Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Update Being Redirected To Msn.com


  • Please log in to reply
1 reply to this topic

#1 Jadeskye

Jadeskye

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 18 June 2008 - 06:53 PM

Hi I am hoping you can help me. I am trying to clean up my Nana computer. It has AntiVirus 2008 I did get that removed (I think). Now the problem is windows update redirects to msn.com. I have tried everything to clean this up. I have read alot of the tips posted here but nothing seems to have worked. I know there is not an anti virus program install but I am going to install one after we get this fixed.

Also there is alot of preinstalled software that is not needed and just slows this computer down in the startup. Can you also help me determine what is needed and not...

Thanks so much in advance!!!

Jade

Deckard's System Scanner v20071014.68
Run by brenda huddleston on 2008-06-18 19:08:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
27: 2008-06-19 00:08:30 UTC - RP182 - Deckard's System Scanner Restore Point
26: 2008-06-18 04:20:28 UTC - RP181 - Installed SUPERAntiSpyware Free Edition
25: 2008-06-18 04:07:49 UTC - RP180 - Installed Java™ 6 Update 6
24: 2008-06-18 04:01:43 UTC - RP179 - Removed J2SE Runtime Environment 5.0 Update 4
23: 2008-06-17 06:05:09 UTC - RP178 - Microsoft OneCare Protection Checkpoint


-- First Restore Point --
1: 2008-05-20 01:45:26 UTC - RP156 - Removed Metamail


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as brenda huddleston.exe) -----------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:10:00 PM, on 6/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\UTStarcom\Sprint\Sprint PCS Connection Manager\PnCUtilityService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Documents and Settings\brenda huddleston\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\brenda huddleston.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv2.view22.com/view22/app/view22rte.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4758F04-C095-4765-85FE-D33F9DFE0A0E}: NameServer = 85.255.116.91,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD8D4F5B-AEE0-4001-9D2B-992EFD9EC317}: NameServer = 85.255.116.91,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA82D747-B8D6-48B8-9FFA-19366384F191}: NameServer = 85.255.116.91,85.255.112.234
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.91 85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.91 85.255.112.234
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Pantech&Curitel Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\UTStarcom\Sprint\Sprint PCS Connection Manager\PnCUtilityService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 9436 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080617-225229-283 O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
backup-20080617-225229-357 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
backup-20080617-225229-585 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
backup-20080617-225229-614 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080617-225229-617 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
backup-20080617-225229-795 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
backup-20080617-225229-806 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20080617-225229-884 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20080617-225229-981 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsubleepa Electric Industrial Co.,Ltd.; >
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.9.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.9.0>
R2 MCSTRM - c:\windows\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 TVALD (Toshiba Mobile PC Service) - c:\windows\system32\drivers\nbsmi.sys <Not Verified; Toshiba Corporation; Toshiba Notebook PC SMI Service>
R3 Tvs (TOSHIBA Virtual Sound with SRS technologies) - c:\windows\system32\drivers\tvs.sys <Not Verified; TOSHIBA Corporation; Audio Filter>

S2 WinDriver - c:\windows\system32\drivers\windrvr.sys (file missing)
S3 LMouKE (Logitech SetPoint Mouse Filter Driver) - c:\windows\system32\drivers\lmouke.sys (file missing)
S3 tosrfec (Bluetooth ACPI from TOSHIBA) - c:\windows\system32\drivers\tosrfec.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth EC Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 bmwebcfg (Bytemobile Web Configurator) - "c:\windows\system32\bmwebcfg.exe" <Not Verified; Bytemobile, Inc.; Bytemobile Optimization Client>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree™>
R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsubleepa Electric Industrial Co., Ltd.; >
R2 Pantech&Curitel Utility Service - c:\program files\utstarcom\sprint\sprint pcs connection manager\pncutilityservice.exe <Not Verified; Sprint Spectrum, L.L.C; Sprint PCS Connection Manager>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe
R2 TAPPSRV (TOSHIBA Application Service) - "c:\program files\toshiba\toshiba applet\tappsrv.exe" <Not Verified; TOSHIBA Corp.; TOSHIBA TAPPSRV>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\D14FE2E080DA0
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\D14FE2E080DA0
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2008-06-16 23:35:19 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job


-- Files created between 2008-05-18 and 2008-06-18 -----------------------------

2008-06-17 23:38:09 0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-17 23:38:04 0 d-------- C:\temp
2008-06-17 23:20:34 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-17 23:20:28 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-17 23:20:28 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\SUPERAntiSpyware.com
2008-06-17 23:20:14 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-17 23:08:34 0 d-------- C:\Program Files\Common Files\Java
2008-06-17 21:18:47 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Sun
2008-06-17 00:38:10 0 d-------- C:\Program Files\Trend Micro
2008-06-17 00:08:16 73692502 --a------ C:\registrybackup.reg
2008-06-16 23:55:02 0 d-------- C:\WINDOWS\system32\bits
2008-06-16 23:42:53 0 d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-06-16 23:32:13 0 d-------- C:\Program Files\Windows Defender
2008-06-16 23:31:14 0 d-------- C:\downloads
2008-06-16 19:35:36 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Malwarebytes
2008-06-16 19:35:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-16 19:35:33 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-16 19:35:22 0 d-------- C:\Program Files\Common Files\Download Manager
2008-06-16 18:54:01 0 d-------- C:\Program Files\Common Files\Scanner
2008-06-16 18:53:58 0 d-------- C:\Program Files\CA Yahoo! Anti-Spy
2008-06-16 18:48:51 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\MSNInstaller
2008-06-16 10:47:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\Macromedia
2008-06-16 10:42:49 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\Yahoo!
2008-06-16 10:42:48 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\Google
2008-06-16 10:42:38 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\Real
2008-06-16 10:42:22 0 dr------- C:\Documents and Settings\Tristan Giaretta\Favorites
2008-06-16 10:42:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Desktop
2008-06-16 10:42:22 0 d---s---- C:\Documents and Settings\Tristan Giaretta\Cookies
2008-06-16 10:42:22 0 dr-h----- C:\Documents and Settings\Tristan Giaretta\Application Data
2008-06-16 10:42:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\You've Got Pictures Screensaver
2008-06-16 10:42:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\toshiba
2008-06-16 10:42:22 0 d---s---- C:\Documents and Settings\Tristan Giaretta\Application Data\Microsoft
2008-06-16 10:42:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\Intel
2008-06-16 10:42:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\Identities
2008-06-16 10:42:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\AOL
2008-06-16 10:42:22 0 d-------- C:\Documents and Settings\Tristan Giaretta\Application Data\Adobe
2008-06-16 10:42:21 0 d-------- C:\Documents and Settings\Tristan Giaretta\WINDOWS
2008-06-16 10:42:21 0 d--h----- C:\Documents and Settings\Tristan Giaretta\Templates
2008-06-16 10:42:21 0 dr------- C:\Documents and Settings\Tristan Giaretta\Start Menu
2008-06-16 10:42:21 0 dr-h----- C:\Documents and Settings\Tristan Giaretta\SendTo
2008-06-16 10:42:21 0 dr-h----- C:\Documents and Settings\Tristan Giaretta\Recent
2008-06-16 10:42:21 0 d--h----- C:\Documents and Settings\Tristan Giaretta\PrintHood
2008-06-16 10:42:21 2097152 --ah----- C:\Documents and Settings\Tristan Giaretta\NTUSER.DAT
2008-06-16 10:42:21 0 d--h----- C:\Documents and Settings\Tristan Giaretta\NetHood
2008-06-16 10:42:21 0 dr------- C:\Documents and Settings\Tristan Giaretta\My Documents
2008-06-16 10:42:21 0 d--h----- C:\Documents and Settings\Tristan Giaretta\Local Settings
2008-06-16 10:06:02 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\Macromedia
2008-06-16 10:02:24 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\Yahoo!
2008-06-16 10:02:23 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\Google
2008-06-16 10:00:45 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\Real
2008-06-16 10:00:17 0 dr------- C:\Documents and Settings\JARED GIARETTA\Favorites
2008-06-16 10:00:17 0 d-------- C:\Documents and Settings\JARED GIARETTA\Desktop
2008-06-16 10:00:17 0 d---s---- C:\Documents and Settings\JARED GIARETTA\Cookies
2008-06-16 10:00:17 0 dr-h----- C:\Documents and Settings\JARED GIARETTA\Application Data
2008-06-16 10:00:17 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\You've Got Pictures Screensaver
2008-06-16 10:00:17 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\toshiba
2008-06-16 10:00:17 0 d---s---- C:\Documents and Settings\JARED GIARETTA\Application Data\Microsoft
2008-06-16 10:00:17 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\Intel
2008-06-16 10:00:17 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\Identities
2008-06-16 10:00:17 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\AOL
2008-06-16 10:00:17 0 d-------- C:\Documents and Settings\JARED GIARETTA\Application Data\Adobe
2008-06-16 10:00:16 0 d-------- C:\Documents and Settings\JARED GIARETTA\WINDOWS
2008-06-16 10:00:16 0 d--h----- C:\Documents and Settings\JARED GIARETTA\Templates
2008-06-16 10:00:16 0 dr------- C:\Documents and Settings\JARED GIARETTA\Start Menu
2008-06-16 10:00:16 0 dr-h----- C:\Documents and Settings\JARED GIARETTA\SendTo
2008-06-16 10:00:16 0 dr-h----- C:\Documents and Settings\JARED GIARETTA\Recent
2008-06-16 10:00:16 0 d--h----- C:\Documents and Settings\JARED GIARETTA\PrintHood
2008-06-16 10:00:16 2097152 --ah----- C:\Documents and Settings\JARED GIARETTA\NTUSER.DAT
2008-06-16 10:00:16 0 d--h----- C:\Documents and Settings\JARED GIARETTA\NetHood
2008-06-16 10:00:16 0 dr------- C:\Documents and Settings\JARED GIARETTA\My Documents
2008-06-16 10:00:16 0 d--h----- C:\Documents and Settings\JARED GIARETTA\Local Settings
2008-06-15 18:38:09 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Bytemobile
2008-06-15 15:25:59 0 d---s---- C:\Documents and Settings\Katie Huddleston\UserData
2008-06-15 13:34:28 401920 --a------ C:\WINDOWS\system32\ltkrn80n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-06-15 13:34:28 87552 --a------ C:\WINDOWS\system32\ltimg80n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-06-15 13:34:28 58368 --a------ C:\WINDOWS\system32\ltfil80n.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-06-15 13:34:28 218112 --a------ C:\WINDOWS\system32\LFCMP80n.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-06-15 13:34:27 26112 --a------ C:\WINDOWS\system32\lfbmp80n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-06-15 13:34:27 0 d-------- C:\Digital Camera
2008-06-14 21:42:08 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\WildTangent
2008-06-14 19:56:23 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\MySpace
2008-06-14 16:43:19 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Macromedia
2008-06-14 16:41:27 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Yahoo!
2008-06-14 16:41:26 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Google
2008-06-14 16:41:00 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Real
2008-06-14 16:40:39 0 dr------- C:\Documents and Settings\Katie Huddleston\Favorites
2008-06-14 16:40:39 0 d-------- C:\Documents and Settings\Katie Huddleston\Desktop
2008-06-14 16:40:39 0 d---s---- C:\Documents and Settings\Katie Huddleston\Cookies
2008-06-14 16:40:39 0 dr-h----- C:\Documents and Settings\Katie Huddleston\Application Data
2008-06-14 16:40:39 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\You've Got Pictures Screensaver
2008-06-14 16:40:39 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\toshiba
2008-06-14 16:40:39 0 d---s---- C:\Documents and Settings\Katie Huddleston\Application Data\Microsoft
2008-06-14 16:40:39 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Intel
2008-06-14 16:40:39 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Identities
2008-06-14 16:40:39 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\AOL
2008-06-14 16:40:39 0 d-------- C:\Documents and Settings\Katie Huddleston\Application Data\Adobe
2008-06-14 16:40:38 0 d-------- C:\Documents and Settings\Katie Huddleston\WINDOWS
2008-06-14 16:40:38 0 d--h----- C:\Documents and Settings\Katie Huddleston\Templates
2008-06-14 16:40:38 0 dr------- C:\Documents and Settings\Katie Huddleston\Start Menu
2008-06-14 16:40:38 0 dr-h----- C:\Documents and Settings\Katie Huddleston\SendTo
2008-06-14 16:40:38 0 dr-h----- C:\Documents and Settings\Katie Huddleston\Recent
2008-06-14 16:40:38 0 d--h----- C:\Documents and Settings\Katie Huddleston\PrintHood
2008-06-14 16:40:38 2097152 --ah----- C:\Documents and Settings\Katie Huddleston\NTUSER.DAT
2008-06-14 16:40:38 0 d--h----- C:\Documents and Settings\Katie Huddleston\NetHood
2008-06-14 16:40:38 0 dr------- C:\Documents and Settings\Katie Huddleston\My Documents
2008-06-14 16:40:38 0 d--h----- C:\Documents and Settings\Katie Huddleston\Local Settings
2008-06-12 13:50:37 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\SBTT
2008-06-12 13:39:48 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\WildTangent
2008-06-12 13:08:37 0 d-------- C:\Documents and Settings\All Users\Application Data\WildTangent
2008-06-12 01:10:47 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Macromedia
2008-06-11 11:35:34 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Help
2008-06-08 20:57:36 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Macromedia
2008-06-08 20:30:18 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Yahoo!
2008-06-08 20:30:17 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Google
2008-06-08 20:28:08 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Bytemobile
2008-06-08 20:28:01 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Real
2008-06-08 20:27:37 0 dr------- C:\Documents and Settings\Jennifer Ewton\Favorites
2008-06-08 20:27:37 0 d-------- C:\Documents and Settings\Jennifer Ewton\Desktop
2008-06-08 20:27:37 0 d---s---- C:\Documents and Settings\Jennifer Ewton\Cookies
2008-06-08 20:27:37 0 dr-h----- C:\Documents and Settings\Jennifer Ewton\Application Data
2008-06-08 20:27:37 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\You've Got Pictures Screensaver
2008-06-08 20:27:37 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\toshiba
2008-06-08 20:27:37 0 d---s---- C:\Documents and Settings\Jennifer Ewton\Application Data\Microsoft
2008-06-08 20:27:37 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Intel
2008-06-08 20:27:37 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Identities
2008-06-08 20:27:37 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\AOL
2008-06-08 20:27:37 0 d-------- C:\Documents and Settings\Jennifer Ewton\Application Data\Adobe
2008-06-08 20:27:36 0 d-------- C:\Documents and Settings\Jennifer Ewton\WINDOWS
2008-06-08 20:27:36 0 d--h----- C:\Documents and Settings\Jennifer Ewton\Templates
2008-06-08 20:27:36 0 dr------- C:\Documents and Settings\Jennifer Ewton\Start Menu
2008-06-08 20:27:36 0 dr-h----- C:\Documents and Settings\Jennifer Ewton\SendTo
2008-06-08 20:27:36 0 dr-h----- C:\Documents and Settings\Jennifer Ewton\Recent
2008-06-08 20:27:36 0 d--h----- C:\Documents and Settings\Jennifer Ewton\PrintHood
2008-06-08 20:27:36 2097152 --ah----- C:\Documents and Settings\Jennifer Ewton\NTUSER.DAT
2008-06-08 20:27:36 0 d--h----- C:\Documents and Settings\Jennifer Ewton\NetHood
2008-06-08 20:27:36 0 dr------- C:\Documents and Settings\Jennifer Ewton\My Documents
2008-06-08 20:27:36 0 d--h----- C:\Documents and Settings\Jennifer Ewton\Local Settings
2008-06-08 19:19:04 0 d---s---- C:\Documents and Settings\Amber Huddleston\UserData
2008-06-08 18:15:35 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Help
2008-06-08 16:02:46 0 d-------- C:\Program Files\Canon
2008-06-08 15:34:27 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\InterVideo
2008-05-30 17:13:54 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Yahoo!
2008-05-30 17:13:54 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Google
2008-05-30 17:11:11 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Real
2008-05-30 17:11:11 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Bytemobile
2008-05-30 17:10:45 0 d---s---- C:\Documents and Settings\Tommye Mitchell\Application Data\Microsoft
2008-05-30 17:10:45 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Intel
2008-05-30 17:10:45 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Identities
2008-05-30 17:10:45 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\AOL
2008-05-30 17:10:45 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\Adobe
2008-05-30 17:10:44 0 d-------- C:\Documents and Settings\Tommye Mitchell\WINDOWS
2008-05-30 17:10:44 0 d--h----- C:\Documents and Settings\Tommye Mitchell\Templates
2008-05-30 17:10:44 0 dr------- C:\Documents and Settings\Tommye Mitchell\Start Menu
2008-05-30 17:10:44 0 dr-h----- C:\Documents and Settings\Tommye Mitchell\SendTo
2008-05-30 17:10:44 0 dr-h----- C:\Documents and Settings\Tommye Mitchell\Recent
2008-05-30 17:10:44 0 d--h----- C:\Documents and Settings\Tommye Mitchell\PrintHood
2008-05-30 17:10:44 2097152 --ah----- C:\Documents and Settings\Tommye Mitchell\NTUSER.DAT
2008-05-30 17:10:44 0 d--h----- C:\Documents and Settings\Tommye Mitchell\NetHood
2008-05-30 17:10:44 0 dr------- C:\Documents and Settings\Tommye Mitchell\My Documents
2008-05-30 17:10:44 0 d--h----- C:\Documents and Settings\Tommye Mitchell\Local Settings
2008-05-30 17:10:44 0 dr------- C:\Documents and Settings\Tommye Mitchell\Favorites
2008-05-30 17:10:44 0 d-------- C:\Documents and Settings\Tommye Mitchell\Desktop
2008-05-30 17:10:44 0 d---s---- C:\Documents and Settings\Tommye Mitchell\Cookies
2008-05-30 17:10:44 0 dr-h----- C:\Documents and Settings\Tommye Mitchell\Application Data
2008-05-30 17:10:44 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\You've Got Pictures Screensaver
2008-05-30 17:10:44 0 d-------- C:\Documents and Settings\Tommye Mitchell\Application Data\toshiba
2008-05-28 17:44:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-28 17:44:28 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-25 20:58:14 0 d---s---- C:\Documents and Settings\Ashley Huddleston\UserData
2008-05-25 19:28:28 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\MusicNet
2008-05-25 18:22:07 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Macromedia
2008-05-25 18:20:13 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Yahoo!
2008-05-25 18:20:12 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Google
2008-05-25 18:20:09 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Bytemobile
2008-05-25 18:20:07 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Real
2008-05-25 18:19:51 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Intel
2008-05-25 18:19:51 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Identities
2008-05-25 18:19:51 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\AOL
2008-05-25 18:19:51 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\Adobe
2008-05-25 18:19:50 0 d-------- C:\Documents and Settings\Amber Huddleston\WINDOWS
2008-05-25 18:19:50 0 d--h----- C:\Documents and Settings\Amber Huddleston\Templates
2008-05-25 18:19:50 0 dr------- C:\Documents and Settings\Amber Huddleston\Start Menu
2008-05-25 18:19:50 0 dr-h----- C:\Documents and Settings\Amber Huddleston\SendTo
2008-05-25 18:19:50 0 dr-h----- C:\Documents and Settings\Amber Huddleston\Recent
2008-05-25 18:19:50 0 d--h----- C:\Documents and Settings\Amber Huddleston\PrintHood
2008-05-25 18:19:50 0 d--h----- C:\Documents and Settings\Amber Huddleston\NetHood
2008-05-25 18:19:50 0 dr------- C:\Documents and Settings\Amber Huddleston\My Documents
2008-05-25 18:19:50 0 d--h----- C:\Documents and Settings\Amber Huddleston\Local Settings
2008-05-25 18:19:50 0 dr------- C:\Documents and Settings\Amber Huddleston\Favorites
2008-05-25 18:19:50 0 d-------- C:\Documents and Settings\Amber Huddleston\Desktop
2008-05-25 18:19:50 0 d---s---- C:\Documents and Settings\Amber Huddleston\Cookies
2008-05-25 18:19:50 0 dr-h----- C:\Documents and Settings\Amber Huddleston\Application Data
2008-05-25 18:19:50 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\You've Got Pictures Screensaver
2008-05-25 18:19:50 0 d-------- C:\Documents and Settings\Amber Huddleston\Application Data\toshiba
2008-05-25 18:19:50 0 d---s---- C:\Documents and Settings\Amber Huddleston\Application Data\Microsoft
2008-05-25 18:19:49 2097152 --ah----- C:\Documents and Settings\Amber Huddleston\NTUSER.DAT
2008-05-25 16:26:00 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Macromedia
2008-05-25 16:24:57 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Yahoo!
2008-05-25 16:24:56 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Google
2008-05-25 16:24:43 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Bytemobile
2008-05-25 16:24:32 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Real
2008-05-25 16:24:08 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Intel
2008-05-25 16:24:08 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Identities
2008-05-25 16:24:08 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\AOL
2008-05-25 16:24:08 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\Adobe
2008-05-25 16:24:07 0 d-------- C:\Documents and Settings\Ashley Huddleston\WINDOWS
2008-05-25 16:24:07 0 d--h----- C:\Documents and Settings\Ashley Huddleston\Templates
2008-05-25 16:24:07 0 dr------- C:\Documents and Settings\Ashley Huddleston\Start Menu
2008-05-25 16:24:07 0 dr-h----- C:\Documents and Settings\Ashley Huddleston\SendTo
2008-05-25 16:24:07 0 dr-h----- C:\Documents and Settings\Ashley Huddleston\Recent
2008-05-25 16:24:07 0 d--h----- C:\Documents and Settings\Ashley Huddleston\PrintHood
2008-05-25 16:24:07 0 d--h----- C:\Documents and Settings\Ashley Huddleston\NetHood
2008-05-25 16:24:07 0 dr------- C:\Documents and Settings\Ashley Huddleston\My Documents
2008-05-25 16:24:07 0 d--h----- C:\Documents and Settings\Ashley Huddleston\Local Settings
2008-05-25 16:24:07 0 dr------- C:\Documents and Settings\Ashley Huddleston\Favorites
2008-05-25 16:24:07 0 d-------- C:\Documents and Settings\Ashley Huddleston\Desktop
2008-05-25 16:24:07 0 d---s---- C:\Documents and Settings\Ashley Huddleston\Cookies
2008-05-25 16:24:07 0 dr-h----- C:\Documents and Settings\Ashley Huddleston\Application Data
2008-05-25 16:24:07 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\You've Got Pictures Screensaver
2008-05-25 16:24:07 0 d-------- C:\Documents and Settings\Ashley Huddleston\Application Data\toshiba
2008-05-25 16:24:07 0 d---s---- C:\Documents and Settings\Ashley Huddleston\Application Data\Microsoft
2008-05-25 16:24:06 2097152 --ah----- C:\Documents and Settings\Ashley Huddleston\NTUSER.DAT
2008-05-22 22:41:59 4 --a------ C:\WINDOWS\system32\0D3DF9
2008-05-22 22:40:55 8413 --a------ C:\WINDOWS\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
2008-05-22 22:37:38 0 d-------- C:\Program Files\Rhapsody
2008-05-22 21:47:27 0 d-------- C:\Program Files\Common Files\xing shared
2008-05-22 21:38:07 15664 --a------ C:\WINDOWS\system32\PSUITE.SCR
2008-05-22 21:37:42 0 d-------- C:\Program Files\MGI
2008-05-21 12:39:14 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Mozilla


-- Find3M Report ---------------------------------------------------------------

2008-06-17 23:20:14 0 d-------- C:\Program Files\Common Files
2008-06-17 23:12:22 0 d-------- C:\Program Files\Java
2008-06-16 23:52:10 0 d-------- C:\Program Files\Yahoo!
2008-06-16 23:26:25 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Move Networks
2008-06-16 23:23:09 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-16 22:59:10 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-16 18:52:49 0 d-------- C:\Program Files\Google
2008-06-12 13:49:06 0 d-------- C:\Program Files\Toshiba Games
2008-05-28 17:43:04 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\AdobeUM
2008-05-28 13:16:22 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Adobe
2008-05-22 22:38:56 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Real
2008-05-22 21:47:23 0 d-------- C:\Program Files\Common Files\Real
2008-05-19 20:45:33 0 d-------- C:\Program Files\Metamail Inc
2008-04-30 16:42:13 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Yahoo!
2008-04-29 21:13:21 0 d-------- C:\Program Files\MUSICMATCH
2008-04-27 20:25:41 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Google
2008-04-27 20:23:49 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Macromedia
2008-04-27 20:23:37 0 d-------- C:\Documents and Settings\brenda huddleston\Application Data\Bytemobile


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TFncKy"="TFncKy.exe" []
"TDispVol"="TDispVol.exe" [03/11/2005 06:03 PM C:\WINDOWS\system32\TDispVol.exe]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/28/2005 12:55 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/28/2005 12:52 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/28/2005 12:55 AM]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 04:56 PM]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [01/05/2006 05:02 PM]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [12/16/2005 03:34 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [12/16/2005 03:32 AM]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [08/18/2004 06:37 AM]
"AGRSMMSG"="AGRSMMSG.exe" [10/15/2005 09:29 AM C:\WINDOWS\agrsmmsg.exe]
"NDSTray.exe"="NDSTray.exe" []
"Tvs"="C:\Program Files\Toshiba\Tvs\TvsTray.exe" [11/30/2005 03:25 PM]
"TPSMain"="TPSMain.exe" [06/01/2005 12:00 AM C:\WINDOWS\system32\TPSMain.exe]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [04/26/2005 07:13 PM]
"dla"="C:\WINDOWS\system32\dla\DLACTRLW.exe" [10/06/2005 08:20 AM]
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [03/17/2005 08:37 PM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [12/05/2005 02:37 PM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [11/28/2005 01:41 PM]
"CFSServ.exe"="CFSServ.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [02/16/2006 04:56 AM]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" []
"MsgCenterExe"="C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" [05/22/2008 09:47 PM]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [01/10/2008 11:41 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/22/2008 09:47 PM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 09:20 PM]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [05/28/2008 12:35 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 07:00 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [12/30/2004 03:32 AM]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [01/10/2008 11:41 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [05/28/2008 10:33 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 5:38:16 AM]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2/15/2006 11:31:42 AM]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe [2/5/2008 4:29:20 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"




-- End of Deckard's System Scanner: finished at 2008-06-18 19:12:03 ------------

Edited by Jadeskye, 18 June 2008 - 07:13 PM.


BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:01 PM

Posted 12 July 2008 - 08:23 PM

Hello Jadeskye

Welcome to BleepingComputer :thumbsup:
========================
If you are still in need of assistance please post a new Hijackthis log.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users