Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Another installation is in progress

Started by CAHummingbird , Mar 16 2009 07:43 PM

  • Please log in to reply

#1
CAHummingbird
Posted 16 March 2009 - 07:43 PM

CAHummingbird

    New Member

  • Member
  • Pip
  • 8 posts
I posted the problem I was having in Applications and was told by isimaster to follow the instructions and post here. I followed all of the instructions, ran all of the suggested programs. Avast did detect some viruses.

Here are the logs...

Rooter log...

Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:76316 Mo/Free:3637 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:368 Mo/Free:0 Mo)

Sun 03/15/2009|23:48

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\LVCOMSX.EXE
---------- C:\Program Files\Logitech\Video\LogiTray.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
---------- C:\Program Files\Logitech\Video\FxSvr2.exe
---------- C:\WINDOWS\System32\brsvc01a.exe
---------- C:\WINDOWS\System32\brss01a.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Eset\nod32krn.exe
---------- C:\WINDOWS\System32\nvsvc32.exe
---------- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\PROGRA~1\INCRED~2\bin\IBMain.exe
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\Program Files\Eset\nod32.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sun 03/15/2009|23:56

----------------------\\ Scan completed at 23:56



Old Timer List It log...

OTListIt logfile created on: 3/15/2009 11:58:38 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.5.2 Folder = C:\Documents and Settings\user.NONE-DIL6360IIM\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
2.79 Gb Paging File | 2.36 Gb Available in Paging File | 84.58% Paging File free
Paging file location(s): C:\pagefile.sys 450 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 11.55 Gb Free Space | 15.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 369.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NONE-DIL6360IIM
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
PRC - C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe (Uniblue Software)
PRC - C:\Program Files\Logitech\Video\FxSvr2.exe (Logitech Inc.)
PRC - C:\WINDOWS\System32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\WINDOWS\System32\brss01a.exe (brother Industries Ltd)
PRC - C:\Program Files\Eset\nod32krn.exe (Eset )
PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\IncrediBar\bin\IBMain.exe (IncrediBar)
PRC - C:\Program Files\Eset\nod32.exe (Eset )
PRC - C:\Documents and Settings\user.NONE-DIL6360IIM\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (AVG Anti-Spyware Guard [Disabled | Stopped]) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (GRISOFT s.r.o.)
SRV - (Brother XP spl Service [Auto | Running]) -- C:\WINDOWS\System32\brsvc01a.exe (brother Industries Ltd)
SRV - (ccEvtMgr [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccPwdSvc [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (ccSetMgr [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- File not found
SRV - (iPodService [Disabled | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Computer, Inc.)
SRV - (ISPwdSvc [Disabled | Stopped]) -- C:\Program Files\Norton AntiVirus\isPwdSvc.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Ex [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Service [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (NOD32krn [Auto | Running]) -- C:\Program Files\Eset\nod32krn.exe (Eset )
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (ProtexisLicensing [Disabled | Stopped]) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (RUBotted [Auto | Stopped]) -- C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe (Trend Micro Inc.)
SRV - (SoundMAX Agent Service (default) [Auto | Running]) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (Symantec Core LC [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (SymAppCore [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (YPCService [On_Demand | Stopped]) -- C:\WINDOWS\system32\YPcservice.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AMON [Auto | Running]) -- C:\WINDOWS\system32\drivers\amon.sys (Eset )
DRV - (ASAPIW2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ASAPIW2k.sys (Pinnacle Systems GmbH)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (AVG Anti-Spyware Driver [System | Running]) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ()
DRV - (AvgAsCln [System | Running]) -- C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys (GRISOFT, s.r.o.)
DRV - (BT848 [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\cxvcap.sys (Windows ® 2000 DDK provider)
DRV - (BT878 [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\BT878.SYS (TelSignal Co., Ltd.)
DRV - (BTTUNER [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\BTTUNER.SYS (TelSignal Co., Ltd.)
DRV - (BTXBAR [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\BTXBAR.SYS (TelSignal Co., Ltd.)
DRV - (CamDrL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Camdrl.sys (Logitech Inc.)
DRV - (CdaD10BA [Auto | Running]) -- C:\WINDOWS\system32\drivers\CdaD10BA.SYS (Macrovision Europe Ltd)
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (CXTUNER [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\CXTUNER.sys (Conexant Systems, Inc.)
DRV - (CXXBAR [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\CXXBAR.sys (Conexant Systems, Inc.)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\drvmcdb.sys (Sonic Solutions)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EL2000 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\EL2K_XP.sys (3Com Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (IntelC51 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (L8042pr2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys (Logitech, Inc.)
DRV - (LMouFlt2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys (Logitech, Inc.)
DRV - (LVUSBSta [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\lvusbsta.sys (Logitech Inc.)
DRV - (MCSTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (MidiSyn [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MidiSyn.sys (Analog Devices Inc)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (nod32drv [System | Running]) -- C:\WINDOWS\system32\drivers\nod32drv.sys ()
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (pfc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS ()
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys ()
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (SPBBCDrv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SRTSP [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SRTSPL.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\WINDOWS\System32\Drivers\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMDNS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMIDSCO [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SymcData\ids-diskless\20070612.004\SymIDSCo.sys (Symantec Corporation)
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (SYMNDIS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (TMPassthru [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\TMPassthru.sys (Trend Micro Inc.)
DRV - (TMPassthruMP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\TMPassthru.sys (Trend Micro Inc.)
DRV - (usbaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (VGAUTI [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\VGAUTI.sys ()
DRV - (yukonwxp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\yukonwxp.sys (Marvell Semiconductor Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.sandiegoz...a_station.html"
FF - prefs.js..keyword.URL: "http://search.yahoo....ch?fr=ffds1&p="


FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.16\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2008/07/16 20:10:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.16\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2008/07/16 20:10:07 | 00,000,000 | ---D | M]

[2006/11/04 12:16:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\mozilla\Firefox\Profiles\gdj4mp03.default\extensions
[2006/11/04 12:16:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\mozilla\Firefox\Profiles\gdj4mp03.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2009/02/13 21:32:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\mozilla\Firefox\Profiles\rno9zq95.default\extensions
[2007/09/17 21:55:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\mozilla\Firefox\Profiles\rno9zq95.default\extensions\{0c2508e6-de4c-11db-8314-0800200c9a66}
[2009/03/08 17:05:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\mozilla\Firefox\Profiles\rno9zq95.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/09/17 21:16:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2006/11/05 02:20:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/07/16 20:10:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/07/12 11:05:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/08/11 23:17:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2008/04/22 19:09:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2008/07/16 20:09:30 | 00,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2008/07/16 20:09:32 | 00,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2008/07/16 20:09:32 | 00,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2008/07/16 20:09:33 | 00,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2008/07/16 20:09:34 | 00,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2008/04/04 15:04:29 | 00,001,514 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/04/04 15:04:29 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2007/07/26 14:05:16 | 00,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2008/04/04 15:04:29 | 00,001,038 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/04/04 15:04:29 | 00,001,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/04/04 15:04:29 | 00,002,351 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/04/04 15:04:29 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (768 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IBBHO Class) - {12BA043E-293E-4CE4-A8C7-8460934FE801} - C:\Program Files\IncrediBar\bin\IBBHO.dll (IncrediBar)
O2 - BHO: (eBay Toolbar Helper) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll (eBay Inc.)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - Reg Error: Key error. File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (eBay Toolbar) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll (eBay Inc.)
O3 - HKLM\..\Toolbar: (IncrediBar) - {D8073790-84C7-4602-BF77-C6ACBF1612E4} - C:\Program Files\IncrediBar\bin\IBTBar.dll (IncrediBar)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D8073790-84C7-4602-BF77-C6ACBF1612E4} - C:\Program Files\IncrediBar\bin\IBTBar.dll (IncrediBar)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto (Microsoft Corporation)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (Logitech Inc.)
O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized File not found
O4 - HKCU..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S (Uniblue Software)
O4 - Startup: C:\Documents and Settings\user.NONE-DIL6360IIM\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra Button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA4200F9AF2} - C:\Program Files\IncrediBar\bin\IBTBar.dll (IncrediBar)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\imon.dll (Eset )
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKCU\..Trusted Sites: att.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Sites: att.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: pogo.com ([game1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pogo.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: realarcade.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: realarcade.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Sites: sbcglobal.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: trendmicro.com ([housecall60] http in Trusted sites)
O15 - HKCU\..Trusted Domains: trendmicro.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: trendmicro.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([clientapps] http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([clientapps] https in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([games] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 30 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall60.t...all/xscan60.cab (HouseCall Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=67633 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} http://skill.skillja...llJamLoader.cab (SkillJamLoader Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewi...oOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} http://www.miniclip....ro64_loader.dll (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://game1.pogo.co...erInstaller.CAB (PogoWebLauncher Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} http://musicstore.co...ALStreaming.cab (MALPlaybackCtrl Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ontent/opuc.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish....fishActivia.cab (Snapfish Activia)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1120115102500 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1127111715031 (MUWebControl Class)
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} http://www.snapfish....pfishUpload.cab (Reg Error: Key error.)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoft...free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7993.8895833333 (Reg Error: Key error.)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yaho...mail/ymmapi.dll (YahooYMailTo Class)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://download.yaho...alls/yab_af.cab (YAddBook Class)
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} http://games-dl.real...ArcadeRdxIE.cab (RealArcadeRdxIE Class)
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} http://us.dl1.yimg.c...ropper1_4us.cab (Yahoo! Photos Easy Upload Tool Class)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai...0/Installer.exe (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.s...ta/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} http://photos.yahoo....plorer1_9us.cab (PhotosCtrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.mac...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...5/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://luckynugget....get/FlashAX.cab (FlashXControl Object)
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} http://zllin.info/n/us48/n.cab (Reg Error: Key error.)
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} http://www2.incredim...er/imloader.cab (IMDownloader Class)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.ao.../ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: Battle Phlinx by pogo http://game1.pogo.co...hlinx-en_US.cab (Reg Error: Key error.)
O16 - DPF: Blooop by pogo http://game1.pogo.co...scade-en_US.cab (Reg Error: Key error.)
O16 - DPF: Buckaroo Blackjack TM by pogo http://game1.pogo.co...kjack-en_US.cab (Reg Error: Key error.)
O16 - DPF: Dice City Roller by pogo http://game1.pogo.co...z/ytz-en_US.cab (Reg Error: Key error.)
O16 - DPF: Fortune Bingo by pogo http://game1.pogo.co...bingo-en_US.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: Multiline Slots by pogo http://game1.pogo.co...slots-en_US.cab (Reg Error: Key error.)
O16 - DPF: Payday FreeCell by pogo http://game1.pogo.co...ecell-en_US.cab (Reg Error: Key error.)
O16 - DPF: Phlinx by pogo http://game1.pogo.co...inger-en_US.cab (Reg Error: Key error.)
O16 - DPF: PoppaZoppa by pogo http://game1.pogo.co...zoppa-en_US.cab (Reg Error: Key error.)
O16 - DPF: Poppit by pogo http://game1.pogo.co...ppit2-en_US.cab (Reg Error: Key error.)
O16 - DPF: Ride The Tide by pogo http://game1.pogo.co.../ride-en_US.cab (Reg Error: Key error.)
O16 - DPF: Shuffle Bump by pogo http://game1.pogo.co.../puck-en_US.cab (Reg Error: Key error.)
O16 - DPF: Spider Solitaire by pogo http://game1.pogo.co...pider-en_US.cab (Reg Error: Key error.)
O16 - DPF: Sweet Tooth TM by pogo http://game1.pogo.co...tooth-en_US.cab (Reg Error: Key error.)
O16 - DPF: Tri-Peaks by pogo http://game1.pogo.co...peaks-en_US.cab (Reg Error: Key error.)
O16 - DPF: Wonderland Memories by pogo http://game1.pogo.co...ories-en_US.cab (Reg Error: Key error.)
O16 - DPF: WordJong by pogo http://game1.pogo.co...djong-en_US.cab (Reg Error: Key error.)
O16 - DPF: World Class Solitaire by pogo http://game1.pogo.co...class-en_US.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg...t/c381/chat.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - C:\autoexec.nav () - [ NTFS ]
O32 - Autorun File - E:\autoplay.exe () - [ CDFS ]
O32 - Autorun File - E:\autorun.inf () - [ CDFS ]

========== Files/Folders - Created Within 30 Days ==========

[2009/03/15 23:48:15 | 00,499,712 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\USER~1.NON\Desktop\OTListIt2.exe
[2009/03/15 23:47:24 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\Rooter.exe
[2009/03/15 23:47:04 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/15 17:40:06 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/03/15 17:40:06 | 00,001,709 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1.WIN\Desktop\avast! Antivirus.lnk
[2009/03/15 17:40:05 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/03/15 17:40:05 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/03/15 17:40:03 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/03/15 17:40:02 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/03/15 17:40:02 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/03/15 17:40:01 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/03/15 17:40:01 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/03/15 17:39:42 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/03/15 17:39:42 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/03/15 17:39:38 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/03/15 17:18:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/15 17:17:27 | 00,000,611 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\NTREGOPT.lnk
[2009/03/15 17:17:27 | 00,000,592 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\ERUNT.lnk
[2009/03/15 17:17:22 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/03/15 17:13:30 | 00,021,504 | ---- | C] (Doug Knox) -- C:\DOCUME~1\USER~1.NON\Desktop\SysRestorePoint.exe
[2009/03/15 12:40:00 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/03/15 11:56:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
[2009/03/14 23:51:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Local Settings\Application Data\Logitech-LS
[2009/03/14 23:41:28 | 00,001,644 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1.WIN\Desktop\Logitech QuickCam.lnk
[2009/03/14 23:41:28 | 00,001,613 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1.WIN\Desktop\My Logitech Pictures.lnk
[2009/03/14 23:40:04 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2009/03/14 23:39:38 | 00,006,812 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/14 23:39:37 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\msvcr71.dll
[2009/03/14 23:39:18 | 00,029,795 | ---- | C] (Ingenient Technologies, Inc.) -- C:\WINDOWS\System32\ITIG726.acm
[2009/03/14 23:39:15 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71DEU.DLL
[2009/03/14 23:39:15 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ITA.DLL
[2009/03/14 23:39:15 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ESP.DLL
[2009/03/14 23:39:15 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ENU.DLL
[2009/03/14 23:39:15 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71KOR.DLL
[2009/03/14 23:39:15 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71JPN.DLL
[2009/03/14 23:39:14 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71CHT.DLL
[2009/03/14 23:39:14 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71CHS.DLL
[2009/03/12 23:34:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\cerasus.media
[2009/03/12 23:12:36 | 00,000,686 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\Animal Agents.lnk
[2009/03/09 19:44:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Local Settings\Application Data\Downloaded Installations
[2009/03/08 00:20:59 | 00,223,368 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\CrucialScan.exe
[2009/03/05 00:51:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\PoBros
[2009/03/05 00:51:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PoBros
[2009/03/04 23:59:54 | 26,736,120 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.03.04ACP.mp3
[2009/03/04 23:59:00 | 22,698,843 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.03.03ACP.mp3
[2009/03/04 20:18:34 | 00,000,717 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\Annie's Millions.lnk
[2009/03/02 21:22:28 | 24,467,229 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.03.02ACP.mp3
[2009/03/02 00:40:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user.NONE-DIL6360IIM\Application Data\Jetsetter
[2009/03/02 00:18:23 | 00,001,544 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\Go to RealArcade.lnk
[2009/03/02 00:18:10 | 00,000,643 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\Jetsetter.lnk
[2009/02/28 02:09:32 | 00,043,520 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\My Documents\Sherry Doty.doc
[2009/02/27 21:30:59 | 18,712,558 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.24ACP.mp3
[2009/02/27 21:19:49 | 00,000,000 | ---D | C] -- C:\DOCUME~1\USER~1.NON\Desktop\attachments_2009_02_27
[2009/02/27 20:50:20 | 26,537,381 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.26ACP.mp3
[2009/02/27 20:50:05 | 20,679,474 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.27ACP.mp3
[2009/02/27 20:45:53 | 16,066,040 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.25ACP.mp3
[2009/02/27 17:16:18 | 00,282,822 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\Desktop\attachments_2009_02_27.zip
[2009/02/21 18:50:19 | 00,043,008 | ---- | C] () -- C:\DOCUME~1\USER~1.NON\My Documents\Managed residences.xls
[2009/02/21 11:01:35 | 00,076,560 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/02/18 21:19:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AdventureChronicles1
[2009/02/15 20:53:38 | 00,000,000 | ---D | C] -- C:\Program Files\SIW

========== Files - Modified Within 30 Days ==========

[2009/03/15 23:48:16 | 00,499,712 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\USER~1.NON\Desktop\OTListIt2.exe
[2009/03/15 23:47:30 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\Rooter.exe
[2009/03/15 23:44:11 | 00,001,249 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/15 23:44:11 | 00,000,264 | ---- | M] () -- C:\WINDOWS\System.ini
[2009/03/15 23:44:11 | 00,000,211 | -H-- | M] () -- C:\boot.ini
[2009/03/15 23:44:10 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/15 23:43:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/15 23:42:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/15 23:26:52 | 00,000,140 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2009/03/15 17:40:06 | 00,001,709 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1.WIN\Desktop\avast! Antivirus.lnk
[2009/03/15 17:40:02 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/03/15 17:17:27 | 00,000,611 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\NTREGOPT.lnk
[2009/03/15 17:17:27 | 00,000,592 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\ERUNT.lnk
[2009/03/15 12:36:33 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1FE84050-4D69-4315-81E3-40DFAA5E18E7}.job
[2009/03/15 00:07:23 | 00,001,644 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1.WIN\Desktop\Logitech QuickCam.lnk
[2009/03/15 00:07:23 | 00,001,613 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1.WIN\Desktop\My Logitech Pictures.lnk
[2009/03/12 23:12:37 | 00,000,686 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\Animal Agents.lnk
[2009/03/12 21:28:17 | 00,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
[2009/03/12 19:31:03 | 00,207,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/12 19:22:59 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/08 14:03:02 | 00,395,422 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/08 14:03:01 | 00,060,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/08 14:02:59 | 00,462,924 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/08 00:22:16 | 00,223,368 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\CrucialScan.exe
[2009/03/06 01:20:00 | 02,111,310 | -H-- | M] () -- C:\Documents and Settings\user.NONE-DIL6360IIM\Local Settings\Application Data\IconCache.db
[2009/03/05 00:00:02 | 26,736,120 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.03.04ACP.mp3
[2009/03/04 23:59:05 | 22,698,843 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.03.03ACP.mp3
[2009/03/04 20:18:34 | 00,000,717 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\Annie's Millions.lnk
[2009/03/02 21:22:46 | 24,467,229 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.03.02ACP.mp3
[2009/03/02 00:18:23 | 00,001,544 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\Go to RealArcade.lnk
[2009/03/02 00:18:17 | 00,000,643 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\Jetsetter.lnk
[2009/02/28 02:09:33 | 00,043,520 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\My Documents\Sherry Doty.doc
[2009/02/27 21:31:27 | 18,712,558 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.24ACP.mp3
[2009/02/27 20:50:56 | 26,537,381 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.26ACP.mp3
[2009/02/27 20:50:40 | 20,679,474 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.27ACP.mp3
[2009/02/27 20:46:00 | 16,066,040 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\2009.02.25ACP.mp3
[2009/02/27 17:16:23 | 00,282,822 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\Desktop\attachments_2009_02_27.zip
[2009/02/27 10:02:42 | 00,170,496 | ---- | M] () -- C:\Documents and Settings\user.NONE-DIL6360IIM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/25 12:55:00 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/02/21 18:56:10 | 00,043,008 | ---- | M] () -- C:\DOCUME~1\USER~1.NON\My Documents\Managed residences.xls
[2009/02/19 20:36:07 | 00,000,268 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
< End of report >


Any help you can give me is very much appreciated!!
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP