Microsoft Windows XP Professional (5.1.2600) Service Pack 3
C:\ [Fixed] - NTFS - (Total:302128 Mo/Free:3041 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Sat 03/28/2009|10:57
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\system32\cisvc.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
---------- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
---------- C:\WINDOWS\System32\DLA\DLACTRLW.EXE
---------- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
---------- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
---------- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
---------- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
---------- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
---------- C:\WINDOWS\stsystra.exe
---------- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
---------- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
---------- C:\Program Files\McAfee\Common Framework\McTray.exe
---------- C:\WINDOWS\system32\EXSHOW95.EXE
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\EXSHOW.EXE
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
---------- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\WINDOWS\system32\wbem\unsecapp.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\cidaemon.exe
---------- C:\WINDOWS\system32\cidaemon.exe
---------- C:\Documents and Settings\Rick Planos\Desktop\rooter.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
Here is my OTLI Log -
OTListIt logfile created on: 3/28/2009 11:01:08 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\Rick Planos\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 77.82% Memory free
3.85 Gb Paging File | 3.56 Gb Available in Paging File | 92.70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 295.05 Gb Total Space | 182.97 Gb Free Space | 62.01% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D7KZB4B1
Current User Name: Rick Planos
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\McTray.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\EXSHOW95.EXE (Kensington Technology Group)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\EXSHOW.EXE (Kensington Technology Group)
PRC - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Rick Planos\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (AdobeActiveFileMonitor [Auto | Running]) -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IAANTMon [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (Intel Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (IntuitUpdateService [Auto | Running]) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (McAfeeFramework [Auto | Running]) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (McShield [Auto | Paused]) -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
SRV - (McTaskManager [Auto | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PhotoshopElementsDeviceConnect [Auto | Running]) -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ASCTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (iastor [Boot | Running]) -- C:\WINDOWS\system32\drivers\iastor.sys (Intel Corporation)
DRV - (KID_USB [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\KID_USB.sys (Kensington Technology Group)
DRV - (KMW_SYS [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys (Kensington Technology Group)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mfeapfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [System | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys (McAfee, Inc.)
DRV - (mfetdik [System | Running]) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (PalmUSBD [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (Palm, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co...l...&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.co...l...&channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...l...&channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/11/22 07:44:46 | 00,000,000 | ---D | M]
[2008/07/12 07:09:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rick Planos\Application Data\mozilla\Extensions
[2008/07/12 07:09:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rick Planos\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/07/12 07:09:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rick Planos\Application Data\mozilla\Firefox\Profiles\7gcwd5q8.default\extensions
O1 HOSTS File: (304482 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10492 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (McAfee, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" ( )
O4 - HKLM..\Run: [EXSHOW95.EXE] EXSHOW95.EXE (Kensington Technology Group)
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey (McAfee, Inc.)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE (McAfee, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Sites: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Sites: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} http://h30155.www3.h...nosticsxp2k.cab (DeviceEnum Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1194098654562 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} https://unomail1.unomaha.edu/dwa8W.cab (Domino Web Access 8 Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (Reg Error: Key error.)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://unomail1.unomaha.edu/dwa7W.cab (Domino Web Access 7 Control)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[2 C:\WINDOWS\*.tmp files]
[2009/03/28 10:59:55 | 00,498,688 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rick Planos\Desktop\OTListIt2.exe
[2009/03/28 10:57:38 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/28 10:49:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/03/28 10:44:06 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Rick Planos\Desktop\rooter.exe
[2009/03/28 08:51:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/28 08:49:45 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Rick Planos\Desktop\NTREGOPT.lnk
[2009/03/28 08:49:45 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Rick Planos\Desktop\ERUNT.lnk
[2009/03/28 08:49:45 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/03/26 22:48:58 | 00,009,334 | ---- | C] () -- C:\Documents and Settings\Rick Planos\Desktop\SysRestorePoint_v13.zip
[2009/03/26 22:43:00 | 02,869,536 | ---- | C] (Javacool Software LLC ) -- C:\Documents and Settings\Rick Planos\Desktop\spywareblastersetup41.exe
[2009/03/26 22:38:54 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Rick Planos\Desktop\erunt_setup.exe
[2009/03/26 22:30:01 | 00,094,208 | ---- | C] () -- C:\Documents and Settings\Rick Planos\Desktop\GooredFix.exe
[2009/03/26 22:01:21 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009/03/26 22:01:20 | 00,000,000 | ---D | C] -- C:\rsit
[2009/03/22 16:41:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rick Planos\Application Data\McAfee
[2009/03/17 23:01:51 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/03/17 23:01:20 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/03/17 23:01:18 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/03/17 23:01:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/03/15 11:06:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rick Planos\Desktop\Forensics
[2009/03/14 15:17:56 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/07 00:14:00 | 00,188,571 | ---- | C] () -- C:\Documents and Settings\Rick Planos\My Documents\teachingRick's_preliminary_plan.pdf
[2009/03/05 01:19:31 | 00,015,753 | ---- | C] () -- C:\Documents and Settings\Rick Planos\My Documents\LEVISDirector of Retail Operations.docx
[2009/03/02 22:09:11 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/03/01 18:34:45 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/01 18:34:37 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/01 18:33:00 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/02/27 10:26:14 | 00,012,435 | ---- | C] () -- C:\Documents and Settings\Rick Planos\My Documents\UNLletter2.docx
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Rick Planos\My Documents\*.tmp files]
[2009/03/28 10:59:56 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rick Planos\Desktop\OTListIt2.exe
[2009/03/28 10:47:56 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/28 10:45:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/28 10:45:48 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/28 10:44:07 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Rick Planos\Desktop\rooter.exe
[2009/03/28 08:50:35 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Rick Planos\Desktop\NTREGOPT.lnk
[2009/03/28 08:50:35 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Rick Planos\Desktop\ERUNT.lnk
[2009/03/26 22:48:58 | 00,009,334 | ---- | M] () -- C:\Documents and Settings\Rick Planos\Desktop\SysRestorePoint_v13.zip
[2009/03/26 22:43:08 | 02,869,536 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\Rick Planos\Desktop\spywareblastersetup41.exe
[2009/03/26 22:38:56 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Rick Planos\Desktop\erunt_setup.exe
[2009/03/26 22:30:01 | 00,094,208 | ---- | M] () -- C:\Documents and Settings\Rick Planos\Desktop\GooredFix.exe
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/26 08:39:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/03/24 22:02:35 | 00,002,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2008.lnk
[2009/03/24 10:40:20 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/03/23 23:24:48 | 00,304,482 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/23 17:34:30 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/22 11:07:03 | 00,000,623 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/18 09:37:50 | 00,133,632 | ---- | M] () -- C:\Documents and Settings\Rick Planos\My Documents\2008FULLrecruiterlist.xls
[2009/03/16 17:08:31 | 00,002,239 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Print Shop 22.lnk
[2009/03/16 17:06:11 | 02,644,450 | -H-- | M] () -- C:\Documents and Settings\Rick Planos\Local Settings\Application Data\IconCache.db
[2009/03/14 15:17:56 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/11 03:06:42 | 01,129,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 03:01:29 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/08 17:35:12 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/03/08 17:34:50 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/08 09:43:16 | 00,445,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/08 09:43:16 | 00,072,824 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/08 09:43:15 | 00,528,784 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/07 00:14:01 | 00,188,571 | ---- | M] () -- C:\Documents and Settings\Rick Planos\My Documents\teachingRick's_preliminary_plan.pdf
[2009/03/05 01:19:31 | 00,015,753 | ---- | M] () -- C:\Documents and Settings\Rick Planos\My Documents\LEVISDirector of Retail Operations.docx
[2009/02/27 10:26:14 | 00,012,435 | ---- | M] () -- C:\Documents and Settings\Rick Planos\My Documents\UNLletter2.docx
< End of report >
Sign In
Create Account
