its started with System Security but is still on-going - HELP!!

View previous topic View next topic Go down

its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 16th July 2009, 7:00 pm

Right, on the 14th of this month I was online when I got a warning pop up to say there was an infection on my computer etc etc. I closed the box and continued browsing, but noticed in the tool bar at the bottom a black box opened and seemed to be something like [You must be registered and logged in to see this link.] then dissapeared.
The computer then started throwing up loads of pop ups, faster than I could close them.
I shut the computer down, and when I restarted my desktop background had been changed to a blue screen with a message in red letters saying 'Your computer had been infected with spyware blah blah blah, your boss, wife children will find out and ruin your life' etc.
Once this had happened I was unable to open my AVG antivirus, or previously installed Malwarebytes etc. and a sheild icon appeared near the clock.
I found that by right clicking on a file I could select 'scan with AVG' which would then open up AVG and scan that file. Once AVG was open I could use it normally and carry out a full scan etc.
This found several problems and removed them.
Now I no longer get the Security Sheild symbol next to the clock, but I still cant open any programmes normally etc.
I have managed to get malwarebytes to open by renaming it to winlogon.exe which has found several infections, but I still cant open my programmes.

Here is my HJT log - PLEASE HELP - its driving me mad!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:50, on 16/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Administrator\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R3 - URLSearchHook: (no name) - *{4FBACD73-F67C-42AE-B46A-03960AFE3DFB} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
F3 - REG:win.ini: load=C:\WINDOWS\system32\mstizbjy.exe
F3 - REG:win.ini: run=C:\WINDOWS\system32\mswvcdvd.exe
O1 - Hosts: 82.98.231.89 url.adtrgt.com
O1 - Hosts: 82.98.231.89 googleads2.gdoubleclick.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Orange Toolbar - {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - C:\Program Files\Orange Toolbar UK\ToolbarContainer211.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\winlogon1.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [exec] C:\WINDOWS\system32\msxackap.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - [You must be registered and logged in to see this link.] Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - [You must be registered and logged in to see this link.]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [You must be registered and logged in to see this link.]
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1EE8D1AD-EB88-4C68-B463-1B2545853CC9}: NameServer = 193.36.79.101,193.36.79.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{1EE8D1AD-EB88-4C68-B463-1B2545853CC9}: NameServer = 193.36.79.101,193.36.79.100
O17 - HKLM\System\CS2\Services\Tcpip\..\{1EE8D1AD-EB88-4C68-B463-1B2545853CC9}: NameServer = 193.36.79.101,193.36.79.100
O17 - HKLM\System\CS4\Services\Tcpip\..\{1EE8D1AD-EB88-4C68-B463-1B2545853CC9}: NameServer = 193.36.79.101,193.36.79.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\lavufanu.dll , ,C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\969000140mmx.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 11269 bytes

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Origin on 16th July 2009, 9:04 pm

Hello Geordie-Chris,

Welcome to Geek Police, my name is Origin and I will be helping you today. Please keep the following in mind:

  • If you do not get a reply from me or another helper within 2 days, please reply to your topic with the phrase BUMP
  • If you have any cracked/pirated software in your computer delete them or we will not help you.
  • Only follow advise from Geek Police Staff and not a regular member.
  • Do NOT run any tool without Geek Police supervision as it could hinder your system useless.


  • Open HijackThis.
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R3 - URLSearchHook: (no name) - *{4FBACD73-F67C-42AE-B46A-03960AFE3DFB} - (no file)
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    F3 - REG:win.ini: load=C:\WINDOWS\system32\mstizbjy.exe
    F3 - REG:win.ini: run=C:\WINDOWS\system32\mswvcdvd.exe
    O1 - Hosts: 82.98.231.89 url.adtrgt.com
    O1 - Hosts: 82.98.231.89 googleads2.gdoubleclick.net
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present



  • Press "Fix Checked"
  • Close Hijack This.

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouse click combofix's window whilst it's running. That may cause it to stall.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31513
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 16th July 2009, 10:08 pm

Thank you for your help Origin.
I have completed the HJT part, and downloaded combofix and renamed - but when I try to run it it tells me AVG is still active. I have tried disabling it by following the link, but it keeps combofix keeps saying its active.

Any ideas?

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 16th July 2009, 10:37 pm

Ok, problem solved, had to reboot after disabling AVG. Ran combo fix, log below - does this look good?

ComboFix 09-07-14.08 - HP_Administrator 16/07/2009 23:23.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.574 [GMT 1:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\HP_ADM~1\LOCALS~1\Temp\tmp2.tmp
c:\recycler\S-1-5-21-2573673293-3629198747-1903495462-500
c:\recycler\S-1-5-21-725345543-1644491937-839522115-500
c:\windows\Install.txt
c:\windows\kb913800.exe
c:\windows\system32\_000003_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000011_.tmp.dll
c:\windows\system32\_000012_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000014_.tmp.dll
c:\windows\system32\certstore.dat
c:\windows\system32\drivers\TDSSserv.sys
c:\windows\system32\drivers\UAClteppjvrniypskirf.sys
c:\windows\system32\Install.txt
c:\windows\system32\UACggmgluwksslwnbaqg.dll
c:\windows\system32\UACikyyawxymqsuacrbw.db
c:\windows\system32\uacinit.dll
c:\windows\system32\UACkjtabrfieilxwnufi.dll
c:\windows\system32\UACptxbrxgyjjvdunqoh.dll
c:\windows\system32\UACqwxmtjnqoewldjbiv.dll
c:\windows\system32\UACuntjdswuioeaupidi.dll
c:\windows\system32\UACykfaruduplvhkwvtj.dat
c:\windows\system32\wiawow32.sys
H:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_TDSSserv
-------\Legacy_TDSSserv
-------\Service_UACd.sys
-------\Legacy_6TO4
-------\Legacy_MSNCACHE
-------\Legacy_PCMSTUB
-------\Legacy_SOPIDKC
-------\Service_6to4
-------\Service_pcmstub


((((((((((((((((((((((((( Files Created from 2009-06-16 to 2009-07-16 )))))))))))))))))))))))))))))))
.

2009-06-22 17:38 . 2009-06-22 17:38 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-06-22 17:38 . 2009-06-22 17:38 38208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2009-06-22 17:38 . 2009-06-22 17:38 -------- d-----w- c:\program files\BBC iPlayer Desktop
2009-06-22 17:38 . 2009-06-22 17:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-06-17 16:54 . 2009-06-17 16:54 -------- d-----w- c:\program files\iPod
2009-06-17 16:54 . 2009-06-17 16:54 -------- d-----w- c:\program files\iTunes
2009-06-17 16:54 . 2009-06-17 16:54 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-17 16:51 . 2009-06-17 16:52 -------- d-----w- c:\program files\QuickTime

.

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 16th July 2009, 10:37 pm

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-16 21:56 . 2009-01-29 22:28 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\avg8
2009-07-16 17:39 . 2008-09-20 23:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-14 18:41 . 2008-02-06 18:01 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\uTorrent
2009-07-08 22:19 . 2007-08-19 16:16 6280 ----a-w- c:\documents and settings\HP_Administrator\Application Data\wklnhst.dat
2009-06-17 17:16 . 2008-04-29 20:30 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Apple
2009-06-17 16:54 . 2008-04-29 20:30 -------- d-----w- c:\program files\Common Files\Apple
2009-06-16 16:50 . 2009-01-29 22:29 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-16 14:36 . 2007-06-22 15:41 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2007-06-22 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 10:52 . 2009-06-12 10:44 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
2009-06-12 10:44 . 2009-06-12 10:44 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVGTOOLBAR
2009-06-12 10:43 . 2009-01-29 22:29 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-05 10:42 . 2009-03-13 17:52 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-05 10:42 . 2008-04-29 20:31 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-03 19:09 . 2007-06-22 15:39 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-20 13:51 . 2009-01-29 22:29 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-20 13:51 . 2009-01-29 22:29 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-07 15:32 . 2007-06-22 15:38 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:56 . 2007-06-22 15:41 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2007-06-22 15:38 78336 ----a-w- c:\windows\system32\ieencode.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 15:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-18 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-21 143360]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-07-21 16261632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-20 13:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Extender Resource Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Extender Resource Monitor.lnk
backup=c:\windows\pss\Extender Resource Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.0 VR\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\AOL 9.0 VRa\\waol.exe"=
"c:\\Program Files\\AOL 9.0 VRb\\waol.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [29/01/2009 23:29 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [29/01/2009 23:29 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [29/01/2009 23:28 906520]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [29/01/2009 23:28 298776]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [11/03/2008 12:47 16512]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [25/11/2007 22:25 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [25/11/2007 22:25 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [25/11/2007 22:25 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [25/11/2007 22:30 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [25/11/2007 22:30 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [25/11/2007 22:30 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [25/11/2007 22:30 98952]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [08/09/2007 18:34 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [08/09/2007 18:34 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [08/09/2007 18:34 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [08/09/2007 18:38 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [08/09/2007 18:38 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [08/09/2007 18:38 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [08/09/2007 18:38 90800]
S3 ST330;ST330;c:\windows\system32\drivers\st330.sys [23/07/2007 21:22 30464]
S3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [23/07/2007 21:22 12672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-PCDrProfiler - (no file)


.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = ;*.local
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - [You must be registered and logged in to see this link.]
TCP: {1EE8D1AD-EB88-4C68-B463-1B2545853CC9} = 193.36.79.101,193.36.79.100
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-07-16 23:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1396)
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\HPZipm12.exe
c:\windows\ehome\RMSvc.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\windows\system32\ZuneBusEnum.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\ehome\McrdSvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\Zune\ZuneNss.exe
c:\windows\system32\dllhost.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2009-07-16 23:34 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-16 22:33

Pre-Run: 27,687,591,936 bytes free
Post-Run: 27,701,866,496 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=,1,2,3,4
258 --- E O F --- 2009-07-16 02:01

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Origin on 17th July 2009, 6:35 pm

Now open a new notepad file.
Input this into the notepad file:

Folder::
c:\documents and settings\HP_Administrator\Application Data\uTorrent

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=-



Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31513
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 6:50 pm

ComboFix 09-07-14.08 - HP_Administrator 17/07/2009 19:39.2.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.524 [GMT 1:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\HP_Administrator\Application Data\uTorrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\[TNT Village] Discografia Oasis.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\1994 - Definitely Maybe[MP-RG].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\1eXY8qBm_The.Unborn.INTERNAL.R5.LINE[Blueman}x264.mkv.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\300 (Ipod) Great Movie.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\80's.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\A certain Trigger.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Adele - 19 - 2 CD Deluxe Edition [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Adele - 19 [2008][CD+2 SkidVid_XviD+Cov]192Kbps.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\AdULTHOOD.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Alesha Dixon - The Alesha Show (2008) [tRg music release].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Amy_Winehouse-Back_To_Black_(Deluxe_Edition)-2CD-2007-UKP.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Asher Roth - Asleep In The Bread Aisle (2009).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Australia DVDSCR (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Baby.On.board.2009.Limited.DVD.Rip(For PSP,IPOD) -AlienFilms.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Babylon A.D.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bangkok Dangerous (R5).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bat For Lashes.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Beck - Modern Guilt [mp3-320-2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bedtime Stories TS (H264 repack)[Blueman].mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Beyonce.I Am Sasha Fierce(Deluxe Edition)[2008][You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Biffy Clyro - Puzzle [2007].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Black Eyed Peas - [Deluxe Edition] E.N.D [Cov+CD] [Bubanee].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Black Kids.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Black_Kids-Partie_Traumatic-2008-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bloc Party - 3 Albums [CHANNEL NEO].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bob Marley - Greatest Hits.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bob_Marley-The_Reggae_King-Best_Of_Bob_Marley-(Boxset)-3CD-2007-EON.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Body of Lies (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bolt 2008 DVDSCR H264-KingBen (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Boyz II Men-Legacy-The Greatest Hits Collection (Deluxe Edition)-2CD-2004- The Pirate Bay-.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Bride Wars.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Britney Spears Circus 20 Tracks.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Britney_Spears-Circus-RETAIL-2008-ESC.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Burn-E HDRip.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Burn After Reading (R5).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Busta Rhymes Ft. Linkin Park - We Made It.mp3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Calvin Harris - Essential Mix 18-10-2008.mp3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Cash.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Chris_Brown-Exclusive_The_Forever_Edition-2008-VAG.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Christina_Aguilera-Keeps_Gettin_Better_(A_Decade_of_Hits)-2008-ONe.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Clarkson - Thriller [G800].mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Coldplay - Viva La Vida 2008.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Confessions of a Shopaholic (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Confessions Of A Shopaholic 2009 TS H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Craig_David-Trust_Me-2007-404.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\CRERqmWP_Fast.and.Furious.2009.R5.LINE.[Blueman}x264.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Crossing.Over.DVDSCR.2009.1024kbs.[PMTORRENTS.COM].IPOD.IPHONE.ITOUCH.ZUNE.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Daniel Merriweather - Love & War.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\David Bowie- Best Of Bowie.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\David Jordan-Sun Goes Down.rar.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Day.The.Earth.Stood.Still.iPod.Slideon.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Defiance DVDScr 2008 [A Release-Lounge H.264 By Dillenger].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Defiance2008(H264 repack)[Blueman].mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Des-ree - Supernatural [1998][CD+SkidVid+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\dht.dat
c:\documents and settings\HP_Administrator\Application Data\uTorrent\dht.dat.old
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Disney Movies.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Dizzee Rascal Ft Chrome - Holiday (Prod.By Calvin Harris).mp3.torrent

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 6:52 pm

n Data\uTorrent\DJ Envy-Down & Dirty R&B 25.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\DJ ENVY THE HIT LIST VOL.31.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Does It Offend You Yeah - You Have No Idea What You're Getting Yourself Into (2008).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Doubt DVDSCR (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Doves - Kingdom Of Rust.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Dreaming Out Loud.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\DuBsTeP.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Dubstep.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Duffy - Rockferry (320Kbps)+covers.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Eagle Eye (.mp4) DVDrip.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Eagle.Eye.2008.DVDSCR.776Kbps.[[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Eagle.Eye.2008.DVDSCR.776Kbps.[[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Echo_And_The_Bunnymen-Killing_Moon_(The_Best_Of)-2CD-2007-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Elbow - The Seldom Seen Kid [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Elsewhere[2009]DvDrip[H264-AAC-Eng+Esp].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Elvis Presley - GREATEST LOVE SONGS.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Eminem-Relapse CD-2009.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Eminem-T.B.A-2008.[[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Eminem - The Day Before Relapse [TK].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Eminem Discography (1995-2005).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Fast & Furious 09 + Best Quality (ipod Good Stuff).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Fast & Furious 2009 (ipod Good Stuff).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Fast.And.Furious.4.TS.XVID-FOX.avi.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Flo Rida ft. T-Pain - Get Low.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Flobots-Fight_With_Tools-2008-DbS_iNT.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Flobots.Fight.With.Tools[2007]-OriginalThought.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Florence And The Machine - Lungs (Deluxe Version) (2009).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Foo Fighters-Echoes,Silence,Patience & Grace-2007-MP3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Foo Fighters - 10 Albums [+Covers][+Vid][320kbps][DeadPoetRIP]@H33T.com.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Foo Fighters - Echoes Silence etc [2007][CD+SkidXvid+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Formula1.2009.Preseason.Testing.19th-22th.Januray.Various.MPEG2.WMV.Various.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Franz Ferdinand - Tonight_ Franz Ferdinand [mp3-vbr-2009].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Freddy Got Fingered (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Freemasons_feat._Katherine_Ellis-When_You_Touch_Me-CDM-2008-USF.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Friendly_Fires-Friendly_Fires-(Advance)-2008-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Frost-Nixon (2008)DVDSCR(H264 repack)[Blueman].mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Frozen River (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Fugees-Blunted_On_Reality-Retail-1994-Recycled_INT.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Fugees - Greatest Hits [Mp3-192].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\FUTURAMA_BENDERS_GAME.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Gardens Of The Night 2008 DVDRip H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Get Smart.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Get_Cape._Wear_Cape._Fly.-Searching_for_the_Hows_and_Whys-(Advance)-2008-iLiEKYOU.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ghost Town.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Girls Aloud Out Of Control 2008 mmrg_mrsidhq.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Glasvegas-Glasvegas-2008-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Glasvegas - Home Tapes.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Glasvegas Wall Of Sound.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Glasvegas Wall Of Sound.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Glasvegas.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Goldfrapp - Seventh Tree [2008][CD+SkidVid_XviD+Cov]192Kbps.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Gran.Torino.2008.DVDSCR.1427Kbps.[PMTORRENTS.COM].IPOD.IPHONE.ITOUCH.ZUNE.mp4.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Gran.Torino.2008.DVDSCR.1427Kbps.[PMTORRENTS.COM].IPOD.IPHONE.ITOUCH.ZUNE.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Hancock.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Hellboy 2.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\High_Contrast-Tough_Guys_Dont_Dance-NHS126CD-2007-uC.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\High_Contrast-Tough_Guys_Dont_Dance-NHS126LP-LP-2007-uC.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\hot chip - made in the dark.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Hot Chip.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Hotel.For.Dogs.2009.WS.BRRip.1408kbps.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\House.S05E04.PSP.Palm.Sub.PtBr.[Tina].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\House.Season.2.Complete.[Videoseed.com].(iPod).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\House.Season.3.Complete.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\How to lose friends.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\I'm Not Alone (Radio Edit).mp3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Iron.Man.STG-TS.4.iPod.VoV.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ironik - No Point In Wasting Tears.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\James Bond 007 - Quantum of Solace (correct AR).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\James_Bond Quantum of Solace (2008) DVDSCR.wmv.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Jimmy Carr Live In Concert_NEW.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\John_Legend-Evolver deluxe edition 2008.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Johnny Cash - Crazy Country.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\johnny cash_at folsom prison live (1999) 128.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\José Gonzales - Veneer + In Our Nature (vbr mp3).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Jumper.[DVDRip.4.iPod] -- VoV.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Kano-140_Grime_St-2008-RAGEMP3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Kano - 140 Grime ST [Explicit Retail] with Covers 2008 (Rap).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Kano - Home Sweet Home (2005).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Kanye West - 808's & Heartbreak (2008).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Katy Perry - One Of The Boys [2008][CD+SkidVid_XviD+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Kelly Clarkson-All I Ever Wanted[DE][2009][CD+SkidVid_XviD+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Kelly Rowland Ms Kelly Deluxe Edition 2008 (Release-Lounge Music By Darren).torrent

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 6:53 pm

n Data\uTorrent\Kid Rock - Rock N Roll Jesus.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Kings Of Leon - Only By The Night[2008][MP3@320kbps]-antecho.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Knocked Up DvDRip to iPod.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\la roux - in for the kill.mp3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\La Roux - La Roux-2009-ONe.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\La Roux - La Roux UK Retail Album 320kbps.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lady GaGa.The Fame[2008][You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ladyhawke_Ladyhawke (2008).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lakeview Terrace (.mp4)R5 Line.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Laroux (2009) In For The Kill.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lauryn Hill - The Miseducation of Lauryn Hill.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lauryn_Hill_-_Ms_Hill-2008-YSP.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Les Miserables (Original London Cast).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lighthouse Family - Greatest Hits.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lil Wayne - Tha Carter III + The Leak - EP.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lily Allen - It's Not Me, It's You (2009).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Limp Bizkit - Behind Blue Eyes.AVI.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Limp Bizkit.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Lupe Fiasco - Lupe Fiasco's Food & Liquor [2006].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Madagascar - Escape 2 Africa (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Madagascar 2 TC INT (PSP, iPhone, iPod Touch, Nano, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Madonna - Hard Candy [2008][CD+SkidVid_XviD+Cov]192Kbps.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Mamma Mia.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Mark Ronson - Version [2007][CD+SkidVid+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Marmaduke Duke - Duke Pandemonium.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Marmaduke_Duke-Duke_Pandemonium-(Promo)-2009-SSR.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Marmaduke_Duke-Duke_Pandemonium-(Promo)-2009-SSR.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Massive R&B Winter Collection 2008 2CD.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Max Payne (iPod, PSP, Zune) [ID].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Max Payne 2008 R5 LINE H264-KingBen (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Maximo Park - Quicken The Heart [mp3-vbr-2009].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\MGMT - Oracular Spectacular [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Michael Jackson - Number Ones.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ministry Of Sound - Chilled 1991-2008 [Chillout][Colombo Electronic][Colombo-bt.org].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ministry Of Sound.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ministry_Of_Sound_Anthems_II_1991_2009-2008 mmrg_)mrsidhq.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Mint Royale - See You In The Morning.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Mystery Jets - Twenty One [2008][CD+SkidVid_XviD+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\N-Dubz-Uncle_B-2008-P0w3rp0t1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ne-Yo-Year_Of_The_Gentleman-2008-FLM.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ne-Yo - Closer.mp3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\New In Town 2009 R5 LINE-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\New Years Eve Mixed Party Music.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Nickelback - All The Right Reasons (2005) (SGTR).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Nickelback - Dark Horse (2008) - Rock - P0w3rp0t1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Night At The Museum 2006 BRRip H264 5.1 ch-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Night At The Museum 2006 BRRip H264 5.1 ch-SecretMyth (Kingdom-Release).torrent.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Night.Train[2009]DvDrip[H264-AAC-Eng+Esp+NL+Swe].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Noah_And_The_Whale-Noah_And_The_Whale-(EP)-2008-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Notorious.Unrated.2009.DVDRip.1032Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\NOW 71 Beta Pre Release-TRK.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\NOW 71 Pre-Released.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Now that's What I Call Music 70.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Now that's What I Call Music! 70.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Now Thats What I Call Music 68 [markwright].1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Now Thats What I Call Music 68 [markwright].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Now_Thats_What_I_Call_Music_69-2CD-2008 C4_seed_by_www.p2p-crew.to.rar.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\NWvHTJIY_He's just not that into you.SCR.[Blueman}x264.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Oasis-Dig_Out_Your_Soul-2008-OASiS.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Oasis - The Singles.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\OASIS all albums++++.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Oasis FLAC.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\One Missed Call [2008] iPod Movie - scribe28.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Panic! at the Disco - Pretty Odd(2008)[Retail-Album]192kbps.zip.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Panic! at the Disco - Pretty Odd.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Paolo Nutini - These Streets ([You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Party_Party_Vol_5_-_Various.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Paul.Blart.Mall.Cop.2009.DVDRip.900Kbps.[PMTORRENTS.COM].IPOD.IPHONE.ITOUCH.ZUNE.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Paul.Blart.Mall.Cop.2009.DVDSCR.897Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Pendulum.-.In Silico.(whodathoughtit).Drum.&.Bass.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Pineapple Express (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Pink - Funhouse.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Pride and Glory.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Prospekt's March.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Push[2009]DvDrip[H264-AAC-Eng+Esp+NL+Swe].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Push[2009]DvDrip[H264-AAC-Eng+Esp+NL+Swe].torrent.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Pussycat Dolls - Doll Domination + Bonus Tracks (2008).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Quantum.Of.Solace.2008.DVDSCR.773Kbps.[[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Quarantine.2008.DVDRip.886Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Queen - Greatest Hits I - II - III Platinum Collection - 3CD -.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Queens Of The Stone Age - Songs For The Deaf RETAIL-2002-.rar.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Queens_of_the_Stone_Age-Era_Vulgaris-2CD-(Limited_Edition_2CD)-2008-JUST.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\R5 Movie 2-Pack (Zack & Miri & My Best Friend's Girl).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Rachel.Getting.Married.2008.DvDrip.900kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Rachel.Getting.Married.LIMITED.DVDRip.XViD-PUKKA.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Rachel.Getting.Married.LIMITED.DVDRip.XViD-PUKKA.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Razorlight-Slipway_Fires-(Proper)-2008-DV8.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Razorlight-Slipway_Fires-(Proper)-2008-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Razorlight-Slipway_Fires-2008-pLAN9[[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Razorlight-Slipway_Fires-2008-[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Redemption.2009.DVDSCR.902Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\resume.dat
c:\documents and settings\HP_Administrator\Application Data\uTorrent\resume.dat.old
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Rihanna - Good Girl Gone Bad Reloaded [R&B][2008][[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\RockNRolla.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Role Models CAM (Ipod).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Role Models Unrated 2008 DVDRip H264 AAC-SecretMyth (Kingdom-Release).torrent

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 6:53 pm

n Data\uTorrent\rss.dat
c:\documents and settings\HP_Administrator\Application Data\uTorrent\rss.dat.old
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Sam Sparro.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Sash-The_Best_Of-2CD-2008- Resource RG Music By TheReids.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Sash-The_Best_Of-2CD-2008-UTE.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Saw V (2008).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\SAW V.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Scrubs Season 3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Scrubs Season 5.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Semi.Pro.DVDRip.to.iPod.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\settings.dat
c:\documents and settings\HP_Administrator\Application Data\uTorrent\settings.dat.old
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Seven Pounds (Ipod).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Seven Pounds DVDSCR (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Sigur_Ros-We_Play_Endlessly-(Mag)-2009-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Sleeping.Beauty.1959.DVDRip.IPOD.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Slumdog.Millionaire [2008] iPod Movie {sAnZee}.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Slumdog.Millionaire.2008.DVDSCR.772Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Snow Patrol - Eyes Open -2006- The Pirate Bay.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Snow Patrol - Hundred Million Suns [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Songs For The Deaf.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Soulja Boy Tell'em - Crank That.mp3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Space.Buddies.2009.DVDRip.1040kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Squeeze - essential squeeze With covers([You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Starsailor - All The Plans [mp3-vbr-2009].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Step Up 2 The Streets.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Stereophonics-Decade_in_the_Sun-2008-ONe.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Stereophonics-Decade_in_the_Sun-2008-ONe.2.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Stereophonics-Decade_in_the_Sun-2008-ONe.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\STEREOPHONICS - ALL ALBUMS [CHANNEL NEO].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Stevie Wonder - The Definitive Collection (Aphrodite333).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\streets.nfo.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Strike.2009.DVDRip.899Kbps.[PMTORRENTS.COM].IPOD.IPHONE.ITOUCH.ZUNE.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Summer Rnb 2009 ResourceRG Music Reidy.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Surveillance DVDRip H264 Immortalis.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\T.I. - Paper Trail - (Explicit Retail-2008).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\T.I. Paper.Trail[2008][mp3][CPP].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Take That - The Singles (320).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Take_that-The_Circus-2008-ONe.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Taken 2008 R5 H264-KingBen (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Talladega Nights - The Ballad of Ricky Bobby (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Tenacious D - 2006 - The Pick of Destiny - KindMetalRG 320kbps.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Tenacious D - The Pick Of Destiny.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Bank Job.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Black Eyed Peas - Boom Boom Pow.MP3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Black Parade.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Cool Kids - Bake Sale.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Cure-Greatest Hits(Ltd 2CD)(Darkside_RG).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Curious Case Of Benjamin Button DVDSCR (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Dark Knight 720p WMV.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Dark Knight DvDRip (TV Optimized).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Dark Knight TS-STG (iPod Optimized).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Day the Earth Stood Still R5 fixed (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The day the earth stood still.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Enemy -We'll Live and Die in these Towns.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Fugees - The Score.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Futureheads.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Game - LAX (Explicit) (2008).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Horsemen.2009.Limited.DVDRip(For PSP, IPOD)-AlienFilms.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Jungle Book 1967 [H.264-MP4] (oan).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Jungle Book 2 - 2003 [H.264-MP4] (oan).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The LAst House On The Left.2009.PPVRIP(For PSP, Ipod)-AlienFilms.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Prodigy - Invaders Must Die (2009).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Reader DVDSCR (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Saturdays - Chasing Lights [2008][CD+2 SkidVid_XviD+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Simpsons Movie DvDRip to iPod.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Streets - Discography.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Streets - Everything Is Borrowed (2008) - Pop [[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\the sugarhill gang - rappers delight- By Hariwan.mp3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Ultimate Cheese Party (3cd).rar.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Unborn 2009 R5 LINE-Secretmyth (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Verve - Forth [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Verve Forth_2008_ADVANCED_ALBUM.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Who - Now And Then.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Wrestler (Ipod).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The Wrestler(2008)DVDSCR(H264 repack)[Blueman].mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The X-Files 2.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The.Day.The.Earth.Stood.Still.2008.Telesync.770Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The.Day.The.Earth.Stood.Still.2008.Telesync.770Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\THE_KILLERS_-_DAY_&_AGE_[2008]_[MP3]_[320_KBPS]_[STEREO]_[UPLOADED_BY_OSVALDO_GLZ].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The_Rasmus-Black_Roses-2008-FLM.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\The_Ting_Tings-We_Started_Nothing-2008-RTB.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\TimBOYF7_Milk.2008.DVDRip.[Blueman}x264.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\TOP 100 HipHop RnB 2008-04-19 Billboard - Torrent Tatty Feat RIAA Stars @224.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Top.Gear.S10.E06.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Traitor.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Transporter 3 (R5).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Transporter.3.2008.R5.895Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Transporter.3.2008.R5.895Kbps.(PMTORRENTS.COM).IPHONE.IPOD.ITOUCH.ZUNE.PSP.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Transporter.3.2008.Telesync.1025Kbps.(PMTORRENTS.COM).IPOD.ITOUCH.IPHONE.mp4.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Transporter.3.2008.Telesync.1025Kbps.(PMTORRENTS.COM).IPOD.ITOUCH.IPHONE.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Tropic Thunder (Ipod).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Tropic Thunder 2008 TC H264-KingBen (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Tropic Thunder.mp4.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Tropic Thunder.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Twilight 2008 dvdrip [Resource H264].torrent

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 6:53 pm

n Data\uTorrent\Twilight.[HDRip.4.iPod].VoV.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\UK Singles Chart 15.06.2008.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ultimate Streetdance.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Ultimate Streetdance.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Usher - Here I Stand - Confirmed Tracks & Remixes (williswho.com).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Usher - Here I Stand [2008][CD+SkidVid_XviD+Cov]320Kbps.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Usher here i stand new 2008.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\utorrent.lng
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA-Connected_90s_12inch_Mixes-3CD-2008-RACEME.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA-High_Contrast_Watch_The_Ride-2008-VOLTAGE.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA-Ministry of Sound Funky House Session[House][2008][[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA-Now_Thats_What_I_Call_Music_28-(US_Retail)-2008-VAG.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA-Sweet_Party_Mix_2-2CD-2006-SBN.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA-Tapemasters Inc And DJ Envy - Purple Codeine 21-2009-MIXFIEND.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA - Disco Party Vol.2 [2007][[You must be registered and logged in to see this link.]
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA - Floorfillers 08 (2008).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA - Hot Party Summer 2008.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA - Step Up 2 - The Streets [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA Now Thats What I call Music.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VA_-_The_Ultimate_Party_Album-2CD-2003-RDA.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\VALKYRIE[2008] H.264 R5 DvDrip [Eng]-NikonXp.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Vampire Weekend - Vampire Weekend [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Veronicas - Hook Me Up [UK] [2009][CD+5 SkidVid_XviD+Cov].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Walking on a Dream.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wall-E 2008 H264 DVDRip 5.1 ch-SecretMyth.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wall-E.2008.DVDRIP-ZEKTORM.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wall-E.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\WALL E 2008 DVDRip H264-KingBen (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wall•E.[R5.DVDRip.4.iPod]--VoV.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wall•E.[R5.DVDRip.4.iPod]--VoV.2.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wall•E.[R5.DVDRip.4.iPod]--VoV.3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wall•E.[R5.DVDRip.4.iPod]--VoV.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wanted.mp4.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wanted.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Weird_Al_Yankovic-Straight_Outta_Lynwood-(RETAIL)-2006-h8me.rar.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\What Happens in Vegas TC (TV Optimized).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - Death.avi.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - Demos - 2008.1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - Demos - 2008.2.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - Demos - 2008.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - Demos [2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - Demos.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - Demos[2008].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies - To Lose My Life [mp3-224-2009].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies [Demos].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White Lies.Demos.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White_Lies-Death-(EP)-2008-FNT.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\White_Lies-To_Lose_My_Life-(Promo_CDS)-2009-DV8.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Whitney.Houston.The.Ultimate.Collection.2007.PAL.MDVDR.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Will Young - Let It Go RETAIL 2008 Resource RG by TheReids.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Wonder Woman 2009 BRRip H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\X-Men.Origins.Wolverine.2009.WORKPRINT.1037Kbps.mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\xbox 360 update.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Yeah Yeah Yeahs - It's Blitz [mp3-192-2009].1.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Yeah Yeah Yeahs - It's Blitz [mp3-192-2009].torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Yes Man (Ipod).mp4.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Yes Man 2008 DVDRip H264 AAC-SecretMyth (Kingdom-Release).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Yes Man 2009 DVDRip {AN H264 By Dillenger @ 1337x}.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Yes Man TS (PSP, iPod, Zune).torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Yes.Man.2008.720p.nHD.x264-NhaNc3.torrent
c:\documents and settings\HP_Administrator\Application Data\uTorrent\Zack.And.Miri.Make.A.Porno.2008.R5.Line.907Kbps.(PMTORRENTS.COM).IPOD.ITOUCH.IPHONE.mp4.torrent

.
((((((((((((((((((((((((( Files Created from 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))))
.

2009-06-22 17:38 . 2009-06-22 17:38 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-06-22 17:38 . 2009-06-22 17:38 38208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2009-06-22 17:38 . 2009-06-22 17:38 -------- d-----w- c:\program files\BBC iPlayer Desktop
2009-06-22 17:38 . 2009-06-22 17:38 -------- d-----w- c:\program files\Common Files\Adobe AIR

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-17 17:51 . 2009-01-29 22:29 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-16 21:56 . 2009-01-29 22:28 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\avg8
2009-07-16 17:39 . 2008-09-20 23:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-08 22:19 . 2007-08-19 16:16 6280 ----a-w- c:\documents and settings\HP_Administrator\Application Data\wklnhst.dat
2009-06-17 17:16 . 2008-04-29 20:30 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Apple
2009-06-17 16:54 . 2009-06-17 16:54 -------- d-----w- c:\program files\iTunes
2009-06-17 16:54 . 2009-06-17 16:54 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-17 16:54 . 2009-06-17 16:54 -------- d-----w- c:\program files\iPod
2009-06-17 16:54 . 2008-04-29 20:30 -------- d-----w- c:\program files\Common Files\Apple
2009-06-17 16:52 . 2009-06-17 16:51 -------- d-----w- c:\program files\QuickTime
2009-06-16 16:50 . 2009-01-29 22:29 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-16 14:36 . 2007-06-22 15:41 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2007-06-22 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 10:52 . 2009-06-12 10:44 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
2009-06-12 10:44 . 2009-06-12 10:44 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVGTOOLBAR
2009-06-05 10:42 . 2009-03-13 17:52 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-05 10:42 . 2008-04-29 20:31 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-03 19:09 . 2007-06-22 15:39 1291264 ----a-w- c:\windows\system32\quartz.dll

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 6:54 pm

2009-05-20 13:51 . 2009-01-29 22:29 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-20 13:51 . 2009-01-29 22:29 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-07 15:32 . 2007-06-22 15:38 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:56 . 2007-06-22 15:41 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2007-06-22 15:38 78336 ----a-w- c:\windows\system32\ieencode.dll
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-17 17:48 . 2009-07-17 17:48 16384 c:\windows\Temp\Perflib_Perfdata_760.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 15:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-18 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-21 143360]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-07-21 16261632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-20 13:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Extender Resource Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Extender Resource Monitor.lnk
backup=c:\windows\pss\Extender Resource Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.0 VR\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\AOL 9.0 VRa\\waol.exe"=
"c:\\Program Files\\AOL 9.0 VRb\\waol.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [29/01/2009 23:29 335752]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [29/01/2009 23:29 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [29/01/2009 23:28 907032]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [29/01/2009 23:28 298776]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [11/03/2008 12:47 16512]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [25/11/2007 22:25 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [25/11/2007 22:25 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [25/11/2007 22:25 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [25/11/2007 22:30 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [25/11/2007 22:30 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [25/11/2007 22:30 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [25/11/2007 22:30 98952]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [08/09/2007 18:34 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [08/09/2007 18:34 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [08/09/2007 18:34 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [08/09/2007 18:38 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [08/09/2007 18:38 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [08/09/2007 18:38 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [08/09/2007 18:38 90800]
S3 ST330;ST330;c:\windows\system32\drivers\st330.sys [23/07/2007 21:22 30464]
S3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [23/07/2007 21:22 12672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = ;*.local
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - [You must be registered and logged in to see this link.]
TCP: {1EE8D1AD-EB88-4C68-B463-1B2545853CC9} = 193.36.79.101,193.36.79.100
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-07-17 19:45
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-07-17 19:47
ComboFix-quarantined-files.txt 2009-07-17 18:47
ComboFix2.txt 2009-07-16 22:34

Pre-Run: 27,636,088,832 bytes free
Post-Run: 27,603,345,408 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=,1,2,3,4
584 --- E O F --- 2009-07-16 02:01

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Origin on 17th July 2009, 6:55 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31513
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 7:49 pm

Malwarebytes' Anti-Malware 1.39
Database version: 2452
Windows 5.1.2600 Service Pack 3

17/07/2009 20:48:35
mbam-log-2009-07-17 (20-48-35).txt

Scan type: Quick Scan
Objects scanned: 104980
Time elapsed: 4 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\wiwow64.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Origin on 17th July 2009, 7:51 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31513
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 7:58 pm

seems to be running fine.

Does this mean all the traces of the virus are gone?? Is it safe to use this computer for internet banking etc??

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 17th July 2009, 8:15 pm

I have a red sheild with a cross in it next to the clock, and when I click on it its telling me Norton Firewall is turned off. I dont have Norton (Im using AVG), so have turned on Windows firewall, is this the right thing to do??

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Origin on 18th July 2009, 12:50 am

Did you use the official Norton removal tool when you removed it?

Download the tool and run it:

[You must be registered and logged in to see this link.]


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31513
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 18th July 2009, 9:51 am

Ive downloaded the tool, but nothing happens when I run it, its starts by saying extracting files, then nothing. If I try to restart it again it says its already running.
I activated windows fire wall, and download Comodo, is it ok to run Comodo and AVG, with windows firewall on??

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Origin on 18th July 2009, 8:17 pm

I see, yes you can run Comodo with AVG as long as AVG is only the Anti virus and not the whole security suite. Just change the configurations in windows firewall, go to control panel-->Security center-->go to firewall and turn it off since you have Comodo.

Virus wise how is the computer running?


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31513
# Likes # Likes : 0

View user profile

Back to top Go down

Re: its started with System Security but is still on-going - HELP!!

Post by Geordie-Chris on 24th July 2009, 4:49 pm

Hi Origin,
sorry its took a while to reply. Computer is working ok, but seems a bit slow on start up, it used to be really fast? Anything else we can look at??

Geordie-Chris
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-07-16
OS OS : Windows 7
Points Points : 27118
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum