OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Users\Michael J. Smith\Documents\New Folder
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.69% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.87 Gb Total Space | 137.02 Gb Free Space | 62.04% Space Free | Partition Type: NTFS
Drive D: | 12.01 Gb Total Space | 1.90 Gb Free Space | 15.78% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 4.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 1.86 Gb Total Space | 0.07 Gb Free Space | 3.61% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MICHAELJSMIT-PC
Current User Name: Michael J. Smith
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - [2008/06/17 19:36:05 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/11/26 13:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/11/26 13:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/15 18:54:42 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2007/08/23 18:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2003/06/20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2007/09/30 23:34:54 | 00,271,760 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
PRC - [2007/01/09 06:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2009/03/03 12:19:40 | 00,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/05/02 19:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2008/01/19 03:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFHost.exe
PRC - [2007/09/30 23:34:54 | 00,112,016 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2008/11/26 13:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008/11/26 13:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008/10/29 02:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2007/09/15 04:29:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/01/17 09:34:18 | 00,634,880 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2007/03/09 18:50:02 | 04,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/15 18:54:40 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/09/30 23:34:14 | 00,181,544 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2007/09/19 18:31:34 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2007/09/04 17:54:20 | 00,554,320 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
PRC - [2008/01/19 03:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/06/02 03:55:22 | 00,080,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
PRC - [2007/09/13 12:47:52 | 00,480,560 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2007/01/08 19:53:06 | 00,311,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2008/11/26 13:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/03/03 12:19:44 | 00,263,440 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2009/04/02 16:11:02 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/04/28 16:44:24 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/01/19 03:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2007/08/23 18:36:30 | 00,455,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/01/19 03:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/09/19 05:33:46 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/05/16 14:43:06 | 00,677,432 | R--- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/01/19 03:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2007/09/15 04:50:54 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/10/09 08:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/08/30 17:43:18 | 00,103,664 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2009/04/09 10:12:39 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/01/19 03:33:04 | 00,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmd.exe
PRC - [2009/03/02 22:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\wmiprvse.exe
PRC - [2009/05/05 20:19:27 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Michael J. Smith\Documents\New Folder\OTListIt2.exe
========== Win32 Services (SafeList) ==========
SRV - [2008/06/17 19:36:05 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/11/26 13:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008/11/26 13:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2008/11/26 13:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2008/11/26 13:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr [Disabled | Stopped])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr [Disabled | Stopped])
SRV - [FILE handle not seen by OS] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [Disabled | Stopped])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService [Disabled | Stopped])
SRV - [2007/03/05 14:30:06 | 00,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb [On_Demand | Stopped])
SRV - [2007/08/22 02:21:00 | 00,055,640 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost [On_Demand | Stopped])
SRV - [2008/01/19 03:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/06/19 21:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2007/07/23 19:33:06 | 00,181,800 | ---- | M] (WildTangent, Inc.) -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService [On_Demand | Stopped])
SRV - [2007/01/03 21:40:21 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/10/09 08:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Auto | Running])
SRV - [2006/05/02 19:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
SRV - [2008/04/15 18:54:42 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/06/19 21:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/08/23 18:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice [Auto | Stopped])
SRV - [2003/06/20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2008/06/19 21:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/09/30 23:34:54 | 00,271,760 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -- (QPCapSvc [Auto | Running])
SRV - [2007/09/30 23:34:54 | 00,112,016 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe -- (QPSched [Auto | Running])
SRV - [2007/01/09 06:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2008/02/05 00:02:34 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Disabled | Stopped])
SRV - [2009/03/03 12:19:40 | 00,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire [Auto | Running])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2007/08/31 15:15:06 | 00,176,128 | ---- | M] (Starz Entertainment Group LLC) -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service [On_Demand | Stopped])
SRV - [2008/01/19 03:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/19 03:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2006/11/02 05:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 05:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 05:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 05:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 05:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2008/11/26 13:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2008/11/26 13:17:15 | 00,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\system32\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV - [2008/11/26 13:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV - [2008/11/26 13:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2008/11/26 13:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2006/11/02 03:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\system32\DRIVERS\bcmwl6.sys -- (BCM43XV [On_Demand | Stopped])
DRV - [2006/11/02 04:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 04:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 04:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 04:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 05:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2008/01/12 19:32:00 | 00,023,904 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\Drivers\COH_Mon.sys -- (COH_Mon [On_Demand | Stopped])
DRV - [2007/08/08 18:39:00 | 00,036,056 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\CO_Mon.sys -- (CO_Mon [Auto | Running])
DRV - [2006/11/02 03:30:54 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2006/11/02 03:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/22 05:00:00 | 00,385,072 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2006/11/02 05:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/01/22 05:00:00 | 00,109,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/11/02 05:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2007/06/18 21:12:04 | 00,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\system32\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr [On_Demand | Running])
DRV - [2007/07/11 14:30:22 | 00,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\system32\DRIVERS\HpqRemHid.sys -- (HpqRemHid [On_Demand | Running])
DRV - [2006/11/02 03:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2006/11/02 03:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTDPV3.SYS -- (HSF_DPV [On_Demand | Stopped])
DRV - [2006/10/18 22:10:57 | 01,380,864 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\igdkmd32.sys -- (ialm [On_Demand | Stopped])
DRV - [2008/04/15 18:53:44 | 00,312,344 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2006/11/02 05:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/02/13 12:18:22 | 00,261,680 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20080214.002\IDSvix86.sys -- (IDSvix86 [System | Running])
DRV - [2006/11/02 05:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/03/12 20:29:46 | 01,747,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 05:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 05:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2006/11/02 05:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 05:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 05:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/11/02 05:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 05:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/01/22 05:00:00 | 00,082,256 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080214.003\NAVENG.SYS -- (NAVENG [On_Demand | Stopped])
DRV - [2008/01/22 05:00:00 | 00,895,312 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080214.003\NAVEX15.SYS -- (NAVEX15 [On_Demand | Stopped])
DRV - [2007/09/26 14:12:22 | 02,251,776 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
DRV - [2006/11/02 05:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 03:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2007/09/19 16:05:00 | 07,626,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2006/11/02 05:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2006/11/02 05:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/07/31 18:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/11/02 05:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2007/02/24 18:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/01/23 20:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/03/22 02:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2008/05/09 21:33:10 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\RMCAST.sys -- (RMCAST [Auto | Running])
DRV - [2007/09/17 19:17:36 | 00,098,816 | ---- | M] (Realtek Corporation ) -- C:\Windows\system32\DRIVERS\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
DRV - [2006/11/02 02:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2006/11/02 05:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 05:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/01/17 09:38:52 | 00,983,936 | ---- | M] (Motorola Inc.) -- C:\Windows\system32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])
DRV - [2007/08/17 16:23:00 | 00,446,512 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [On_Demand | Stopped])
DRV - [2007/12/01 00:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SRTSP.SYS -- (SRTSP [On_Demand | Stopped])
DRV - [2007/12/01 00:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SRTSPL.SYS -- (SRTSPL [On_Demand | Stopped])
DRV - [2007/12/01 00:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SRTSPX.SYS -- (SRTSPX [System | Running])
DRV - [2006/11/02 05:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2007/08/13 15:50:00 | 00,013,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS [On_Demand | Running])
DRV - [2008/02/08 16:33:03 | 00,123,952 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,096,432 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW [On_Demand | Running])
DRV - [2007/08/09 19:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\DRIVERS\SymIM.sys -- (SymIM [On_Demand | Stopped])
DRV - [2007/08/09 19:27:00 | 00,031,280 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\DRIVERS\SymIM.sys -- (SymIMMP [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,041,008 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,022,320 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Running])
DRV - [2007/08/13 15:50:00 | 00,188,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV - [2006/11/02 05:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 05:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2007/09/15 04:50:56 | 00,191,408 | ---- | M] (Synaptics, Inc.) -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2009/03/03 12:19:54 | 00,051,472 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon [Boot | Running])
DRV - [2009/03/03 12:19:56 | 00,033,040 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon [On_Demand | Running])
DRV - [2009/03/03 12:19:58 | 00,039,184 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\TfSysMon.sys -- (TfSysMon [Boot | Running])
DRV - [2006/11/02 05:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 05:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2006/11/02 05:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 05:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/11/02 03:41:48 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTCNXT3.SYS -- (winachsf [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...n&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.2.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.9
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON2 [2008/02/19 20:24:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/31 22:12:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/25 22:47:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 16:44:59 | 00,000,000 | ---D | M]
[2009/04/23 23:48:21 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Extensions
[2009/04/23 23:48:21 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/05 19:00:45 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/30 16:54:43 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/04/30 16:54:43 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/05/05 19:00:37 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/25 13:06:19 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles\jsmgyjyy.default\extensions\[email protected]
[2009/04/23 23:48:21 | 00,000,000 | ---D | M] -- C:\Users\Michael J. Smith\AppData\Roaming\mozilla\Firefox\Profiles(319)\nay6xhjd.default\extensions
[2009/04/28 16:45:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/25 22:47:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/28 16:45:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/09 10:12:59 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/09 10:13:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2009/04/09 01:51:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/09 01:51:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/09 01:51:14 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/09 01:51:14 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/09 01:51:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/09 01:51:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/09 01:51:14 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart (NVIDIA Corporation)
O4 - HKLM..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" (CyberLink Corp.)
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun (Hewlett-Packard)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)
O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Users\Michael J. Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Vongo Tray.lnk = C:\Windows\Installer\{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/26 00:52:25 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 00,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2007/06/07 08:12:42 | 00,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{5d2e724f-36ff-11dd-bf65-001e68000d51}\Shell - "" = AutoRun
O33 - MountPoints2\{5d2e724f-36ff-11dd-bf65-001e68000d51}\Shell\AutoRun\command - "" = F:\WIN\setup.exe -- File not found
O33 - MountPoints2\{65c742d8-f7b7-11dd-9523-001e68000d51}\Shell - "" = AutoRun
O33 - MountPoints2\{65c742d8-f7b7-11dd-9523-001e68000d51}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2007/11/05 08:14:46 | 01,095,224 | ---- | M] ()
O33 - MountPoints2\{87d53be5-d48b-11dc-a353-001e68000d51}\Shell - "" = AutoRun
O33 - MountPoints2\{87d53be5-d48b-11dc-a353-001e68000d51}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- [2006/12/04 12:31:42 | 01,095,224 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[2009/05/05 16:06:50 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/05 16:06:47 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/05 16:05:42 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/05/05 16:05:33 | 00,000,913 | ---- | C] () -- C:\Users\Michael J. Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/04 18:10:12 | 00,259,854 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\TheHint1.jpg
[2009/05/04 17:56:39 | 00,095,419 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\FunkyTMShirt2_big.jpg
[2009/05/04 17:50:47 | 00,047,399 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\cody.jpg
[2009/05/04 17:47:42 | 00,080,930 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford4.jpg
[2009/05/04 17:37:34 | 00,032,429 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford29.jpg
[2009/05/04 17:37:30 | 00,356,031 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford28.jpg
[2009/05/04 17:37:24 | 00,051,305 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford27.jpg
[2009/05/04 17:37:21 | 00,078,493 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford26.jpg
[2009/05/04 17:37:17 | 00,081,363 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford25.jpg
[2009/05/04 17:37:14 | 00,076,306 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford24.jpg
[2009/05/04 17:37:09 | 00,033,485 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford23.jpg
[2009/05/04 17:37:00 | 00,054,739 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford22.jpg
[2009/05/04 17:36:56 | 00,058,608 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford21.jpg
[2009/05/04 17:36:50 | 00,069,346 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford20.jpg
[2009/05/04 17:36:47 | 00,067,576 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford19.jpg
[2009/05/04 17:36:44 | 00,069,764 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford18.jpg
[2009/05/04 17:36:40 | 00,042,752 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford17.jpg
[2009/05/04 17:36:35 | 00,080,754 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford16.jpg
[2009/05/04 17:36:27 | 00,071,194 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford15.jpg
[2009/05/04 17:36:24 | 00,080,884 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford14.jpg
[2009/05/04 17:36:19 | 00,080,414 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford13.jpg
[2009/05/04 17:36:15 | 00,078,304 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford12.jpg
[2009/05/04 17:36:12 | 00,081,412 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford11.jpg
[2009/05/04 17:36:08 | 00,092,070 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford10.jpg
[2009/05/04 17:36:04 | 00,074,325 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford9.jpg
[2009/05/04 17:36:00 | 00,095,631 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford8.jpg
[2009/05/04 17:35:57 | 00,063,179 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford7.jpg
[2009/05/04 17:35:53 | 00,065,695 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford6.jpg
[2009/05/04 17:35:37 | 00,070,923 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ChaceCrawford5.jpg
[2009/05/04 17:28:27 | 00,019,223 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\toniguymen.jpg
[2009/05/04 17:27:28 | 00,024,426 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\sanrizzd8.jpg
[2009/05/04 17:27:20 | 00,027,091 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\sanrizzd5.jpg
[2009/05/04 17:26:50 | 00,034,900 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\retroman4.jpg
[2009/05/04 17:26:43 | 00,027,345 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\reflectionshair8.jpg
[2009/05/04 17:26:38 | 00,030,175 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\reflectionshair7.jpg
[2009/05/04 17:26:32 | 00,029,910 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\redcut11.jpg
[2009/05/04 17:26:05 | 00,037,276 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\pop11.jpg
[2009/05/04 17:25:59 | 00,043,329 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\pop8.jpg
[2009/05/04 17:25:33 | 00,036,991 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\mens2.jpg
[2009/05/04 17:25:28 | 00,034,299 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\mens01.jpg
[2009/05/04 17:25:21 | 00,142,917 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_14.jpg
[2009/05/04 17:25:14 | 00,134,743 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_08.jpg
[2009/05/04 17:25:10 | 00,151,240 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_04.jpg
[2009/05/04 17:24:05 | 00,130,267 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_01-1.jpg
[2009/05/04 17:23:53 | 00,130,267 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\men_hairstyles_01.jpg
[2009/05/04 17:23:17 | 00,026,678 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\frisur1.jpg
[2009/05/04 17:22:59 | 00,014,654 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\alternate.jpg
[2009/05/04 17:22:55 | 00,016,101 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\daniel.jpg
[2009/05/04 17:22:50 | 00,025,947 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\brigade5.jpg
[2009/05/04 17:22:40 | 00,016,496 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\antonsteele.jpg
[2009/05/04 17:22:28 | 00,020,292 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ingatestone.jpg
[2009/05/04 17:22:10 | 00,080,067 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hair-2.jpg
[2009/05/04 17:21:46 | 00,024,994 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h4.jpg
[2009/05/04 17:21:40 | 00,027,526 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h3.jpg
[2009/05/04 17:21:36 | 00,035,467 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h2.jpg
[2009/05/04 17:21:29 | 00,038,424 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairstyle2008-h1.jpg
[2009/05/04 17:21:22 | 00,029,440 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairdresser18.jpg
[2009/05/04 17:21:12 | 00,037,692 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hairart7.jpg
[2009/05/04 17:19:57 | 00,063,063 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\hair-1.jpg
[2009/05/04 01:58:05 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\My hair keeps fallin.doc
[2009/05/03 01:00:15 | 00,033,280 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\The Wigs of Lost Hold All the Answers.doc
[2009/05/02 22:58:06 | 00,028,672 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Desmond is the Key to Everything.doc
[2009/05/01 09:28:39 | 00,023,076 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\sugarbutt77-1.jpg
[2009/04/29 00:00:30 | 00,025,088 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\The Offline installation program contains all the files you need.doc
[2009/04/28 18:54:56 | 00,046,702 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\EpicFail.jpg
[2009/04/28 16:43:11 | 16,438,680 | ---- | C] () -- C:\Users\Michael J. Smith\Desktop\jre-6u13-windows-i586-p-s.exe
[2009/04/26 22:24:34 | 00,000,000 | ---D | C] -- C:\Users\Michael J. Smith\AppData\Roaming\Opera
[2009/04/26 22:24:11 | 00,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2009/04/26 22:24:06 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/04/26 22:23:23 | 05,623,216 | ---- | C] (Opera Software ASA) -- C:\Users\Michael J. Smith\Desktop\Opera_964_en_Setup.exe
[2009/04/25 22:47:15 | 00,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/25 13:23:15 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/25 13:23:15 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/25 13:23:12 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/25 13:22:51 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/25 13:22:50 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/25 13:22:49 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/25 13:22:46 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/25 13:22:42 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/25 13:22:42 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/25 13:22:41 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/25 13:22:41 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/25 13:22:40 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/25 13:22:37 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/25 13:20:48 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/25 13:20:46 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/25 13:20:43 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/25 13:20:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/25 13:20:42 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/25 13:20:20 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/25 13:20:15 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/25 13:20:11 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/25 13:20:10 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/25 13:20:10 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/25 13:20:09 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/25 13:20:08 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/25 13:20:07 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/25 13:20:07 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/25 13:20:06 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/25 13:20:06 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/04/25 13:20:06 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/25 13:20:04 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/25 13:20:03 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/25 13:20:02 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/04/25 13:09:25 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2009/04/24 20:21:12 | 00,111,616 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Browserproblem.doc
[2009/04/24 18:53:16 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/04/24 18:53:13 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/04/24 18:42:27 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/24 18:37:32 | 00,028,884 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/04/24 18:37:32 | 00,028,884 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/04/24 18:22:29 | 00,000,000 | ---D | C] -- C:\Users\Michael J. Smith\AppData\Roaming\Malwarebytes
[2009/04/24 18:22:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/04/24 18:22:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/24 18:19:51 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/24 18:08:26 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/24 00:25:41 | 00,019,968 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\ThreatFire.doc
[2009/04/23 19:26:30 | 00,239,104 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\bookmarked websites.doc
[2009/04/21 00:55:05 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Monroe Doctrine.doc
[2009/04/20 21:26:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/04/20 20:55:13 | 00,025,600 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\John Coulton.doc
[2009/04/18 00:46:11 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Under the Cyclone.doc
[2009/04/17 11:05:14 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Your subscription ID is.doc
[2009/04/16 18:35:44 | 00,026,624 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Taxes before and after socialism.doc
[2009/04/14 00:36:49 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Note to teabaggers.doc
[2009/04/09 18:36:54 | 00,024,064 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\swamp gas reflecting off the bioluminescence of the reflection of Venus.doc
[2009/04/08 16:50:31 | 00,040,960 | ---- | C] () -- C:\Users\Michael J. Smith\Documents\Darren040809.doc
[2009/04/07 15:17:34 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/07 15:16:38 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/07 15:16:32 | 00,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/07 15:16:32 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/07 15:12:28 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/03/08 16:03:02 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/02/05 00:52:03 | 00,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/01/08 19:21:20 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 06:23:31 | 00,000,240 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 18:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== Files - Modified Within 30 Days ==========
[1 C:\Users\Michael J. Smith\Documents\*.tmp files]
[2009/05/05 20:16:26 | 00,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9C3D5ABF-0691-4630-900F-ACD2CCB448DD}.job
[2009/05/05 19:52:11 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/05/05 19:45:26 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/05 19:45:26 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/05 16:05:33 | 00,000,913 | ---- | M] () -- C:\Users\Michael J. Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/05 15:48:26 | 00,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2009/05/05 15:48:10 | 00,028,380 | ---- | M] () -- C:\Users\Michael J. Smith\AppData\Roaming\nvModes.001
[2009/05/05 15:45:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/05 15:45:26 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/05 15:45:21 | 32,195,78880 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/04 20:00:02 | 00,000,568 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Michael J. Smith.job
[2009/05/04 17:18:12 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/04 17:18:12 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/04 17:18:12 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/04 01:58:05 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\My hair keeps fallin.doc
[2009/05/04 01:54:40 | 00,002,609 | ---- | M] () -- C:\Users\Michael J. Smith\Desktop\Microsoft Office Word 2003.lnk
[2009/05/03 01:39:14 | 00,028,672 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Desmond is the Key to Everything.doc
[2009/05/03 01:00:15 | 00,033,280 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\The Wigs of Lost Hold All the Answers.doc
[2009/05/01 09:28:40 | 00,023,076 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\sugarbutt77-1.jpg
[2009/04/29 00:00:31 | 00,025,088 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\The Offline installation program contains all the files you need.doc
[2009/04/28 18:59:09 | 00,001,165 | -H-- | M] () -- C:\Users\Michael J. Smith\Documents\Picasa.ini
[2009/04/28 18:54:57 | 00,046,702 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\EpicFail.jpg
[2009/04/28 16:43:14 | 16,438,680 | ---- | M] () -- C:\Users\Michael J. Smith\Desktop\jre-6u13-windows-i586-p-s.exe
[2009/04/26 23:01:12 | 00,096,256 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\band cd covers.doc
[2009/04/26 22:24:11 | 00,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2009/04/26 22:23:24 | 05,623,216 | ---- | M] (Opera Software ASA) -- C:\Users\Michael J. Smith\Desktop\Opera_964_en_Setup.exe
[2009/04/25 22:47:15 | 00,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/25 15:12:05 | 00,000,240 | ---- | M] () -- C:\Windows\win.ini
[2009/04/25 12:41:55 | 00,028,884 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/04/25 12:41:35 | 00,028,884 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/04/25 00:28:54 | 00,111,616 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Browserproblem.doc
[2009/04/24 00:25:41 | 00,019,968 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\ThreatFire.doc
[2009/04/23 23:36:18 | 00,239,104 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\bookmarked websites.doc
[2009/04/22 01:34:10 | 00,025,600 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\John Coulton.doc
[2009/04/21 00:55:05 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Monroe Doctrine.doc
[2009/04/18 00:46:12 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Under the Cyclone.doc
[2009/04/17 11:39:09 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Your subscription ID is.doc
[2009/04/16 21:04:26 | 00,026,624 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Taxes before and after socialism.doc
[2009/04/16 01:06:29 | 00,013,485 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\facebookmusic.docx
[2009/04/15 19:44:39 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Bands.doc
[2009/04/14 00:36:49 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Note to teabaggers.doc
[2009/04/09 18:37:42 | 00,024,064 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\swamp gas reflecting off the bioluminescence of the reflection of Venus.doc
[2009/04/08 16:50:32 | 00,040,960 | ---- | M] () -- C:\Users\Michael J. Smith\Documents\Darren040809.doc
[2009/04/07 15:17:34 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/07 15:02:50 | 00,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1CA73D29
< End of report >
Rooter:
Microsoft Windows Vista Home Edition (6.0.6001) Service Pack 1
C:\ [Fixed] - NTFS - (Total:226172 Mo/Free:1044 Mo)
D:\ [Fixed] - NTFS - (Total:12299 Mo/Free:1941 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:4 Mo/Free:0 Mo)
G:\ [Removable] (Total:1901 Mo/Free:68 Mo)
Tue 05/05/2009|19:57
----------------------\\ Processes..
--Locked-- [System Process]
--Locked-- System
---------- \SystemRoot\System32\smss.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\wininit.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\services.exe
---------- C:\Windows\system32\lsass.exe
---------- C:\Windows\system32\lsm.exe
---------- C:\Windows\system32\winlogon.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\svchost.exe
--Locked-- audiodg.exe
---------- C:\Windows\system32\SLsvc.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\Windows\System32\spoolsv.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
---------- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
---------- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\ThreatFire\TFService.exe
---------- C:\Program Files\Viewpoint\Common\ViewpointService.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\SearchIndexer.exe
---------- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
---------- C:\Windows\system32\WUDFHost.exe
---------- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Windows\system32\Dwm.exe
---------- C:\Windows\Explorer.EXE
---------- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
---------- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
---------- C:\Windows\RtHDVCpl.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
---------- C:\Program Files\HP\QuickPlay\QPService.exe
---------- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
---------- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
---------- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
---------- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
---------- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
---------- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
---------- C:\Program Files\ThreatFire\TFTray.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Windows Sidebar\sidebar.exe
---------- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
---------- C:\Windows\ehome\ehtray.exe
---------- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\Windows Media Player\wmpnscfg.exe
---------- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
---------- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
---------- C:\Windows\System32\rundll32.exe
---------- C:\Windows\ehome\ehmsas.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
---------- C:\Windows\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Windows\system32\SearchProtocolHost.exe
---------- C:\Windows\system32\SearchFilterHost.exe
---------- C:\Windows\system32\DllHost.exe
---------- C:\Windows\system32\DllHost.exe
---------- C:\Windows\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - Fri 04/24/2009|18:42
2 - "C:\Rooter$\Rooter_2.txt" - Tue 05/05/2009|19:58
----------------------\\ Scan completed a