how to remove 'Troj/Rustok-N'

i dont know how i got it but it wont let my computer download updates and norton 360 wont pick it up.how do i remove it?

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

hi i got this virus can you help me?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:10:28 PM, on 12/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Users\Billy Radio\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=84&bd=Pavilion&pf=cndt
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=84&bd=Pavilion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Billy Radio\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Billy Radio\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{05511CAA-6D2F-433C-9959-FD4AADA1C6AC}: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CCS\Services\Tcpip\..\{7ECC6F96-F130-453C-AA13-A3AD5F8B1A78}: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CS1\Services\Tcpip\..\{05511CAA-6D2F-433C-9959-FD4AADA1C6AC}: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CS2\Services\Tcpip\..\{05511CAA-6D2F-433C-9959-FD4AADA1C6AC}: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.127,85.255.112.196
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9158 bytes

after i download hijack and try to run it it says it stopped working properly and it wont open

Hello.
It's fine, I have what I need to know to fix it now.

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV. (Symantec)
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouse click combofix's window whilst it's running. That may cause it to stall.
  

thanx it fixed it my computer works now and my anti virus scans now

Please post the log.

it wont let me post it .it says message is too big to be posted

Split the log up into more than one post.

ComboFix 09-07-12.01 - TRAVIESA Y MR BROWN 07/12/2009 15:25.1.2 - NTFSx86
Running from: c:\users\TRAVIESA Y MR BROWN\Desktop\Combo-Fix.exe
AV: Avanquest SystemSuite *On-access scanning enabled* (Outdated) {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Avanquest NetDefense Firewall *enabled* {E9CD9D09-CF58-4ec3-9B3F-E6B12C3E4171}
SP: Avanquest SystemSuite *enabled* (Outdated) {9817B764-AE4E-4B29-AEE7-725B7A50BD48}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1322068398-3583463442-2810568754-500
c:\$recycle.bin\S-1-5-21-2347180839-3205931739-3509662-500
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\02000000ee174e7f600C.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\02000000ee174e7f600O.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\02000000ee174e7f600P.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\02000000ee174e7f600S.manifest
c:\windows\Installer\1897fc7.msi
c:\windows\Installer\1897fd6.msi
c:\windows\Installer\201940.msi
c:\windows\Installer\21a7564.msi
c:\windows\Installer\21a756a.msi
c:\windows\Installer\21ee203.msi
c:\windows\Installer\2b57e15.msi
c:\windows\Installer\346702.msi
c:\windows\Installer\36ba7e.msi
c:\windows\Installer\3a2d9.msi
c:\windows\Installer\3eac0.msi
c:\windows\Installer\3eacf.msi
c:\windows\Installer\3ead6.msi
c:\windows\Installer\3eadc.msi
c:\windows\Installer\3eae2.msi
c:\windows\Installer\3eae7.msi
c:\windows\Installer\3eaec.msi
c:\windows\Installer\3eaf1.msi
c:\windows\Installer\3eaf9.msi
c:\windows\Installer\3eb5a.msi
c:\windows\Installer\3eb61.msi
c:\windows\Installer\3eb68.msi
c:\windows\Installer\3eb6f.msi
c:\windows\Installer\3eb76.msi
c:\windows\Installer\3eb7d.msi
c:\windows\Installer\3eb84.msi
c:\windows\Installer\3eb89.msi
c:\windows\Installer\3eb8f.msi
c:\windows\Installer\3eb94.msi
c:\windows\Installer\3eb99.msi
c:\windows\Installer\3eb9e.msi
c:\windows\Installer\3eba6.msi
c:\windows\Installer\3ebac.msi
c:\windows\Installer\3ebb2.msi
c:\windows\Installer\3ebb8.msi
c:\windows\Installer\3ebbe.msi
c:\windows\Installer\3ebc4.msi
c:\windows\Installer\3ebca.msi
c:\windows\Installer\3ebd0.msi
c:\windows\Installer\3ebd8.msi
c:\windows\Installer\3ebde.msi
c:\windows\Installer\3ebe4.msi
c:\windows\Installer\3ebea.msi
c:\windows\Installer\3ebf0.msi
c:\windows\Installer\3ebf6.msi
c:\windows\Installer\3ebfd.msi
c:\windows\Installer\3ec03.msi
c:\windows\Installer\3ec09.msi
c:\windows\Installer\3ec0f.msi
c:\windows\Installer\3ec15.msi
c:\windows\Installer\3ec1b.msi
c:\windows\Installer\3ec27.msi
c:\windows\Installer\3ec2c.msi
c:\windows\Installer\3f675.msi
c:\windows\Installer\40e18.msi
c:\windows\Installer\6d02ffd.msi
c:\windows\Installer\9dc7e.msi
c:\windows\system32\dmstyle32.dll
c:\windows\system32\drivers\MSIVXmeynevqbrufnrxvdfwmdxtnippsibrer.sys
c:\windows\system32\drivers\MSIVXruytdtdpxfwqxdxtierwcvxepsrfhplp.sys
c:\windows\system32\jhnKQB8.vbs
c:\windows\system32\mfc45.dll
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXpbrpsdbbnseisneccktgnnpuxxnotxxm.dll
c:\windows\system32\MSIVXppvtcwigpbdmrmiruoyjpxibywnrppsq.dll
c:\windows\system32\MSIVXumwnrqnpaclkepwocrusymihicdminki.dll
c:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job

.
((((((((((((((((((((((((( Files Created from 2009-06-12 to 2009-07-12 )))))))))))))))))))))))))))))))
.

2009-07-12 22:32 . 2009-07-12 22:32 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\temp
2009-07-12 15:20 . 2009-07-12 15:20 -------- d-----w- c:\program files\Trend Micro
2009-07-12 15:08 . 2009-07-07 23:59 89104 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVENG.SYS
2009-07-12 15:08 . 2009-07-07 23:59 876144 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVEX15.SYS
2009-07-12 15:08 . 2009-07-07 23:59 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVENG32.DLL
2009-07-12 15:08 . 2009-07-07 23:59 1181040 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVEX32A.DLL
2009-07-12 15:08 . 2009-07-07 23:59 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\EECTRL.SYS
2009-07-12 15:08 . 2009-07-07 23:59 101936 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\ERASER.SYS
2009-07-12 15:08 . 2009-07-07 23:59 259368 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\ECMSVR32.DLL
2009-07-12 15:08 . 2009-07-07 23:59 2414128 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\CCERASER.DLL
2009-07-11 18:25 . 2008-04-22 06:17 172032 ----a-w- c:\windows\system32\igfxres.dll
2009-07-11 17:48 . 2009-07-11 17:48 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\Symantec
2009-07-11 10:02 . 2009-07-11 20:07 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\GetRightToGo
2009-07-10 21:12 . 2009-07-10 21:12 -------- d-----r- c:\program files\Norton Support
2009-07-10 20:18 . 2009-06-22 22:51 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\Scxpx86.dll
2009-07-10 20:18 . 2009-07-07 23:59 396848 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSviA64.sys
2009-07-10 20:18 . 2009-07-07 23:59 292912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSvix86.sys
2009-07-10 20:18 . 2009-07-07 23:59 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSXpx86.sys
2009-07-10 20:18 . 2009-07-07 23:59 447864 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSxpx86.dll
2009-07-10 19:40 . 2009-07-10 19:40 -------- d-----w- c:\program files\ASIO4ALL v2
2009-07-08 16:45 . 2009-07-08 16:45 -------- d-----w- c:\windows\system32\N360_BACKUP
2009-07-08 02:00 . 2009-07-08 02:00 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Template
2009-07-08 00:08 . 2009-07-07 23:59 396848 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090707.001\IDSviA64.sys
2009-07-08 00:08 . 2009-07-07 23:59 292912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090707.001\IDSvix86.sys
2009-07-08 00:08 . 2009-07-07 23:59 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090707.001\IDSXpx86.sys
2009-07-08 00:08 . 2009-07-07 23:59 447864 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090707.001\IDSxpx86.dll
2009-07-08 00:08 . 2009-06-22 22:51 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090707.001\Scxpx86.dll
2009-07-08 00:01 . 2008-04-17 19:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-07-08 00:01 . 2009-01-15 19:19 23848 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-07-08 00:00 . 2009-07-08 00:00 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\Downloaded Installations
2009-07-08 00:00 . 2009-07-07 23:59 25136 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-07-08 00:00 . 2009-07-10 21:13 -------- d-----w- c:\program files\Symantec
2009-07-08 00:00 . 2009-07-08 00:17 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-08 00:00 . 2009-07-08 00:00 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-07-07 23:59 . 2009-07-07 23:59 396848 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvia64.sys
2009-07-07 23:59 . 2009-07-07 23:59 292912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-07-07 23:59 . 2009-07-07 23:59 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.sys
2009-07-07 23:59 . 2009-07-07 23:59 1290592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-07-07 23:59 . 2009-07-07 23:59 136840 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-07-07 23:59 . 2009-07-07 23:59 447864 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\idsxpx86.dll
2009-07-07 23:59 . 2009-07-07 23:59 796016 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-07-07 23:59 . 2009-07-07 23:59 -------- d-----w- c:\windows\system32\drivers\N360
2009-06-29 23:27 . 2009-07-08 00:01 -------- d-----w- c:\programdata\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2009-06-29 23:26 . 2009-07-08 17:13 -------- d-----w- c:\programdata\Symantec
2009-06-29 23:26 . 2009-07-07 23:32 -------- d-----w- c:\programdata\Norton
2009-06-29 23:26 . 2009-07-07 23:32 -------- d-----w- c:\program files\Norton 360
2009-06-29 23:26 . 2009-07-07 23:58 -------- d-----w- c:\programdata\NortonInstaller
2009-06-29 23:26 . 2009-06-29 23:26 -------- d-----w- c:\program files\NortonInstaller
2009-06-29 22:43 . 2009-06-29 22:43 -------- d-----w- c:\programdata\Citrix
2009-06-22 22:51 . 2009-06-22 22:51 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-06-22 21:01 . 2009-06-22 21:01 8854 ----a-r- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
2009-06-22 21:01 . 2009-06-22 21:01 40960 ----a-r- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2009-06-22 21:01 . 2009-06-22 21:01 40960 ----a-r- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2009-06-19 17:40 . 2009-06-19 17:40 -------- d-----w- c:\program files\Audacity
2009-06-18 03:47 . 2009-06-18 03:47 -------- d-----w- c:\programdata\Trymedia
2009-06-18 03:47 . 2009-06-18 03:47 1421449 ----a-w- c:\programdata\NeoEdge Networks\Yahoo_Monopoly\IAF.dll
2009-06-18 03:47 . 2009-06-18 03:47 -------- d-----w- c:\programdata\NeoEdge Networks
2009-06-15 17:20 . 2009-06-15 17:25 104 ----a-w- c:\windows\system32\SBRC.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-12 21:58 . 2009-05-07 22:16 -------- d-----w- c:\program files\xxx.xxx
2009-07-10 19:40 . 2009-06-12 15:57 -------- d-----w- c:\program files\Image-Line
2009-07-10 19:39 . 2009-06-12 16:00 -------- d-----w- c:\program files\VstPlugins
2009-07-08 02:00 . 2009-05-08 03:29 136 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\wklnhst.dat
2009-07-08 00:47 . 2009-05-07 22:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-08 00:47 . 2009-05-07 22:17 -------- d-----w- c:\program files\Common Files\AntiVirus
2009-07-08 00:00 . 2009-07-08 00:00 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-07-08 00:00 . 2009-07-08 00:00 7386 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-07-05 21:54 . 2009-04-22 01:57 -------- d-----w- c:\programdata\Sonic
2009-06-29 17:54 . 2009-05-22 16:20 -------- d-----w- c:\program files\AVS4YOU
2009-06-29 17:48 . 2009-05-22 16:20 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-06-28 16:35 . 2009-04-26 14:14 -------- d-----w- c:\program files\Cakewalk
2009-06-27 18:02 . 2009-04-22 02:23 -------- d-----w- c:\program files\Dell
2009-06-27 17:16 . 2009-04-22 01:55 -------- d-----w- c:\program files\Microsoft.NET
2009-06-22 21:01 . 2009-06-12 03:40 -------- d-----w- c:\program files\Project64 1.6
2009-06-18 02:46 . 2009-04-29 22:27 1608712 ----a-w- c:\programdata\WildTangent\OEM Game Console\Downloads\en-us\Installers\SetupGamesClient.exe
2009-06-15 21:32 . 2009-05-16 23:59 -------- d-----w- c:\program files\Yahoo!
2009-06-15 21:31 . 2009-05-09 20:03 -------- d-----w- c:\program files\Easy Video Downloader
2009-06-14 21:46 . 2009-06-09 18:21 -------- d-----w- c:\program files\MSN Games
2009-06-12 15:58 . 2009-06-12 15:58 -------- d-----w- c:\program files\Outsim
2009-06-09 18:21 . 2009-06-09 18:21 -------- d-----w- c:\programdata\FreshGames
2009-06-09 18:21 . 2009-06-09 18:21 -------- d-----w- c:\program files\Oberon Media
2009-06-02 16:09 . 2009-06-02 16:09 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-05-31 22:55 . 2009-05-31 22:26 -------- d-----w- c:\program files\Winferno
2009-05-31 22:27 . 2009-05-31 22:27 -------- d-----w- c:\program files\Common Files\Winferno
2009-05-31 22:22 . 2009-05-31 22:19 -------- d-----w- c:\program files\Bejeweled 2 Deluxe
2009-05-31 22:21 . 2009-05-31 22:21 16 ----a-w- c:\windows\popcinfo.dat
2009-05-31 22:18 . 2009-05-31 22:18 -------- d-----w- c:\program files\ReflexiveArcade
2009-05-27 02:50 . 2009-06-03 15:20 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe
2009-05-23 15:36 . 2009-05-23 15:36 -------- d-----w- c:\programdata\Roxio
2009-05-23 15:36 . 2009-05-23 15:36 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Roxio
2009-05-23 03:14 . 2009-05-23 03:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motport_01005.Wdf
2009-05-23 03:14 . 2009-05-23 03:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-05-23 03:05 . 2009-05-23 03:05 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgpfl_01005.Wdf
2009-05-23 03:05 . 2009-05-23 03:05 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgp_01005.Wdf
2009-05-22 23:20 . 2009-04-22 01:51 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-22 18:38 . 2009-04-26 14:14 118784 ----a-w- c:\windows\dsdxirmv.exe
2009-05-22 16:20 . 2009-05-22 16:20 -------- d-----w- c:\programdata\AVS4YOU
2009-05-22 16:20 . 2009-04-25 22:43 69008 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-22 16:20 . 2009-05-22 16:20 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\AVS4YOU
2009-05-22 14:27 . 2009-05-22 14:08 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire
2009-05-17 00:02 . 2009-05-16 23:59 -------- d-----w- c:\programdata\Yahoo!
2009-05-17 00:00 . 2009-05-17 00:00 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Yahoo!
2009-05-16 15:35 . 2009-05-16 15:35 103736 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\PnkBstrB.exe
2009-05-16 15:35 . 2009-05-16 15:35 103736 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\PnkBstrB.exe
2009-05-16 15:35 . 2009-05-16 15:35 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-05-16 15:34 . 2009-05-16 15:34 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-05-16 15:34 . 2009-04-22 01:49 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-16 15:20 . 2009-05-16 15:20 -------- d-----w- c:\program files\Activision
2009-05-14 18:03 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 05:50 . 2009-06-10 17:35 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 17:35 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-06 18:22 . 2009-05-01 01:46 518 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\iolo\Registry\Last\restore.bat
2009-05-06 15:28 . 2009-05-06 15:28 5068262 ----a-w- c:\programdata\ArcSoft\Global Deploy\CheckUpdate\ArcConnect.exe
2009-04-25 23:35 . 2009-04-25 23:35 1331 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\iolo\restore.bat
2009-04-23 12:43 . 2009-06-10 17:35 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-10 17:35 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-22 04:31 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-04-22 04:30 . 2009-04-22 04:30 26112 ----a-w- c:\windows\system32\hidserv.dll
2009-04-22 04:30 . 2009-04-22 04:30 22016 ----a-w- c:\windows\system32\hid.dll
2009-04-22 04:30 . 2009-04-22 04:30 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-04-22 04:30 . 2009-04-22 04:30 74752 ----a-w- c:\windows\system32\newdev.exe
2009-04-22 04:30 . 2009-04-22 04:30 468992 ----a-w- c:\windows\system32\newdev.dll
2009-04-22 04:28 . 2009-04-22 04:28 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-22 04:28 . 2009-04-22 04:28 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2009-04-22 04:28 . 2009-04-22 04:28 45056 ----a-w- c:\windows\system32\dataclen.dll
2009-04-22 04:28 . 2009-04-22 04:28 36864 ----a-w- c:\windows\system32\cdd.dll
2009-04-22 04:28 . 2009-04-22 04:28 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-22 04:27 . 2009-04-22 04:27 1645568 ----a-w- c:\windows\system32\connect.dll
2009-04-22 04:27 . 2009-04-22 04:27 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-04-22 04:27 . 2009-04-22 04:27 2927104 ----a-w- c:\windows\explorer.exe
2009-04-22 04:26 . 2009-04-22 04:26 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-04-22 04:26 . 2009-04-22 04:26 269312 ----a-w- c:\windows\system32\es.dll
2009-04-22 04:24 . 2009-04-22 04:24 2048 ----a-w- c:\windows\system32\tzres.dll
2009-04-22 04:23 . 2009-04-22 04:23 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-04-22 04:23 . 2009-04-22 04:23 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-22 04:22 . 2009-04-22 04:22 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-04-22 04:20 . 2009-04-22 04:20 885248 ----a-w- c:\windows\system32\RacEngn.dll
2009-04-22 04:20 . 2009-04-22 04:20 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-04-22 04:19 . 2009-04-22 04:19 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-04-22 04:19 . 2009-04-22 04:19 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-04-22 04:19 . 2009-04-22 04:19 347648 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-04-22 04:18 . 2009-04-22 04:18 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2009-04-22 04:18 . 2009-04-22 04:18 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-22 04:18 . 2009-04-22 04:18 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-04-22 04:16 . 2009-04-22 04:16 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-04-22 04:16 . 2009-04-22 04:16 891448 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-22 04:16 . 2009-04-22 04:16 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-22 04:16 . 2009-04-22 04:16 15360 ----a-w- c:\windows\system32\pacerprf.dll
2009-04-22 04:15 . 2009-04-22 04:15 988216 ----a-w- c:\windows\system32\winload.exe
2009-04-22 04:15 . 2009-04-22 04:15 927288 ----a-w- c:\windows\system32\winresume.exe
2009-04-22 04:15 . 2009-04-22 04:15 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-04-22 04:15 . 2009-04-22 04:15 615992 ----a-w- c:\windows\system32\ci.dll
2009-04-22 04:15 . 2009-04-22 04:15 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2009-04-22 04:15 . 2009-04-22 04:15 40960 ----a-w- c:\windows\system32\srclient.dll
2009-04-22 04:15 . 2009-04-22 04:15 378368 ----a-w- c:\windows\system32\srcore.dll
2009-04-22 04:15 . 2009-04-22 04:15 318464 ----a-w- c:\windows\system32\rstrui.exe
2009-04-22 04:15 . 2009-04-22 04:15 19000 ----a-w- c:\windows\system32\kd1394.dll
2009-04-22 04:15 . 2009-04-22 04:15 14848 ----a-w- c:\windows\system32\srdelayed.exe
2009-04-22 04:14 . 2009-04-22 04:14 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"SBRegRebootCleaner"="c:\program files\Common Files\AntiVirus\SBRC.exe" [2008-08-05 197928]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-04-22 01:58 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Remote Access.lnk]
backup=c:\windows\pss\Dell Remote Access.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Dell Remote Access.lnk

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips SA32XX Device Manager.lnk]
backup=c:\windows\pss\Philips SA32XX Device Manager.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Philips SA32XX Device Manager.lnk

[HKLM\~\startupfolder\C:^Users^TRAVIESA Y MR BROWN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk]
backup=c:\windows\pss\Dell Dock.lnk.Startup
backupExtension=.Startup
path=c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6BE162C2-7048-4452-9882-2405AC31D7BD}"= UDP:c:\program files\Dell Remote Access\ezi_ra.exe:Dell Remote Access
"{3D3FDD26-3537-4C1A-A0C0-120575EBDB8E}"= TCP:c:\program files\Dell Remote Access\ezi_ra.exe:Dell Remote Access
"{295619EC-CD02-42A6-AF07-169F3C4E5118}"= UDP:c:\program files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe:Advanced Networking Service
"{ACE50765-45D5-453C-A8E1-910962919644}"= TCP:c:\program files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe:Advanced Networking Service
"{4E5C4BC0-C3F1-4092-BEFA-1FED650C2558}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{1DE1857A-7A0E-4E57-862A-0096FA4E2762}"= UDP:c:\program files\Common Files\Dell\VLC\vlc.exe:Remote Access VLC
"{431F3AA2-9F01-4C53-94FC-ED76CA38A061}"= TCP:c:\program files\Common Files\Dell\VLC\vlc.exe:Remote Access VLC
"{5F691C00-E187-4B8C-872F-96B3B8CB4BA2}"= UDP:c:\program files\iolo\AntiVirus\ioloAV.exe:iolo AntiVirus
"{72138598-6BEA-4EB0-9FAE-E76DEE70435C}"= TCP:c:\program files\iolo\AntiVirus\ioloAV.exe:iolo AntiVirus
"{4E2066A7-2A07-4546-864D-6929451AFAE9}"= UDP:c:\program files\iolo\AntiVirus\iAVEmailScanner.exe:iolo AntiVirus Email Protection
"{F311915D-0C55-43BD-8EFB-03C75208BC70}"= TCP:c:\program files\iolo\AntiVirus\iAVEmailScanner.exe:iolo AntiVirus Email Protection
"TCP Query User{EB2D8B60-033D-4E55-83BA-99E66FD83559}e:\\zsnesw.exe"= UDP:E:\zsnesw.exe:zsnesw
"UDP Query User{E4E7143A-F353-4C21-97EC-8130E2847402}e:\\zsnesw.exe"= TCP:E:\zsnesw.exe:zsnesw
"{33858AAC-3ABB-46D9-9510-3744A43875E1}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{DEFA31EC-0CE4-4F3F-90EA-96B792B9795B}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{FE01680C-70B4-40C1-B306-F71A14A9E9A4}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C8ECF942-E02E-4117-B990-95FA145BAF2B}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{DFBDA26F-B4D1-4091-BA76-458B10AE6722}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{760D3F12-E5F2-4C8F-8197-982A6EF762D0}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{C5B3AD49-1C0F-4811-A5BC-94342BEA27AB}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{00BE6CCF-8CBC-4CCE-BB8C-13FA636D39EA}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger

R2 gupdate1c9d0d247d94260;Google Update Service (gupdate1c9d0d247d94260);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-09 133104]
R2 ioloProductUpdate;iolo Product Update Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [x]
R3 KFilter;KFilter;c:\progra~1\AVANQU~1\SYSTEM~1\KFilter.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2008-08-22 18688]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2008-08-22 8320]
R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [2007-06-19 23680]
R3 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2007-11-06 87848]
R3 TFilter;TFilter;c:\progra~1\AVANQU~1\SYSTEM~1\TFilter.sys [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0300000.087\SYMEFA.SYS [2009-07-07 310320]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0300000.087\BHDrvx86.sys [2009-07-07 258608]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0300000.087\ccHPx86.sys [2009-07-07 482352]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2008-12-09 20392]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090709.001\IDSvix86.sys [2009-07-07 292912]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-09-24 155648]
S2 N360;Norton 360;c:\program files\Norton 360\Norton 360\Engine\3.0.0.135\ccSvcHst.exe [2009-07-07 115560]
S2 SBAMSvc;Sunbelt VIPRE Antivirus Service;c:\program files\Common Files\AntiVirus\SBAMSvc.exe [2008-08-05 849192]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2008-07-18 68912]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-07-07 101936]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\N360\0300000.087\SYMNDISV.SYS [2009-07-07 39984]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-09 18:16]

2009-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-09 18:16]

2009-07-12 c:\windows\Tasks\User_Feed_Synchronization-{9C4FDD0C-FD7C-45E6-875A-8EF7796DD670}.job
- c:\windows\system32\msfeedssync.exe [2009-05-08 11:31]
.
- - - - ORPHANS REMOVED - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\AskBarDis\bar\bin\askBar.dll
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\AskBarDis\bar\bin\askBar.dll
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
.
.
------- File Associations -------
.
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Norton 360\Engine\3.0.0.135\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Norton 360\Engine\3.0.0.135\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-07-12 15:34
ComboFix-quarantined-files.txt 2009-07-12 22:34

Pre-Run: 227,159,867,392 bytes free
Post-Run: 227,111,342,080 bytes free

374 --- E O F --- 2009-07-11 18:00

Now open a new notepad file.
Input this into the notepad file:

Folder::
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire

File::
c:\windows\system32\winload.exe

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

ComboFix 09-07-14.08 - TRAVIESA Y MR BROWN 07/17/2009 13:16.2.2 - NTFSx86
Running from: c:\users\TRAVIESA Y MR BROWN\Desktop\Combo-Fix.exe
Command switches used :: c:\users\TRAVIESA Y MR BROWN\Desktop\CFScript.txt
AV: Avanquest SystemSuite *On-access scanning enabled* (Updated) {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Avanquest NetDefense Firewall *enabled* {E9CD9D09-CF58-4ec3-9B3F-E6B12C3E4171}
SP: Avanquest SystemSuite *enabled* (Updated) {9817B764-AE4E-4B29-AEE7-725B7A50BD48}
* Created a new restore point

FILE ::
"c:\windows\system32\winload.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xul-v2.0b2.4-do-not-remove
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\branding.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\branding.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\classic.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\classic.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\comm.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\comm.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\en-US.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\en-US.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\limewire.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\limewire.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\pippki.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\pippki.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\toolkit.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\chrome\toolkit.manifest
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\accessibility-msaa.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\accessibility.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\alerts.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\appstartup.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\auth.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\autocomplete.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\caps.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\chardet.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\chrome.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\commandhandler.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\commandlines.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\composer.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\content_base.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\content_html.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\content_htmldoc.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\content_xmldoc.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\content_xslt.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\content_xtf.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\contentprefs.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\cookie.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\directory.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\docshell_base.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_base.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_canvas.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_core.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_css.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_events.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_html.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_json.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_loadsave.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_offline.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_range.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_sidebar.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_storage.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_stylesheets.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_svg.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_traversal.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_views.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_xbl.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_xpath.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\dom_xul.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\downloads.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\editor.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\embed_base.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\extensions.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\exthandler.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\exthelper.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\fastfind.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\FeedProcessor.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\feeds.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\find.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\gfx.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\htmlparser.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\imgicon.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\imglib2.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\inspector.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\intl.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\jar.xpt

c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\jsconsole-clhandler.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\jsdservice.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_base.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_printing.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_xul.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\layout_xul_tree.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\locale.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\loginmgr.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\lwbrk.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\mimetype.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\mozbrwsr.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\mozfind.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_about.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_cache.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_cookie.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_dns.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_file.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_ftp.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_http.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_res.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_socket.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_strconv.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\necko_viewsource.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsAddonRepository.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsBadCertHandler.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsBlocklistService.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsContentDispatchChooser.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsContentPrefService.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsDefaultCLH.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsDictionary.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsDownloadManagerUI.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsExtensionManager.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsHandlerService.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsHelperAppDlg.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLivemarkService.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLoginInfo.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLoginManager.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsLoginManagerPrompter.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsPostUpdateWin.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsProgressDialog.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsProxyAutoConfig.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsResetPref.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsTaggingService.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsTryToClose.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsUpdateService.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsURLFormatter.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsWebHandlerApp.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsXmlRpcClient.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\nsXULAppInstall.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\oji.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\parentalcontrols.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pipboot.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pipboot.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pipnss.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pipnss.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pippki.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pippki.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\places.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\plugin.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pluginGlue.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\pref.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\prefetch.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\profile.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\proxyObject.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\rdf.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\satchel.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\saxparser.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\shistory.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\spellchecker.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\storage-Legacy.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\storage.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\toolkitprofile.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\transformiix.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\txEXSLTRegExFunctions.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\txmgr.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\txtsvc.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\uconv.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\unicharutil.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\universalchardet.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\update.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\uriloader.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\urlformatter.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\webBrowser_core.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\webbrowserpersist.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\webshell_idls.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\websrvcs.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\widget.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\windowds.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\windowwatcher.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xml-rpc.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xmlextras.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_base.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_components.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_ds.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_io.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_system.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_thread.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpcom_xpti.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpconnect.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xpinstall.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xulapp.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xulapp_setup.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xuldoc.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xultmpl.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\xulutil.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\components\zipwriter.xpt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.ini
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig\platform.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig\prefcalls.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\pref\xulrunner.js

c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome\userChrome-example.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome\userContent-example.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\localstore.rdf
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userChrome-example.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome\userContent-example.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\localstore.rdf
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\dependentlibs.list
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries\en-US.aff
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries\en-US.dic
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\freebl3.chk
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\freebl3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\greprefs\all.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\greprefs\security-prefs.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\greprefs\xpinstall.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\IA2Marshal.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\javaxpcom.jar
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\javaxpcomglue.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\js3250.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\LICENSE
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\debug.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\DownloadUtils.jsm
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\ISO8601DateUtils.jsm
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\JSON.jsm
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\Microformats.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\PluralForm.jsm
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\utils.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\modules\XPCOMUtils.jsm
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\mozctl.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\mozctlx.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\MSVCP71.DLL
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\msvcr71.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\nspr4.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\nss3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\nssckbi.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\nssdbm3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\nssutil3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\platform.ini
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\plc4.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\plds4.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\plugins\npnul32.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\README.txt
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\arrow.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\arrowd.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\broken-image.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\charsetalias.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\charsetData.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\contenteditable.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\designmode.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd\mathml.dtd
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd\xhtml11.dtd
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\EditorOverride.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\html40Latin1.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\html40Special.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\html40Symbols.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\htmlEntityVersions.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\mathml20.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables\transliterate.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfont.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontStandardSymbolsL.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXNonUnicode.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontSTIXSize1.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontSymbol.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts\mathfontUnicode.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\forms.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\grabber.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\hiddenWindow.html
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\html.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\html\folder.png
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\langGroups.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\language.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\loading-image.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\mathml.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\quirk.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\svg.css

c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-after-active.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-after-hover.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-after.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-before-active.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-before-hover.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-column-before.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-after-active.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-after-hover.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-after.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-before-active.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-before-hover.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-add-row-before.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-column-active.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-column-hover.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-column.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-row-active.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-row-hover.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\table-remove-row.gif
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\ua.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\viewsource.css
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\res\wincharset.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\smime3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\softokn3.chk
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\softokn3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\sqlite3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\ssl3.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\version.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xpcom.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xul.dll
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\createtimes.cache
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\downloads.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\fileurns.bak
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\fileurns.cache
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\gnutella.net
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\installation.props
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\library.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\library5.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\limewire.props
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mojito.props
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\.autoreg
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_001_
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_002_
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_003_
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\_CACHE_MAP_
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\3816C1E5d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\4BC70045d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\51CFDFBBd01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\6B5B8EF7d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\7BD6A121d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\98E79480d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\AE98BDF8d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\BAFF9A98d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\Cache\D5267890d01
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\cert8.db
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\compreg.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\cookies.sqlite
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\downloads.sqlite
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\extensions.cache
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\extensions.ini
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\history.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\key3.db
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\permissions.sqlite
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\places.sqlite-journal
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\places.sqlite
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\pluginreg.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\prefs.js
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\secmod.db
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\XPC.mfl
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\mozilla-profile\xpti.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\promotion\promodb.properties
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\promotion\promodb.script
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\questions.props
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\responses.cache
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\spam.dat
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\tables.props
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\ttdata.cache
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\ttroot.cache
c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\LimeWire\versions.props
c:\windows\system32\winload.exe

.
((((((((((((((((((((((((( Files Created from 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))))
.

2009-07-17 20:23 . 2009-07-17 20:23 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\temp
2009-07-17 18:19 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090715.003\IDSXpx86.sys
2009-07-17 18:19 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090715.003\IDSvix86.sys
2009-07-17 18:19 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090715.003\Scxpx86.dll
2009-07-17 18:19 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090715.003\IDSxpx86.dll
2009-07-17 18:19 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090715.003\IDSviA64.sys
2009-07-17 17:12 . 2009-07-13 08:00 87888 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\NAVENG.SYS
2009-07-17 17:12 . 2009-07-13 08:00 875728 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\NAVEX15.SYS
2009-07-17 17:12 . 2009-07-07 23:59 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\NAVENG32.DLL
2009-07-17 17:12 . 2009-07-07 23:59 1181040 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\NAVEX32A.DLL
2009-07-17 17:12 . 2009-07-07 23:59 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\EECTRL.SYS
2009-07-17 17:12 . 2009-07-07 23:59 101936 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\ERASER.SYS
2009-07-17 17:12 . 2009-07-07 23:59 259368 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\ECMSVR32.DLL
2009-07-17 17:12 . 2009-07-07 23:59 2414128 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090717.006\CCERASER.DLL
2009-07-15 18:03 . 2009-07-15 18:03 -------- d-----w- c:\program files\ASIO4ALL v2
2009-07-15 17:21 . 2009-07-15 17:24 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Uniblue
2009-07-15 03:22 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSXpx86.sys
2009-07-15 03:22 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSvix86.sys
2009-07-15 03:22 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\Scxpx86.dll
2009-07-15 03:22 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSxpx86.dll
2009-07-15 03:22 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSviA64.sys
2009-07-14 21:13 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-14 21:13 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-14 21:13 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-14 21:13 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-12 15:20 . 2009-07-12 15:20 -------- d-----w- c:\program files\Trend Micro
2009-07-12 15:08 . 2009-07-07 23:59 89104 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVENG.SYS
2009-07-12 15:08 . 2009-07-07 23:59 876144 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVEX15.SYS
2009-07-12 15:08 . 2009-07-07 23:59 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVENG32.DLL
2009-07-12 15:08 . 2009-07-07 23:59 1181040 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\NAVEX32A.DLL
2009-07-12 15:08 . 2009-07-07 23:59 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\EECTRL.SYS
2009-07-12 15:08 . 2009-07-07 23:59 101936 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\ERASER.SYS
2009-07-12 15:08 . 2009-07-07 23:59 259368 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\ECMSVR32.DLL
2009-07-12 15:08 . 2009-07-07 23:59 2414128 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090712.003\CCERASER.DLL
2009-07-11 19:34 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-07-11 19:34 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-07-11 19:34 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-07-11 18:25 . 2008-04-22 06:17 172032 ----a-w- c:\windows\system32\igfxres.dll
2009-07-11 17:48 . 2009-07-11 17:48 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\Symantec
2009-07-11 10:02 . 2009-07-11 20:07 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\GetRightToGo
2009-07-10 21:12 . 2009-07-10 21:12 -------- d-----r- c:\program files\Norton Support
2009-07-08 16:45 . 2009-07-08 16:45 -------- d-----w- c:\windows\system32\N360_BACKUP
2009-07-08 02:00 . 2009-07-08 02:00 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Template
2009-07-08 00:01 . 2008-04-17 19:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-07-08 00:01 . 2009-01-15 19:19 23848 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-07-08 00:00 . 2009-07-08 00:00 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\Downloaded Installations
2009-07-08 00:00 . 2009-07-07 23:59 25136 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-07-08 00:00 . 2009-07-10 21:13 -------- d-----w- c:\program files\Symantec
2009-07-08 00:00 . 2009-07-08 00:17 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-08 00:00 . 2009-07-08 00:00 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-07-07 23:59 . 2009-07-07 23:59 1290592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-07-07 23:59 . 2009-07-07 23:59 136840 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-07-07 23:59 . 2009-07-07 23:59 796016 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-07-07 23:59 . 2009-07-07 23:59 -------- d-----w- c:\windows\system32\drivers\N360
2009-06-29 23:27 . 2009-07-08 00:01 -------- d-----w- c:\programdata\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2009-06-29 23:26 . 2009-07-08 17:13 -------- d-----w- c:\programdata\Symantec
2009-06-29 23:26 . 2009-07-07 23:32 -------- d-----w- c:\programdata\Norton
2009-06-29 23:26 . 2009-07-07 23:32 -------- d-----w- c:\program files\Norton 360
2009-06-29 23:26 . 2009-07-07 23:58 -------- d-----w- c:\programdata\NortonInstaller
2009-06-29 23:26 . 2009-06-29 23:26 -------- d-----w- c:\program files\NortonInstaller
2009-06-29 22:43 . 2009-06-29 22:43 -------- d-----w- c:\programdata\Citrix
2009-06-22 21:01 . 2009-06-22 21:01 8854 ----a-r- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
2009-06-22 21:01 . 2009-06-22 21:01 40960 ----a-r- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2009-06-22 21:01 . 2009-06-22 21:01 40960 ----a-r- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2009-06-19 17:40 . 2009-06-19 17:40 -------- d-----w- c:\program files\Audacity
2009-06-18 03:47 . 2009-06-18 03:47 -------- d-----w- c:\programdata\Trymedia
2009-06-18 03:47 . 2009-06-18 03:47 1421449 ----a-w- c:\programdata\NeoEdge Networks\Yahoo_Monopoly\IAF.dll
2009-06-18 03:47 . 2009-06-18 03:47 -------- d-----w- c:\programdata\NeoEdge Networks

.

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-15 18:03 . 2009-06-12 15:57 -------- d-----w- c:\program files\Image-Line
2009-07-15 18:03 . 2009-06-12 16:00 -------- d-----w- c:\program files\VstPlugins
2009-07-15 10:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-12 21:58 . 2009-05-07 22:16 -------- d-----w- c:\program files\xxx.xxx
2009-07-08 02:00 . 2009-05-08 03:29 136 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\wklnhst.dat
2009-07-08 00:47 . 2009-05-07 22:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-08 00:47 . 2009-05-07 22:17 -------- d-----w- c:\program files\Common Files\AntiVirus
2009-07-08 00:00 . 2009-07-08 00:00 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-07-08 00:00 . 2009-07-08 00:00 7386 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-07-05 21:54 . 2009-04-22 01:57 -------- d-----w- c:\programdata\Sonic
2009-06-29 17:54 . 2009-05-22 16:20 -------- d-----w- c:\program files\AVS4YOU
2009-06-29 17:48 . 2009-05-22 16:20 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-06-27 18:02 . 2009-04-22 02:23 -------- d-----w- c:\program files\Dell
2009-06-27 17:16 . 2009-04-22 01:55 -------- d-----w- c:\program files\Microsoft.NET
2009-06-22 21:01 . 2009-06-12 03:40 -------- d-----w- c:\program files\Project64 1.6
2009-06-18 02:46 . 2009-04-29 22:27 1608712 ----a-w- c:\programdata\WildTangent\OEM Game Console\Downloads\en-us\Installers\SetupGamesClient.exe
2009-06-15 21:32 . 2009-05-16 23:59 -------- d-----w- c:\program files\Yahoo!
2009-06-15 21:31 . 2009-05-09 20:03 -------- d-----w- c:\program files\Easy Video Downloader
2009-06-15 17:25 . 2009-06-15 17:20 104 ----a-w- c:\windows\system32\SBRC.dat
2009-06-14 21:46 . 2009-06-09 18:21 -------- d-----w- c:\program files\MSN Games
2009-06-12 15:58 . 2009-06-12 15:58 -------- d-----w- c:\program files\Outsim
2009-06-09 18:21 . 2009-06-09 18:21 -------- d-----w- c:\programdata\FreshGames
2009-06-09 18:21 . 2009-06-09 18:21 -------- d-----w- c:\program files\Oberon Media
2009-06-02 16:09 . 2009-06-02 16:09 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-05-31 22:55 . 2009-05-31 22:26 -------- d-----w- c:\program files\Winferno
2009-05-31 22:27 . 2009-05-31 22:27 -------- d-----w- c:\program files\Common Files\Winferno
2009-05-31 22:22 . 2009-05-31 22:19 -------- d-----w- c:\program files\Bejeweled 2 Deluxe
2009-05-31 22:21 . 2009-05-31 22:21 16 ----a-w- c:\windows\popcinfo.dat
2009-05-31 22:18 . 2009-05-31 22:18 -------- d-----w- c:\program files\ReflexiveArcade
2009-05-27 02:50 . 2009-06-03 15:20 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe
2009-05-23 15:36 . 2009-05-23 15:36 -------- d-----w- c:\programdata\Roxio
2009-05-23 15:36 . 2009-05-23 15:36 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\Roxio
2009-05-23 03:14 . 2009-05-23 03:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motport_01005.Wdf
2009-05-23 03:14 . 2009-05-23 03:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-05-23 03:05 . 2009-05-23 03:05 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgpfl_01005.Wdf
2009-05-23 03:05 . 2009-05-23 03:05 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgp_01005.Wdf
2009-05-22 23:20 . 2009-04-22 01:51 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-22 18:38 . 2009-04-26 14:14 118784 ----a-w- c:\windows\dsdxirmv.exe
2009-05-22 16:20 . 2009-05-22 16:20 -------- d-----w- c:\programdata\AVS4YOU
2009-05-22 16:20 . 2009-04-25 22:43 69008 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-22 16:20 . 2009-05-22 16:20 -------- d-----w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\AVS4YOU
2009-05-16 15:35 . 2009-05-16 15:35 103736 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\PnkBstrB.exe
2009-05-16 15:35 . 2009-05-16 15:35 103736 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\PnkBstrB.exe
2009-05-16 15:35 . 2009-05-16 15:35 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-05-16 15:34 . 2009-05-16 15:34 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-05-09 05:50 . 2009-06-10 17:35 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 17:35 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-06 18:22 . 2009-05-01 01:46 518 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\iolo\Registry\Last\restore.bat
2009-05-06 15:28 . 2009-05-06 15:28 5068262 ----a-w- c:\programdata\ArcSoft\Global Deploy\CheckUpdate\ArcConnect.exe
2009-04-25 23:35 . 2009-04-25 23:35 1331 ----a-w- c:\users\TRAVIESA Y MR BROWN\AppData\Roaming\iolo\restore.bat
2009-04-23 12:43 . 2009-06-10 17:35 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-10 17:35 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-22 04:31 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-04-22 04:30 . 2009-04-22 04:30 26112 ----a-w- c:\windows\system32\hidserv.dll
2009-04-22 04:30 . 2009-04-22 04:30 22016 ----a-w- c:\windows\system32\hid.dll
2009-04-22 04:30 . 2009-04-22 04:30 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-04-22 04:30 . 2009-04-22 04:30 74752 ----a-w- c:\windows\system32\newdev.exe
2009-04-22 04:30 . 2009-04-22 04:30 468992 ----a-w- c:\windows\system32\newdev.dll
2009-04-22 04:28 . 2009-04-22 04:28 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-22 04:28 . 2009-04-22 04:28 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2009-04-22 04:28 . 2009-04-22 04:28 45056 ----a-w- c:\windows\system32\dataclen.dll
2009-04-22 04:28 . 2009-04-22 04:28 36864 ----a-w- c:\windows\system32\cdd.dll
2009-04-22 04:28 . 2009-04-22 04:28 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-22 04:27 . 2009-04-22 04:27 1645568 ----a-w- c:\windows\system32\connect.dll
2009-04-22 04:27 . 2009-04-22 04:27 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-04-22 04:27 . 2009-04-22 04:27 2927104 ----a-w- c:\windows\explorer.exe
2009-04-22 04:26 . 2009-04-22 04:26 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-04-22 04:26 . 2009-04-22 04:26 269312 ----a-w- c:\windows\system32\es.dll
2009-04-22 04:24 . 2009-04-22 04:24 2048 ----a-w- c:\windows\system32\tzres.dll
2009-04-22 04:23 . 2009-04-22 04:23 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-04-22 04:23 . 2009-04-22 04:23 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-22 04:22 . 2009-04-22 04:22 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-04-22 04:20 . 2009-04-22 04:20 885248 ----a-w- c:\windows\system32\RacEngn.dll
2009-04-22 04:20 . 2009-04-22 04:20 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-04-22 04:19 . 2009-04-22 04:19 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-04-22 04:19 . 2009-04-22 04:19 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-04-22 04:19 . 2009-04-22 04:19 347648 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-04-22 04:18 . 2009-04-22 04:18 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2009-04-22 04:18 . 2009-04-22 04:18 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-22 04:18 . 2009-04-22 04:18 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-04-22 04:16 . 2009-04-22 04:16 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-04-22 04:16 . 2009-04-22 04:16 891448 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-22 04:16 . 2009-04-22 04:16 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-22 04:16 . 2009-04-22 04:16 15360 ----a-w- c:\windows\system32\pacerprf.dll
2009-04-22 04:15 . 2009-04-22 04:15 927288 ----a-w- c:\windows\system32\winresume.exe
2009-04-22 04:15 . 2009-04-22 04:15 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-04-22 04:15 . 2009-04-22 04:15 615992 ----a-w- c:\windows\system32\ci.dll
2009-04-22 04:15 . 2009-04-22 04:15 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2009-04-22 04:15 . 2009-04-22 04:15 40960 ----a-w- c:\windows\system32\srclient.dll
2009-04-22 04:15 . 2009-04-22 04:15 378368 ----a-w- c:\windows\system32\srcore.dll
2009-04-22 04:15 . 2009-04-22 04:15 318464 ----a-w- c:\windows\system32\rstrui.exe
2009-04-22 04:15 . 2009-04-22 04:15 19000 ----a-w- c:\windows\system32\kd1394.dll
2009-04-22 04:15 . 2009-04-22 04:15 14848 ----a-w- c:\windows\system32\srdelayed.exe
2009-04-22 04:14 . 2009-04-22 04:14 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-22 04:14 . 2009-04-22 04:14 1334272 ----a-w- c:\windows\system32\msxml6.dll
2009-04-22 04:14 . 2009-04-22 04:14 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-04-22 04:14 . 2009-04-22 04:14 94720 ----a-w- c:\windows\system32\logagent.exe
2009-04-22 04:14 . 2009-04-22 04:14 2868736 ----a-w- c:\windows\system32\mf.dll
2009-04-22 04:13 . 2009-04-22 04:13 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-22 04:13 . 2009-04-22 04:13 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

((((((((((((((((((((((((((((( SnapShot@2009-07-12_22.32.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 21:13 . 2009-06-15 14:58 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
+ 2009-07-14 21:13 . 2009-06-15 14:58 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\fontsub.dll
+ 2009-07-14 21:13 . 2009-06-15 14:58 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\dciman32.dll
+ 2009-07-14 21:13 . 2009-06-15 12:45 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\atmlib.dll
+ 2009-07-14 21:13 . 2009-06-15 14:52 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
+ 2009-07-14 21:13 . 2009-06-15 14:52 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\fontsub.dll
+ 2009-07-14 21:13 . 2009-06-15 14:51 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\dciman32.dll
+ 2009-07-14 21:13 . 2009-04-11 06:28 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\atmlib.dll
+ 2009-07-14 21:13 . 2009-06-15 15:22 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
+ 2009-07-14 21:13 . 2009-06-15 15:20 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\fontsub.dll
+ 2009-07-14 21:13 . 2009-06-15 15:19 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\dciman32.dll
+ 2009-07-14 21:13 . 2009-06-15 15:19 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\atmlib.dll
+ 2008-01-21 02:33 . 2008-01-21 02:33 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
+ 2009-07-14 21:13 . 2009-06-15 15:20 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\fontsub.dll
+ 2009-07-14 21:13 . 2009-06-15 15:20 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\dciman32.dll
+ 2006-11-02 08:38 . 2006-11-02 09:46 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\atmlib.dll
+ 2009-07-14 21:13 . 2009-06-15 15:04 24064 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
+ 2009-07-14 21:13 . 2009-06-15 15:03 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\fontsub.dll
+ 2009-07-14 21:13 . 2009-06-15 15:02 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\dciman32.dll
+ 2009-07-14 21:13 . 2009-06-15 15:02 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\atmlib.dll
+ 2009-07-14 21:13 . 2009-06-15 15:23 24064 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
+ 2009-07-14 21:13 . 2009-06-15 15:22 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\fontsub.dll
+ 2009-07-14 21:13 . 2009-06-15 15:21 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\dciman32.dll
+ 2009-07-14 21:13 . 2009-06-15 15:20 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\atmlib.dll
+ 2008-01-21 01:58 . 2009-07-17 13:56 48674 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-07-17 13:56 73238 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-04-25 22:45 . 2009-07-17 13:56 10862 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1322068398-3583463442-2810568754-1001_UserData.bin
+ 2008-02-03 15:42 . 2009-07-17 13:55 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-02-03 15:42 . 2009-07-12 22:30 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-02-03 15:42 . 2009-07-12 22:30 98304 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-02-03 15:42 . 2009-07-17 13:55 98304 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-02-03 15:42 . 2009-07-17 13:55 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-02-03 15:42 . 2009-07-12 22:30 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-12 22:24 . 2009-07-12 22:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-07-17 13:54 . 2009-07-17 13:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-07-12 22:24 . 2009-07-12 22:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-17 13:54 . 2009-07-17 13:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-13 02:49 . 2009-05-30 13:15 102912 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.22883_none_840ec88560132cdf\iecompat.dll
+ 2009-07-13 02:49 . 2009-06-02 03:27 102912 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18793_none_837a5bce46fda906\iecompat.dll
+ 2009-07-14 21:13 . 2009-06-15 12:45 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\atmfd.dll
+ 2009-07-14 21:13 . 2009-06-15 12:42 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\atmfd.dll
+ 2009-07-14 21:13 . 2009-06-15 12:56 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\atmfd.dll
+ 2009-07-14 21:13 . 2009-06-15 12:52 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\atmfd.dll
+ 2009-07-14 21:13 . 2009-06-15 12:53 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\atmfd.dll
+ 2009-07-14 21:13 . 2009-06-15 13:03 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\atmfd.dll
+ 2009-07-14 21:13 . 2009-06-15 15:00 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.22152_none_b7fc28a4355e72c9\t2embed.dll
+ 2009-07-14 21:13 . 2009-06-15 14:53 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.18051_none_b7718b8f1c41b9a8\t2embed.dll
+ 2009-07-14 21:13 . 2009-06-15 15:26 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.22450_none_b613b6283839eaf7\t2embed.dll
+ 2009-07-14 21:13 . 2009-06-15 15:24 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.18272_none_b57678331f2ab896\t2embed.dll
+ 2009-07-14 21:13 . 2009-06-15 15:09 156160 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.21067_none_b4297fd83b155d73\t2embed.dll
+ 2009-07-14 21:13 . 2009-06-15 15:29 156160 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.16870_none_b38e38f92205f4f7\t2embed.dll
+ 2009-04-26 13:32 . 2009-07-17 19:40 265832 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2006-11-02 10:33 . 2009-07-17 14:00 595446 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-12 22:32 595446 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-12 22:32 101144 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-07-17 14:00 101144 c:\windows\System32\perfc009.dat
- 2006-11-02 12:44 . 2009-06-11 16:00 292192 c:\windows\System32\FNTCACHE.DAT
+ 2006-11-02 12:44 . 2009-07-15 16:14 292192 c:\windows\System32\FNTCACHE.DAT
+ 2002-10-08 20:36 . 2002-10-08 20:36 253952 c:\windows\Downloaded Program Files\ywcupl.dll
+ 2002-10-08 20:37 . 2002-10-08 20:37 204800 c:\windows\Downloaded Program Files\yuplapp.dll
+ 2002-03-15 22:18 . 2002-03-15 22:18 348160 c:\windows\Downloaded Program Files\kdu_v32r.dll
+ 2009-07-14 21:13 . 2009-06-17 08:02 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.22160_none_f4b74f0181eee730\OESpamFilter.dat
+ 2009-07-14 21:13 . 2009-06-17 07:35 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18056_none_f43e83de68c3c37f\OESpamFilter.dat
+ 2009-07-14 21:13 . 2009-06-17 07:30 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22459_none_f2e4af9f84b85a2a\OESpamFilter.dat
+ 2009-07-14 21:13 . 2009-06-17 07:35 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18278_none_f24470cc6babdbc4\OESpamFilter.dat
+ 2009-07-14 21:13 . 2009-06-17 07:35 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21074_none_f0e3a5eb87a6b883\OESpamFilter.dat
+ 2009-07-14 21:13 . 2009-06-17 07:36 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16876_none_f05c31926e871825\OESpamFilter.dat
- 2006-11-02 10:22 . 2009-06-12 05:22 6029312 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2006-11-02 10:22 . 2009-07-15 17:37 6029312 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-04-30 15:53 . 2009-07-15 10:02 54644956 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
+ 2006-11-02 10:24 . 2009-07-07 15:10 24539592 c:\windows\System32\mrt.exe
.
-- Snapshot reset to current date --

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

mbam-log-2009-07-17 (23-46-46).txt

Scan type: Quick Scan
Objects scanned: 77258
Time elapsed: 4 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?

in my computer it doesnt say run it says search

Ahh you are on Vista sorry about that, Locate the windows logo key on your keyboard, should be between Ctrl and Alt, Now Press and hold the Windows logo key and R so the run window pops up and enter the above.

its running great.but now my norton 360 keeps popping up saying that the computer has a virus called infostealer and it cant remove it

Usually a false positive, since Norton always detects that, I have seen that many times in Norton and its a false positive

alright man thanx

No problem, glad we could help

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers.

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865
https://addons.mozilla.org/en-US/firefox/addon/433

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
Update Checker

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio, or
Outpost
A tutorial on understanding and using firewalls may be found here.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found here.

Hopefully this should take care of your problems! Good luck.