WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

UIPopupHidden...

Started by Snow , May 06 2008 10:52 AM

Please log in to reply

30 replies to this topic

#16 Snow

Authentic Member

Authentic Member
98 posts

Posted 30 May 2008 - 04:35 AM

Goodmorning Gringo... My Old Disk Structure isnt needed, ive been deleting whatever it has let me delete, we reformatted this machine in 2005 thats when this file was created. There is nothing in there that is needed i will follow your instructions as soon as i am back

Snow

Advertisements

Register to Remove

#17 Snow

Authentic Member

Authentic Member
98 posts

Posted 01 June 2008 - 08:13 AM

Hello Gringo... here is the log of the OTMoveIt scan, where did it move the files to? i still see it in my folders did i do this right? C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\system32\shelldata\cfg\8 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\system32\shelldata\cfg moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\system32\shelldata moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\system32\dllcache\PLUGINS moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\system32\dllcache moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\system32 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\PIF moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\msdownld.tmp moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{D64DCF1C-7A95-49A4-BAFA-C42B5CF6B8B6} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{C6F5B6CF-609C-428E-876F-CA83176C021B} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{ABEB838C-A1A7-4C5D-B7E1-8B4314600813} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{ABEB838C-A1A7-4C5D-B7E1-8B4314600137} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{A93C9E60-29B6-49da-BA21-F70AC6AADE20} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{9DE006A5-B384-4EDE-A760-0F217136B9EA} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{911B0409-6000-11D3-8CFE-0050048383C9} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{8FDD2A92-9F75-4706-B8C2-08499A9863E6} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{81DD5688-695A-4c1d-AE7D-368BF857725A} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{7EE9DE0D-9228-4C33-B80E-FDD1773600DF} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{745A92AF-53B4-41A7-91C3-9B026B1D5897} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142040} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{6E234F6E-0828-405B-8776-2777EA315945} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{57C7C46A-D35D-492d-A328-4F8C9B5B4B52} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{4E68EAA3-775A-4542-A08A-47DB8E8E74A6} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{40AB54C3-DD4B-467A-847E-162035CD252C} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{369B36BE-3D64-4641-9AEA-808D436FE132} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{2E132061-C78A-48D4-A899-1D13B9D189FA} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{18A26B47-5777-4D43-8FC5-0CE1EE7BEC0F} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer\{15EE79F4-4ED1-4267-9B0F-351009325D7D} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\Installer moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\inf moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\ftpcache moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ828026$\spuninst moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ828026$ scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ817606$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ817606$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ817287$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ817287$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ815021$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ815021$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ814033$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ814033$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ811493$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ811493$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ810833$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ810833$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ810577$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ810577$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ810565$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ810565$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329834$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329834$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329441$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329441$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329390$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329390$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329170$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329170$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329115$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329115$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329048$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ329048$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ328310$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ328310$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB903235$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB903235$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB901214$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB901214$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB899591$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB899591$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB899588$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB899588$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB899587$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB899587$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB898461$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB898461$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896727$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896727$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896428$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896428$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896423$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896423$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896422$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896422$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896358$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB896358$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB894391$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB894391$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB893756$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB893756$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB893086$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB893086$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB893066$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB893066$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB891781$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB891781$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890923$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890923$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890859$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890859$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890175$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890175$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890047$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890047$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890046$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB890046$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB888302$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB888302$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB888113$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB888113$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB887797$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB887797$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB887742$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB887742$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB887472$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB887472$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB886185$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB886185$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885884$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885884$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885836$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885836$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885835$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885835$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885250$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB885250$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB884020$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB884020$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB883939$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB883939$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB873339$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB873339$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB873333$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB873333$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB867282$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB867282$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB842773$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB842773$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB841873$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB841873$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB840374$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB840374$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB840315$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB840315$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB839645$\spuninst moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB839645$ scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB839643-DirectX9$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB839643-DirectX9$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB837001$\spuninst moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB837001$ scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB835732$\spuninst moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB835732$ scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB834707$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB834707$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828741$\spuninst moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828741$ scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828035$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828035$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828028$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828028$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB825119$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB825119$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB824146$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB824146$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB824141$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB824141$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB824105$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB824105$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB823980$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB823980$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB823559$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB823559$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB823182$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB823182$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB821557$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB821557$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB810217$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB810217$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtServicePackUninstall$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtServicePackUninstall$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$MSI31Uninstall_KB893803v2$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$MSI31Uninstall_KB893803$\spuninst moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$MSI31Uninstall_KB893803$ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB901214\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB901214\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB901214 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899591\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899591\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899591 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899588\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899588\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899588 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899587\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899587\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB899587 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB898461\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB898461 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896727\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896727\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896727 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896428\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896428\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896428 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896423\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896423\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896423 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896422\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896422\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896422 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896358\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896358\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB896358 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB894391\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB894391\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB894391 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB893756\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB893756\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB893756 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB893086\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB893086\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB893086 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB893066 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB891781\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB891781\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB891781 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890923\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890923\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890923 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890859\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890859\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890859 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890175\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890175\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890175 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890047\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890047\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890047 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890046\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890046\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB890046 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB888302\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB888302\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB888302 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB888113\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB888113\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB888113 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887797\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887797\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887797 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887742\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887742\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887742 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887472\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887472\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB887472 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB886185\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB886185\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB886185 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885836\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885836\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885836 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885835\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885835\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885835 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885250\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885250\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB885250 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB883939\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB883939\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB883939 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB873339\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB873339\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB873339 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB873333\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB873333\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB873333 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB867282\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB867282\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB867282 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB834707\update moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB834707\SP2QFE moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$\KB834707 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$hf_mig$ moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER\S-1-5-21-773119264-2650805779-3784137826-1005 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER\S-1-5-21-2424629274-810355832-1822439336-500 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER\S-1-5-21-2424629274-810355832-1822439336-1009 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER\S-1-5-21-2424629274-810355832-1822439336-1008 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER\S-1-5-21-2424629274-810355832-1822439336-1007 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER\S-1-5-21-2424629274-810355832-1822439336-1006 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER\S-1-5-21-212580986-2681017343-4103935507-1003 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\RECYCLER moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\WindowsUpdate moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\Uninstall Information\oeupdate moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\Uninstall Information\mupdate moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\Uninstall Information\ieupdate moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\Uninstall Information moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{ED0B70E3-8980-4977-9545-E490655E111D} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{D89EF3B3-6F17-4665-B7A9-A4235A6DC787} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{BD73E31E-4170-47A6-9D4E-7ADADAA47961} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{9705A7E1-3DD1-4BAC-8CA9-FE7B1473BEC9} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{8FDD2A92-9F75-4706-B8C2-08499A9863E6} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{7C21EEE0-E6FD-11D4-BD19-00D0B702AEC0} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{6529F8FB-3043-4F17-861A-4B2BDD8112BC} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{564A8DD3-70BC-4018-A5C3-7CEB10BBB6E9} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{53337CA9-E9A4-4C59-9D1C-D980EF9BF0C2} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{4E68EAA3-775A-4542-A08A-47DB8E8E74A6} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{45EBDA59-D33B-433A-956E-B2F236468B56} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{1EC4CE9D-EAEE-4DA1-AB8D-9E6B7FED6742} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{1B4AA674-F5CA-4BB5-831A-CD37B4021959} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{052ABAD5-A6BC-4898-8B9E-3B8294108CC7} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information\{012A835C-6937-44D0-8A04-6F40728538D4} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files\InstallShield Installation Information moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Program Files moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VE8TRJ7S moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OXER0TQ7 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\K5Q38XEF moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\J61PT6N9 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Temp moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\History\History.IE5 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\History moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows Media Connect\SCPD moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows Media Connect\Icon Files moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows Media Connect moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Credentials\S-1-5-20 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Credentials moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data\ApplicationHistory moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings\Application Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Local Settings moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Cookies moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\CTLs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\CRLs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\Certificates moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\Credentials\S-1-5-20 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\Credentials moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\CLR Security Config\v1.1.4322 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft\CLR Security Config moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data\Microsoft moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService\Application Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\NetworkService moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Melanie scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Start Menu\Programs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Start Menu moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OPQ34HIJ moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Temporary Internet Files moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Temp moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\History\History.IE5 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\History moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\10.0 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Internet Explorer moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Credentials\S-1-5-19 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Credentials moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data\Google moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings\Application Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Local Settings moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Cookies moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\Description Documents moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\CTLs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\CRLs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\Certificates moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\Internet Explorer moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\Credentials\S-1-5-19 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft\Credentials moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data\Microsoft moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService\Application Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\LocalService moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\UserData scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Templates scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Start Menu scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Shared scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\SendTo scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Recent scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\PrintHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\NetHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\My Documents scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Local Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Incomplete scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Favorites scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Desktop scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Cookies scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Application Data scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\.limewire scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane scheduled to be moved on reboot. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Templates moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Start Menu\Programs\Startup moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Start Menu\Programs\Accessories moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Start Menu\Programs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Start Menu moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\SendTo moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Recent moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\PrintHood moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\NetHood moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\My Documents\My Videos moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\My Documents\My Pictures moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\My Documents\My Music moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\My Documents\Data\Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\My Documents\Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\My Documents moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\XFCTKYSG moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\UQ529XTX moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Temporary Internet Files moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Temp\{0bedbd4e-2d34-47b5-9973-57e62b29307c} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Temp\_is1 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Temp moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\History\History.IE5 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\History moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\WMTools Downloaded Files moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows Media\9.0 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows Media moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Movie Maker moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Media Player moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Internet Explorer moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-2752991226-4282951562-813958858-1003 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-212580986-2681017343-4103935507-1003 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-183450923-955046455-3802400216-1003 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Credentials moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\CD Burning moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Microsoft moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data\Help moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings\Application Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Local Settings moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Favorites\Links moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Favorites moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Desktop moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Cookies moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Windows\Themes moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Windows moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\CTLs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\CRLs moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\Certificates moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\MMC moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Media Player moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\HTML Help moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Credentials\S-1-5-21-2752991226-4282951562-813958858-1003 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Credentials\S-1-5-21-212580986-2681017343-4103935507-1003 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Credentials\S-1-5-21-183450923-955046455-3802400216-1003 moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft\Credentials moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Microsoft moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Identities\{E148200D-C0D4-42E4-B2A2-E60F9137A1D9} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Identities\{473B6271-9217-40FD-A037-CBF53E1B1845} moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Identities moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data\Help moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User\Application Data moved successfully. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Default User moved successfully. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Dan scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06\sp2 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM scheduled to be moved on reboot. OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06012008_095340 Files moved on Reboot... Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ828026$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB839645$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB837001$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB835732$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828741$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ828026$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB839645$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB837001$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB835732$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828741$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Melanie scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\UserData scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Templates scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Start Menu scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Shared scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\SendTo scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Recent scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\PrintHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\NetHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\My Documents scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Local Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Incomplete scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Favorites scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Desktop scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Cookies scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Application Data scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\.limewire scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\UserData scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Templates scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Start Menu scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Shared scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\SendTo scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Recent scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\PrintHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\NetHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\My Documents scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Local Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Incomplete scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Favorites scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Desktop scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Cookies scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Application Data scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\.limewire scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Dan scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Melanie scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\UserData scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Templates scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Start Menu scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Shared scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\SendTo scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Recent scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\PrintHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\NetHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\My Documents scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Local Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Incomplete scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Favorites scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Desktop scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Cookies scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Application Data scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\.limewire scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Dan scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06\sp2 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06\sp2 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallQ828026$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB839645$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB837001$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB835732$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS\$NtUninstallKB828741$ scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Melanie scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\UserData scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Templates scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Start Menu scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Shared scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\SendTo scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Recent scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\PrintHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\NetHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\My Documents scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Local Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Incomplete scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Favorites scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Desktop scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Cookies scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Application Data scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\.limewire scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Dan scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06\sp2 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Melanie scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\UserData scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Templates scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Start Menu scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Shared scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\SendTo scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Recent scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\PrintHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\NetHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\My Documents scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Local Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Incomplete scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Favorites scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Desktop scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Cookies scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Application Data scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\.limewire scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Dan scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06\sp2 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM scheduled to be moved on reboot. OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06012008_193300

Edited by Snow, 01 June 2008 - 05:35 PM.

#18 gringo_pr

Silver Member

Visiting Fellow
423 posts

Posted 01 June 2008 - 12:11 PM

Hello Snow It seems that you did not give me all of the report If you can give me the parts that was left out if you need to give it to me in more than one report Gringo

#19 Snow

Authentic Member

Authentic Member
98 posts

Posted 01 June 2008 - 05:36 PM

sorry about that...i had 3 logs i think this was the rest of it... Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Melanie scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\WINDOWS scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\UserData scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Templates scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Start Menu scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Shared scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\SendTo scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Recent scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\PrintHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\NetHood scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\My Documents scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Local Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Incomplete scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Favorites scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Desktop scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Cookies scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\Application Data scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\.limewire scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Dan scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06\sp2 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM\b06 scheduled to be moved on reboot. Folder move failed. C:\My old Disk Structure -- 05-09-08 0901PM scheduled to be moved on reboot. OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06012008_193300

#20 gringo_pr

Silver Member

Visiting Fellow
423 posts

Posted 04 June 2008 - 09:17 AM

Hello Snow

:run combofix:

If you have an older virsion please delete it and download this newer one

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: how-to-use-combofix

Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note:Do not mouseclick combofix's window while it's running. That may cause it to stall

:information and logs:

In your next post I need the following

1.log from combofix
2.new log from hijackthis
[/list]
Gringo

#21 Snow

Authentic Member

Authentic Member
98 posts

Posted 04 June 2008 - 10:51 AM

Hi Gringo...

here is the Combofix report and a new HJT report...

ComboFix 08-06-03.4 - MOM 2008-06-04 12:27:30.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.221 [GMT -4:00]
Running from: C:\Documents and Settings\MOM\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\MOM\Application Data\macromedia\Flash Player\#SharedObjects\CYSYDLJL\www.broadcaster.com
C:\Documents and Settings\MOM\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\MOM\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\winhelp.ini

.
((((((((((((((((((((((((( Files Created from 2008-05-04 to 2008-06-04 )))))))))))))))))))))))))))))))
.

2008-06-01 09:53 . 2008-06-01 09:53 <DIR> d-------- C:\_OTMoveIt
2008-05-28 06:33 . 2008-05-28 06:34 <DIR> d-------- C:\Program Files\Panda Security
2008-05-26 21:42 . 2003-05-01 21:03 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-05-26 21:42 . 2008-05-26 21:42 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-26 08:33 . 2008-05-26 08:33 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-26 08:33 . 2008-05-26 08:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-26 06:39 . 2008-05-26 06:39 <DIR> d-------- C:\Documents and Settings\MOM\Application Data\Malwarebytes
2008-05-26 06:38 . 2008-05-26 06:38 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-26 06:38 . 2008-05-26 06:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-26 06:38 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-26 06:38 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-25 22:11 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-25 22:10 . 2008-05-25 22:10 <DIR> d-------- C:\Program Files\Common Files\Java
2008-05-14 11:07 . 2008-05-14 11:07 <DIR> d-------- C:\WINDOWS\system32\CodeBaby
2008-05-14 11:06 . 2005-07-12 02:28 69,632 --a------ C:\WINDOWS\system32\MCCDevice.dll
2008-05-14 11:06 . 2005-07-12 02:28 6,048 --a------ C:\WINDOWS\system32\MCC16.dll
2008-05-10 20:55 . 2008-05-10 20:55 <DIR> d-------- C:\Documents and Settings\MOM\Application Data\Uniblue
2008-05-10 20:10 . 2008-05-10 20:10 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-10 15:28 . 2008-05-10 15:28 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-10 15:27 . 2008-05-10 15:28 <DIR> d-------- C:\HJT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-03 16:53 1,225 ----a-w C:\Program Files\INSTALL.LOG
2008-06-01 16:36 --------- d-----w C:\Documents and Settings\DAN\Application Data\LimeWire
2008-05-30 14:59 --------- d-----w C:\Documents and Settings\MOM\Application Data\Image Zone Express
2008-05-27 18:24 --------- d-----w C:\Documents and Settings\MOM\Application Data\AdobeUM
2008-05-26 02:11 --------- d-----w C:\Program Files\Java
2008-05-26 02:01 --------- d-----w C:\Program Files\ewido anti-malware
2008-05-14 15:07 --------- d-----w C:\Program Files\Common Files\Motive
2008-05-05 01:34 --------- d-----w C:\Documents and Settings\MOM\Application Data\LimeWire
2008-05-03 01:45 --------- d-----w C:\Program Files\LimeWire
2008-04-19 17:15 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Bell
2008-03-26 08:09 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 14:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2007-05-27 20:54 46,968 ----a-w C:\Documents and Settings\MEL\Application Data\GDIPFONTCACHEV1.DAT
2006-06-28 16:29 407,080 ----a-w C:\Program Files\msgr8us.exe
2006-03-18 18:53 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-02-07 23:03 2,906 ----a-w C:\Program Files\setuplog.txt
2006-01-13 14:19 5,225,384 ----a-w C:\Program Files\Firefox Setup 1.5.exe
2005-10-29 04:06 5,037,072 ----a-w C:\Program Files\spybotsd14.exe
2005-10-27 15:26 516,031 ----a-w C:\Program Files\ccsetup124.exe
2005-10-27 01:40 2,314,920 ----a-w C:\Program Files\LimeWireWin.exe
2005-10-06 15:17 558,240 ----a-w C:\Program Files\GoogleToolbarInstaller.exe
2005-10-06 12:51 34,039,576 ----a-w C:\Program Files\iTunesSetup.exe
2005-09-16 15:20 2,212,192 ----a-w C:\Program Files\wbsamp.exe
2005-09-16 14:16 3,563,166 ----a-w C:\Program Files\Propackcodec203b.exe
2005-09-15 12:28 21,226,656 ----a-w C:\Program Files\freedom_5_0_10_bell_en.exe
2005-04-19 23:25 53,323 ----a-w C:\Program Files\opera\program\plugins\PlugDef.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-09-24 01:08 49152]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2002-06-10 14:21 102400]
"LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-06-20 12:25 45056]
"SSA.exe"="C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [2007-03-27 11:33 2061816]
"Sympatico Security Manager"="C:\Program Files\Bell\Security Manager\Rps.exe" [2007-08-27 17:57 310000]
"-FreedomNeedsReboot"="C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe" [2007-08-27 17:57 13552]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-09-11 14:48 180269]
"BellCanada_McciTrayApp"="C:\Program Files\BellCanada\McciTrayApp.exe" [2007-11-19 10:33 1468928]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"SoundMan"="SOUNDMAN.EXE" [2003-04-24 19:53 54784 C:\WINDOWS\SOUNDMAN.EXE]
"OemReset"="C:\WINDOWS\OPTIONS\OEMRESET.exe" [ ]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 08:41 94208]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 03:56 15360]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 11:52 218232]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ]

C:\Documents and Settings\DAD\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2008-04-18 15:21:09 147456]

C:\Documents and Settings\MOM\UserData\Start Menu\Programs\Startup\
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [2005-09-16 11:20:49 45056]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-09-24 01:28:44 282624]
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2005-09-11 10:41:48 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.MI-SC4"= MI-SC4.acm
"vidc.XVID"= xvid.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= divxa32.acm
"VIDC.SP53"= SP5X_32.DLL
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"VIDC.SP59"= SP5X_32.DLL
"vidc.MJPG"= m3jpeg32.dll
"vidc.dmb1"= m3jpeg32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VTAgentReboot.exe]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VTAgentReboot.exe
backup=C:\WINDOWS\pss\VTAgentReboot.exeCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2003-04-29 07:00 323584 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freedom]
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
--a------ 2002-11-14 22:34 266240 C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ITMRTSVC"=2 (0x2)
"AVG Anti-Spyware Guard"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"Motive SmartBridge"=C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"LogitechGalleryRepair"=C:\Program Files\Logitech\ImageStudio\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\WINDOWS\\system32\\mshta.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

R2 McciCMService;McciCMService;"C:\Program Files\Common Files\Motive\McciCMService.exe" [2007-11-01 11:59]
S3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 14:21]
S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-10-31 17:51]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-10-31 17:51]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\WINDOWS\system32\DRIVERS\LV551AV.sys [2002-06-10 14:24]
S3 Radialpoint Security Services;Sympatico Security Manager;C:\WINDOWS\system32\dllhost.exe [2004-08-04 03:56]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-23 21:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-05-27 16:10:50 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 12:30:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-04 12:35:17
ComboFix-quarantined-files.txt 2008-06-04 16:35:03

Pre-Run: 63,580,258,304 bytes free
Post-Run: 63,565,185,024 bytes free

181 --- E O F --- 2008-05-27 21:23:44

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:02 PM, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\Fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Bell\Security Manager\Rps.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BellCanada\McciTrayApp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSAComHandler.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Bell\Security Manager\PrtlAgt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Sympatico Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OemReset] %systemroot%\OPTIONS\OEMRESET.EXE /AUDIT
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NetAssistant.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.co...w-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.co...g-ob-assets.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.c...es/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://activation.s...nadaActiveX.cab
O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.c...ureUploader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {F04FE050-90DE-4EDD-A719-7CF3EBA4175E} (DetectCtl Class) - http://transition.sy...ystemdetect.cab
O16 - DPF: {F5078F32-C551-11D3-89B9-0000F81FE221} (XML DOM Document 3.0) - https://signup.msn.c...ages/msxml3.cab
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Bell Sympatico - C:\Program Files\Bell\Security Manager\Fws.exe

--
End of file - 10244 bytes

Thank you!

Snow

#22 gringo_pr

Silver Member

Visiting Fellow
423 posts

Posted 04 June 2008 - 03:38 PM

Hello snow

Boot into Safe Mode

Reboot your computer in Safe Mode.

If the computer is running, shut down Windows, and then turn off the power.
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe Mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
Login on your usual account.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

KILLALL::

Folder::
C:\My old Disk Structure -- 05-09-08 0901PM

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

:information and logs:

In your next post I need the following

1.log from combofix
[/list]
Gringo

#23 Snow

Authentic Member

Authentic Member
98 posts

Posted 04 June 2008 - 05:43 PM

Hi Gringo... What is CFScript?? is it the ComboFix log? Snow

Edited by Snow, 04 June 2008 - 05:44 PM.

#24 gringo_pr

Silver Member

Visiting Fellow
423 posts

Posted 05 June 2008 - 11:34 AM

Hello snow

What is CFScript?? is it the ComboFix log?

Cfscript is what I want you to make with notepad

:Run CFScript:

Cfscript is a text file that I want you to make with notepad
Click on start-->then all programs-->accessories-->then notepad

Open Notepad and copy/paste the text in the box into the window:

KILLALL::

Folder::
C:\My old Disk Structure -- 05-09-08 0901PM

Save it to your desktop as CFScript.txt
click on file then save as
save it as cfscript.txt on your desktop

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image

#25 Snow

Authentic Member

Authentic Member
98 posts

Posted 05 June 2008 - 12:41 PM

Hi Gringo...

here are the results...

ComboFix 08-06-03.4 - MOM 2008-06-05 14:15:16.2 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.361 [GMT -4:00]
Running from: C:\Documents and Settings\MOM\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\MOM\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\ntuser.dat
C:\My old Disk Structure -- 05-09-08 0901PM\Documents and Settings\Diane\ntuser.ini
C:\My old Disk Structure -- 05-09-08 0901PM . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-05-05 to 2008-06-05 )))))))))))))))))))))))))))))))
.

2008-06-01 09:53 . 2008-06-01 09:53 <DIR> d-------- C:\_OTMoveIt
2008-05-28 06:33 . 2008-05-28 06:34 <DIR> d-------- C:\Program Files\Panda Security
2008-05-26 21:42 . 2003-05-01 21:03 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-05-26 21:42 . 2008-05-26 21:42 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-26 08:33 . 2008-05-26 08:33 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-26 08:33 . 2008-05-26 08:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-26 06:39 . 2008-05-26 06:39 <DIR> d-------- C:\Documents and Settings\MOM\Application Data\Malwarebytes
2008-05-26 06:38 . 2008-05-26 06:38 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-26 06:38 . 2008-05-26 06:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-26 06:38 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-26 06:38 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-25 22:11 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-25 22:10 . 2008-05-25 22:10 <DIR> d-------- C:\Program Files\Common Files\Java
2008-05-14 11:07 . 2008-05-14 11:07 <DIR> d-------- C:\WINDOWS\system32\CodeBaby
2008-05-14 11:06 . 2005-07-12 02:28 69,632 --a------ C:\WINDOWS\system32\MCCDevice.dll
2008-05-14 11:06 . 2005-07-12 02:28 6,048 --a------ C:\WINDOWS\system32\MCC16.dll
2008-05-10 20:55 . 2008-05-10 20:55 <DIR> d-------- C:\Documents and Settings\MOM\Application Data\Uniblue
2008-05-10 20:10 . 2008-05-10 20:10 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-10 15:28 . 2008-05-10 15:28 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-10 15:27 . 2008-05-10 15:28 <DIR> d-------- C:\HJT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-05 17:56 --------- d-----w C:\Documents and Settings\MOM\Application Data\Image Zone Express
2008-06-03 16:53 1,225 ----a-w C:\Program Files\INSTALL.LOG
2008-06-01 16:36 --------- d-----w C:\Documents and Settings\DAN\Application Data\LimeWire
2008-05-27 18:24 --------- d-----w C:\Documents and Settings\MOM\Application Data\AdobeUM
2008-05-26 02:11 --------- d-----w C:\Program Files\Java
2008-05-26 02:01 --------- d-----w C:\Program Files\ewido anti-malware
2008-05-14 15:07 --------- d-----w C:\Program Files\Common Files\Motive
2008-05-05 01:34 --------- d-----w C:\Documents and Settings\MOM\Application Data\LimeWire
2008-05-03 01:45 --------- d-----w C:\Program Files\LimeWire
2008-04-19 17:15 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Bell
2007-05-27 20:54 46,968 ----a-w C:\Documents and Settings\MEL\Application Data\GDIPFONTCACHEV1.DAT
2006-06-28 16:29 407,080 ----a-w C:\Program Files\msgr8us.exe
2006-03-18 18:53 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-02-07 23:03 2,906 ----a-w C:\Program Files\setuplog.txt
2006-01-13 14:19 5,225,384 ----a-w C:\Program Files\Firefox Setup 1.5.exe
2005-10-29 04:06 5,037,072 ----a-w C:\Program Files\spybotsd14.exe
2005-10-27 15:26 516,031 ----a-w C:\Program Files\ccsetup124.exe
2005-10-27 01:40 2,314,920 ----a-w C:\Program Files\LimeWireWin.exe
2005-10-06 15:17 558,240 ----a-w C:\Program Files\GoogleToolbarInstaller.exe
2005-10-06 12:51 34,039,576 ----a-w C:\Program Files\iTunesSetup.exe
2005-09-16 15:20 2,212,192 ----a-w C:\Program Files\wbsamp.exe
2005-09-16 14:16 3,563,166 ----a-w C:\Program Files\Propackcodec203b.exe
2005-09-15 12:28 21,226,656 ----a-w C:\Program Files\freedom_5_0_10_bell_en.exe
2005-04-19 23:25 53,323 ----a-w C:\Program Files\opera\program\plugins\PlugDef.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-04_12.34.49.70 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-04 10:05:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-05 18:20:34 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-06-20 19:44:04 379,704 ----a-w C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
+ 2006-11-20 15:04:18 117,088 ----a-w C:\WINDOWS\Downloaded Program Files\PURen-ca.dll
+ 2006-06-20 19:44:02 117,560 ----a-w C:\WINDOWS\Downloaded Program Files\PURen-us.dll
+ 2008-06-05 18:21:06 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_550.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\Bell\Security Manager\IdxClnR.exe" [2007-08-27 17:56 61168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-09-24 01:08 49152]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2002-06-10 14:21 102400]
"LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-06-20 12:25 45056]
"SSA.exe"="C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [2007-03-27 11:33 2061816]
"Sympatico Security Manager"="C:\Program Files\Bell\Security Manager\Rps.exe" [2007-08-27 17:57 310000]
"-FreedomNeedsReboot"="C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe" [2007-08-27 17:57 13552]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-09-11 14:48 180269]
"BellCanada_McciTrayApp"="C:\Program Files\BellCanada\McciTrayApp.exe" [2007-11-19 10:33 1468928]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"SoundMan"="SOUNDMAN.EXE" [2003-04-24 19:53 54784 C:\WINDOWS\SOUNDMAN.EXE]
"OemReset"="C:\WINDOWS\OPTIONS\OEMRESET.exe" [ ]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 08:41 94208]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\Bell\Security Manager\IdxClnR.exe" [2007-08-27 17:56 61168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 03:56 15360]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 11:52 218232]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ]

C:\Documents and Settings\DAD\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2008-04-18 15:21:09 147456]

C:\Documents and Settings\MOM\UserData\Start Menu\Programs\Startup\
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [2005-09-16 11:20:49 45056]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-09-24 01:28:44 282624]
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2005-09-11 10:41:48 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.MI-SC4"= MI-SC4.acm
"vidc.XVID"= xvid.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= divxa32.acm
"VIDC.SP53"= SP5X_32.DLL
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"VIDC.SP59"= SP5X_32.DLL
"vidc.MJPG"= m3jpeg32.dll
"vidc.dmb1"= m3jpeg32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VTAgentReboot.exe]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VTAgentReboot.exe
backup=C:\WINDOWS\pss\VTAgentReboot.exeCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2003-04-29 07:00 323584 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freedom]
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
--a------ 2002-11-14 22:34 266240 C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ITMRTSVC"=2 (0x2)
"AVG Anti-Spyware Guard"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"Motive SmartBridge"=C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"LogitechGalleryRepair"=C:\Program Files\Logitech\ImageStudio\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\WINDOWS\\system32\\mshta.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

R2 McciCMService;McciCMService;"C:\Program Files\Common Files\Motive\McciCMService.exe" [2007-11-01 11:59]
S3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 14:21]
S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-10-31 17:51]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-10-31 17:51]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\WINDOWS\system32\DRIVERS\LV551AV.sys [2002-06-10 14:24]
S3 Radialpoint Security Services;Sympatico Security Manager;C:\WINDOWS\system32\dllhost.exe [2004-08-04 03:56]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-23 21:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-05-27 16:10:50 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-05 14:21:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Bell\Security Manager\Fws.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\snmp.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Bell\Sympatico Security Advisor\SSAComHandler.exe
C:\Program Files\Bell\Security Manager\rpsupdaterr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Bell\Security Manager\PrtlAgt.exe
.
**************************************************************************
.
Completion time: 2008-06-05 14:34:27 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-05 18:33:42
ComboFix2.txt 2008-06-04 16:35:17

Pre-Run: 64,152,797,184 bytes free
Post-Run: 63,597,694,976 bytes free

210 --- E O F --- 2008-05-27 21:23:44

thank you

Snow

Advertisements

Register to Remove

#26 gringo_pr

Silver Member

Visiting Fellow
423 posts

Posted 07 June 2008 - 01:46 PM

Hello Snow

And how are we tonight?

A few loose ends to rap up before we finish this

: Recovery Console :

we need to install the Recovery Console on this computer
this is very important it could save you later

Go to Microsoft's website => http://support.microsoft.com/kb/310994
Select the download that's appropriate for your Operating System

Posted Image

the one for you is Windows XP Service Pack 2 (SP2)

Download the file & save it as it's originally named, next to ComboFix.exe.

Posted Image

Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.

Right click on the file C:\My old Disk Structure choose properties and let me know how big the file is ( I don't think it will be very big anymore and all the bad things are gone now anyway).

let me have the log from combofix and tell me how big C:\My old Disk Structure is.

Thanks
Gringo

#27 Snow

Authentic Member

Authentic Member
98 posts

Posted 07 June 2008 - 10:19 PM

Hello Gringo...

trying to stay cool with 42C humid heat..yuck

here is the Combofix log...the CF_RC.txt didnt show up.

the Old Disk Structure's size is 0 bytes with 0 files and 23folders

ComboFix 08-06-03.4 - MOM 2008-06-07 23:57:31.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.80 [GMT -4:00]
Running from: C:\Documents and Settings\MOM\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\MOM\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2008-05-08 to 2008-06-08 )))))))))))))))))))))))))))))))
.

2008-06-01 09:53 . 2008-06-01 09:53 <DIR> d-------- C:\_OTMoveIt
2008-05-28 06:33 . 2008-05-28 06:34 <DIR> d-------- C:\Program Files\Panda Security
2008-05-26 21:42 . 2003-05-01 21:03 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-05-26 21:42 . 2008-05-26 21:42 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-26 08:33 . 2008-05-26 08:33 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-26 08:33 . 2008-05-26 08:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-26 06:39 . 2008-05-26 06:39 <DIR> d-------- C:\Documents and Settings\MOM\Application Data\Malwarebytes
2008-05-26 06:38 . 2008-05-26 06:38 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-26 06:38 . 2008-05-26 06:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-26 06:38 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-26 06:38 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-25 22:11 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-25 22:10 . 2008-05-25 22:10 <DIR> d-------- C:\Program Files\Common Files\Java
2008-05-14 11:07 . 2008-05-14 11:07 <DIR> d-------- C:\WINDOWS\system32\CodeBaby
2008-05-14 11:06 . 2005-07-12 02:28 69,632 --a------ C:\WINDOWS\system32\MCCDevice.dll
2008-05-14 11:06 . 2005-07-12 02:28 6,048 --a------ C:\WINDOWS\system32\MCC16.dll
2008-05-10 20:55 . 2008-05-10 20:55 <DIR> d-------- C:\Documents and Settings\MOM\Application Data\Uniblue
2008-05-10 20:10 . 2008-05-10 20:10 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-10 15:28 . 2008-05-10 15:28 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-10 15:27 . 2008-05-10 15:28 <DIR> d-------- C:\HJT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-07 23:46 --------- d-----w C:\Documents and Settings\MOM\Application Data\AdobeUM
2008-06-06 17:05 --------- d-----w C:\Documents and Settings\MOM\Application Data\Image Zone Express
2008-06-03 16:53 1,225 ----a-w C:\Program Files\INSTALL.LOG
2008-06-01 16:36 --------- d-----w C:\Documents and Settings\DAN\Application Data\LimeWire
2008-05-26 02:11 --------- d-----w C:\Program Files\Java
2008-05-26 02:01 --------- d-----w C:\Program Files\ewido anti-malware
2008-05-14 15:07 --------- d-----w C:\Program Files\Common Files\Motive
2008-05-05 01:34 --------- d-----w C:\Documents and Settings\MOM\Application Data\LimeWire
2008-05-03 01:45 --------- d-----w C:\Program Files\LimeWire
2008-04-19 17:15 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Bell
2007-05-27 20:54 46,968 ----a-w C:\Documents and Settings\MEL\Application Data\GDIPFONTCACHEV1.DAT
2006-06-28 16:29 407,080 ----a-w C:\Program Files\msgr8us.exe
2006-03-18 18:53 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-02-07 23:03 2,906 ----a-w C:\Program Files\setuplog.txt
2006-01-13 14:19 5,225,384 ----a-w C:\Program Files\Firefox Setup 1.5.exe
2005-10-29 04:06 5,037,072 ----a-w C:\Program Files\spybotsd14.exe
2005-10-27 15:26 516,031 ----a-w C:\Program Files\ccsetup124.exe
2005-10-27 01:40 2,314,920 ----a-w C:\Program Files\LimeWireWin.exe
2005-10-06 15:17 558,240 ----a-w C:\Program Files\GoogleToolbarInstaller.exe
2005-10-06 12:51 34,039,576 ----a-w C:\Program Files\iTunesSetup.exe
2005-09-16 15:20 2,212,192 ----a-w C:\Program Files\wbsamp.exe
2005-09-16 14:16 3,563,166 ----a-w C:\Program Files\Propackcodec203b.exe
2005-09-15 12:28 21,226,656 ----a-w C:\Program Files\freedom_5_0_10_bell_en.exe
2005-04-19 23:25 53,323 ----a-w C:\Program Files\opera\program\plugins\PlugDef.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-04_12.34.49.70 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-04 10:05:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-07 14:09:35 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-06-20 19:44:04 379,704 ----a-w C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
+ 2006-11-20 15:04:18 117,088 ----a-w C:\WINDOWS\Downloaded Program Files\PURen-ca.dll
+ 2006-06-20 19:44:02 117,560 ----a-w C:\WINDOWS\Downloaded Program Files\PURen-us.dll
- 2008-05-20 15:38:52 8,577,024 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat
+ 2008-06-06 18:12:56 8,671,232 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat
- 2008-05-20 15:38:53 155,648 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-06-06 18:12:56 155,648 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-06-07 14:10:24 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_518.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-09-24 01:08 49152]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2002-06-10 14:21 102400]
"LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-06-20 12:25 45056]
"SSA.exe"="C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [2007-03-27 11:33 2061816]
"Sympatico Security Manager"="C:\Program Files\Bell\Security Manager\Rps.exe" [2007-08-27 17:57 310000]
"-FreedomNeedsReboot"="C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe" [2007-08-27 17:57 13552]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-09-11 14:48 180269]
"BellCanada_McciTrayApp"="C:\Program Files\BellCanada\McciTrayApp.exe" [2007-11-19 10:33 1468928]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"SoundMan"="SOUNDMAN.EXE" [2003-04-24 19:53 54784 C:\WINDOWS\SOUNDMAN.EXE]
"OemReset"="C:\WINDOWS\OPTIONS\OEMRESET.exe" [ ]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 08:41 94208]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 03:56 15360]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 11:52 218232]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ]

C:\Documents and Settings\DAD\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2008-04-18 15:21:09 147456]

C:\Documents and Settings\MOM\UserData\Start Menu\Programs\Startup\
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [2005-09-16 11:20:49 45056]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-09-24 01:28:44 282624]
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2005-09-11 10:41:48 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.MI-SC4"= MI-SC4.acm
"vidc.XVID"= xvid.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= divxa32.acm
"VIDC.SP53"= SP5X_32.DLL
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"VIDC.SP59"= SP5X_32.DLL
"vidc.MJPG"= m3jpeg32.dll
"vidc.dmb1"= m3jpeg32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VTAgentReboot.exe]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VTAgentReboot.exe
backup=C:\WINDOWS\pss\VTAgentReboot.exeCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2003-04-29 07:00 323584 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freedom]
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
--a------ 2002-11-14 22:34 266240 C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ITMRTSVC"=2 (0x2)
"AVG Anti-Spyware Guard"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"Motive SmartBridge"=C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"LogitechGalleryRepair"=C:\Program Files\Logitech\ImageStudio\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\WINDOWS\\system32\\mshta.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

R2 McciCMService;McciCMService;"C:\Program Files\Common Files\Motive\McciCMService.exe" [2007-11-01 11:59]
S3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 14:21]
S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-10-31 17:51]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-10-31 17:51]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\WINDOWS\system32\DRIVERS\LV551AV.sys [2002-06-10 14:24]
S3 Radialpoint Security Services;Sympatico Security Manager;C:\WINDOWS\system32\dllhost.exe [2004-08-04 03:56]

.
Contents of the 'Scheduled Tasks' folder
"2008-06-06 21:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-05-27 16:10:50 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 00:03:05
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2008-06-08 0:15:14
ComboFix-quarantined-files.txt 2008-06-08 04:14:05
ComboFix2.txt 2008-06-05 18:34:28
ComboFix3.txt 2008-06-04 16:35:17

Pre-Run: 63,652,671,488 bytes free
Post-Run: 63,619,457,024 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

192 --- E O F --- 2008-05-27 21:23:44

Thankx!
Snow

#28 gringo_pr

Silver Member

Visiting Fellow
423 posts

Posted 07 June 2008 - 11:25 PM

Hi snow

trying to stay cool with 42C humid heat..yuck

wow that is 107 deg to me ouch

the Old Disk Structure's size is 0 bytes with 0 files and 23folders

this is good it is all empty so any scans should go quick

This is my general post for when your logs show no more signs of malware

- Please let me know if you still are having problems with your computer and what these problems are

:Time for some housekeeping:

Click START then RUN
Now type Combofix /u in the runbox and click OK

:remove tools:

Let's clear out the programmes we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.

Please download OTMoveIt and save it to desktop.
Double click OTMoveIt.exe to launch the programme.
Click on the CleanUp! button.
OTMoveIt will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
When finished exit out of OTMoveIt
The tool will delete itself once it finishes, if not delete it by yourself.

:Set correct settings for files:

Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
If unchecked please check Hide protected operating system files (Recommended)
If necessary check "Display content of system folders"
If necessary Uncheck Hide file extensions for known file types.
Click OK

:clear system restore points:

This is a good time to clear your existing system restore points and establish a new clean restore point:
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.

This will remove all restore points except the new one you just created.

:Make your Internet Explorer more secure:please visit this page that gives instructions to do this
http://surfthenetsaf.../ieseczone8.htm

:Turn On Automatic Updates:
Turn On Automatic Updates
1. Click Start, click Run, type sysdm.cpl, and then press ENTER.
2. Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them

If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your taskbar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

or visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

:antispyware programs:

you have a couple of good antispyware programs on this computer but you still can try some of these others to see if you like them also

I would reccomend the download and installation of some or all of the following programs (all free), and the updating of them regularly:
WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
Spybot Search & Destroy - Spybot is a tool like Ad-Aware SE whereas it seeks out and removes known spyware from your machine. These two tools (Ad-Aware & spybot) are perfect complements to each other as one will most always find something the other missed.
Spyware Blaster - By altering your registry, this program stops harmful sites from installing things like ActiveX Controls on your machines.
IE_Spyad - Works by placing known "bad" sites into your Internet Explorer "Restricted Zones" prohibiting them from doing potentially problematic things to your computer.

Consider a custom hosts file
Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

Also please read this great article by Tony Klein So How Did I Get Infected In First Place

Now you have followed my advice - it's time to lodge a complaint against what you have suffered.........

Malware Complaints
If you were infected .... Stand Up and be Counted.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

Gringo

#29 Snow

Authentic Member

Authentic Member
98 posts

Posted 08 June 2008 - 02:02 PM

Hi Gringo... i have done everything, ive installed the Hosts file and and installed Winpatrol, deleted Combofix...i still have the XpKp310994 bootdisk file on my desktop should i delete that? everything checks out at my end, thank you so much for all the time it took to clean up the Malware and the OldDiskStructure i had, your patience with this was greatly appreciated

once again Thank You

~Snow~

Edited by Snow, 08 June 2008 - 02:02 PM.

#30 gringo_pr

Silver Member

Visiting Fellow
423 posts

Posted 08 June 2008 - 03:30 PM

Hi snow i still have the XpKp310994 bootdisk file on my desktop should i delete that? Yes go ahead and delete that. If you have any more problems go ahead and look me up. Stay safe!!! Gringo

Body Background

skin color theme