Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I cannot access any websites related to security software (I.e. Norton

Started by Tator , May 16 2009 01:31 PM

  • Please log in to reply

#1
Tator
Posted 16 May 2009 - 01:31 PM

Tator

    Member

  • Member
  • PipPip
  • 10 posts
Hi. Last Monday i restored my pc back to its out of box state. I then began loading all my files and programs back on to the computer. When Norton had finished installing, it kept telling me that it could not connect to the symantec server. Further, i found out that i am unable to connect to any site that is related to security software. After running the scans advised by "geeks to go" i noticed that my security center had been disabled. I was able to enable the security center, but i still am unable to access security related websites. Every time i do, i get the following message. Please Help

File Not Found

Firefox can't find the file at jar:file:///C:/Program Files/Mozilla Firefox/chrome/en-US.jar!/locale/browser-region/region.propertieswww.symantec.com.

* Could the item have been renamed, removed, or relocated?
* Is there a spelling, capitalization, or other typographical error in the address?
* Do you have sufficient access permissions to the requested item?



Here are all the requested logs


OTListIt logfile created on: 5/16/2009 12:22:49 PM - Run 6
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Joshua Baker\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.37 Mb Total Physical Memory | 310.05 Mb Available Physical Memory | 30.57% Memory free
2.38 Gb Paging File | 1.59 Gb Available in Paging File | 66.59% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.83 Gb Total Space | 57.93 Gb Free Space | 85.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BOB
Current User Name: Joshua Baker
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2006/05/01 08:20:52 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/05/01 08:22:42 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/05/01 08:34:00 | 00,262,217 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
PRC - [2005/12/15 11:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 12:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2009/05/11 17:28:24 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/05/11 16:51:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2006/08/03 17:50:46 | 00,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
PRC - [2006/05/01 08:20:26 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2009/01/07 13:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/01/21 14:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/05/11 17:04:21 | 01,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2005/08/05 12:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/08/10 04:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004/08/10 04:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/09/29 13:01:14 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005/12/13 22:45:00 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2006/05/01 08:28:06 | 00,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
PRC - [2005/12/13 22:41:00 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2006/05/01 08:28:26 | 00,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
PRC - [2006/03/24 22:30:44 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/08/03 17:51:42 | 01,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/03/08 17:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2004/12/06 00:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2004/07/27 15:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2006/08/22 14:32:18 | 00,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2009/05/11 16:51:27 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/12/08 14:33:48 | 01,173,384 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2006/07/16 20:29:54 | 00,389,120 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2003/10/29 01:06:00 | 00,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2006/05/24 09:58:32 | 00,761,856 | ---- | M] (CodeFromThe70s.org) -- C:\Program Files\DesktopEarth\DesktopEarth.exe
PRC - [2006/05/01 08:26:14 | 00,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/08/05 12:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehmsas.exe
PRC - [2004/08/10 04:00:00 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
PRC - [2009/04/23 21:38:11 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/04/06 15:32:44 | 01,277,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/05/15 14:29:45 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joshua Baker\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2004/07/15 00:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/12/15 11:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 12:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2006/05/01 08:20:52 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2009/05/11 17:28:24 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9d298a01c57a6 [Auto | Stopped])
SRV - [2009/05/11 17:22:50 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2004/08/10 04:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/05/11 16:51:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2005/08/05 12:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2004/08/10 03:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
SRV - [2006/08/03 17:50:46 | 00,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe -- (NICCONFIGSVC [Auto | Running])
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2004/08/10 04:00:00 | 01,081,344 | RHS- | M] () -- C:\WINDOWS\system32\yqlkimck.dll -- (pqctwu [Auto | Stopped])
SRV - [2006/05/01 08:20:26 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2006/05/01 08:22:42 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2009/01/07 13:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2009/01/21 14:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2009/05/11 17:04:21 | 01,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Auto | Running])
SRV - [2005/04/20 10:32:12 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
SRV - [2006/05/01 08:34:00 | 00,262,217 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- (WLANKEEPER [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2006/11/13 11:03:25 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2001/08/17 12:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Disabled | Stopped])
DRV - [2004/08/03 22:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
DRV - [2005/08/12 16:50:46 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV [System | Running])
DRV - [2001/08/17 12:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
DRV - [2001/08/17 12:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
DRV - [2006/08/25 06:23:08 | 00,044,544 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
DRV - [2001/08/17 12:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
DRV - [2001/08/17 12:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
DRV - [2004/12/01 02:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2004/11/23 01:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
DRV - [2006/01/10 11:07:58 | 00,004,864 | ---- | M] (GTek Technologies Ltd.) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct [On_Demand | Stopped])
DRV - [2001/08/17 11:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2004/08/12 16:45:54 | 00,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2005/07/22 02:01:08 | 00,201,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2005/07/22 02:02:12 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2005/12/13 23:09:34 | 01,364,574 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2004/03/17 02:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2001/08/17 12:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
DRV - [2004/08/03 21:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004/02/13 15:46:00 | 00,017,153 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\DRIVERS\omci.sys -- (omci [System | Running])
DRV - [2009/03/06 16:45:06 | 00,130,424 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore [Boot | Running])
DRV - [2004/08/10 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005/01/26 01:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/17 12:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
DRV - [2001/08/17 12:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
DRV - [2001/08/17 12:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
DRV - [2005/10/14 14:40:18 | 00,028,544 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys -- (rimmptsk [On_Demand | Running])
DRV - [2005/10/14 14:40:18 | 00,051,328 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys -- (rimsptsk [On_Demand | Running])
DRV - [2005/10/14 14:40:18 | 00,307,968 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys -- (rismxdp [On_Demand | Running])
DRV - [2006/05/01 08:52:02 | 00,013,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2004/08/10 04:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/08/03 22:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
DRV - [2001/08/17 13:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
DRV - [2004/07/14 10:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
DRV - [2004/07/14 10:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [System | Running])
DRV - [2006/03/24 22:34:30 | 01,156,648 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
DRV - [2001/08/17 13:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/17 13:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2006/11/13 11:16:22 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])
DRV - [2001/08/17 13:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/17 13:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2006/03/08 17:35:10 | 00,191,872 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2004/12/06 00:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,086,586 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
DRV - [2001/08/17 12:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
DRV - [2006/04/26 22:13:04 | 01,429,632 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys -- (w39n51 [On_Demand | Running])
DRV - [2005/07/22 02:01:00 | 00,717,952 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061113
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061113

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...amp;ibd=3061113
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.searchEnginesURL: "http://searchplugins...peersbros.com/"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://login.yahoo....o.com&.intl=us"
FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.19.1
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.10
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.84
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.10
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.2.3
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.8
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.9
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {dd7515c0-0820-4234-806b-74197fa5955c}:0.9.1
FF - prefs.js..extensions.enabledItems: {41a40cb1-aa9e-47c6-a207-66b9f5875870}:0.3.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.0.3
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:0.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/05/11 16:51:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/05/11 17:32:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/15 15:32:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/14 12:08:45 | 00,000,000 | ---D | M]

[2009/05/11 14:57:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Extensions
[2009/05/11 14:57:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/16 11:52:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions
[2009/05/11 17:59:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/05/13 13:13:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/05/11 17:38:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009/05/11 19:09:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2009/05/13 12:18:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2009/05/13 13:13:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2009/05/11 17:38:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{41a40cb1-aa9e-47c6-a207-66b9f5875870}
[2009/05/12 22:00:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2009/05/11 17:54:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/05/13 12:35:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2009/05/13 13:14:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2009/05/11 17:38:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/05/11 16:51:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{dd7515c0-0820-4234-806b-74197fa5955c}
[2009/05/11 15:25:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/05/11 17:28:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/05/11 17:59:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\[email protected]
[2009/05/14 00:53:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\[email protected]
[2009/05/12 16:09:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joshua Baker\Application Data\mozilla\Firefox\Profiles\hrs5rteb.default\extensions\[email protected]
[2009/05/11 16:48:36 | 00,000,931 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Application Data\Mozilla\FireFox\Profiles\hrs5rteb.default\searchplugins\dictionary.xml
[2009/05/11 17:51:55 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Application Data\Mozilla\FireFox\Profiles\hrs5rteb.default\searchplugins\facebook.xml
[2009/05/11 17:52:13 | 00,002,431 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Application Data\Mozilla\FireFox\Profiles\hrs5rteb.default\searchplugins\youtube.xml
[2009/05/16 11:52:00 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/14 12:08:45 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/11 14:45:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/05/11 14:45:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/23 21:38:30 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/23 21:38:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/31 22:47:26 | 00,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2009/04/23 17:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 17:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 17:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 17:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 17:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 17:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 17:39:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll (Ask.com)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (Gteko Ltd.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\Joshua Baker\Start Menu\Programs\Startup\DesktopEarth AutoStart.lnk = C:\Documents and Settings\Joshua Baker\Application Data\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 03:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\setup.exe -- [2004/08/10 04:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/16 12:22:26 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/05/15 15:09:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/05/15 14:29:44 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Joshua Baker\Desktop\OTListIt2.exe
[2009/05/15 14:18:32 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/15 14:18:23 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Rooter.exe
[2009/05/15 14:12:30 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\NTREGOPT.lnk
[2009/05/15 14:12:30 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\ERUNT.lnk
[2009/05/15 14:12:30 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/15 13:47:58 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/05/15 13:29:23 | 00,000,209 | ---- | C] () -- C:\Boot.bak
[2009/05/15 13:29:19 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/05/15 13:29:17 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/15 13:26:23 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/05/15 13:26:23 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/05/15 13:26:23 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/05/15 13:26:23 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/05/15 13:26:23 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/05/15 13:26:23 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/05/15 13:26:23 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/05/15 13:26:23 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/05/15 13:26:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/15 13:25:57 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/14 12:08:48 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/14 11:47:57 | 00,005,115 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2009/05/14 00:55:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Move Networks
[2009/05/13 13:38:19 | 00,002,509 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Microsoft Office Word.lnk
[2009/05/13 13:38:11 | 00,002,495 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Microsoft Office Excel.lnk
[2009/05/13 11:53:20 | 00,000,526 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Cactus.lnk
[2009/05/13 00:00:25 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/05/13 00:00:25 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/05/12 22:50:54 | 00,000,000 | ---D | C] -- C:\Program Files\PeerGuardian2
[2009/05/12 16:09:58 | 00,001,271 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Launch Cooliris.lnk
[2009/05/12 13:40:26 | 00,000,241 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Add or Remove Programs.lnk
[2009/05/12 12:51:03 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/05/11 20:36:31 | 00,193,250 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\My Documents\cc_20090511_203627.reg
[2009/05/11 19:03:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/05/11 19:00:31 | 00,002,401 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Start Menu\Programs\Startup\DesktopEarth AutoStart.lnk
[2009/05/11 19:00:30 | 00,000,000 | ---D | C] -- C:\Program Files\DesktopEarth
[2009/05/11 17:37:19 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/05/11 17:37:06 | 00,130,424 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/05/11 17:37:06 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/05/11 17:36:56 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/05/11 17:36:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/05/11 17:36:45 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/05/11 17:36:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\PC Tools
[2009/05/11 17:36:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/11 17:36:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/05/11 17:32:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/05/11 17:32:17 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/05/11 17:31:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Real
[2009/05/11 17:29:36 | 00,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/05/11 17:28:52 | 00,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/11 17:22:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2009/05/11 17:22:51 | 00,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/11 17:22:30 | 01,075,760 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Google Updater.exe
[2009/05/11 17:19:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\FrostWire
[2009/05/11 17:18:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\FrostWire
[2009/05/11 17:18:49 | 00,001,659 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\MediaDirect.lnk
[2009/05/11 17:17:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/05/11 17:17:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/05/11 17:16:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/05/11 17:16:41 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/05/11 16:56:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Macromedia
[2009/05/11 16:56:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Adobe
[2009/05/11 16:45:00 | 00,004,128 | ---- | C] () -- C:\INFCACHE.1
[2009/05/11 15:44:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/05/11 15:43:02 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/05/11 15:36:45 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/05/11 15:36:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/05/11 15:27:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Sun
[2009/05/11 15:25:03 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/05/11 15:21:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Malwarebytes
[2009/05/11 15:21:07 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/11 15:21:06 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/11 15:21:03 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/11 15:20:59 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/11 15:20:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/11 15:19:55 | 00,000,618 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Eraser.lnk
[2009/05/11 15:19:18 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/11 15:16:38 | 00,086,016 | ---- | C] (-) -- C:\WINDOWS\System32\Erasext.dll
[2009/05/11 15:16:37 | 00,311,296 | ---- | C] (-) -- C:\WINDOWS\System32\Eraser.dll
[2009/05/11 15:16:37 | 00,077,824 | ---- | C] (-) -- C:\WINDOWS\System32\Eraserl.exe
[2009/05/11 15:16:36 | 00,000,000 | ---D | C] -- C:\Program Files\Eraser
[2009/05/11 15:06:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/05/11 15:05:19 | 00,000,000 | ---D | C] -- C:\Program Files\Recuva
[2009/05/11 15:04:50 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\CCleaner.lnk
[2009/05/11 15:04:49 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/05/11 14:57:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Mozilla
[2009/05/11 14:53:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/05/11 14:47:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Workout Tracker
[2009/05/11 14:47:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Word Documents
[2009/05/11 14:46:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Resume
[2009/05/11 14:46:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Business Spreadsheets
[2009/05/11 14:46:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Budget
[2009/05/11 14:45:10 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/05/11 14:43:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Undergraduate Degree
[2009/05/11 14:42:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Taxes
[2009/05/11 14:39:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\U3
[2009/05/11 14:39:05 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/05/11 14:39:05 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/05/11 14:35:11 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/05/11 14:34:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/05/11 14:33:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\Symantec
[2009/05/11 14:31:43 | 00,000,786 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Windows Media Player.lnk
[2009/05/11 14:31:27 | 00,001,298 | ---- | C] () -- C:\Documents and Settings\Joshua Baker\Desktop\Media Center.lnk
[2009/05/11 14:31:27 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Joshua Baker\Application Data\desktop.ini
[2009/05/11 14:31:26 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Joshua Baker\Start Menu\Programs\Startup\desktop.ini
[2009/05/11 14:31:26 | 00,000,083 | -HS- | C] () -- C:\Documents and Settings\Joshua Baker\My Documents\desktop.ini
[2009/05/11 14:31:26 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Joshua Baker\Local Settings\desktop.ini
[2009/05/11 14:31:25 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Joshua Baker\Local Settings\Temporary Internet Files
[2009/05/11 14:31:25 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Joshua Baker\Local Settings\History
[2009/05/11 14:31:25 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Microsoft
[2009/05/11 14:31:25 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\My Videos
[2009/05/11 14:31:25 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\My Pictures
[2009/05/11 14:31:25 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Joshua Baker\My Documents\My Music
[2009/05/11 14:31:25 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Joshua Baker\Local Settings\Application Data
[2009/05/11 14:31:25 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Gtek
[2009/05/11 14:31:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Local Settings\Temp
[2009/05/11 14:31:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Symantec
[2009/05/11 14:31:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Intel
[2009/05/11 14:31:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joshua Baker\Application Data\Identities
[2009/05/11 14:21:30 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2006/11/13 11:30:57 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/13 11:13:54 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/11/13 11:10:23 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/13 10:38:54 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/11/13 10:38:30 | 00,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 03:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 03:18:43 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/16 03:18:41 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/16 03:18:35 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2005/08/16 03:18:21 | 01,081,344 | RHS- | C] () -- C:\WINDOWS\System32\yqlkimck.dll
[2005/08/16 03:18:19 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005/08/05 13:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 16:04:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/05/16 11:42:37 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/15 15:42:03 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/15 15:42:03 | 00,382,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/15 15:42:03 | 00,053,838 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/15 15:38:16 | 00,002,401 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Start Menu\Programs\Startup\DesktopEarth AutoStart.lnk
[2009/05/15 15:38:08 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/15 15:38:03 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Joshua Baker\Local Settings\desktop.ini
[2009/05/15 15:37:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/15 15:37:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/15 15:37:54 | 10,637,14816 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/15 14:29:45 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joshua Baker\Desktop\OTListIt2.exe
[2009/05/15 14:18:23 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Rooter.exe
[2009/05/15 14:12:30 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\NTREGOPT.lnk
[2009/05/15 14:12:30 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\ERUNT.lnk
[2009/05/15 13:32:36 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/15 13:29:23 | 00,000,279 | RHS- | M] () -- C:\boot.ini
[2009/05/14 17:50:08 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/05/14 12:08:48 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/14 11:47:57 | 00,005,115 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2009/05/13 13:39:04 | 00,002,495 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Microsoft Office Excel.lnk
[2009/05/13 13:38:19 | 00,002,509 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Microsoft Office Word.lnk
[2009/05/13 11:53:20 | 00,000,526 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Cactus.lnk
[2009/05/13 00:00:25 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/05/13 00:00:25 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/05/12 23:34:04 | 00,130,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/12 23:15:11 | 00,000,786 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Windows Media Player.lnk
[2009/05/12 16:09:58 | 00,001,271 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Launch Cooliris.lnk
[2009/05/12 13:40:26 | 00,000,241 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Add or Remove Programs.lnk
[2009/05/12 13:33:44 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/05/11 20:42:27 | 00,193,250 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\My Documents\cc_20090511_203627.reg
[2009/05/11 17:32:17 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/05/11 17:31:57 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009/05/11 17:31:57 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/05/11 17:29:36 | 00,001,836 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/05/11 17:22:34 | 01,075,760 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Google Updater.exe
[2009/05/11 17:18:49 | 00,001,659 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\MediaDirect.lnk
[2009/05/11 16:49:29 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/11 16:45:00 | 00,004,128 | ---- | M] () -- C:\INFCACHE.1
[2009/05/11 15:21:07 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/11 15:19:55 | 00,000,618 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\Eraser.lnk
[2009/05/11 15:04:50 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Joshua Baker\Desktop\CCleaner.lnk
[2009/05/11 14:35:38 | 00,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/11 14:35:11 | 00,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2009/05/11 14:31:48 | 00,000,083 | -HS- | M] () -- C:\Documents and Settings\Joshua Baker\My Documents\desktop.ini
[2009/05/11 14:31:13 | 00,000,448 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/05/11 14:31:06 | 00,000,209 | ---- | M] () -- C:\Boot.bak
[2009/05/11 14:21:30 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >


Malwarebytes

Malwarebytes' Anti-Malware 1.36
Database version: 2112
Windows 5.1.2600 Service Pack 2

5/16/2009 12:27:43 PM
mbam-log-2009-05-16 (12-27-43).txt

Scan type: Quick Scan
Objects scanned: 80769
Time elapsed: 3 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Rooter


Microsoft Windows XP Professional (5.1.2600) Service Pack 2

C:\ [Fixed] - NTFS - (Total:69460 Mo/Free:1974 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Sat 05/16/2009|12:28

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
---------- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
---------- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\eHome\ehRecvr.exe
---------- C:\WINDOWS\eHome\ehSched.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
---------- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
---------- C:\Program Files\Spyware Doctor\pctsAuxs.exe
---------- C:\Program Files\Spyware Doctor\pctsSvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
---------- C:\WINDOWS\ehome\mcrdsvc.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\ehome\ehtray.exe
---------- C:\WINDOWS\system32\igfxpers.exe
---------- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
---------- C:\WINDOWS\system32\igfxsrvc.exe
---------- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
---------- C:\WINDOWS\stsystra.exe
---------- C:\Program Files\Dell\QuickSet\quickset.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- C:\WINDOWS\system32\dla\tfswctrl.exe
---------- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
---------- C:\Program Files\Dell\MediaDirect\PCMService.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Spyware Doctor\pctsTray.exe
---------- C:\Program Files\Dell Support\DSAgnt.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\Program Files\DesktopEarth\DesktopEarth.exe
---------- C:\WINDOWS\system32\dllhost.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
---------- C:\WINDOWS\eHome\ehmsas.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Documents and Settings\Joshua Baker\Desktop\OTListIt2.exe
---------- C:\WINDOWS\notepad.exe
---------- C:\WINDOWS\system32\NOTEPAD.EXE
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Fri 05/15/2009|14:18
2 - "C:\Rooter$\Rooter_2.txt" - Fri 05/15/2009|14:22
3 - "C:\Rooter$\Rooter_3.txt" - Fri 05/15/2009|14:46
4 - "C:\Rooter$\Rooter_4.txt" - Fri 05/15/2009|16:16
5 - "C:\Rooter$\Rooter_5.txt" - Sat 05/16/2009|12:29

----------------------\\ Scan completed at 12:29
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP