DDS (Ver_09-12-01.01) - NTFSx86 Run by Mike at 19:19:02.67 on Fri 12/11/2009 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_05 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2559.1839 [GMT -10:00] AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\PROGRA~1\NORTON~1\NORTON~1\GHOSTS~2.EXE C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Dantz\Retrospect\retrorun.exe C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\System32\DSentry.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\WINDOWS\MXOALDR.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~2\VPTray.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Mike\Desktop\dds.scr ============== Pseudo HJT Report =============== uSearch Page = hxxp://www.google.com uDefault_Page_URL = hxxp://www.dell.com uStart Page = hxxp://www.google.com/ uSearch Bar = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.msn.com uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/ uInternet Settings,ProxyOverride = 127.0.0.1;hxxp://localhost;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: REALBAR: {4e7bd74f-2b8d-469e-c0ff-fd60b590a87d} - c:\progra~1\common~1\real\toolbar\RealBar.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll TB: REALBAR: {4e7bd74f-2b8d-469e-c0ff-fd60b590a87d} - c:\progra~1\common~1\real\toolbar\RealBar.dll TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Advanced Virus Remover] c:\program files\advancedvirusremover\AVR.exe mRun: [dla] c:\windows\system32\dla\tfswctrl.exe mRun: [DVDSentry] c:\windows\system32\DSentry.exe mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe mRun: [MXO Auto Loader] c:\windows\MXOALDR.EXE mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [vptray] c:\progra~1\symant~2\VPTray.exe mRun: [HPHmon04] c:\windows\system32\hphmon04.exe mRun: [HPHUPD04] "c:\program files\hp photosmart 11\hphinstall\unipatch\hphupd04.exe" mRun: [MaxtorOneTouch] c:\program files\maxtor\onetouch\utils\Onetouch.exe mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [] mRun: [DiscWizardMonitor.exe] c:\program files\seagate\discwizard\DiscWizardMonitor.exe mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe mRun: [Acronis Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe" -s mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript dRunOnce: [RunNarrator] Narrator.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll Trusted Zone: turbotax.com DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {00000075-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/voxacm.CAB DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://moneycentral.msn.com/cabs/pmupd806.exe DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1121539812351 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} - hxxp://moneycentral.msn.com/cabs/pmupdate2.exe DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} - hxxp://www.systemrequirementslab.com/sysreqlab.cab DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} - hxxp://fdl.msn.com/public/investor/v13/ticker.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - c:\program files\schmap\schmap player\schmapdoclib.dll Notify: NavLogon - c:\windows\system32\NavLogon.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll LSA: Authentication Packages = msv1_0 relog_ap ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\mike\applic~1\mozilla\firefox\profiles\kf9qvui8.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/|http://dellnet.my.msn.com/?vv=600|http://finance.yahoo.com/p?k=pf_1 FF - component: c:\documents and settings\mike\application data\mozilla\firefox\profiles\kf9qvui8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npaxctrl.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R0 AluriaFilter;AluriaFilter;c:\windows\system32\drivers\AlurFltr.sys [2005-4-30 41984] R1 GhPciScan;GhostPciScanner;c:\program files\norton systemworks\norton ghost\GhPciScan.sys [2002-8-14 5632] R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232] R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896] R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664] R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-6-2 185968] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-6-2 161392] R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-11-11 12672] R2 NProtectService;Norton Unerase Protection;c:\program files\norton systemworks\norton utilities\NPROTECT.EXE [2003-12-13 135168] R2 PPNT;PPNT;c:\windows\system32\drivers\ppnt.sys [2002-11-14 13824] R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2005-6-23 1715904] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20091204.037\naveng.sys [2009-12-4 84912] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20091204.037\navex15.sys [2009-12-4 1323568] S1 CorexCardScan;CardScan USB Scanner;c:\windows\system32\drivers\slcorex.sys [2002-9-10 17448] S2 gupdate1c9e4deb3a90fe6;Google Update Service (gupdate1c9e4deb3a90fe6);c:\program files\google\update\GoogleUpdate.exe [2009-6-3 133104] S3 AL_ADSFilter;AL_ADSFilter - (Aluria Filter Driver);c:\windows\system32\drivers\al_adsfilter.sys --> c:\windows\system32\drivers\AL_ADSFilter.sys [?] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [2006-7-31 580992] S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2005-6-2 83568] S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2005-6-23 124608] =============== Created Last 30 ================ 2009-12-10 02:45:17 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2009-12-10 02:45:17 17408 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2009-12-10 02:45:17 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2009-12-10 02:45:16 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2009-12-10 02:45:16 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2009-12-10 02:45:07 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2009-12-10 02:45:06 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys 2009-12-10 02:45:02 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll 2009-12-10 02:43:59 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys 2009-12-10 02:42:46 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys 2009-12-10 02:41:59 41216 -c--a-w- c:\windows\system32\dllcache\s3mt3d.sys 2009-12-10 02:40:59 92416 -c--a-w- c:\windows\system32\dllcache\phildec.sys 2009-12-10 02:39:58 128000 -c--a-w- c:\windows\system32\dllcache\n100325.sys 2009-12-10 02:37:04 58880 -c--a-w- c:\windows\system32\dllcache\m3092dc.dll 2009-12-10 02:37:04 48768 -c--a-w- c:\windows\system32\dllcache\maestro.sys 2009-12-10 02:37:03 58368 -c--a-w- c:\windows\system32\dllcache\m3091dc.dll 2009-12-10 02:37:03 22848 -c--a-w- c:\windows\system32\dllcache\lwusbhid.sys 2009-12-10 02:37:02 20864 -c--a-w- c:\windows\system32\dllcache\lwadihid.sys 2009-12-10 02:37:01 797500 -c--a-w- c:\windows\system32\dllcache\ltsmt.sys 2009-12-10 02:37:00 802683 -c--a-w- c:\windows\system32\dllcache\ltsm.sys 2009-12-10 02:35:59 45056 -c--a-w- c:\windows\system32\dllcache\icam5com.dll 2009-12-10 02:34:01 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys 2009-12-10 02:34:01 16074 -c--a-w- c:\windows\system32\dllcache\fa312nd5.sys 2009-12-10 02:34:00 11850 -c--a-w- c:\windows\system32\dllcache\f3ab18xj.sys 2009-12-10 02:32:59 93952 -c--a-w- c:\windows\system32\dllcache\cwcwdm.sys 2009-12-10 02:27:02 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys 2009-12-10 02:27:01 31529 -c--a-w- c:\windows\system32\dllcache\brzwlan.sys 2009-12-10 02:27:00 60416 -c--a-w- c:\windows\system32\dllcache\brserwdm.sys 2009-12-10 02:27:00 11008 -c--a-w- c:\windows\system32\dllcache\brusbmdm.sys 2009-12-10 02:27:00 10368 -c--a-w- c:\windows\system32\dllcache\brusbscn.sys 2009-12-10 02:25:44 24576 -c--a-w- c:\windows\system32\dllcache\agcgauge.ax 2009-12-10 02:24:53 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll 2009-12-01 04:41:44 7680 --sha-w- c:\windows\Thumbs.db 2009-11-28 09:39:11 0 d-----w- c:\docume~1\mike\applic~1\Windows Search 2009-11-27 08:30:33 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-27 08:30:31 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-27 08:30:30 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-27 07:46:11 0 ----a-w- c:\windows\system32\153.exe 2009-11-27 07:23:40 0 ----a-w- c:\windows\system32\3902.exe 2009-11-27 07:03:40 0 ----a-w- c:\windows\system32\14604.exe 2009-11-27 06:43:40 0 ----a-w- c:\windows\system32\32391.exe 2009-11-27 06:23:40 0 ----a-w- c:\windows\system32\5436.exe 2009-11-27 06:03:40 0 ----a-w- c:\windows\system32\4827.exe 2009-11-27 05:43:40 0 ----a-w- c:\windows\system32\11942.exe 2009-11-27 05:23:40 0 ----a-w- c:\windows\system32\2995.exe 2009-11-27 05:03:40 0 ----a-w- c:\windows\system32\491.exe 2009-11-27 04:43:40 0 ----a-w- c:\windows\system32\9961.exe 2009-11-27 04:23:39 0 ----a-w- c:\windows\system32\16827.exe 2009-11-27 04:03:39 0 ----a-w- c:\windows\system32\23281.exe 2009-11-27 03:43:39 0 ----a-w- c:\windows\system32\28145.exe 2009-11-27 03:23:39 0 ----a-w- c:\windows\system32\5705.exe 2009-11-27 03:03:39 0 ----a-w- c:\windows\system32\24464.exe 2009-11-27 02:43:38 0 ----a-w- c:\windows\system32\26962.exe 2009-11-27 02:23:38 0 ----a-w- c:\windows\system32\29358.exe 2009-11-27 02:03:38 0 ----a-w- c:\windows\system32\11478.exe 2009-11-27 01:43:38 0 ----a-w- c:\windows\system32\15724.exe 2009-11-27 01:23:38 0 ----a-w- c:\windows\system32\19169.exe 2009-11-27 01:03:38 0 ----a-w- c:\windows\system32\26500.exe 2009-11-27 00:43:38 0 ----a-w- c:\windows\system32\6334.exe 2009-11-27 00:23:37 0 ----a-w- c:\windows\system32\18467.exe 2009-11-26 10:10:51 0 d-sh--w- c:\documents and settings\mike\PrivacIE 2009-11-26 10:07:32 0 d-sh--w- c:\documents and settings\mike\IETldCache 2009-11-26 09:54:09 0 d-----w- c:\windows\ie8updates 2009-11-26 09:47:58 81920 -c--a-w- c:\windows\system32\dllcache\ieencode.dll 2009-11-26 09:47:58 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-11-26 09:42:28 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-11-26 09:42:18 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-11-26 09:42:17 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-11-23 02:18:35 0 d-----w- c:\docume~1\mike\applic~1\MusE 2009-11-23 01:38:24 0 d-----w- c:\program files\MuseScore 0.9 2009-11-16 22:06:00 0 d-----w- c:\docume~1\mike\applic~1\Windows Desktop Search 2009-11-16 21:56:03 0 d-----w- c:\program files\Windows Desktop Search 2009-11-16 17:16:58 3248 ----a-w- c:\windows\system32\wbem\Outlook_01ca66e09a62a446.mof 2009-11-12 06:31:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys 2009-11-12 06:31:15 0 d-----w- c:\program files\CPUID ==================== Find3M ==================== 2009-12-08 01:40:24 3766 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-11-09 07:12:05 75016 ----a-w- c:\docume~1\mike\applic~1\GDIPFONTCACHEV1.DAT 2009-10-29 05:48:04 662016 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 06:00:55 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 06:00:55 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 14:58:48 263552 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:53:29 266752 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:54:17 69632 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:54:17 112128 ----a-w- c:\windows\system32\rastls.dll 2003-12-14 05:01:19 32 --sha-w- c:\windows\{0F07F89F-E94B-444D-A953-0DE93048B681}.dat 2003-12-14 05:03:48 32 --sha-w- c:\windows\{6C176FAC-7DF4-4A28-98BD-BD78B2B5FBF9}.dat 2003-12-14 05:03:23 32 --sha-w- c:\windows\{70543D4B-2475-4CBE-B5E4-D5836CED3594}.dat 2003-12-14 05:02:33 32 --sha-w- c:\windows\{C9CF0774-6AA6-4B3C-B6DF-F0B1573F9D51}.dat 2003-12-14 05:01:19 32 --sha-w- c:\windows\{D8D7A63C-3FCF-4208-A135-4593F9D0428F}.dat 2003-12-14 05:01:19 32 --sha-w- c:\windows\{DBB1C747-3CFC-41C1-B862-7FFEB54CBF86}.dat 2006-10-25 08:04:26 8 --sh--r- c:\windows\system32\632A0B33A5.sys 2006-10-10 03:09:51 56 --sh--r- c:\windows\system32\A5330B2A63.sys 2003-12-14 05:01:19 32 --sha-w- c:\windows\system32\{057BFF3E-41B5-4A2A-81A0-34C5A9A15047}.dat 2003-12-14 05:01:19 32 --sha-w- c:\windows\system32\{4D0A7923-C265-4496-8992-E5C59B0AEC34}.dat 2003-12-14 05:03:23 32 --sha-w- c:\windows\system32\{517318B5-5A7E-4916-A702-39AAB41FBE94}.dat 2003-12-14 05:01:19 32 --sha-w- c:\windows\system32\{5E5FC322-79EF-468C-90F4-2EECD5251016}.dat 2003-12-14 05:03:48 32 --sha-w- c:\windows\system32\{6083D2C6-82E8-4240-AF17-117B7F823ECE}.dat 2003-12-14 05:02:33 32 --sha-w- c:\windows\system32\{9C976E08-B7CA-48F6-A494-D4E57A66AEC6}.dat 2009-03-31 03:41:57 32768 --sha-w- c:\windows\temp\cookies\index.dat 2009-03-31 03:41:57 32768 --sha-w- c:\windows\temp\history\history.ie5\index.dat 2009-03-31 03:41:57 49152 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat ============= FINISH: 19:19:47.03 ===============