Ready for more System Security

First topic message reminder :

Hey all...

It's been a long 19 hours as I've been trying to work my magic.

I believe I've gotten most of the nasty thing out, with just little hidden stuff remaining. I cannot install MBAM even if I rename it.

Here is my Hijack This Log... Hope someone can help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:36:12 AM, on 7/3/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\javaw.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\WINDOWS\SkyTel.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
G:\DAN BROWN UNIVERSE\winlogon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [ThpSrv] thpsrv /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [librtexec] javaw -jar "C:\Program Files\Java\jre6\lib\librtexec.jar"
O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US [You must be registered and logged in to see this link.]
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - S-1-5-18 Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe (User 'Default user')
O4 - .DEFAULT User Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe (User 'Default user')
O4 - Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &D&ownload &with BitComet - [You must be registered and logged in to see this link.]\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - [You must be registered and logged in to see this link.]\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - [You must be registered and logged in to see this link.]\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save with Download Manager... - [You must be registered and logged in to see this link.]\Program Files\Ctrax Player\DMDownload.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - [You must be registered and logged in to see this link.]\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {276595D9-1388-512A-F24E-B6B3DE32B732} - [You must be registered and logged in to see this link.]
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [You must be registered and logged in to see this link.]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: sduijb.dll,C:\DOCUME~1\Kevin\LOCALS~1\Temp\47040187227mxx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13557 bytes

ComboFix 09-07-02.03 - Kevin 07/03/2009 15:27.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1015.562 [GMT -4:00]
Running from: c:\documents and settings\Kevin\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Kevin\Desktop\CFScript.txt
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Kevin\Application Data\DNA
c:\documents and settings\Kevin\Application Data\DNA\dht.dat
c:\documents and settings\Kevin\Application Data\DNA\dht.dat.old
c:\documents and settings\Kevin\Application Data\DNA\dna.lng
c:\documents and settings\Kevin\Application Data\DNA\resume.dat
c:\documents and settings\Kevin\Application Data\DNA\resume.dat.old
c:\documents and settings\Kevin\Application Data\DNA\rss.dat
c:\documents and settings\Kevin\Application Data\DNA\rss.dat.old
c:\documents and settings\Kevin\Application Data\DNA\settings.dat
c:\documents and settings\Kevin\Application Data\DNA\settings.dat.old
c:\documents and settings\Kevin\Application Data\LimeWire
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\branding.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\classic.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\comm.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\chrome\toolkit.manifest

c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\alerts.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\appshell.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\auth.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\caps.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\chardet.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\chrome.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\composer.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\content_base.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\content_html.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\cookie.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\directory.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\downloads.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\editor.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\extensions.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\feeds.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\find.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\gfx.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\inspector.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\intl.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\jar.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\locale.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_dns.xpt

c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\oji.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pipboot.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pipnss.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pippki.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pippki.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\places.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\plugin.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\pref.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\profile.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\rdf.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\satchel.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\shistory.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\storage.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\transformiix.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\uconv.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\update.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\widget.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\windowds.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\xulutil.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\components\zipwriter.xpt

c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\crashreporter.ini
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\dependentlibs.list
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\freebl3.chk
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\freebl3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\greprefs\all.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\javaxpcom.jar
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\js3250.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\LICENSE
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\debug.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\Microformats.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\utils.js
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\mozctl.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\mozctlx.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\msvcr71.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\nspr4.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\nss3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\nssckbi.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\nssdbm3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\nssutil3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\platform.ini
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\plc4.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\plds4.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\README.txt
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\arrow.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\arrowd.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\broken-image.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\charsetData.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\contenteditable.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\designmode.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\forms.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\grabber.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\html.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\html\folder.png
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\langGroups.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\language.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\loading-image.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\mathml.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\quirk.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\svg.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\ua.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\viewsource.css
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\res\wincharset.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\smime3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\softokn3.chk
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\softokn3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\sqlite3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\ssl3.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\updater.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\version.properties
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xpcom.dll
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xpidl.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xul.dll

c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\documents and settings\Kevin\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
c:\documents and settings\Kevin\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\Kevin\Application Data\LimeWire\createtimes.cache
c:\documents and settings\Kevin\Application Data\LimeWire\downloads.dat
c:\documents and settings\Kevin\Application Data\LimeWire\fileurns.bak
c:\documents and settings\Kevin\Application Data\LimeWire\fileurns.cache
c:\documents and settings\Kevin\Application Data\LimeWire\gnutella.net
c:\documents and settings\Kevin\Application Data\LimeWire\installation.props
c:\documents and settings\Kevin\Application Data\LimeWire\library.dat
c:\documents and settings\Kevin\Application Data\LimeWire\library5.dat
c:\documents and settings\Kevin\Application Data\LimeWire\limewire.props
c:\documents and settings\Kevin\Application Data\LimeWire\mojito.props
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\.autoreg
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\27F0EFC1d01
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\7973F814d01
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\AE98BDF9d01
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\BAFF9A8Cd01
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\Cache\E746DCC7d01
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\cert8.db
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\compreg.dat
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\cookies.sqlite
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\downloads.sqlite
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\extensions.cache
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\extensions.ini
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\history.dat
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\key3.db
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\permissions.sqlite
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\places.sqlite-journal
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\places.sqlite-stmtjrnl
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\places.sqlite
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\pluginreg.dat
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\prefs.js
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\secmod.db
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\XPC.mfl
c:\documents and settings\Kevin\Application Data\LimeWire\mozilla-profile\xpti.dat
c:\documents and settings\Kevin\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\Kevin\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\Kevin\Application Data\LimeWire\promotion\promodb.lck
c:\documents and settings\Kevin\Application Data\LimeWire\promotion\promodb.log
c:\documents and settings\Kevin\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\Kevin\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\Kevin\Application Data\LimeWire\questions.props
c:\documents and settings\Kevin\Application Data\LimeWire\responses.cache
c:\documents and settings\Kevin\Application Data\LimeWire\simpp.xml
c:\documents and settings\Kevin\Application Data\LimeWire\spam.dat
c:\documents and settings\Kevin\Application Data\LimeWire\tables.props
c:\documents and settings\Kevin\Application Data\LimeWire\ttrees.cache
c:\documents and settings\Kevin\Application Data\LimeWire\ttroot.cache
c:\documents and settings\Kevin\Application Data\LimeWire\version.xml
c:\documents and settings\Kevin\Application Data\LimeWire\versions.props
c:\documents and settings\Kevin\Application Data\LimeWire\xml\data\audio.sxml3
c:\documents and settings\Kevin\Application Data\LimeWire\xml\data\video.sxml3
c:\program files\BearShare Test
c:\program files\BearShare Test\BearShare.dat
c:\program files\BearShare Test\db\config.bin
c:\program files\BearShare Test\db\config.bin.bak
c:\program files\BearShare Test\db\gwebcache.dat
c:\program files\BearShare Test\db\Hostiles-Chat.txt
c:\program files\BearShare Test\db\Hostiles.txt
c:\program files\BearShare Test\db\library.2.db
c:\program files\BearShare Test\db\library.2.db.lastgoodload.bak
c:\program files\BearShare Test\db\library.db
c:\program files\BearShare Test\db\library.db.lastgoodload.bak
c:\program files\BearShare Test\db\searches.ini
c:\program files\BearShare Test\FreePeers.ini
c:\program files\BearShare Test\Logs\hosts-state.txt
c:\program files\BearShare Test\Logs\memory.txt
c:\program files\BearShare Test\Logs\ordinal.txt
c:\program files\BearShare Test\Logs\streams.txt

c:\program files\BitComet
c:\program files\BitComet\archive\8dbc6f5270bb98c117c15e69455ce6fc3d519dd9.torrent
c:\program files\BitComet\archive\9d38e984465e7fcd3d08da6d3f26670c9ec4cb66.torrent
c:\program files\BitComet\archive\a5ade0b22a54ad2bb741c2b63b26cea9cb656199.torrent
c:\program files\BitComet\archive\a8773b6cef2703cfdd9d2fe0f6cf4aa61c3361b5.torrent
c:\program files\BitComet\archive\ae8fa27f1098577d6934c925b5e3640ba7c06487.torrent
c:\program files\BitComet\archive\e806df25d3a12761bf76f5470f994eefade00d07.torrent
c:\program files\BitComet\BitComet.exe
c:\program files\BitComet\BitComet.url
c:\program files\BitComet\BitComet.xml
c:\program files\BitComet\cache\post_info.xml
c:\program files\BitComet\ChangeLog.txt
c:\program files\BitComet\CrashReport.exe
c:\program files\BitComet\dbghelp.dll
c:\program files\BitComet\Downloads.xml
c:\program files\BitComet\Downloads.xml.bak
c:\program files\BitComet\fav\download-complete.wav
c:\program files\BitComet\fav\fav_bg.xml
c:\program files\BitComet\fav\fav_ca.xml
c:\program files\BitComet\fav\fav_de.xml
c:\program files\BitComet\fav\fav_el.xml
c:\program files\BitComet\fav\fav_en_us.xml
c:\program files\BitComet\fav\fav_en_us.xml.bak
c:\program files\BitComet\fav\fav_es.xml
c:\program files\BitComet\fav\fav_fi.xml
c:\program files\BitComet\fav\fav_he.xml
c:\program files\BitComet\fav\fav_hu.xml
c:\program files\BitComet\fav\fav_it.xml
c:\program files\BitComet\fav\fav_ja.xml
c:\program files\BitComet\fav\fav_ko.xml
c:\program files\BitComet\fav\fav_lv.xml
c:\program files\BitComet\fav\fav_nl.xml
c:\program files\BitComet\fav\fav_pl.xml
c:\program files\BitComet\fav\fav_pt.xml
c:\program files\BitComet\fav\fav_pt_br.xml
c:\program files\BitComet\fav\fav_ru.xml
c:\program files\BitComet\fav\fav_sl.xml
c:\program files\BitComet\fav\fav_th.xml
c:\program files\BitComet\fav\fav_uk.xml
c:\program files\BitComet\fav\fav_vi.xml
c:\program files\BitComet\fav\fav_zh_cn.xml
c:\program files\BitComet\fav\fav_zh_tw.xml
c:\program files\BitComet\fav\HowTo-AddYourSite.txt
c:\program files\BitComet\fav\passport_info_en_us.mht
c:\program files\BitComet\fav\passport_info_zh_cn.mht
c:\program files\BitComet\fav\passport_info_zh_tw.mht
c:\program files\BitComet\fav\passport_login_en_us.mht
c:\program files\BitComet\fav\passport_login_zh_cn.mht
c:\program files\BitComet\fav\passport_login_zh_tw.mht
c:\program files\BitComet\lang\bitcomet-ar.mo
c:\program files\BitComet\lang\bitcomet-bg.mo
c:\program files\BitComet\lang\bitcomet-bs.mo
c:\program files\BitComet\lang\bitcomet-ca.mo
c:\program files\BitComet\lang\bitcomet-cs.mo
c:\program files\BitComet\lang\bitcomet-da.mo
c:\program files\BitComet\lang\bitcomet-de.mo
c:\program files\BitComet\lang\bitcomet-el.mo
c:\program files\BitComet\lang\bitcomet-en_US.mo
c:\program files\BitComet\lang\bitcomet-es.mo
c:\program files\BitComet\lang\bitcomet-es_AR.mo
c:\program files\BitComet\lang\bitcomet-et.mo
c:\program files\BitComet\lang\bitcomet-eu.mo
c:\program files\BitComet\lang\bitcomet-fa.mo
c:\program files\BitComet\lang\bitcomet-fi.mo
c:\program files\BitComet\lang\bitcomet-fr.mo
c:\program files\BitComet\lang\bitcomet-gl.mo
c:\program files\BitComet\lang\bitcomet-he.mo
c:\program files\BitComet\lang\bitcomet-hr.mo
c:\program files\BitComet\lang\bitcomet-hu.mo
c:\program files\BitComet\lang\bitcomet-hy.mo
c:\program files\BitComet\lang\bitcomet-id.mo
c:\program files\BitComet\lang\bitcomet-it.mo
c:\program files\BitComet\lang\bitcomet-ja.mo
c:\program files\BitComet\lang\bitcomet-kk.mo
c:\program files\BitComet\lang\bitcomet-kn.mo
c:\program files\BitComet\lang\bitcomet-ko.mo
c:\program files\BitComet\lang\bitcomet-lt.mo
c:\program files\BitComet\lang\bitcomet-lv.mo
c:\program files\BitComet\lang\bitcomet-mk.mo
c:\program files\BitComet\lang\bitcomet-ms.mo
c:\program files\BitComet\lang\bitcomet-nb.mo
c:\program files\BitComet\lang\bitcomet-ne.mo
c:\program files\BitComet\lang\bitcomet-nl.mo
c:\program files\BitComet\lang\bitcomet-pl.mo
c:\program files\BitComet\lang\bitcomet-pt.mo
c:\program files\BitComet\lang\bitcomet-pt_BR.mo
c:\program files\BitComet\lang\bitcomet-ro.mo
c:\program files\BitComet\lang\bitcomet-ru.mo
c:\program files\BitComet\lang\bitcomet-sk.mo
c:\program files\BitComet\lang\bitcomet-sl.mo
c:\program files\BitComet\lang\bitcomet-sq.mo
c:\program files\BitComet\lang\bitcomet-sr.mo
c:\program files\BitComet\lang\bitcomet-sv.mo
c:\program files\BitComet\lang\bitcomet-ta.mo
c:\program files\BitComet\lang\bitcomet-th.mo
c:\program files\BitComet\lang\bitcomet-tr.mo
c:\program files\BitComet\lang\bitcomet-uk.mo
c:\program files\BitComet\lang\bitcomet-ur.mo
c:\program files\BitComet\lang\bitcomet-vi.mo
c:\program files\BitComet\lang\bitcomet-zh_CN.mo
c:\program files\BitComet\lang\bitcomet-zh_TW.mo
c:\program files\BitComet\lang\HowTo-Translate.txt
c:\program files\BitComet\License.txt
c:\program files\BitComet\ReadMe.txt
c:\program files\BitComet\rules\dhtnodes.dat
c:\program files\BitComet\rules\tracker.dat
c:\program files\BitComet\scripts\cookie.lua
c:\program files\BitComet\scripts\mp3_baidu.lua
c:\program files\BitComet\scripts\mp3_didai.lua
c:\program files\BitComet\scripts\mp3_iask.lua
c:\program files\BitComet\scripts\mp3_qihoo.lua
c:\program files\BitComet\scripts\mp3_sogou.lua
c:\program files\BitComet\scripts\mp3_sogua.lua
c:\program files\BitComet\scripts\mp3_yahoo.lua
c:\program files\BitComet\scripts\mp3_zhongsou.lua
c:\program files\BitComet\scripts\refer_crsky.lua
c:\program files\BitComet\scripts\refer_newhua.lua
c:\program files\BitComet\scripts\refer_pchome.lua
c:\program files\BitComet\scripts\refer_skycn.lua
c:\program files\BitComet\scripts\refer_sourceforge.lua
c:\program files\BitComet\scripts\soft_21cn.lua
c:\program files\BitComet\scripts\soft_crsky.lua
c:\program files\BitComet\scripts\soft_ddooo.lua
c:\program files\BitComet\scripts\soft_duote.lua
c:\program files\BitComet\scripts\soft_it_com_cn.lua
c:\program files\BitComet\scripts\soft_mydown.lua
c:\program files\BitComet\scripts\soft_mydrivers.lua
c:\program files\BitComet\scripts\soft_newhua.lua
c:\program files\BitComet\scripts\soft_pchome.lua
c:\program files\BitComet\scripts\soft_pconline.lua
c:\program files\BitComet\scripts\soft_sina.lua
c:\program files\BitComet\scripts\soft_skycn.lua
c:\program files\BitComet\scripts\soft_sohu.lua
c:\program files\BitComet\scripts\soft_zol.lua
c:\program files\BitComet\share\my_shares.xml
c:\program files\BitComet\tools\bitcomet_extension_signed.xpi
c:\program files\BitComet\tools\BitCometAgent_1.3.3.2.dll
c:\program files\BitComet\tools\BitCometBHO_1.3.3.2.dll
c:\program files\BitComet\tools\npBitCometAgent.dll
c:\program files\BitComet\tools\nsIBitCometAgent.xpt
c:\program files\BitComet\tools\UPNP.exe
c:\program files\BitComet\tools\VideoSnapshot.exe
c:\program files\BitComet\torrents\[2003] Number Ones - Michael Jackson - 184mb @ 320.torrent
c:\program files\BitComet\torrents\Billy Madison.avi.torrent
c:\program files\BitComet\torrents\BOWLING FOR SOUP - DISCOGRAPHY [CHANNEL NEO].torrent
c:\program files\BitComet\torrents\ComboFix.exe.xml
c:\program files\BitComet\torrents\Family Guy - Blue Harvest.avi.torrent
c:\program files\BitComet\torrents\Family Guy - Blue Harvest.avi.xml
c:\program files\BitComet\torrents\Green Day - 21st Century Breakdown (2009) - Rock [WwW.GureTorrents.CoM][By Bloop].torrent
c:\program files\BitComet\torrents\Green Day - 21st Century Breakdown (2009) - Rock [WwW.GureTorrents.CoM][By Bloop].xml
c:\program files\BitComet\torrents\Hilary Duff - Metamorphosis [2003].torrent
c:\program files\BitComet\torrents\LimeWire 5.0.11 Pro Multilang - Final.torrent
c:\program files\BitComet\torrents\LimeWire 5.0.11 Pro Multilang - Final.xml
c:\program files\BitComet\torrents\Michael Jackson - Number Ones.torrent
c:\program files\BitComet\torrents\No Doubt - The Singles (1992-2003) @(320).torrent
c:\program files\BitComet\torrents\No Doubt - The Singles (1992-2003) @(320).xml
c:\program files\BitComet\torrents\The Beach Boys - 20 Good Vibrations (The Greatest Hits) (MP3@320Kbps).torrent
c:\program files\BitComet\torrents\The Beach Boys - 20 Good Vibrations (The Greatest Hits) (MP3@320Kbps).xml
c:\program files\BitComet\uninst.exe
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IWFJRVCI
-------\Legacy_LYDLCNC
-------\Legacy_TIGLY
-------\Service_I2decenrvi
-------\Service_iwfjrvci
-------\Service_lydlcnc
-------\Service_tigly


((((((((((((((((((((((((( Files Created from 2009-06-03 to 2009-07-03 )))))))))))))))))))))))))))))))
.

2009-07-03 16:17 . 2009-06-17 15:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-03 16:17 . 2009-06-17 15:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-03 04:15 . 2009-07-03 04:15 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-07-03 04:15 . 2009-07-03 04:15 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-07-02 20:55 . 2009-07-02 20:55 574 ----a-w- C:\cleanup.bat
2009-07-02 20:55 . 2009-07-02 20:55 135168 ----a-w- C:\zip.exe
2009-07-02 14:52 . 2009-07-03 06:41 -------- d-----w- c:\program files\Common Files\PC Tools
2009-06-30 22:03 . 2009-06-30 22:04 -------- d-----w- c:\documents and settings\Kevin\Local Settings\Application Data\Temp
2009-06-11 23:13 . 2009-06-11 23:13 -------- d-----w- c:\documents and settings\Kevin\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
2009-06-10 09:01 . 2009-06-10 09:01 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2009-06-10 07:15 . 2009-06-10 07:16 -------- d-----w- c:\program files\iTunes
2009-06-10 07:15 . 2009-06-10 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-10 07:09 . 2009-06-10 07:11 -------- d-----w- c:\program files\QuickTime
2009-06-10 07:04 . 2009-06-05 15:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-10 06:35 . 2009-06-10 06:35 -------- d-----w- c:\program files\ConvertHelper
2009-06-09 22:00 . 2009-06-09 22:00 -------- d-----w- c:\program files\YouTube Downloader
2009-06-09 17:10 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-09 17:10 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-06 21:41 . 2009-06-06 21:44 -------- dc-h--w- c:\windows\ie8
2009-06-05 17:57 . 2009-06-05 17:57 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 19:04 . 2007-01-12 07:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-07-03 19:04 . 2006-07-19 18:28 -------- d-----w- c:\program files\Viewpoint
2009-07-03 18:58 . 2006-08-05 02:03 -------- d-----w- c:\program files\Java
2009-07-03 18:04 . 2009-06-21 17:47 -------- d-----w- c:\program files\PeerGuardian2
2009-07-03 16:17 . 2008-12-08 21:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-03 06:41 . 2006-11-28 07:02 -------- d-----w- c:\program files\Spyware Doctor
2009-07-03 06:09 . 2008-10-25 16:41 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-03 05:56 . 2008-07-03 05:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-07-02 20:07 . 2006-09-02 23:05 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-02 12:56 . 2006-08-06 06:51 -------- d-----w- c:\program files\PokerStars
2009-06-30 21:35 . 2007-11-23 05:14 -------- d-----w- c:\documents and settings\Kevin\Application Data\Move Networks
2009-06-30 21:29 . 2009-06-30 21:29 127872 ----a-w- c:\documents and settings\Kevin\Application Data\Move Networks\uninstall.exe
2009-06-30 21:29 . 2009-06-16 06:35 4183416 ----a-w- c:\documents and settings\Kevin\Application Data\Move Networks\plugins\npqmp071503000010.dll
2009-06-30 03:13 . 2009-06-30 03:13 -------- d-----w- c:\program files\TweetDeck
2009-06-26 03:39 . 2006-12-21 06:41 -------- d-----w- c:\program files\Camfrog
2009-06-25 22:15 . 2009-06-25 22:15 488960 ----a-w- c:\documents and settings\Kevin\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\pmv302-0811070-0-main.dll
2009-06-25 22:15 . 2009-06-25 22:15 319488 ----a-w- c:\documents and settings\Kevin\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
2009-06-23 05:22 . 2009-06-23 05:22 185 ----a-w- c:\windows\winnit.reg
2009-06-22 19:23 . 2009-06-22 19:23 239088 ----a-w- c:\documents and settings\Kevin\Application Data\Mozilla\plugins\npgoogletalk.dll
2009-06-16 06:35 . 2009-06-16 06:35 97144 ----a-w- c:\documents and settings\Kevin\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe
2009-06-13 09:02 . 2008-08-29 00:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-10 09:18 . 2009-03-27 05:36 -------- d-----w- c:\program files\Windows Desktop Search
2009-06-10 07:16 . 2006-08-04 21:03 -------- d-----w- c:\program files\iPod
2009-06-10 07:16 . 2007-09-10 23:58 -------- d-----w- c:\program files\Common Files\Apple
2009-06-10 07:12 . 2007-10-26 05:37 -------- d-----w- c:\program files\Bonjour
2009-06-10 07:05 . 2007-09-10 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-05 15:42 . 2007-12-06 20:51 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-02 07:04 . 2008-10-23 23:56 -------- d-----w- c:\documents and settings\Kevin\Application Data\skypePM
2009-06-02 07:01 . 2008-10-23 23:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-05-25 04:24 . 2008-05-27 02:18 350208 ----a-w- c:\windows\system32\mssph.dll
2009-05-19 03:34 . 2009-05-15 05:27 -------- d-----w- c:\program files\Free FLV Converter
2009-05-13 05:15 . 2005-03-10 08:02 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-12 19:12 . 2006-07-19 02:48 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-05-07 15:44 . 2004-08-04 12:00 344064 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 18:51 . 2009-05-05 18:51 -------- d-----w- c:\documents and settings\Kevin\Application Data\Windows Search
2009-05-04 19:07 . 2009-06-02 05:42 2298680 ----a-w- c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\h2yzytjk.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2009-04-21 18:51 . 2009-05-15 05:27 294912 ----a-w- c:\windows\system32\TubeFinder.exe
2009-04-17 09:58 . 2005-03-02 01:06 1846656 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 15:26 . 2004-08-04 12:00 583168 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-11 05:06 . 2009-06-20 06:31 38208 ----a-w- c:\documents and settings\Kevin\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-04-06 05:10 . 2009-04-06 05:10 1669 ----a-w- c:\windows\unins000.dat
2008-10-25 16:40 . 2008-10-25 16:40 10279270 ----a-w- c:\program files\pmconverter_setup.exe
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-03 18:49 . 2008-10-01 03:02 139264 c:\windows\system32\javaw.exe
- 2008-10-01 03:02 . 2008-10-01 03:02 139264 c:\windows\system32\javaw.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"Aim6"="c:\program files\AIM6\aim6.exe" [2009-04-27 49968]
"AIM"="c:\program files\AIM\aim.exe" [2006-08-01 67112]
"msnmsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Google Update"="c:\documents and settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]
"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2007-01-30 1432064]
"ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe" [2009-03-16 1824040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="thpsrv" [X]
"librtexec"="javaw -jar" [X]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UdaterUI.exe" [2008-05-27 136512]
"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2004-09-23 94208]
"Network Associates Error Reporting Service"="c:\program files\Common Files\Network Associates\TalkBack\TBMon.exe" [2003-10-07 147514]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-03-24 196608]
"00THotkey"="c:\windows\system32\00THotkey.exe" [2006-04-24 253952]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2006-05-05 30208]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-08-13 180269]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"Windows Media Connect 2"="c:\program files\Windows Media Connect 2\WMCCFG.exe" [2006-10-19 8704]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2008-08-04 160800]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"TotalRecorderScheduler"="c:\program files\HighCriteria\TotalRecorder\TotRecSched.exe" [2006-05-12 86016]
"000StTHK"="000StTHK.exe" - c:\windows\system32\000StTHK.exe [2001-06-23 24576]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\agrsmmsg.exe [2006-03-04 88204]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-09 16207360]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-04-24 1448960]

c:\documents and settings\Default User\Start Menu\Programs\Startup\
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgent.exe [2008-4-2 1884880]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgent.exe [2008-4-2 1884880]

c:\documents and settings\Guest\Start Menu\Programs\Startup\
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgent.exe [2008-4-2 1884880]

c:\documents and settings\Kevin\Start Menu\Programs\Startup\
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe [2007-12-7 28672]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Nikon Monitor.lnk - c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [2007-10-18 479232]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-7-18 155648]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2006-05-05 21:48 40448 ----a-w- c:\windows\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave"=DrvTrNTm.dll
"mixer"=DrvTrNTm.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\docume~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.exe \??\c:\docume~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.dat

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\AIM6\\aolsoftware.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Documents and Settings\\Kevin\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Kevin\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Kevin\\Application Data\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=

R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [12/27/2004 11:31 PM 16384]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [7/18/2006 11:28 AM 6144]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [7/18/2006 9:53 PM 58464]
R2 FdRedir;FdRedir;c:\program files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [5/5/2006 6:00 PM 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\Common Files\Protector Suite QL\Drivers\filedisk.sys [5/5/2006 5:59 PM 33024]
R2 smihlp;SMI helper driver;c:\program files\Protector Suite QL\smihlp.sys [5/5/2006 5:33 PM 3456]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [6/10/2005 1:26 PM 35968]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [1/14/2008 6:06 AM 21632]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 gttap1;GoTrusted TAP Adapter;c:\windows\system32\DRIVERS\gttap1.sys --> c:\windows\system32\DRIVERS\gttap1.sys [?]
S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [8/8/2008 6:31 PM 33808]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - PGFILTER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3648010671-415334117-2666150105-1020Core.job
- c:\documents and settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 03:00]

2009-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3648010671-415334117-2666150105-1020UA.job
- c:\documents and settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 03:00]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-BitTorrent DNA - c:\program files\DNA\btdna.exe
HKCU-Run-BitComet - c:\program files\BitComet\BitComet.exe


.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Save with Download Manager... - [You must be registered and logged in to see this link.]\program files\Ctrax Player\DMDownload.htm
DPF: {276595D9-1388-512A-F24E-B6B3DE32B732} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\h2yzytjk.default\
FF - plugin: c:\documents and settings\Kevin\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\Kevin\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Kevin\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-07-03 15:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(908)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\windows\system32\biologon.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\remote.dll
c:\program files\Protector Suite QL\crypto.dll
c:\program files\Protector Suite QL\biokmd.dll
c:\program files\Protector Suite QL\mysafe.dll

- - - - - - - > 'lsass.exe'(968)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\windows\system32\EntApi.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1300)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Protector Suite QL\mysafe.dll
c:\program files\Protector Suite QL\infra.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\EntApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\DVDRAMSV.exe
c:\program files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\Network Associates\VirusScan\VsTskMgr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Network Associates\Common Framework\naPrdMgr.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\ThpSrv.exe
c:\windows\system32\searchindexer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Network Associates\Common Framework\Mctray.exe
c:\windows\system32\ThpSrv.exe
c:\program files\Apoint2K\ApntEx.exe
c:\program files\Protector Suite QL\psqltray.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\program files\AIM6\aolsoftware.exe
c:\program files\AIM6\aolsoftware.exe
c:\program files\Network Associates\VirusScan\Mcshield.exe
.
**************************************************************************
.
Completion time: 2009-07-03 15:41 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-03 19:41
ComboFix2.txt 2009-07-03 17:50

Pre-Run: 8,947,396,608 bytes free
Post-Run: 8,856,088,576 bytes free

908 --- E O F --- 2009-06-24 09:00

So far so good, just got a bubble on the start bar saying "virusscan enterprise is turned off"

It's the virus protection that's located with Windows Firewall, and windows security.

I'll give it a shot, I'll have to uninstall it when I go back to school anyway cause they only allow McAfee.

I mean, McAfee is enabled and running.

Could it have been because I disabled it for the ComboFix scans?