Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't access certain websites


  • Please log in to reply

#1
ConfusedinNC

ConfusedinNC

    Member

  • Member
  • PipPip
  • 15 posts
OTListIt logfile created on: 5/5/2009 8:25:06 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Users\Michael J. Smith\Documents\New Folder
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.69% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.87 Gb Total Space | 137.02 Gb Free Space | 62.04% Space Free | Partition Type: NTFS
Drive D: | 12.01 Gb Total Space | 1.90 Gb Free Space | 15.78% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 4.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 1.86 Gb Total Space | 0.07 Gb Free Space | 3.61% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAELJSMIT-PC
Current User Name: Michael J. Smith
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/06/17 19:36:05 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/11/26 13:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/11/26 13:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/15 18:54:42 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2007/08/23 18:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2003/06/20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2007/09/30 23:34:54 | 00,271,760 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
PRC - [2007/01/09 06:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2009/03/03 12:19:40 | 00,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/05/02 19:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2008/01/19 03:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFHost.exe
PRC - [2007/09/30 23:34:54 | 00,112,016 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2008/11/26 13:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008/11/26 13:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008/10/29 02:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2007/09/15 04:29:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/01/17 09:34:18 | 00,634,880 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2007/03/09 18:50:02 | 04,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/15 18:54:40 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/09/30 23:34:14 | 00,181,544 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2007/09/19 18:31:34 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2007/09/04 17:54:20 | 00,554,320 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
PRC - [2008/01/19 03:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/06/02 03:55:22 | 00,080,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
PRC - [2007/09/13 12:47:52 | 00,480,560 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2007/01/08 19:53:06 | 00,311,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2008/11/26 13:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/03/03 12:19:44 | 00,263,440 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2009/04/02 16:11:02 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/04/28 16:44:24 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/01/19 03:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2007/08/23 18:36:30 | 00,455,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/01/19 03:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/09/19 05:33:46 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/05/16 14:43:06 | 00,677,432 | R--- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/01/19 03:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2007/09/15 04:50:54 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/10/09 08:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/08/30 17:43:18 | 00,103,664 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2009/04/09 10:12:39 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/01/19 03:33:04 | 00,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmd.exe
PRC - [2009/03/02 22:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\wmiprvse.exe
PRC - [2009/05/05 20:19:27 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Michael J. Smith\Documents\New Folder\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/06/17 19:36:05 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/11/26 13:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008/11/26 13:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2008/11/26 13:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2008/11/26 13:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr [Disabled | Stopped])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr [Disabled | Stopped])
SRV - [FILE handle not seen by OS] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [Disabled | Stopped])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService [Disabled | Stopped])
SRV - [2007/03/05 14:30:06 | 00,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb [On_Demand | Stopped])
SRV - [2007/08/22 02:21:00 | 00,055,640 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost [On_Demand | Stopped])
SRV - [2008/01/19 03:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/06/19 21:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2007/07/23 19:33:06 | 00,181,800 | ---- | M] (WildTangent, Inc.) -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService [On_Demand | Stopped])
SRV - [2007/01/03 21:40:21 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/10/09 08:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Auto | Running])
SRV - [2006/05/02 19:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
SRV - [2008/04/15 18:54:42 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/06/19 21:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/08/23 18:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice [Auto | Stopped])
SRV - [2003/06/20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2008/06/19 21:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/09/30 23:34:54 | 00,271,760 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -- (QPCapSvc [Auto | Running])
SRV - [2007/09/30 23:34:54 | 00,112,016 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe -- (QPSched [Auto | Running])
SRV - [2007/01/09 06:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2008/02/05 00:02:34 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Disabled | Stopped])
SRV - [2009/03/03 12:19:40 | 00,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire [Auto | Running])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2007/08/31 15:15:06 | 00,176,128 | ---- | M] (Starz Entertainment Group LLC) -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service [On_Demand | Stopped])
SRV - [2008/01/19 03:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/19 03:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2006/11/02 05:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 05:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 05:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 05:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 05:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2008/11/26 13:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2008/11/26 13:17:15 | 00,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\system32\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV - [2008/11/26 13:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV - [2008/11/26 13:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2008/11/26 13:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2006/11/02 03:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\system32\DRIVERS\bcmwl6.sys -- (BCM43XV [On_Demand | Stopped])
DRV - [2006/11/02 04:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 04:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 04:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 05:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2008/01/12 19:32:00 | 00,023,904 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\Drivers\COH_Mon.sys -- (COH_Mon [On_Demand | Stopped])
DRV - [2007/08/08 18:39:00 | 00,036,056 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\CO_Mon.sys -- (CO_Mon [Auto | Running])
DRV - [2006/11/02 03:30:54 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2006/11/02 03:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/22 05:00:00 | 00,385,072 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2006/11/02 05:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/01/22 05:00:00 | 00,109,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/11/02 05:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2007/06/18 21:12:04 | 00,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\system32\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr [On_Demand | Running])
DRV - [2007/07/11 14:30:22 | 00,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\system32\DRIVERS\HpqRemHid.sys -- (HpqRemHid [On_Demand | Running])
DRV - [2006/11/02 03:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2006/11/02 03:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTDPV3.SYS -- (HSF_DPV [On_Demand | Stopped])
DRV - [2006/10/18 22:10:57 | 01,380,864 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\igdkmd32.sys -- (ialm [On_Demand | Stopped])
DRV - [2008/04/15 18:53:44 | 00,312,344 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2006/11/02 05:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/02/13 12:18:22 | 00,261,680 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20080214.002\IDSvix86.sys -- (IDSvix86 [System | Running])
DRV - [2006/11/02 05:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/03/12 20:29:46 | 01,747,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 05:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2006/11/02 05:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 05:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/11/02 05:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 05:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/01/22 05:00:00 | 00,082,256 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080214.003\NAVENG.SYS -- (NAVENG [On_Demand | Stopped])
DRV - [2008/01/22 05:00:00 | 00,895,312 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080214.003\NAVEX15.SYS -- (NAVEX15 [On_Demand | Stopped])
DRV - [2007/09/26 14:12:22 | 02,251,776 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
DRV - [2006/11/02 05:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 03:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2007/09/19 16:05:00 | 07,626,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2006/11/02 05:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2006/11/02 05:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/07/31 18:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/11/02 05:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2007/02/24 18:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/01/23 20:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/03/22 02:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2008/05/09 21:33:10 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\RMCAST.sys -- (RMCAST [Auto | Running])
DRV - [2007/09/17 19:17:36 | 00,098,816 | ---- | M] (Realtek Corporation ) -- C:\Windows\system32\DRIVERS\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
DRV - [2006/11/02 02:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2006/11/02 05:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 05:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/01/17 09:38:52 | 00,983,936 | ---- | M] (Motorola Inc.) -- C:\Windows\system32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])
DRV - [2007/08/17 16:23:00 | 00,446,512 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [On_Demand | Stopped])
DRV - [2007/12/01 00:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SRTSP.SYS -- (SRTSP [On_Demand | Stopped])
DRV - [2007/12/01 00:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SRTSPL.SYS -- (SRTSPL [On_Demand | Stopped])
DRV - [2007/12/01 00:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SRTSPX.SYS -- (SRTSPX [System | Running])
DRV - [2006/11/02 05:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2007/08/13 15:50:00 | 00,013,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS [On_Demand | Running])
DRV - [2008/02/08 16:33:03 | 00,123,952 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,096,432 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW [On_Demand | Running])
DRV - [2007/08/09 19:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\DRIVERS\SymIM.sys -- (SymIM [On_Demand | Stopped])
DRV - [2007/08/09 19:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\DRIVERS\SymIM.sys -- (SymIMMP [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,041,008 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,022,320 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,188,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV - [2006/11/02 05:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 05:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2007/09/15 04:50:56 | 00,191,408 | ---- | M] (Synaptics, Inc.) -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2009/03/03 12:19:54 | 00,051,472 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon [Boot | Running])
DRV - [2009/03/03 12:19:56 | 00,033,040 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon [On_Demand | Running])
DRV - [2009/03/03 12:19:58 | 00,039,184 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\TfSysMon.sys -- (TfSysMon [Boot | Running])
DRV - [2006/11/02 05:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 05:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2006/11/02 05:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 05:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/11/02 03:41:48 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTCNXT3.SYS -- (winachsf [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...n&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.2.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.9

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON2 [2008/02/19 20:24:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/31 22:12:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/25 22:47:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 16:44:59 | 00,000,000 | ---D | M]

[2009/04/23 23:48:21 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Extensions
[2009/04/23 23:48:21 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/05 19:00:45 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/30 16:54:43 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/04/30 16:54:43 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/05/05 19:00:37 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/23 23:48:21 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles(319)\nay6xhjd.default\extensions
[2009/04/28 16:45:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/25 22:47:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/28 16:45:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/09 10:12:59 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/09 10:13:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2009/04/09 01:51:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/09 01:51:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/09 01:51:14 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/09 01:51:14 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/09 01:51:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/09 01:51:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/09 01:51:14 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart (NVIDIA Corporation)
O4 - HKLM..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" (CyberLink Corp.)
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun (Hewlett-Packard)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)
O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Users\Michael J. Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Vongo Tray.lnk = C:\Windows\Installer\{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/26 00:52:25 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 00,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2007/06/07 08:12:42 | 00,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{5d2e724f-36ff-11dd-bf65-001e68000d51}\Shell - "" = AutoRun
O33 - MountPoints2\{5d2e724f-36ff-11dd-bf65-001e68000d51}\Shell\AutoRun\command - "" = F:\WIN\setup.exe -- File not found
O33 - MountPoints2\{65c742d8-f7b7-11dd-9523-001e68000d51}\Shell - "" = AutoRun
O33 - MountPoints2\{65c742d8-f7b7-11dd-9523-001e68000d51}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2007/11/05 08:14:46 | 01,095,224 | ---- | M] ()
O33 - MountPoints2\{87d53be5-d48b-11dc-a353-001e68000d51}\Shell - "" = AutoRun
O33 - MountPoints2\{87d53be5-d48b-11dc-a353-001e68000d51}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- [2006/12/04 12:31:42 | 01,095,224 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[2009/05/05 16:06:50 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/05 16:06:47 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/05 16:05:42 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/05/05 16:05:33 | 00,000,913 | ---- | C] () -- C:\Users\Michael J. Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/04 18:10:12 | 00,259,854 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\TheHint1.jpg
[2009/05/04 17:56:39 | 00,095,419 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\FunkyTMShirt2_big.jpg
[2009/05/04 17:50:47 | 00,047,399 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\cody.jpg
[2009/05/04 17:47:42 | 00,080,930 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford4.jpg
[2009/05/04 17:37:34 | 00,032,429 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford29.jpg
[2009/05/04 17:37:30 | 00,356,031 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford28.jpg
[2009/05/04 17:37:24 | 00,051,305 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford27.jpg
[2009/05/04 17:37:21 | 00,078,493 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford26.jpg
[2009/05/04 17:37:17 | 00,081,363 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford25.jpg
[2009/05/04 17:37:14 | 00,076,306 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford24.jpg
[2009/05/04 17:37:09 | 00,033,485 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford23.jpg
[2009/05/04 17:37:00 | 00,054,739 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford22.jpg
[2009/05/04 17:36:56 | 00,058,608 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford21.jpg
[2009/05/04 17:36:50 | 00,069,346 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford20.jpg
[2009/05/04 17:36:47 | 00,067,576 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford19.jpg
[2009/05/04 17:36:44 | 00,069,764 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford18.jpg
[2009/05/04 17:36:40 | 00,042,752 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford17.jpg
[2009/05/04 17:36:35 | 00,080,754 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford16.jpg
[2009/05/04 17:36:27 | 00,071,194 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford15.jpg
[2009/05/04 17:36:24 | 00,080,884 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford14.jpg
[2009/05/04 17:36:19 | 00,080,414 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford13.jpg
[2009/05/04 17:36:15 | 00,078,304 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford12.jpg
[2009/05/04 17:36:12 | 00,081,412 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford11.jpg
[2009/05/04 17:36:08 | 00,092,070 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford10.jpg
[2009/05/04 17:36:04 | 00,074,325 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford9.jpg
[2009/05/04 17:36:00 | 00,095,631 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford8.jpg
[2009/05/04 17:35:57 | 00,063,179 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford7.jpg
[2009/05/04 17:35:53 | 00,065,695 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford6.jpg
[2009/05/04 17:35:37 | 00,070,923 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford5.jpg
[2009/05/04 17:28:27 | 00,019,223 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\toniguymen.jpg
[2009/05/04 17:27:28 | 00,024,426 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\sanrizzd8.jpg
[2009/05/04 17:27:20 | 00,027,091 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\sanrizzd5.jpg
[2009/05/04 17:26:50 | 00,034,900 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\retroman4.jpg
[2009/05/04 17:26:43 | 00,027,345 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\reflectionshair8.jpg
[2009/05/04 17:26:38 | 00,030,175 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\reflectionshair7.jpg
[2009/05/04 17:26:32 | 00,029,910 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\redcut11.jpg
[2009/05/04 17:26:05 | 00,037,276 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\pop11.jpg
[2009/05/04 17:25:59 | 00,043,329 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\pop8.jpg
[2009/05/04 17:25:33 | 00,036,991 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\mens2.jpg
[2009/05/04 17:25:28 | 00,034,299 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\mens01.jpg
[2009/05/04 17:25:21 | 00,142,917 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_14.jpg
[2009/05/04 17:25:14 | 00,134,743 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_08.jpg
[2009/05/04 17:25:10 | 00,151,240 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_04.jpg
[2009/05/04 17:24:05 | 00,130,267 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_01-1.jpg
[2009/05/04 17:23:53 | 00,130,267 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_01.jpg
[2009/05/04 17:23:17 | 00,026,678 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\frisur1.jpg
[2009/05/04 17:22:59 | 00,014,654 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\alternate.jpg
[2009/05/04 17:22:55 | 00,016,101 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\daniel.jpg
[2009/05/04 17:22:50 | 00,025,947 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\brigade5.jpg
[2009/05/04 17:22:40 | 00,016,496 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\antonsteele.jpg
[2009/05/04 17:22:28 | 00,020,292 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ingatestone.jpg
[2009/05/04 17:22:10 | 00,080,067 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hair-2.jpg
[2009/05/04 17:21:46 | 00,024,994 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h4.jpg
[2009/05/04 17:21:40 | 00,027,526 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h3.jpg
[2009/05/04 17:21:36 | 00,035,467 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h2.jpg
[2009/05/04 17:21:29 | 00,038,424 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h1.jpg
[2009/05/04 17:21:22 | 00,029,440 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairdresser18.jpg
[2009/05/04 17:21:12 | 00,037,692 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairart7.jpg
[2009/05/04 17:19:57 | 00,063,063 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hair-1.jpg
[2009/05/04 01:58:05 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\My hair keeps fallin.doc
[2009/05/03 01:00:15 | 00,033,280 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\The Wigs of Lost Hold All the Answers.doc
[2009/05/02 22:58:06 | 00,028,672 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Desmond is the Key to Everything.doc
[2009/05/01 09:28:39 | 00,023,076 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\sugarbutt77-1.jpg
[2009/04/29 00:00:30 | 00,025,088 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\The Offline installation program contains all the files you need.doc
[2009/04/28 18:54:56 | 00,046,702 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\EpicFail.jpg
[2009/04/28 16:43:11 | 16,438,680 | ---- | C] () -- C:\Users\Michael J. Smith\Desktop\jre-6u13-windows-i586-p-s.exe
[2009/04/26 22:24:34 | 00,000,000 | ---D | C] -- C:\Users\Michael J. Smith\AppData\Roaming\Opera
[2009/04/26 22:24:11 | 00,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2009/04/26 22:24:06 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/04/26 22:23:23 | 05,623,216 | ---- | C] (Opera Software ASA) -- C:\Users\Michael J. Smith\Desktop\Opera_964_en_Setup.exe
[2009/04/25 22:47:15 | 00,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/25 13:23:15 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/25 13:23:15 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/25 13:23:12 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/25 13:22:51 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/25 13:22:50 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/25 13:22:49 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/25 13:22:46 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/25 13:22:42 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/25 13:22:42 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/25 13:22:41 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/25 13:22:41 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/25 13:22:40 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/25 13:22:37 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/25 13:20:48 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/25 13:20:46 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/25 13:20:43 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/25 13:20:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/25 13:20:42 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/25 13:20:20 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/25 13:20:15 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/25 13:20:11 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/25 13:20:10 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/25 13:20:10 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/25 13:20:09 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/25 13:20:08 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/25 13:20:07 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/25 13:20:07 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/25 13:20:06 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/25 13:20:06 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/04/25 13:20:06 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/25 13:20:04 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/25 13:20:03 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/25 13:20:02 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/04/25 13:09:25 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2009/04/24 20:21:12 | 00,111,616 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Browserproblem.doc
[2009/04/24 18:53:16 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/04/24 18:53:13 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/04/24 18:42:27 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/24 18:37:32 | 00,028,884 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/04/24 18:37:32 | 00,028,884 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/04/24 18:22:29 | 00,000,000 | ---D | C] -- C:\Users\Michael J. Smith\AppData\Roaming\Malwarebytes
[2009/04/24 18:22:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/04/24 18:22:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/24 18:19:51 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/24 18:08:26 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/24 00:25:41 | 00,019,968 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ThreatFire.doc
[2009/04/23 19:26:30 | 00,239,104 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\bookmarked websites.doc
[2009/04/21 00:55:05 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Monroe Doctrine.doc
[2009/04/20 21:26:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/04/20 20:55:13 | 00,025,600 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\John Coulton.doc
[2009/04/18 00:46:11 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Under the Cyclone.doc
[2009/04/17 11:05:14 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Your subscription ID is.doc
[2009/04/16 18:35:44 | 00,026,624 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Taxes before and after socialism.doc
[2009/04/14 00:36:49 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Note to teabaggers.doc
[2009/04/09 18:36:54 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\swamp gas reflecting off the bioluminescence of the reflection of Venus.doc
[2009/04/08 16:50:31 | 00,040,960 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Darren040809.doc
[2009/04/07 15:17:34 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/07 15:16:38 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/07 15:16:32 | 00,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/07 15:16:32 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/07 15:12:28 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/03/08 16:03:02 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/02/05 00:52:03 | 00,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/01/08 19:21:20 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 06:23:31 | 00,000,240 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 18:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== Files - Modified Within 30 Days ==========

[1 C:\Users\Michael J. Smith\Documents\*.tmp files]
[2009/05/05 20:16:26 | 00,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9C3D5ABF-0691-4630-900F-ACD2CCB448DD}.job
[2009/05/05 19:52:11 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/05/05 19:45:26 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/05 19:45:26 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/05 16:05:33 | 00,000,913 | ---- | M] () -- C:\Users\Michael J. Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/05 15:48:26 | 00,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2009/05/05 15:48:10 | 00,028,380 | ---- | M] () -- C:\Users\Michael J. Smith\AppData\Roaming\nvModes.001
[2009/05/05 15:45:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/05 15:45:26 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/05 15:45:21 | 32,195,78880 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/04 20:00:02 | 00,000,568 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Michael J. Smith.job
[2009/05/04 17:18:12 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/04 17:18:12 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/04 17:18:12 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/04 01:58:05 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\My hair keeps fallin.doc
[2009/05/04 01:54:40 | 00,002,609 | ---- | M] () -- C:\Users\Michael J. Smith\Desktop\Microsoft Office Word 2003.lnk
[2009/05/03 01:39:14 | 00,028,672 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Desmond is the Key to Everything.doc
[2009/05/03 01:00:15 | 00,033,280 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\The Wigs of Lost Hold All the Answers.doc
[2009/05/01 09:28:40 | 00,023,076 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\sugarbutt77-1.jpg
[2009/04/29 00:00:31 | 00,025,088 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\The Offline installation program contains all the files you need.doc
[2009/04/28 18:59:09 | 00,001,165 | -H-- | M] () -- C:\Users\Michael J. Smith\Documents\Picasa.ini
[2009/04/28 18:54:57 | 00,046,702 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\EpicFail.jpg
[2009/04/28 16:43:14 | 16,438,680 | ---- | M] () -- C:\Users\Michael J. Smith\Desktop\jre-6u13-windows-i586-p-s.exe
[2009/04/26 23:01:12 | 00,096,256 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\band cd covers.doc
[2009/04/26 22:24:11 | 00,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2009/04/26 22:23:24 | 05,623,216 | ---- | M] (Opera Software ASA) -- C:\Users\Michael J. Smith\Desktop\Opera_964_en_Setup.exe
[2009/04/25 22:47:15 | 00,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/25 15:12:05 | 00,000,240 | ---- | M] () -- C:\Windows\win.ini
[2009/04/25 12:41:55 | 00,028,884 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/04/25 12:41:35 | 00,028,884 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/04/25 00:28:54 | 00,111,616 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Browserproblem.doc
[2009/04/24 00:25:41 | 00,019,968 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\ThreatFire.doc
[2009/04/23 23:36:18 | 00,239,104 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\bookmarked websites.doc
[2009/04/22 01:34:10 | 00,025,600 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\John Coulton.doc
[2009/04/21 00:55:05 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Monroe Doctrine.doc
[2009/04/18 00:46:12 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Under the Cyclone.doc
[2009/04/17 11:39:09 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Your subscription ID is.doc
[2009/04/16 21:04:26 | 00,026,624 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Taxes before and after socialism.doc
[2009/04/16 01:06:29 | 00,013,485 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\facebookmusic.docx
[2009/04/15 19:44:39 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Bands.doc
[2009/04/14 00:36:49 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Note to teabaggers.doc
[2009/04/09 18:37:42 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\swamp gas reflecting off the bioluminescence of the reflection of Venus.doc
[2009/04/08 16:50:32 | 00,040,960 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Darren040809.doc
[2009/04/07 15:17:34 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/07 15:02:50 | 00,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1CA73D29
< End of report >


Rooter:


Microsoft Windows Vista Home Edition (6.0.6001) Service Pack 1

C:\ [Fixed] - NTFS - (Total:226172 Mo/Free:1044 Mo)
D:\ [Fixed] - NTFS - (Total:12299 Mo/Free:1941 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:4 Mo/Free:0 Mo)
G:\ [Removable] (Total:1901 Mo/Free:68 Mo)

Tue 05/05/2009|19:57

----------------------\\ Processes..

--Locked-- [System Process]
--Locked-- System
---------- \SystemRoot\System32\smss.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\wininit.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\services.exe
---------- C:\Windows\system32\lsass.exe
---------- C:\Windows\system32\lsm.exe
---------- C:\Windows\system32\winlogon.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\svchost.exe
--Locked-- audiodg.exe
---------- C:\Windows\system32\SLsvc.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\Windows\System32\spoolsv.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
---------- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
---------- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\ThreatFire\TFService.exe
---------- C:\Program Files\Viewpoint\Common\ViewpointService.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\SearchIndexer.exe
---------- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
---------- C:\Windows\system32\WUDFHost.exe
---------- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Windows\system32\Dwm.exe
---------- C:\Windows\Explorer.EXE
---------- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
---------- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
---------- C:\Windows\RtHDVCpl.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
---------- C:\Program Files\HP\QuickPlay\QPService.exe
---------- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
---------- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
---------- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
---------- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
---------- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
---------- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
---------- C:\Program Files\ThreatFire\TFTray.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Windows Sidebar\sidebar.exe
---------- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
---------- C:\Windows\ehome\ehtray.exe
---------- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\Windows Media Player\wmpnscfg.exe
---------- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
---------- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
---------- C:\Windows\System32\rundll32.exe
---------- C:\Windows\ehome\ehmsas.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
---------- C:\Windows\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Windows\system32\SearchProtocolHost.exe
---------- C:\Windows\system32\SearchFilterHost.exe
---------- C:\Windows\system32\DllHost.exe
---------- C:\Windows\system32\DllHost.exe
---------- C:\Windows\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Fri 04/24/2009|18:42
2 - "C:\Rooter$\Rooter_2.txt" - Tue 05/05/2009|19:58

----------------------\\ Scan completed a
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP