13:52 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\.housecall6.6
2008-02-09 22:13 . 2008-02-10 17:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-09 22:13 . 2008-02-09 22:13 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-07 23:12 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys
2008-02-07 22:36 . 2008-02-07 23:14 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-07 22:36 . 2008-02-07 22:36 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-07 22:36 . 2008-02-07 22:36 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-07 22:36 . 2008-02-07 22:36 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-07 22:29 . 2008-02-07 22:30 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-02-01 15:24 . 2008-02-01 15:24 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-01-31 22:29 . 2008-01-31 22:29 <DIR> d-------- C:\Program Files\Convar
2008-01-31 22:29 . 2003-07-18 13:58 516,784 -ra------ C:\WINDOWS\system32\XceedCry.dll
2008-01-31 22:29 . 2002-02-28 09:46 217,088 --a------ C:\WINDOWS\system32\DartSock.dll
2008-01-31 22:29 . 2002-02-21 10:12 118,784 --a------ C:\WINDOWS\system32\DartWeb.dll
2008-01-31 22:29 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-01-31 22:29 . 1998-06-13 22:53 44,544 --a------ C:\WINDOWS\system32\Gif89.dll
2008-01-31 22:29 . 2002-04-12 13:19 28,672 --a------ C:\WINDOWS\system32\DartWeb.oca
2008-01-31 16:09 . 2008-02-14 07:52 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-31 16:09 . 2008-02-14 07:52 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-01-31 16:08 . 2008-02-10 09:04 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-01-29 18:03 . 2008-01-29 18:11 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-01-29 18:03 . 2008-01-29 18:11 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-01-29 18:03 . 2008-01-29 18:03 <DIR> d-------- C:\Program Files\Zone Labs
2008-01-29 18:03 . 2008-01-29 18:11 354,796 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-01-22 16:16 . 2008-01-22 16:27 <DIR> d-------- C:\TMAcl
2008-01-22 16:07 . 2008-01-22 16:07 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
2008-01-21 23:19 . 2008-01-29 18:05 <DIR> d-------- C:\Program Files\ErrorSmart
2008-01-21 22:29 . 2008-01-25 21:22 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\ErrorSmart
2008-01-19 12:55 . 2008-01-19 12:55 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-01-16 06:29 . 2008-01-16 06:29 <DIR> d-------- C:\Documents and Settings\Tony.TONY-00UYRL42JL\Application Data\Tenebril
2008-01-16 06:28 . 2008-01-16 06:28 <DIR> d-------- C:\WINDOWS\system32\tenarchlib
2008-01-16 06:28 . 2008-02-08 08:10 <DIR> d-------- C:\Program Files\GhostSurf

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-09 22:02 --------- d-----w C:\Program Files\QuickTime
2008-02-09 22:00 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-07 22:29 --------- d-----w C:\Program Files\Lavasoft
2008-02-07 22:29 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-31 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-31 21:05 --------- d-----w C:\Program Files\eMule
2008-01-17 17:51 --------- d-----w C:\Program Files\BT Broadband Talk Softphone
2008-01-12 22:55 --------- d-----w C:\Program Files\Common Files\HP
2008-01-12 22:51 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-09 15:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-12-16 07:55 --------- d-----w C:\Program Files\Apple Software Update
2007-12-16 07:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2007-12-14 11:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2005-10-18 11:08 349,760 -c--a-w C:\Documents and Settings\LocalService.NT AUTHORITY.001\mcinsctl.dll
2001-11-23 11:08 712,704 -c--a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 16:24 1694208]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45 313472]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 10:15 106496]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 07:56 110592 C:\WINDOWS\system32\bthprops.cpl]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-10-22 11:22 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 15:24 54840]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 21:57 30208]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 10:09 49152]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32 53248]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 07:56 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-02-12 14:33:52 110592]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe [2005-08-24 13:06:54 577597]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Suitcase Startup.lnk - C:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe [2007-03-28 21:10:34 3354624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Bluetooth.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth.lnk
backup=C:\WINDOWS\pss\Bluetooth.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Broadband Desktop Help.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Broadband Desktop Help.lnk
backup=C:\WINDOWS\pss\Broadband Desktop Help.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^RealDownload.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\RealDownload.lnk
backup=C:\WINDOWS\pss\RealDownload.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2005-06-22 13:29 417792 C:\PROGRA~1\BTBROA~3\Help\SMARTB~1\BTHelpNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 09:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-06-18 14:10 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a--c--- 2005-10-11 09:00 2437120 C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe

R0 stwlfbus;stwlfbus;C:\WINDOWS\system32\DRIVERS\stwlfbus.sys [2003-04-27 11:39]
R3 st3wolf;st3wolf;C:\WINDOWS\system32\DRIVERS\st3wolf.sys [2003-04-27 10:43]
S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 06:01]

.
Contents of the 'Scheduled Tasks' folder
"2008-02-11 09:24:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-14 17:38:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-14 17:39:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-14 17:40:36
ComboFix-quarantined-files.txt 2008-02-14 17:40:15
ComboFix2.txt 2008-02-13 23:10:29
ComboFix3.txt 2008-02-13 18:20:08



HIJACKTHIS LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:51:55, on 14/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\system32\IETie.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suitcase Startup.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/ho...ivex/hcImpl.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145569446546
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1145786588906
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O21 - SSODL: hubbsi - {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - (no file)
O22 - SharedTaskScheduler: {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - hubbsi - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 9376 bytes

#10 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:12 AM

Posted 13 February 2008 - 01:00 PM

Looks good now. How does the computer feel to you?

#11 anticus50

anticus50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 13 February 2008 - 01:03 PM

seems to be alot better so far, ill try and install some antivirus in a sec and let you know, i appreciate your help dude/dudette!

anticus

#12 anticus50

anticus50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 13 February 2008 - 02:35 PM

Hello again! Antivirus software is now installed! thanks bleepingcomputer! and big props go out to Grinler!

thanks guys

Love and Vibes

anticus




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users