Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Erro message "Your current security settings do not allow this fi

Started by Merlino , Aug 19 2009 11:07 PM

  • Please log in to reply

#1
Merlino
Posted 19 August 2009 - 11:07 PM

Merlino

    New Member

  • Member
  • Pip
  • 1 posts
I had a virus that I recently removed through ComboFix. I couldn't open windows update and I couldn't download most anti-virus programs. Now it opens the page in IE, but when I click on the download button, the message 'current security settings do not allow this file to be downloaded'appears. In Firefox, the download is first interrupted, but then I am able to continue it through 'retry'. However, I can't open the file once it's done. Error message: 'Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item'
Under properties of the downloaded file, it says the file came from another computer and is blocked. I unblock it, try to open it, and then it says the file is not a valid Win32 application.

I installed Avast antivirus and SUPERAntispyware, and I thought the two might be conflicting each other. So I tried to deinstall Avast but for some reason it can't delete the file 'ashShell.dll'
Does it have something to do with that?
I deleted SUPERAntispyware, too.
And I had Symantec Antivirus installed before, and removed that, too, but I think there are remains from that, too, since AVAST installer warned me that Symantec Antivirus is installed

But after I got rid of the virus, I upgraded my Windows XP the first time since about a year. Could it be that an update, like a .NET Framework Service pack or one of the many "Microsoft Security Updates' that is blocking my downloads???
Here are the results from the OTL Scan, hope it helps:

OTL logfile created on: 8/19/2009 11:04:15 PM - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Tracey Nikodemus\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

382.48 Mb Total Physical Memory | 153.64 Mb Available Physical Memory | 40.17% Memory free
919.74 Mb Paging File | 637.36 Mb Available in Paging File | 69.30% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 153.38 Gb Total Space | 101.78 Gb Free Space | 66.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: COMPUTER
Current User Name: Tracey Nikodemus
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/02/21 19:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2003/09/23 00:42:00 | 00,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE
PRC - [2003/09/23 00:37:18 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE
PRC - [2006/02/21 19:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2003/10/31 18:42:40 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2003/09/23 01:01:39 | 00,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
PRC - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2003/09/04 10:45:08 | 00,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
PRC - [2003/09/23 01:20:01 | 00,049,152 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
PRC - [2008/11/10 06:43:42 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2004/08/04 07:00:00 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
PRC - [2009/08/18 19:12:08 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tracey Nikodemus\My Documents\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (ACDaemon [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/08/17 10:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Stopped])
SRV - [2006/02/21 19:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2009/08/17 11:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
SRV - [2009/08/17 11:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
SRV - [2009/08/17 11:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - File not found -- -- (EarthLinkSafeConnectAgent [Disabled | Stopped])
SRV - File not found -- -- (ELNKUpdateService [Disabled | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/26 18:12:42 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2004/08/04 07:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService [Auto | Running])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [Disabled | Stopped])
SRV - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/09/23 00:42:00 | 00,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - File not found -- -- (ProtectionService [Disabled | Stopped])
SRV - [2004/08/04 07:00:00 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe -- (SerialKeys [On_Demand | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/08/17 11:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2007/08/03 07:35:42 | 00,057,456 | ---- | M] (EarthLink, Inc.) -- C:\WINDOWS\System32\DRIVERS\ADSFilter.sys -- (ADSFilter [On_Demand | Stopped])
DRV - [2007/08/03 07:35:48 | 00,038,384 | ---- | M] (EarthLink, Inc.) -- C:\WINDOWS\system32\drivers\ADSMonitor.sys -- (ADSMonitor [On_Demand | Stopped])
DRV - [2006/11/10 15:05:00 | 00,018,688 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\Afc.sys -- (Afc [On_Demand | Running])
DRV - [2004/10/07 20:16:04 | 00,035,840 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K [System | Running])
DRV - [2006/07/26 09:24:01 | 03,964,736 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2009/08/17 11:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009/08/17 11:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009/08/17 11:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
DRV - [2009/08/17 11:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009/08/17 11:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2006/02/21 19:46:26 | 01,505,792 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2008/03/21 15:30:06 | 00,009,336 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
DRV - [2008/03/21 15:30:06 | 00,009,464 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2005/07/22 10:01:10 | 00,231,168 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])
DRV - [2005/07/22 10:02:12 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2007/12/27 00:58:28 | 00,137,344 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\litsgt.sys -- (litsgt [Auto | Running])
DRV - [2005/10/05 14:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
DRV - [2003/09/04 10:38:56 | 00,152,576 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\LV532AV.SYS -- (PID_0920 [On_Demand | Stopped])
DRV - [2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/03/21 15:30:04 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/03 17:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2007/12/27 00:58:27 | 00,012,032 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\tansgt.sys -- (tansgt [Auto | Running])
DRV - [2005/07/22 10:01:00 | 00,717,952 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/11/12 23:33:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/19 16:28:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/19 22:55:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/19 22:55:08 | 00,000,000 | ---D | M]

[2009/08/19 22:56:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tracey Nikodemus\Application Data\mozilla\Extensions
[2009/08/19 22:56:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tracey Nikodemus\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/19 22:56:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tracey Nikodemus\Application Data\mozilla\Firefox\Profiles\zi88ldn5.default\extensions
[2009/08/19 22:55:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/19 22:55:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/30 06:26:53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/30 06:26:54 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/30 06:26:55 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/07/30 02:24:20 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/30 02:24:20 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/30 02:24:20 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/30 02:24:20 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/30 02:24:20 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/30 02:24:20 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/30 02:24:20 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000002} - C:\WINDOWS\System32\yxgnfvce.dll File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ElnkScamBHO Class) - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink TotalAccess\Toolbar\EScamBlk.dll (EarthLink, Inc.)
O2 - BHO: (ElnkPubBHO Class) - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink TotalAccess\Toolbar\ElnkPuB.dll (EarthLink, Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ElnkProtectionBHO Class) - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink TotalAccess\Toolbar\ProtctIE.dll (EarthLink, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ElnkLegacyUninstBHO Class) - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink TotalAccess\Toolbar\uninsttb.dll (EarthLink, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll (EarthLink, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lexmark X6100 Series] C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Tracey Nikodemus\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: EarthLink Google Search - C:\Program Files\EarthLink TotalAccess\Toolbar\SearchUI.dll (EarthLink, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akama...ex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1250658229453 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1250658218062 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/TRACEY~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Components:1 () - file:///C:/DOCUME~1/TRACEY~1/LOCALS~1/Temp/msohtml1/01/clip_image002.gif
O24 - Desktop Components:2 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/25 18:05:42 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/08/19 22:55:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\Application Data\Mozilla
[2009/08/19 22:55:23 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/08/19 19:35:05 | 08,050,536 | ---- | C] (Mozilla) -- C:\Firefox Setup 3.5.2.exe
[2009/08/19 16:27:47 | 00,000,000 | ---D | C] -- C:\9c9dc820e33e676f4d8fd26302
[2009/08/19 16:25:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/08/19 16:24:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/08/19 15:53:13 | 00,000,000 | -HSD | C] -- C:\RECYCLER(3)
[2009/08/19 12:19:55 | 00,000,676 | ---- | C] () -- C:\Documents and Settings\Tracey Nikodemus\Start Menu\Programs\Startup\Webshots.lnk
[2009/08/19 10:02:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/08/19 09:24:49 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/08/19 09:20:45 | 00,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/08/19 08:17:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/08/19 08:17:41 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/08/19 08:17:30 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/08/19 08:16:42 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/08/19 08:16:42 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/08/19 08:16:42 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/08/19 08:16:42 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/08/19 08:16:42 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/08/19 08:16:41 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/08/19 08:16:41 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/08/19 08:10:43 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/08/19 08:03:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/08/19 00:45:44 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/08/19 00:45:44 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/08/19 00:04:17 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/08/18 23:57:58 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfcfiles.dll
[2009/08/18 23:57:58 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rasauto.dll
[2009/08/18 23:57:57 | 00,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntfs.sys
[2009/08/18 23:57:57 | 00,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntmssvc.dll
[2009/08/18 23:57:57 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\netlogon.dll
[2009/08/18 23:57:57 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\qmgr.dll
[2009/08/18 23:57:57 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\scecli.dll
[2009/08/18 23:57:57 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\srsvc.dll
[2009/08/18 23:57:57 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\asyncmac.sys
[2009/08/18 23:57:57 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wscntfy.exe
[2009/08/18 23:57:57 | 00,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\acpiec.sys
[2009/08/18 23:57:57 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfc.dll
[2009/08/18 23:57:56 | 03,590,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mshtml.dll
[2009/08/18 23:57:56 | 00,984,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kernel32.dll
[2009/08/18 23:57:56 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mfc40u.dll
[2009/08/18 23:57:56 | 00,792,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comres.dll
[2009/08/18 23:57:56 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comctl32.dll
[2009/08/18 23:57:56 | 00,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rpcss.dll
[2009/08/18 23:57:56 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\termsrv.dll
[2009/08/18 23:57:56 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\aec.sys
[2009/08/18 23:57:56 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\imm32.dll
[2009/08/18 23:57:56 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\services.exe
[2009/08/18 23:57:56 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\spoolsv.exe
[2009/08/18 23:57:56 | 00,053,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe
[2009/08/18 23:57:56 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\msgsvc.dll
[2009/08/18 23:57:56 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\userinit.exe
[2009/08/18 23:57:56 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kbdclass.sys
[2009/08/18 23:57:56 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lpk.dll
[2009/08/18 23:57:56 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\powrprof.dll
[2009/08/18 23:57:56 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ctfmon.exe
[2009/08/18 23:57:56 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lsass.exe
[2009/08/18 23:57:56 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\beep.sys
[2009/08/18 23:57:56 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\null.sys
[2009/08/18 23:57:55 | 02,180,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntoskrnl.exe
[2009/08/18 23:57:55 | 02,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntkrnlpa.exe
[2009/08/18 23:57:55 | 01,033,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\explorer.exe
[2009/08/18 23:57:55 | 00,824,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wininet.dll
[2009/08/18 23:57:55 | 00,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\user32.dll
[2009/08/18 23:57:55 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\winlogon.exe
[2009/08/18 23:57:55 | 00,360,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tcpip.sys
[2009/08/18 23:57:55 | 00,182,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ndis.sys
[2009/08/18 23:57:55 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ws2_32.dll
[2009/08/18 23:57:55 | 00,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ip6fw.sys
[2009/08/18 23:57:55 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\svchost.exe
[2009/08/18 23:42:09 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/08/18 23:42:03 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/08/18 23:42:00 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/08/18 23:39:42 | 00,216,064 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/08/18 23:39:42 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/08/18 23:39:41 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/08/18 23:39:41 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/08/18 23:39:41 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/08/18 23:39:41 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/08/18 23:39:41 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/08/18 23:39:41 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/08/18 19:12:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\My Documents\Downloads
[2009/08/18 16:51:49 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\ABCD.EXE
[2009/08/18 16:44:24 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/08/18 16:44:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\Application Data\SUPERAntiSpyware.com
[2009/08/18 16:43:21 | 05,797,152 | ---- | C] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\SUPERAntiSpyware.exe
[2009/08/18 13:00:38 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/08/18 13:00:26 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/08/18 12:36:49 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\NTREGOPT.lnk
[2009/08/18 12:36:49 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\ERUNT.lnk
[2009/08/18 12:36:49 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/18 12:35:33 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Tracey Nikodemus\Desktop\erunt_setup.exe
[2009/08/18 12:34:43 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Tracey Nikodemus\Desktop\SysRestorePoint.exe
[2009/08/18 11:34:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/18 11:15:04 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/08/18 09:02:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\Local Settings\Application Data\kwzfarml
[2009/08/18 09:02:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\Application Data\kwzfarml
[2009/08/17 23:32:47 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/08/17 23:32:46 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/08/17 23:32:46 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/08/17 23:32:45 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/08/17 23:32:43 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/08/17 23:32:40 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/08/17 23:32:40 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/08/17 23:32:39 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/08/17 23:32:39 | 00,093,392 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/08/17 23:32:21 | 01,279,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/08/17 23:32:21 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/08/17 23:32:15 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/08/17 16:06:33 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/08/17 00:57:26 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/08/17 00:57:26 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/08/17 00:57:26 | 00,060,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2009/08/17 00:57:26 | 00,060,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.EXE
[2009/08/17 00:57:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2009/08/16 14:06:02 | 00,000,000 | ---D | C] -- C:\Program Files\Avrack
[2009/08/16 14:06:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\Local Settings\Application Data\Deployment
[2009/08/16 02:02:00 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek ac97
[2009/08/15 23:24:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\Local Settings\Application Data\Mozilla
[2009/08/14 14:30:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tracey Nikodemus\Local Settings\Application Data\The Weather Channel
[2009/08/14 14:12:13 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/08/14 14:12:10 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/08/14 14:12:10 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/08/08 11:45:17 | 00,060,383 | ---- | C] () -- C:\WINDOWS\System32\u_fsdimqzpkmqeooi.dll.exe
[2007/12/27 00:58:28 | 00,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\litsgt.sys
[2007/12/27 00:58:27 | 00,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\tansgt.sys
[2007/12/23 23:27:13 | 00,000,033 | ---- | C] () -- C:\WINDOWS\logimail.INI
[2007/12/23 14:02:07 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007/09/28 21:03:14 | 00,015,387 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/09/28 21:02:28 | 00,000,544 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2006/12/05 09:45:22 | 00,000,087 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/11/01 20:54:47 | 00,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2006/09/13 20:00:21 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/09/05 16:14:05 | 00,000,034 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2006/07/27 07:44:18 | 00,000,612 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/07/26 16:43:20 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/07/26 10:39:52 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/07/26 09:24:26 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/04 07:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 07:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 07:00:00 | 00,000,435 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/09/23 00:48:43 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBFLCNP.DLL
[2002/11/13 14:40:22 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbfvs.dll
[2002/09/04 13:42:38 | 00,000,188 | ---- | C] () -- C:\WINDOWS\System32\lxbfcoin.ini
[2002/03/13 15:46:46 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll
[1999/08/10 17:02:20 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[1999/08/10 17:02:16 | 00,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[2009/08/19 23:05:35 | 00,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/08/19 22:55:23 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/08/19 19:35:05 | 08,050,536 | ---- | M] (Mozilla) -- C:\Firefox Setup 3.5.2.exe
[2009/08/19 18:36:56 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/19 17:44:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/19 17:44:09 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/19 16:50:44 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/08/19 16:50:44 | 00,000,281 | -H-- | M] () -- C:\boot.ini
[2009/08/19 16:40:40 | 00,242,472 | ---- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/19 16:33:57 | 00,704,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/19 14:06:12 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/08/19 09:21:17 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/19 09:20:45 | 00,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/08/19 09:04:39 | 00,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/19 09:04:39 | 00,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/19 09:04:38 | 00,508,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/08/18 23:53:01 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/08/18 23:34:09 | 00,002,098 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Signature Colors Virtual Painter V2.0.lnk
[2009/08/18 19:00:12 | 00,000,676 | ---- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Start Menu\Programs\Startup\Webshots.lnk
[2009/08/18 17:59:51 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/18 16:51:49 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\ABCD.EXE
[2009/08/18 16:43:35 | 05,797,152 | ---- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\SUPERAntiSpyware.exe
[2009/08/18 12:36:49 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\NTREGOPT.lnk
[2009/08/18 12:36:49 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Desktop\ERUNT.lnk
[2009/08/18 12:35:36 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Tracey Nikodemus\Desktop\erunt_setup.exe
[2009/08/18 12:34:43 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Tracey Nikodemus\Desktop\SysRestorePoint.exe
[2009/08/17 23:32:47 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/08/17 11:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/08/17 11:06:54 | 00,093,392 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/08/17 11:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/08/17 11:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/08/17 11:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/08/17 11:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/08/17 11:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/08/17 11:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/08/17 11:02:50 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/08/17 01:04:28 | 00,093,696 | ---- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/17 01:01:37 | 00,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2009/08/17 00:57:27 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/08/17 00:57:26 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/08/17 00:57:26 | 00,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.EXE
[2009/08/16 15:36:16 | 00,000,612 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/08/16 14:59:15 | 02,554,320 | -H-- | M] () -- C:\Documents and Settings\Tracey Nikodemus\Local Settings\Application Data\IconCache.db
[2009/08/14 17:04:13 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/08/14 13:52:46 | 00,060,383 | ---- | M] () -- C:\WINDOWS\System32\u_fsdimqzpkmqeooi.dll.exe
[2009/08/08 12:10:14 | 00,216,064 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/08/05 04:11:47 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/08/05 04:11:47 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/07/28 23:53:14 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2009/07/28 23:53:14 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2009/07/28 23:53:14 | 00,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2009/07/28 23:53:14 | 00,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2009/07/27 17:40:13 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx

========== Files - Unicode (All) ==========
[2007/09/07 08:38:21 | 00,000,152 | ---- | C] ()(C:\WINDOWS\System32\???????????????????????????????????????????g) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥䕜牡桴楌歮䕜牡桴楌歮倠潲整瑣潩潃瑮潲敃瑮牥卜湡屡潃普杩塜楖睥挮湯楦g
[2007/09/07 08:38:21 | 00,000,152 | ---- | M] ()(C:\WINDOWS\System32\???????????????????????????????????????????g) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥䕜牡桴楌歮䕜牡桴楌歮倠潲整瑣潩潃瑮潲敃瑮牥卜湡屡潃普杩塜楖睥挮湯楦g
< End of report >

Thanks for any help!!!!!!!!!!!!!
I am really lost, I went through the Spyware cleaning guide and thought I managed to fix it and now I have this problem!
Really thanks a lot for your time and effort

Edited by Merlino, 20 August 2009 - 02:34 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP