Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Add or Remove

Started by p_row , Apr 02 2009 08:51 PM

  • Please log in to reply

#1
p_row
Posted 02 April 2009 - 08:51 PM

p_row

    Member

  • Member
  • PipPip
  • 21 posts
My Add or Remove program is not working as well as the Windows Update site when I try to use it. I.E. works just fine its just when I click Windows Update the screen stays white. I was also sent to this forum by Metallica. Here is the info I think he wanted me to post.

Rooter:Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:147628 Mo/Free:3980 Mo)

Thu 04/02/2009|19:48

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
---------- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
---------- C:\PROGRA~1\McAfee\VirusScan\mcshield.exe
---------- C:\Program Files\McAfee\MPF\MPFSrv.exe
---------- C:\Program Files\McAfee\MSK\MskSrver.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- c:\PROGRA~1\mcafee.com\agent\mcagent.exe
---------- C:\WINDOWS\system32\igfxtray.exe
---------- C:\WINDOWS\system32\hkcmd.exe
---------- C:\WINDOWS\system32\igfxpers.exe
---------- C:\WINDOWS\system32\igfxsrvc.exe
---------- C:\WINDOWS\RTHDCPL.EXE
---------- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
---------- C:\WINDOWS\system32\igfxext.exe
---------- C:\DOCUME~1\petey\LOCALS~1\Temp\RtkBtMnt.exe
---------- C:\WINDOWS\system32\wbem\wmiapsrv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\PROGRA~1\McAfee\VirusScan\mcsysmon.exe
---------- c:\PROGRA~1\mcafee\msc\mcndui.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\WINDOWS\notepad.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Thu 04/02/2009|19:48

----------------------\\ Scan completed at 19:48


OtListit:OTListIt logfile created on: 4/2/2009 7:34:41 PM - Run 6
OTListIt2 by OldTimer - Version 2.0.9.1 Folder = C:\Documents and Settings\petey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1011.88 Mb Total Physical Memory | 434.52 Mb Available Physical Memory | 42.94% Memory free
2.37 Gb Paging File | 1.94 Gb Available in Paging File | 81.93% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.17 Gb Total Space | 135.89 Gb Free Space | 94.26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PTLAPTOP
Current User Name: petey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

Error loading NT PSAPIDLL libraries! Cannot enumerate processes.

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c9b3547aca3cce [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (IviRegMgr [Auto | Running]) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MBackMonitor [On_Demand | Stopped]) -- C:\Program Files\McAfee\MBK\MBackMonitor.exe (McAfee)
SRV - (McAfee SiteAdvisor Service [Auto | Running]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (mcmscsvc [Auto | Running]) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McNASvc [Auto | Running]) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (McODS [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McProxy [Auto | Running]) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon [On_Demand | Running]) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MpfService [Auto | Running]) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (MSK80Service [Auto | Running]) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (AR5416 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\athw.sys (Atheros Communications, Inc.)
DRV - (asc [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DKbFltr [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\DKbFltr.sys (Dritek System Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (int15.sys [On_Demand | Running]) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (M3000Srv [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\M3000KNT.sys ()
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (mfesmfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (MPFP [System | Running]) -- C:\WINDOWS\System32\Drivers\Mpfp.sys (McAfee, Inc.)
DRV - (mraid35x [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ql1080 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (RTLE8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (symc810 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (ultra [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...a...09&m=aoa150
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.5
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:2.7.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.1.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.9
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - prefs.js..keyword.URL: "http://search.yahoo....ch?fr=ffds1&p="


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/01/26 18:36:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/04/01 19:40:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/01/31 20:11:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/28 14:45:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/28 14:45:33 | 00,000,000 | ---D | M]

[2009/01/26 17:36:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Extensions
[2009/01/26 17:36:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/01 19:54:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Firefox\Profiles\8rracj7h.default\extensions
[2009/02/01 02:50:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Firefox\Profiles\8rracj7h.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/02/12 21:21:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Firefox\Profiles\8rracj7h.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/03/30 06:46:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Firefox\Profiles\8rracj7h.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2009/03/30 06:53:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Firefox\Profiles\8rracj7h.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/03/30 06:38:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Firefox\Profiles\8rracj7h.default\extensions\[email protected]
[2009/03/30 06:41:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\petey\Application Data\mozilla\Firefox\Profiles\8rracj7h.default\extensions\[email protected]
[2009/04/01 19:54:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/28 14:45:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/31 20:12:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/31 12:39:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/28 14:45:30 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/28 14:45:30 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/01/19 16:28:04 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/01/19 16:28:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/01/19 16:28:04 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/01/19 16:28:04 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/01/19 16:28:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/01/19 16:28:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/01/19 16:28:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] Alaunch (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt File not found
O4 - HKLM..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide (McAfee, Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Sites: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Sites: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{0DA132DD-FE61-447F-81CC-2AB603753C58}\\NameServer = 68.105.28.12,68.105.29.12
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[91 C:\WINDOWS\System32\*.tmp files]
[2009/04/02 19:33:11 | 00,499,712 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\petey\Desktop\OTListIt2.exe
[2009/04/02 17:07:53 | 00,000,718 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/02 17:07:52 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/02 17:07:49 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/02 17:07:45 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/02 16:28:28 | 02,906,232 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\petey\Desktop\mbam-setup.exe
[2009/04/02 16:27:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/02 16:26:50 | 00,000,615 | ---- | C] () -- C:\Documents and Settings\petey\Desktop\NTREGOPT.lnk
[2009/04/02 16:26:50 | 00,000,596 | ---- | C] () -- C:\Documents and Settings\petey\Desktop\ERUNT.lnk
[2009/04/02 16:26:46 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/02 16:23:07 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\petey\Desktop\erunt_setup.exe
[2009/04/01 23:18:08 | 04,288,344 | -H-- | C] () -- C:\Documents and Settings\petey\Local Settings\Application Data\IconCache.db
[2009/04/01 22:39:22 | 04,620,228 | ---- | C] () -- C:\Documents and Settings\petey\Desktop\Instrumentals - V.I.C. - Get Silly.mp3
[2009/04/01 22:37:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\My Documents\Downloads
[2009/04/01 22:36:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Local Settings\Application Data\Real
[2009/04/01 22:35:42 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/04/01 22:35:40 | 00,000,903 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/04/01 22:35:18 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009/04/01 22:35:18 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009/04/01 22:35:18 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/04/01 22:35:18 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/04/01 22:35:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/04/01 22:35:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Application Data\Real
[2009/04/01 22:33:23 | 00,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2009/04/01 22:32:58 | 00,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/01 21:59:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Local Settings\Application Data\WMTools Downloaded Files
[2009/04/01 21:59:21 | 00,003,584 | ---- | C] () -- C:\Documents and Settings\petey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/01 20:17:29 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2009/04/01 19:58:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/04/01 19:58:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Application Data\NCH Swift Sound
[2009/03/31 05:53:08 | 00,095,070 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini
[2009/03/31 05:50:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\autorun
[2009/03/31 05:10:02 | 00,000,000 | ---D | C] -- C:\temp
[2009/03/31 04:51:31 | 00,000,000 | R--D | C] -- C:\Documents and Settings\petey\My Documents\My Videos
[2009/03/31 04:51:31 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/03/31 04:43:15 | 00,222,382 | ---- | C] () -- C:\WINDOWS\Acer Crystal Eye webcam.ico
[2009/03/31 04:43:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\CrystalEye
[2009/03/31 04:35:43 | 00,254,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\M3000KNT.sys
[2009/03/31 04:35:43 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\M3000DIF.dll
[2009/03/31 04:35:43 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System\M3000Vex.dll
[2009/03/31 04:35:43 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System\M3000Dex.dll
[2009/03/31 04:35:43 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System\M3000Rmv.dll
[2009/03/31 04:35:43 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System\M3000LAp.exe
[2009/03/31 04:35:43 | 00,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2009/03/31 04:35:43 | 00,013,448 | ---- | C] () -- C:\WINDOWS\M3000Twn.src
[2009/03/31 04:10:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Anti-Theft
[2009/03/31 00:53:25 | 00,007,219 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2009/03/31 00:52:57 | 00,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/03/31 00:52:18 | 00,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2009/03/31 00:47:53 | 00,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2009/03/31 00:47:52 | 00,079,304 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2009/03/31 00:47:52 | 00,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2009/03/31 00:47:42 | 00,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2009/03/31 00:47:09 | 00,000,340 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/03/31 00:47:07 | 00,000,332 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/03/31 00:46:43 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/03/31 00:46:38 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2009/03/31 00:46:29 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/03/31 00:42:56 | 00,034,216 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2009/03/31 00:39:09 | 01,222,128 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\petey\My Documents\DMSetup.exe
[2009/03/30 22:59:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Local Settings\Application Data\PCHealth
[2009/03/30 05:35:15 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009/03/30 03:24:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\My Documents\My Received Files
[2009/03/27 19:19:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\My Documents\My Games
[2009/03/24 22:55:42 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/03/24 21:28:40 | 00,897,920 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\petey\Desktop\WGAPluginInstall.exe
[2009/03/09 19:45:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/03/09 19:38:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Local Settings\Application Data\Citrix
[2009/03/09 19:20:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Application Data\McAfee
[2009/03/05 22:17:55 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/03/05 22:17:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Application Data\skypePM
[2009/03/05 22:13:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/03/05 03:38:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Local Settings\Application Data\Identities
[2009/03/03 21:44:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\petey\Application Data\Ventrilo

========== Files - Modified Within 30 Days ==========

[91 C:\WINDOWS\System32\*.tmp files]
[2009/04/02 19:33:13 | 00,499,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\petey\Desktop\OTListIt2.exe
[2009/04/02 17:26:11 | 00,007,219 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/04/02 17:25:16 | 00,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/02 17:25:13 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/02 17:25:05 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/02 17:24:59 | 10,611,05664 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/02 17:07:53 | 00,000,718 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/02 16:28:40 | 02,906,232 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\petey\Desktop\mbam-setup.exe
[2009/04/02 16:26:50 | 00,000,615 | ---- | M] () -- C:\Documents and Settings\petey\Desktop\NTREGOPT.lnk
[2009/04/02 16:26:50 | 00,000,596 | ---- | M] () -- C:\Documents and Settings\petey\Desktop\ERUNT.lnk
[2009/04/02 16:23:12 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\petey\Desktop\erunt_setup.exe
[2009/04/02 03:14:09 | 04,288,344 | -H-- | M] () -- C:\Documents and Settings\petey\Local Settings\Application Data\IconCache.db
[2009/04/01 22:43:49 | 00,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2009/04/01 22:39:26 | 04,620,228 | ---- | M] () -- C:\Documents and Settings\petey\Desktop\Instrumentals - V.I.C. - Get Silly.mp3
[2009/04/01 22:35:40 | 00,000,903 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/04/01 22:35:18 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009/04/01 22:35:18 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009/04/01 22:35:18 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/04/01 21:59:21 | 00,003,584 | ---- | M] () -- C:\Documents and Settings\petey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/01 18:03:00 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/31 12:39:02 | 00,443,910 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/31 12:39:02 | 00,072,652 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/31 12:39:02 | 00,004,762 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/31 05:53:09 | 00,095,070 | ---- | M] () -- C:\WINDOWS\System32\Autorun.ini
[2009/03/31 05:23:37 | 00,000,125 | ---- | M] () -- C:\WINDOWS\xUninstall.bat
[2009/03/31 04:43:15 | 00,000,535 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/31 00:52:57 | 00,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/03/31 00:52:18 | 00,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2009/03/31 00:47:09 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/03/31 00:47:08 | 00,000,332 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/03/31 00:39:10 | 01,222,128 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\petey\My Documents\DMSetup.exe
[2009/03/30 02:31:23 | 00,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/27 18:40:16 | 00,000,288 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/24 21:28:41 | 00,897,920 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\petey\Desktop\WGAPluginInstall.exe
[2009/03/11 00:04:11 | 00,249,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/05 22:17:55 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
  • 0

Advertisements

#2
p_row
Posted 02 April 2009 - 10:50 PM

p_row

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Can anyone help me?
  • 0

#3
p_row
Posted 03 April 2009 - 08:08 PM

p_row

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Been 2 days since I posted this. No one knows how to fix this? IF not please let me know.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP