Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

malware/virus problem or so im told

Started by cornpillow , Mar 28 2009 04:56 PM

  • Please log in to reply

#1
cornpillow
Posted 28 March 2009 - 04:56 PM

cornpillow

    New Member

  • Member
  • Pip
  • 4 posts
chrome, itunes and internet explorer all stoped connecting to the internet after being updated. Firefox still works but did update and then did not but i did a system restore to get it to work again but cant go far enough back to fix the other programs. I posted this in a nother forum and was told to goo through the malware and spyware cleaning and then post the resaults here for furter help. so here they are.


Microsoft Windows Vista Home Edition (6.0.6001) Service Pack 1

C:\ [Fixed] - NTFS - (Total:466834 Mo/Free:372 Mo)
D:\ [Fixed] - NTFS - (Total:10103 Mo/Free:1372 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)

Sat 03/28/2009|17:53

----------------------\\ Processes..

--Locked-- [System Process]
--Locked-- System
---------- \SystemRoot\System32\smss.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\wininit.exe
---------- C:\Windows\system32\winlogon.exe
---------- C:\Windows\system32\services.exe
---------- C:\Windows\system32\lsass.exe
---------- C:\Windows\system32\lsm.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\svchost.exe
--Locked-- audiodg.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\SLsvc.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\spoolsv.exe
---------- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Windows\system32\Dwm.exe
---------- C:\Windows\Explorer.EXE
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Symantec AntiVirus\DefWatch.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
---------- c:\Program Files\Common Files\LightScribe\LSSrvc.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\SearchIndexer.exe
---------- C:\Windows\system32\WUDFHost.exe
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\hp\support\hpsysdrv.exe
---------- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
---------- C:\Windows\RtHDVCpl.exe
---------- C:\Windows\system32\schtasks.exe
---------- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
---------- C:\Windows\System32\rundll32.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
---------- C:\Program Files\Symantec AntiVirus\VPTray.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
---------- C:\Windows\ehome\ehtray.exe
---------- C:\Windows\System32\spool\drivers\w32x86\3\E_FATICKA.EXE
---------- C:\Windows\ehome\ehmsas.exe
---------- C:\Program Files\Steam\steam.exe
---------- C:\Program Files\Windows Media Player\wmpnscfg.exe
---------- C:\Users\mitch\AppData\Local\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
---------- C:\Windows\System32\rundll32.exe
---------- C:\Windows\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Windows Media Player\wmpnetwk.exe
---------- C:\Program Files\vghd\VirtuaGirl_downloader.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
---------- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
---------- C:\Program Files\Common Files\Steam\SteamService.exe
---------- C:\Windows\system32\wbem\wmiprvse.exe
---------- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
---------- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- \\?\C:\Windows\system32\wbem\WMIADAP.EXE
---------- C:\Windows\system32\SearchProtocolHost.exe
---------- C:\Windows\system32\SearchFilterHost.exe
---------- C:\Windows\system32\DllHost.exe
---------- C:\Windows\system32\DllHost.exe
---------- C:\Users\mitch\Downloads\Rooter.exe
---------- C:\Windows\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sat 03/28/2009|17:54

----------------------\\ Scan completed at 17:54



OTLI

OTListIt logfile created on: 3/28/2009 6:05:42 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Users\mitch\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 88.74% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.89 Gb Total Space | 116.36 Gb Free Space | 25.52% Space Free | Partition Type: NTFS
Drive D: | 9.87 Gb Total Space | 1.34 Gb Free Space | 13.59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MITCH-PC
Current User Name: mitch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
PRC - C:\Windows\system32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\system32\schtasks.exe (Microsoft Corporation)
PRC - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATICKA.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Users\mitch\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\vghd\VirtuaGirl_downloader.exe (Totem Entertainment)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
PRC - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe (Amazon.com)
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\mitch\Downloads\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (ADVService [Auto | Running]) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe (Amazon.com)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ccEvtMgr [Auto | Running]) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DefWatch [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Running]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GameConsoleService [On_Demand | Stopped]) -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (HP Health Check Service [Auto | Running]) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (LightScribeService [Auto | Running]) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (LiveUpdate [On_Demand | Stopped]) -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SavRoam [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
SRV - (Steam Client Service [On_Demand | Running]) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Symantec AntiVirus [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (adfs [Auto | Running]) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (Afc [On_Demand | Running]) -- C:\Windows\system32\drivers\Afc.sys (Arcsoft, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\system32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (motccgp [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\motccgp.sys (Motorola)
DRV - (motccgpfl [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\motccgpfl.sys (Motorola)
DRV - (motmodem [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (motport [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\motport.sys (Motorola)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090327.005\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090327.005\NAVEX15.SYS (Symantec Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (RTL8169 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\Rtlh86.sys (Realtek Corporation )
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (SPBBCDrv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SRTSP [System | Running]) -- C:\Windows\System32\Drivers\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPL [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\SRTSPL.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\Windows\System32\Drivers\SRTSPX.SYS (Symantec Corporation)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (SYMDNS [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Windows\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SymIM [System | Running]) -- C:\Windows\system32\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV - (SYMNDISV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (xcbdaNtsc [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\xcbda.sys (ViXS Systems Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/25 12:34:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/28 11:39:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/28 11:39:26 | 00,000,000 | ---D | M]

[2009/03/07 04:09:16 | 00,000,000 | ---D | M] -- C:\Users\mitch\AppData\Roaming\mozilla\Extensions
[2008/09/03 20:07:49 | 00,000,000 | ---D | M] -- C:\Users\mitch\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/07 04:09:16 | 00,000,000 | ---D | M] -- C:\Users\mitch\AppData\Roaming\mozilla\Extensions\[email protected]
[2008/09/03 20:07:49 | 00,000,000 | ---D | M] -- C:\Users\mitch\AppData\Roaming\mozilla\Firefox\Profiles\3cnb9o3j.default\extensions
[2008/09/03 20:07:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/28 11:33:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/02/20 03:24:13 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/02/20 03:24:13 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/28 11:33:27 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/28 11:33:27 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/28 11:33:27 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/28 11:33:27 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/28 11:33:27 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/28 11:33:27 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/28 11:33:27 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [CHotkey] mHotkey.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" (OsdMaestro)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent (Electronic Arts)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus Photo R280 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICKA.EXE /FU "C:\Windows\TEMP\E_SFB87.tmp" /EF "HKCU" (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Google Update] "C:\Users\mitch\AppData\Local\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun (Hewlett-Packard)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork (IGN Entertainment)
O4 - HKCU..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} http://upload.facebo...Uploader4_5.cab (Facebook Photo Uploader 4)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\autoexec.bat () - [ NTFS ]
O33 - MountPoints2\{fd940f4a-d50a-11dc-bf42-001e8c76eb18}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE -- File not found
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AUTORUN.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\Windows\*.tmp files]
[2009/03/28 17:53:42 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/28 17:48:22 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Local\Apple Computer
[2009/03/28 17:34:43 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Roaming\Malwarebytes
[2009/03/28 17:34:41 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/03/28 17:34:41 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/28 17:34:39 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/03/28 17:34:38 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/03/28 17:34:38 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/28 17:31:47 | 00,000,957 | ---- | C] () -- C:\Users\mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/03/28 17:31:33 | 00,000,777 | ---- | C] () -- C:\Users\mitch\Desktop\NTREGOPT.lnk
[2009/03/28 17:31:33 | 00,000,758 | ---- | C] () -- C:\Users\mitch\Desktop\ERUNT.lnk
[2009/03/28 17:31:32 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/03/28 02:21:43 | 00,066,896 | ---- | C] () -- C:\Users\mitch\Desktop\48c2b2fcad775.jpg
[2009/03/28 02:05:50 | 00,054,228 | ---- | C] () -- C:\Users\mitch\Desktop\poison_ivy.jpg
[2009/03/28 00:15:44 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2009/03/28 00:07:28 | 34,056,729 | ---- | C] () -- C:\Users\mitch\Desktop\Game Scoop! Episode 114.mp3
[2009/03/27 00:32:08 | 26,723,462 | ---- | C] () -- C:\Users\mitch\Desktop\KeepinItReel_3_26_09.mp3
[2009/03/26 02:00:54 | 00,052,969 | ---- | C] () -- C:\Users\mitch\Desktop\zoom.gif
[2009/03/26 00:49:26 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Local\HP Guide
[2009/03/26 00:33:44 | 00,002,004 | ---- | C] () -- C:\Users\mitch\Desktop\Google Chrome.lnk
[2009/03/26 00:33:31 | 00,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1454956205-350315544-3408917166-1000.job
[2009/03/26 00:33:08 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Local\Deployment
[2009/03/26 00:33:08 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Local\Apps
[2009/03/25 13:26:52 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/03/25 13:26:52 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/03/25 13:26:52 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/03/25 13:26:52 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009/03/25 13:26:52 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/03/25 13:26:51 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/03/25 13:26:51 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/03/25 13:26:51 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/03/25 13:26:51 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009/03/25 13:26:51 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/03/25 13:26:51 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/03/25 13:26:51 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/03/25 13:26:51 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/03/25 13:26:50 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/03/25 13:26:50 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/03/25 13:26:50 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/03/25 13:26:50 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/03/25 13:26:50 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/03/25 13:26:50 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/03/25 13:26:50 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/03/25 13:26:50 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/03/25 13:26:50 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/03/25 13:26:49 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/03/25 13:26:49 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/03/25 13:26:49 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/03/25 13:26:49 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/03/25 13:26:49 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/03/25 13:26:49 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/03/25 13:26:49 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/03/25 13:26:49 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/03/25 13:26:49 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/03/25 13:26:49 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/03/25 13:26:48 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/03/25 13:26:48 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/03/25 13:26:48 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/03/25 13:26:48 | 00,391,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/03/25 13:26:48 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/03/25 13:26:46 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009/03/25 13:26:46 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/03/25 13:26:46 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/03/25 13:26:46 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/03/25 13:26:46 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/03/25 13:26:46 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/03/25 13:26:46 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/03/25 13:26:46 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/03/25 13:26:46 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/03/25 13:26:46 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009/03/25 13:26:45 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/03/25 13:26:45 | 00,914,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/03/25 13:26:45 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/03/25 13:26:44 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/03/25 13:26:43 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/03/25 13:26:43 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/03/25 13:26:42 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/03/25 13:04:17 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/03/25 12:31:25 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009/03/25 12:31:25 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/03/25 12:31:24 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/03/25 12:31:24 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/03/25 12:31:24 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009/03/25 12:31:24 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009/03/25 12:31:23 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/03/25 12:31:21 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/03/25 12:26:20 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009/03/25 12:26:17 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/03/25 12:26:15 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/03/25 12:25:59 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/03/25 12:25:55 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009/03/25 12:12:28 | 00,002,413 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/03/25 12:12:11 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/03/25 12:12:10 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/03/24 11:29:05 | 00,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2009/03/22 12:27:32 | 28,405,587 | ---- | C] () -- C:\Users\mitch\Desktop\KeepinItReel_03_19_09.mp3
[2009/03/21 03:06:35 | 00,000,000 | ---D | C] -- C:\Users\mitch\Desktop\New Folder (4)
[2009/03/18 12:21:36 | 00,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2009/03/18 12:21:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/03/18 12:20:18 | 00,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/03/17 19:23:08 | 00,000,000 | ---D | C] -- C:\Users\mitch\Documents\thesisjpg
[2009/03/17 19:21:20 | 00,000,890 | ---- | C] () -- C:\Users\Public\Desktop\My Photo Books.lnk
[2009/03/17 19:21:01 | 00,000,000 | ---D | C] -- C:\Program Files\MyPhotoBooks
[2009/03/17 01:21:37 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Roaming\Template
[2009/03/17 01:21:35 | 00,000,574 | ---- | C] () -- C:\Users\mitch\AppData\Roaming\wklnhst.dat
[2009/03/17 00:26:48 | 00,000,000 | ---D | C] -- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/03/17 00:25:50 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/03/14 21:57:30 | 00,000,000 | ---D | C] -- C:\Users\mitch\Desktop\door
[2009/03/14 21:57:25 | 00,000,000 | ---D | C] -- C:\Users\mitch\Desktop\4thwindow
[2009/03/13 01:38:43 | 00,000,000 | ---D | C] -- C:\Users\mitch\Desktop\flat
[2009/03/11 06:53:11 | 10,622,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/03/11 06:53:10 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/03/11 06:53:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/03/11 06:53:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/03/11 06:53:09 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/03/11 06:53:07 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/03/11 06:53:06 | 02,033,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/03/08 05:07:26 | 00,000,966 | ---- | C] () -- C:\Users\mitch\Desktop\Adobe Bridge CS4.lnk
[2009/03/07 16:57:35 | 00,000,000 | ---D | C] -- C:\Windows\E80F62FF5D3C4A1984099721F2928206.TMP
[2009/03/07 16:40:54 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Local\Symantec
[2009/03/07 16:39:58 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec AntiVirus
[2009/03/07 05:22:42 | 00,000,000 | R--D | C] -- C:\Users\mitch\Desktop\Music
[2009/03/04 01:06:41 | 00,000,000 | ---D | C] -- C:\Users\mitch\Documents\My Games
[2009/03/04 01:06:41 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Local\My Games
[2009/03/04 00:10:45 | 00,001,734 | ---- | C] () -- C:\Users\mitch\Desktop\Sid Meier's Civilization IV Warlords.lnk
[2009/03/04 00:09:21 | 00,001,750 | ---- | C] () -- C:\Users\mitch\Desktop\Sid Meier's Civilization IV Beyond the Sword.lnk
[2009/03/03 23:11:41 | 00,000,000 | ---D | C] -- C:\Users\mitch\Desktop\New Folder (2)
[2009/03/03 02:23:01 | 00,001,716 | ---- | C] () -- C:\Users\mitch\Desktop\Sid Meier's Civilization IV.lnk
[2009/03/03 01:31:05 | 00,027,288 | ---- | C] () -- C:\Users\mitch\Documents\Print a Copy of the Application Information - Student - FAFSA on the Web - Federal Student Aid.htm
[2009/03/02 15:53:01 | 00,000,000 | ---D | C] -- C:\Users\mitch\Documents\port2inclass
[2009/03/02 03:46:14 | 00,001,004 | ---- | C] () -- C:\Users\mitch\Desktop\Adobe Photoshop CS4.lnk
[2009/03/02 03:43:39 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2009/03/02 03:36:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/03/02 03:27:16 | 00,000,000 | ---D | C] -- C:\Users\mitch\Desktop\Adobe CS4
[2009/03/02 03:16:47 | 85,386,0607 | ---- | C] () -- C:\Users\mitch\Documents\ADBEPHSPCS4_LS1.7z
[2009/03/02 03:16:47 | 00,002,097 | ---- | C] () -- C:\Users\mitch\Desktop\Start Download Manager.lnk
[2009/03/02 03:16:26 | 00,000,000 | ---D | C] -- C:\Users\mitch\AppData\Roaming\Download Manager
[2009/02/27 03:32:34 | 00,000,000 | -H-D | C] -- C:\Users\mitch\Desktop\vghd

========== Files - Modified Within 30 Days ==========

[2 C:\Windows\*.tmp files]
[2009/03/28 17:53:49 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/03/28 17:53:49 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/03/28 17:53:49 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/03/28 17:49:53 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/03/28 17:47:02 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/03/28 17:47:02 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/03/28 17:46:59 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/03/28 17:46:55 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/03/28 17:46:45 | 32,204,80000 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/28 17:45:42 | 02,770,179 | -H-- | M] () -- C:\Users\mitch\AppData\Local\IconCache.db
[2009/03/28 17:34:41 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/28 17:31:47 | 00,000,957 | ---- | M] () -- C:\Users\mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/03/28 17:31:33 | 00,000,777 | ---- | M] () -- C:\Users\mitch\Desktop\NTREGOPT.lnk
[2009/03/28 17:31:33 | 00,000,758 | ---- | M] () -- C:\Users\mitch\Desktop\ERUNT.lnk
[2009/03/28 17:25:52 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\mitch\Desktop\SysRestorePoint.exe
[2009/03/28 13:23:27 | 00,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1454956205-350315544-3408917166-1000.job
[2009/03/28 12:26:24 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2D0067E1-6BA9-4DB6-B5CA-DAE76D737862}.job
[2009/03/28 02:24:02 | 00,066,896 | ---- | M] () -- C:\Users\mitch\Desktop\48c2b2fcad775.jpg
[2009/03/28 02:05:51 | 00,054,228 | ---- | M] () -- C:\Users\mitch\Desktop\poison_ivy.jpg
[2009/03/28 00:07:45 | 34,056,729 | ---- | M] () -- C:\Users\mitch\Desktop\Game Scoop! Episode 114.mp3
[2009/03/27 01:45:23 | 26,723,462 | ---- | M] () -- C:\Users\mitch\Desktop\KeepinItReel_3_26_09.mp3
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/03/26 02:00:54 | 00,052,969 | ---- | M] () -- C:\Users\mitch\Desktop\zoom.gif
[2009/03/26 01:42:48 | 00,156,672 | ---- | M] () -- C:\Users\mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/26 00:33:44 | 00,002,004 | ---- | M] () -- C:\Users\mitch\Desktop\Google Chrome.lnk
[2009/03/25 14:10:27 | 00,002,413 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/03/25 13:32:58 | 00,000,981 | ---- | M] () -- C:\Users\mitch\Desktop\Internet Explorer (No Add-ons).lnk
[2009/03/24 01:18:56 | 34,052,2242 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/03/22 13:47:46 | 28,405,587 | ---- | M] () -- C:\Users\mitch\Desktop\KeepinItReel_03_19_09.mp3
[2009/03/18 14:03:05 | 00,000,574 | ---- | M] () -- C:\Users\mitch\AppData\Roaming\wklnhst.dat
[2009/03/18 12:21:36 | 00,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2009/03/18 12:20:18 | 00,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/03/17 19:21:20 | 00,000,890 | ---- | M] () -- C:\Users\Public\Desktop\My Photo Books.lnk
[2009/03/12 11:15:44 | 02,420,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/03/12 01:45:16 | 00,072,474 | ---- | M] () -- C:\Users\mitch\Documents\Uninstall.exe
[2009/03/08 17:09:24 | 00,391,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/03/08 07:41:15 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/03/08 07:39:47 | 11,063,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/03/08 07:35:08 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/03/08 07:34:57 | 00,914,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/03/08 07:34:55 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/03/08 07:34:50 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/03/08 07:34:47 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/03/08 07:34:47 | 00,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/03/08 07:34:28 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/03/08 07:34:26 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/03/08 07:34:17 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/03/08 07:34:16 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/03/08 07:33:38 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/03/08 07:33:24 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/03/08 07:33:17 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/03/08 07:33:16 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/03/08 07:33:15 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/03/08 07:33:15 | 00,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/03/08 07:33:15 | 00,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/03/08 07:33:15 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/03/08 07:33:14 | 00,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/03/08 07:33:06 | 00,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/03/08 07:33:04 | 00,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/03/08 07:33:01 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/03/08 07:32:54 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/03/08 07:32:53 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/03/08 07:32:50 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/03/08 07:32:49 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/03/08 07:32:48 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/03/08 07:32:46 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/03/08 07:32:44 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/03/08 07:32:38 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/03/08 07:32:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/03/08 07:32:24 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/03/08 07:32:20 | 01,985,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/03/08 07:32:02 | 00,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/03/08 07:31:55 | 00,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/03/08 07:31:52 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/03/08 07:31:51 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009/03/08 07:31:51 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/03/08 07:31:42 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 07:31:37 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/03/08 07:31:37 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/03/08 07:31:35 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/03/08 07:31:24 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/03/08 07:31:17 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/03/08 07:31:01 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/03/08 07:31:00 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009/03/08 07:30:54 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009/03/08 07:22:45 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/03/08 07:22:37 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/03/08 07:11:10 | 00,445,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/03/08 05:07:26 | 00,000,966 | ---- | M] () -- C:\Users\mitch\Desktop\Adobe Bridge CS4.lnk
[2009/03/07 16:40:31 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2009/03/07 16:40:31 | 00,010,635 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2009/03/07 16:40:31 | 00,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2009/03/04 00:10:45 | 00,001,734 | ---- | M] () -- C:\Users\mitch\Desktop\Sid Meier's Civilization IV Warlords.lnk
[2009/03/04 00:09:21 | 00,001,750 | ---- | M] () -- C:\Users\mitch\Desktop\Sid Meier's Civilization IV Beyond the Sword.lnk
[2009/03/03 23:44:59 | 00,001,716 | ---- | M] () -- C:\Users\mitch\Desktop\Sid Meier's Civilization IV.lnk
[2009/03/03 01:31:05 | 00,027,288 | ---- | M] () -- C:\Users\mitch\Documents\Print a Copy of the Application Information - Student - FAFSA on the Web - Federal Student Aid.htm
[2009/03/02 04:17:20 | 00,076,568 | ---- | M] () -- C:\Users\mitch\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/03/02 03:46:14 | 00,001,004 | ---- | M] () -- C:\Users\mitch\Desktop\Adobe Photoshop CS4.lnk
[2009/03/02 03:25:50 | 85,386,0607 | ---- | M] () -- C:\Users\mitch\Documents\ADBEPHSPCS4_LS1.7z
[2009/03/02 03:16:47 | 00,002,097 | ---- | M] () -- C:\Users\mitch\Desktop\Start Download Manager.lnk
< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP