Computer Freezing, I think I have a Malware Problem

My computer keeps freezing. It has been running slow at odd times recently too. I undated to the patest firefox and it will not run (not sure if that is related)

Here is my Hyjack This, then DDS.txt

I am new here so if I don't post the right information or if I post information I shouldn't please tell me.

I am running win xp pro with sp 3, a Shuttle XPC with AMD 64, I keep it updated and updated today. The freezing is just random, but started today frequently.
Sporadically when online everything slows down too.

When I run RootRepeal it freezes immediatly.

I see some errors in Event Viewer but don't get information I can use from MS on these. I have these copied in a text file. The errors happen when boot

edit some additional info that might help:
It barely started today, after a couple incomplete starts, a start last known good config, finally a chkdsk ran and it started. chrome is running very slow.

when firefox would not start I uninstalled, and tried to find everything not uninstalled to remove. I removed a lot of temp files in my docs & settings to make sure. re-installing did not get it to run.

ESET NOD32 showed a lot of blocked packets in the firewall log yesterday, 30-40 of them.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:26:09 PM, on 1/6/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\netdde.exe
F:\WINDOWS\system32\ati2sgag.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\ESET\ESET Smart Security\ekrn.exe
F:\Program Files\Google\Update\GoogleUpdate.exe
F:\WINDOWS\system32\inetsrv\inetinfo.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Micro Niche Finder\srvany.exe
F:\Program Files\Micro Niche Finder\bggoogle.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
F:\WINDOWS\system32\tcpsvcs.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\System32\snmp.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Audio Deck\EnMixCPL.exe
F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
F:\Program Files\ESET\ESET Smart Security\egui.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Google\Google Talk\googletalk.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
F:\Program Files\AIM6\aim6.exe
F:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
F:\HiJackThis Microsoft SUCKS\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 74.86.252.57:51205
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - F:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - F:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - F:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Program Files\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - F:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {CBB66A7C-D257-4A02-A8D5-6C9355F91308} - F:\PROGRA~1\ONLYWI~1\ONLYWI~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - F:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bloglines BHO - {F128ED4D-364F-46D3-9E4C-1F3922A43A05} - F:\Program Files\BloglinesBHO\BloglinesBHO.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: ShareThis - {6A719530-8443-4898-9BC4-69E76B5F1C89} - F:\Program Files\ShareThis Toolbar\share2me.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - F:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O3 - Toolbar: Onlywire Toolbar - {73E71843-3A3D-4B26-AB6E-0ADCEE4B5FA7} - F:\PROGRA~1\ONLYWI~1\ONLYWI~1.DLL
O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - F:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - F:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O4 - HKLM\..\Run: [EnvyHFCPL] F:\Program Files\Audio Deck\EnMixCPL.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] F:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] F:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "F:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "F:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [googletalk] F:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Aim6] "F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: Customize Menu - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Google Sidewiki... - res://F:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: RoboForm Toolbar - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.8.05.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1214612249328
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - F:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - F:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - F:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Micro Niche Finder Background Download Service - Unknown owner - F:\Program Files\Micro Niche Finder\srvany.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: StumbleUponUpdateService - stumbleupon.com - F:\Program Files\StumbleUpon\StumbleUponUpdateService.exe

--
End of file - 11109 bytes


DDS (Ver_09-12-01.01) - NTFSx86
Run by Warner Carter at 20:17:19.26 on Wed 01/06/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1001 [GMT -8:00]

AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost -k DcomLaunch
F:\WINDOWS\system32\svchost -k rpcss
F:\WINDOWS\System32\svchost.exe -k netsvcs
F:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
F:\WINDOWS\system32\spoolsv.exe
svchost.exe
F:\WINDOWS\system32\netdde.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\ESET\ESET Smart Security\ekrn.exe
F:\WINDOWS\system32\inetsrv\inetinfo.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Micro Niche Finder\srvany.exe
F:\Program Files\Micro Niche Finder\bggoogle.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\tcpsvcs.exe
F:\WINDOWS\System32\snmp.exe
F:\WINDOWS\system32\svchost.exe -k imgsvc
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
F:\Program Files\Audio Deck\EnMixCPL.exe
F:\Program Files\ESET\ESET Smart Security\egui.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
F:\Program Files\AIM6\aim6.exe
F:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
F:\WINDOWS\system32\mmc.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\AIM6\aolsoftware.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Program Files\Java\jre6\bin\java.exe
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Siber Systems\GoodSync\GoodSync.exe
F:\HiJackThis Microsoft SUCKS\HijackThis.exe
F:\WINDOWS\system32\NOTEPAD.EXE
F:\Documents and Settings\Warner Carter\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page =
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyServer = 74.86.252.57:51205
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - f:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - f:\program files\search settings\kb128\SearchSettings.dll
BHO: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - f:\program files\dealio toolbar\DealioToolbarIE.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - f:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: StumbleUpon Launcher: {145b29f4-a56b-4b90-bbac-45784ebebbb7} - f:\program files\stumbleupon\StumbleUponIEBar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - f:\program files\rpbrowserrecordplugin.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - f:\program files\siber systems\ai roboform\roboform.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - f:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - f:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: : {cbb66a7c-d257-4a02-a8d5-6c9355f91308} - f:\progra~1\onlywi~1\ONLYWI~1.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - f:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - f:\program files\java\jre6\bin\jp2ssv.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - f:\program files\search settings\kb128\SearchSettings.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - f:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: BHO Class: {f128ed4d-364f-46d3-9e4c-1f3922a43a05} - f:\program files\bloglinesbho\BloglinesBHO.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - f:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: ShareThis: {6a719530-8443-4898-9bc4-69e76b5f1c89} - f:\program files\sharethis toolbar\share2me.dll
TB: StumbleUpon Toolbar: {5093eb4c-3e93-40ab-9266-b607ba87bdc8} - f:\program files\stumbleupon\StumbleUponIEBar.dll
TB: Onlywire Toolbar: {73e71843-3a3d-4b26-ab6e-0adcee4b5fa7} - f:\progra~1\onlywi~1\ONLYWI~1.DLL
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} -
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - f:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - f:\program files\siber systems\ai roboform\roboform.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - f:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - f:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - f:\program files\dealio toolbar\DealioToolbarIE.dll
uRun: [IBP]
uRun: [ctfmon.exe] f:\windows\system32\ctfmon.exe
uRun: [swg] "f:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Aim6] "f:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
mRun: [EnvyHFCPL] f:\program files\audio deck\EnMixCPL.exe 1
mRun: [ISUSPM Startup] f:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [ISUSScheduler] "f:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QuickTime Task] "f:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "realsched.exe" -osboot
mRun: [SearchSettings] f:\program files\search settings\SearchSettings.exe
mRun: [Adobe Reader Speed Launcher] "f:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "f:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [egui] "f:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "f:\program files\java\jre6\bin\jusched.exe"
mRun: [googletalk] f:\program files\google\google talk\googletalk.exe /autostart
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\fortem~1.lnk - f:\program files\lg soft india\fortemanager\bin\Monitor.exe
IE: Customize Menu - file://f:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - f:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Fill Forms - file://f:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - f:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://f:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://f:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - f:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - f:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - f:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - f:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.8.05.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214612249328
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - f:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - f:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;f:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792]
R2 ekrn;ESET Service;f:\program files\eset\eset smart security\ekrn.exe [2009-9-11 735960]
R2 Iprip;RIP Listener;f:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
R2 Micro Niche Finder Background Download Service;Micro Niche Finder Background Download Service;f:\program files\micro niche finder\srvany.exe [2009-3-15 8192]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM;f:\windows\system32\drivers\Envy24HF.sys [2005-2-23 651712]
S2 gupdate;Google Update Service (gupdate);f:\program files\google\update\GoogleUpdate.exe [2009-12-17 135664]
S3 LGDDCDevice;LGDDCDevice;f:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2009-4-26 14336]
S3 LGII2CDevice;LGII2CDevice;f:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2009-4-26 13312]
S3 StumbleUponUpdateService;StumbleUponUpdateService;f:\program files\stumbleupon\StumbleUponUpdateService.exe [2009-4-12 120168]

=============== Created Last 30 ================

2010-01-07 03:27:06 0 d-----w- F:\PerfLogs
2010-01-07 03:05:09 471552 -c----w- f:\windows\system32\dllcache\aclayers.dll
2010-01-04 04:13:17 0 d-----w- f:\program files\Mass Article Submitter
2010-01-04 04:00:43 0 d-----w- f:\program files\Article Architect
2010-01-04 04:00:43 0 d-----w- f:\docume~1\alluse~1\applic~1\Article Architect
2010-01-04 03:58:26 0 d-----w- f:\program files\MassArticleCreator
2010-01-04 02:54:48 0 d-----w- f:\program files\ArticleSpinner
2010-01-03 20:44:26 0 d-----w- f:\program files\common files\Intel
2010-01-03 20:44:15 0 d-----w- f:\program files\CounterPath
2010-01-01 22:46:50 0 d-----w- f:\program files\Defraggler
2009-12-27 02:27:01 0 d-----w- f:\docume~1\warner~1\applic~1\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
2009-12-27 02:26:54 0 d-----w- f:\program files\TweetDeck
2009-12-26 04:27:39 20352 ----a-w- f:\windows\system32\drivers\XPCDriver.sys
2009-12-26 04:26:56 0 d-----w- f:\program files\Shuttle
2009-12-26 04:26:46 0 d-----w- f:\documents and settings\warner carter\WINDOWS
2009-12-25 18:27:34 0 d-----w- f:\documents and settings\all users\SEO Elite
2009-12-25 18:27:16 0 d-----w- f:\program files\SEO Elite 4
2009-12-25 16:57:04 0 d-----w- f:\program files\Northworks Solutions Ltd
2009-12-25 16:19:55 3084 ----a-w- f:\documents and settings\warner carter\.NSJP_reg506.prefs
2009-12-25 16:19:52 0 d-----w- f:\documents and settings\warner carter\JPEE_Data
2009-12-25 05:58:07 0 d-----w- f:\program files\EmEx3.com
2009-12-25 03:41:36 0 d-----w- f:\program files\Seesmic Desktop
2009-12-25 01:59:08 0 d-----w- f:\windows\AIK for eset
2009-12-25 01:01:22 0 d-----w- f:\program files\Dealio Toolbar
2009-12-24 05:39:06 0 d-----w- f:\program files\common files\TweakMarketing
2009-12-24 05:39:04 0 d-----w- f:\program files\Advanced Email Extractor PRO
2009-12-24 05:39:03 149504 ----a-w- f:\windows\UNWISE.EXE
2009-12-24 02:50:14 0 d-----w- f:\docume~1\warner~1\applic~1\ubot
2009-12-23 20:47:40 0 d-----w- f:\program files\fec
2009-12-22 20:02:16 0 d-----w- f:\program files\Market Samurai
2009-12-20 12:34:26 0 d-----w- f:\docume~1\warner~1\applic~1\com.ebay.sandimas.public-beta.AA1EEF5552BF52051F68E7EAF27E23FA6449A65C.1
2009-12-16 02:33:05 434688 ----a-w- f:\windows\system32\ss2uinst.exe
2009-12-16 02:33:04 0 d-----w- f:\program files\Allscoop RSS Submit Pro
2009-12-13 17:16:39 0 d-----w- f:\docume~1\warner~1\applic~1\EurekaLog
2009-12-11 17:18:59 0 d-----w- f:\docume~1\warner~1\applic~1\Malwarebytes
2009-12-11 17:18:50 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2009-12-11 17:18:48 0 d-----w- f:\docume~1\alluse~1\applic~1\Malwarebytes
2009-12-11 17:18:47 19160 ----a-w- f:\windows\system32\drivers\mbam.sys
2009-12-11 17:18:46 0 d-----w- f:\program files\Malwarebytes' Anti-Malware
2009-12-11 05:22:41 0 d-----w- f:\program files\IBP 11
2009-12-09 16:01:42 0 d-----w- f:\program files\Debugging Tools for Windows (x86)

==================== Find3M ====================

2009-10-29 07:46:59 832512 ----a-w- f:\windows\system32\wininet.dll
2009-10-29 07:46:52 78336 ----a-w- f:\windows\system32\ieencode.dll
2009-10-29 07:46:50 17408 ----a-w- f:\windows\system32\corpol.dll
2009-10-13 10:30:16 270336 ----a-w- f:\windows\system32\oakley.dll
2009-10-12 13:38:19 149504 ----a-w- f:\windows\system32\rastls.dll
2009-10-12 13:38:18 79872 ----a-w- f:\windows\system32\raschap.dll
2009-10-11 12:17:27 411368 ----a-w- f:\windows\system32\deploytk.dll
2009-09-22 01:33:42 716 ----a-w- f:\program files\CinemasterVideo.4.3.manifest
2009-09-22 01:33:42 572 ----a-w- f:\program files\CinemasterAudio.4.3.manifest
2009-09-22 01:33:42 23558 ----a-w- f:\program files\freeoffers.ico
2009-09-22 01:33:42 222728 ----a-w- f:\program files\realplay.exe
2009-09-22 01:33:42 207 ----a-w- f:\program files\subscription.rnx
2009-09-22 01:33:42 17846 ----a-w- f:\program files\videotest.rm
2009-09-22 01:33:42 1166 ----a-w- f:\program files\realplay.exe.manifest
2009-09-22 01:33:40 685 ----a-w- f:\program files\RecordingManager.exe.manifest
2009-09-22 01:33:40 198208 ----a-w- f:\program files\RecordingManager.exe
2006-11-18 06:24:06 66046 ----a-w- f:\program files\Dupe_Free_0_NO_VISTA.ico

============= FINISH: 20:17:42.25 ===============

Edited by warner444, 07 January 2010 - 03:12 PM.

I did a system restore and it stopped freezing. When I start takes a few starts, each time processing windows a little further, until it pops up chckdsk then agter that it runs ok.

done that twice

chkdsk deleted
Gur.6.tup Index $130 of file 72
Gur "" "" file 124
metabase.bin "" "" file 124
AO183.410.141 "" ""FILE 8460
WPDNSE "" "" FILE 10224
SVCHOST.EXE-3530F672.PF "" "" FILE 21768
SVCHOST~1 "" "" FILE 217168

there were some recovery files shown in the chkdsk but they scrolled by too fast to read

MalwareBytes quickscan a few days ago showed nothing

ESET Smart Security recent detected threats shows this:
1/10/2010 5:56:22 PM Real-time file system protection file F:\WINDOWS\dzinst.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: F:\DOCUME~1\WARNER~1\LOCALS~1\Temp\VZN.exe.
1/10/2010 5:48:28 PM Real-time file system protection file F:\System Volume Information\_restore{7ADBB2C6-E688-4711-9C99-97784041BD15}\RP631\A0165778.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: F:\DOCUME~1\WARNER~1\LOCALS~1\Temp\VZN.exe.
1/7/2010 12:52:25 PM Real-time file system protection file F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000134 a variant of Win32/Kryptik.BKE trojan cleaned by deleting - quarantined BLUE\Warner Carter Event occurred on a file modified by the application: F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe.
1/7/2010 12:52:25 PM Real-time file system protection file F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000134 a variant of Win32/Kryptik.BKE trojan cleaned by deleting - quarantined BLUE\Warner Carter Event occurred on a file modified by the application: F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe.
1/7/2010 12:52:24 PM Real-time file system protection file F:\Documents and Settings\Warner Carter\Local Settings\Temp\49E2.tmp a variant of Win32/Kryptik.BKE trojan cleaned by deleting - quarantined BLUE\Warner Carter Event occurred on a file modified by the application: F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe.
1/6/2010 9:04:20 PM Real-time file system protection file F:\WINDOWS\dzinst.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined BLUE\Warner Carter Event occurred during an attempt to run the file by the application: F:\Program Files\Malwarebytes' Anti-Malware\mbam.exe.

uploaded attach.txt DONE TODAY

and here are current logs

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:47:08 PM, on 1/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\netdde.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\ESET\ESET Smart Security\ekrn.exe
F:\WINDOWS\system32\inetsrv\inetinfo.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Micro Niche Finder\srvany.exe
F:\Program Files\Micro Niche Finder\bggoogle.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
F:\WINDOWS\system32\tcpsvcs.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\System32\snmp.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
F:\Program Files\Audio Deck\EnMixCPL.exe
F:\Program Files\Search Settings\SearchSettings.exe
F:\Program Files\ESET\ESET Smart Security\egui.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Google\Google Talk\googletalk.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
F:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
F:\Program Files\MagicDisc\MagicDisc.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
F:\Program Files\Skype\Plugin Manager\skypePM.exe
F:\Program Files\Siber Systems\GoodSync\GoodSync.exe
F:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
F:\WINDOWS\system32\wuauclt.exe
F:\Documents and Settings\Warner Carter\My Documents\DOWNLOADS\AutoRuns\SysinternalsSuite\Desktops.exe
F:\Documents and Settings\Warner Carter\My Documents\DOWNLOADS\AutoRuns\SysinternalsSuite\RootkitRevealer.exe
F:\DOCUME~1\WARNER~1\LOCALS~1\Temp\VZN.exe
F:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
F:\WINDOWS\system32\taskmgr.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\WINDOWS\regedit.exe
F:\Program Files\CCleaner\CCleaner.exe
F:\HiJackThis Microsoft SUCKS\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 74.86.252.57:51205
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - F:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - F:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - F:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Program Files\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - F:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {CBB66A7C-D257-4A02-A8D5-6C9355F91308} - F:\PROGRA~1\ONLYWI~1\ONLYWI~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - F:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bloglines BHO - {F128ED4D-364F-46D3-9E4C-1F3922A43A05} - F:\Program Files\BloglinesBHO\BloglinesBHO.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: ShareThis - {6A719530-8443-4898-9BC4-69E76B5F1C89} - F:\Program Files\ShareThis Toolbar\share2me.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - F:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O3 - Toolbar: Onlywire Toolbar - {73E71843-3A3D-4B26-AB6E-0ADCEE4B5FA7} - F:\PROGRA~1\ONLYWI~1\ONLYWI~1.DLL
O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - F:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - F:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O4 - HKLM\..\Run: [EnvyHFCPL] F:\Program Files\Audio Deck\EnMixCPL.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] F:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] F:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "F:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "F:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [googletalk] F:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Aim6] "F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] F:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - Startup: MagicDisc.lnk = F:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: Customize Menu - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Google Sidewiki... - res://F:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: RoboForm Toolbar - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.8.05.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1214612249328
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - F:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - F:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - F:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Micro Niche Finder Background Download Service - Unknown owner - F:\Program Files\Micro Niche Finder\srvany.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: StumbleUponUpdateService - stumbleupon.com - F:\Program Files\StumbleUpon\StumbleUponUpdateService.exe
O23 - Service: VZN - Sysinternals - www.sysinternals.com - F:\DOCUME~1\WARNER~1\LOCALS~1\Temp\VZN.exe

--
End of file - 12026 bytes


DDS (Ver_09-12-01.01) - NTFSx86
Run by Warner Carter at 19:30:47.98 on Sun 01/10/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1259 [GMT -8:00]

AV: Webroot AntiVirus with Spy Sweeper *On-access scanning disabled* (Outdated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost -k DcomLaunch
F:\WINDOWS\system32\svchost -k rpcss
F:\WINDOWS\System32\svchost.exe -k netsvcs
F:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
F:\WINDOWS\system32\spoolsv.exe
svchost.exe
F:\WINDOWS\system32\netdde.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\ESET\ESET Smart Security\ekrn.exe
F:\WINDOWS\system32\inetsrv\inetinfo.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Micro Niche Finder\srvany.exe
F:\Program Files\Micro Niche Finder\bggoogle.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
F:\WINDOWS\system32\tcpsvcs.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\System32\snmp.exe
F:\WINDOWS\system32\svchost.exe -k imgsvc
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
F:\Program Files\Audio Deck\EnMixCPL.exe
F:\Program Files\Search Settings\SearchSettings.exe
F:\Program Files\ESET\ESET Smart Security\egui.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Google\Google Talk\googletalk.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
F:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
F:\Program Files\MagicDisc\MagicDisc.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
F:\Program Files\Skype\Plugin Manager\skypePM.exe
F:\Program Files\Siber Systems\GoodSync\GoodSync.exe
F:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
F:\Documents and Settings\Warner Carter\My Documents\DOWNLOADS\AutoRuns\SysinternalsSuite\Desktops.exe
F:\Documents and Settings\Warner Carter\My Documents\DOWNLOADS\AutoRuns\SysinternalsSuite\RootkitRevealer.exe
F:\DOCUME~1\WARNER~1\LOCALS~1\Temp\VZN.exe
svchost.exe
F:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
F:\WINDOWS\system32\taskmgr.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\WINDOWS\regedit.exe
F:\Program Files\CCleaner\CCleaner.exe
F:\HiJackThis Microsoft SUCKS\HijackThis.exe
F:\WINDOWS\system32\NOTEPAD.EXE
F:\Program Files\SENuke\loader.exe
F:\Program Files\ESET\ESET Smart Security\SysInspector.exe
F:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
F:\WINDOWS\system32\msiexec.exe
F:\Program Files\SENuke\loader.exe
F:\Program Files\SENuke\loader.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Documents and Settings\Warner Carter\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page =
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyServer = 74.86.252.57:51205
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - f:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - f:\program files\search settings\kb128\SearchSettings.dll
BHO: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - f:\program files\dealio toolbar\DealioToolbarIE.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - f:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: StumbleUpon Launcher: {145b29f4-a56b-4b90-bbac-45784ebebbb7} - f:\program files\stumbleupon\StumbleUponIEBar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - f:\program files\rpbrowserrecordplugin.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - f:\program files\siber systems\ai roboform\roboform.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - f:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - f:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: : {cbb66a7c-d257-4a02-a8d5-6c9355f91308} - f:\progra~1\onlywi~1\ONLYWI~1.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - f:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - f:\program files\java\jre6\bin\jp2ssv.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - f:\program files\search settings\kb128\SearchSettings.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - f:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: BHO Class: {f128ed4d-364f-46d3-9e4c-1f3922a43a05} - f:\program files\bloglinesbho\BloglinesBHO.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - f:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: ShareThis: {6a719530-8443-4898-9bc4-69e76b5f1c89} - f:\program files\sharethis toolbar\share2me.dll
TB: StumbleUpon Toolbar: {5093eb4c-3e93-40ab-9266-b607ba87bdc8} - f:\program files\stumbleupon\StumbleUponIEBar.dll
TB: Onlywire Toolbar: {73e71843-3a3d-4b26-ab6e-0adcee4b5fa7} - f:\progra~1\onlywi~1\ONLYWI~1.DLL
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} -
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - f:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - f:\program files\siber systems\ai roboform\roboform.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - f:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - f:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - f:\program files\dealio toolbar\DealioToolbarIE.dll
uRun: [IBP]
uRun: [ctfmon.exe] f:\windows\system32\ctfmon.exe
uRun: [swg] "f:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Aim6] "f:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRunOnce: [FlashPlayerUpdate] f:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p
mRun: [EnvyHFCPL] f:\program files\audio deck\EnMixCPL.exe 1
mRun: [ISUSPM Startup] f:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [ISUSScheduler] "f:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QuickTime Task] "f:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "realsched.exe" -osboot
mRun: [SearchSettings] f:\program files\search settings\SearchSettings.exe
mRun: [Adobe Reader Speed Launcher] "f:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "f:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [egui] "f:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "f:\program files\java\jre6\bin\jusched.exe"
mRun: [googletalk] f:\program files\google\google talk\googletalk.exe /autostart
mRun: [SpySweeper] "f:\program files\webroot\webrootsecurity\SpySweeperUI.exe" /startintray
mRunOnce: [InnoSetupRegFile.0000000001] "f:\windows\is-0B8NB.exe" /REG
StartupFolder: f:\docume~1\warner~1\startm~1\programs\startup\magicd~1.lnk - f:\program files\magicdisc\MagicDisc.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\fortem~1.lnk - f:\program files\lg soft india\fortemanager\bin\Monitor.exe
IE: Customize Menu - file://f:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - f:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Fill Forms - file://f:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - f:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://f:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://f:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - f:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - f:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - f:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - f:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.8.05.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214612249328
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - f:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - f:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - f:\docume~1\warner~1\applic~1\mozilla\firefox\profiles\1v5x5r53.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 4
FF - component: f:\program files\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: f:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
FF - plugin: f:\documents and settings\warner carter\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: f:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: f:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - f:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
f:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;f:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792]
R2 ekrn;ESET Service;f:\program files\eset\eset smart security\ekrn.exe [2009-9-11 735960]
R2 Iprip;RIP Listener;f:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
R2 Micro Niche Finder Background Download Service;Micro Niche Finder Background Download Service;f:\program files\micro niche finder\srvany.exe [2009-3-15 8192]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM;f:\windows\system32\drivers\Envy24HF.sys [2005-2-23 651712]
R3 PORTMON;PORTMON;\??\f:\documents and settings\warner carter\my documents\downloads\autoruns\sysinternalssuite\portmsys.sys --> f:\documents and settings\warner carter\my documents\downloads\autoruns\sysinternalssuite\PORTMSYS.SYS [?]
R3 VZN;VZN;f:\docume~1\warner~1\locals~1\temp\VZN.exe [2010-1-10 457600]
S0 ssfs0bbc;ssfs0bbc;f:\windows\system32\drivers\ssfs0bbc.sys [2009-11-6 29808]
S2 gupdate;Google Update Service (gupdate);f:\program files\google\update\GoogleUpdate.exe [2009-12-17 135664]
S2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;f:\program files\webroot\webrootsecurity\SpySweeper.exe [2009-11-6 4048240]
S2 WRConsumerService;Webroot Client Service;f:\program files\webroot\webrootsecurity\WRConsumerService.exe [2010-1-10 1201640]
S3 LGDDCDevice;LGDDCDevice;f:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2009-4-26 14336]
S3 LGII2CDevice;LGII2CDevice;f:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2009-4-26 13312]
S3 StumbleUponUpdateService;StumbleUponUpdateService;f:\program files\stumbleupon\StumbleUponUpdateService.exe [2009-4-12 120168]

=============== Created Last 30 ================

2010-01-11 03:25:55 293 ----a-w- f:\windows\is-0B8NB.lst
2010-01-11 03:25:55 10194 ----a-w- f:\windows\is-0B8NB.msg
2010-01-11 03:25:54 775168 ----a-w- f:\windows\is-0B8NB.exe
2010-01-11 03:25:26 0 d-----w- f:\program files\MSSOAP
2010-01-11 03:25:02 1563008 ----a-w- f:\windows\WRSetup.dll
2010-01-11 03:25:01 0 d-----w- f:\program files\Webroot
2010-01-11 03:25:01 0 d-----w- f:\docume~1\warner~1\applic~1\Webroot
2010-01-11 03:25:01 0 d-----w- f:\docume~1\alluse~1\applic~1\Webroot
2010-01-11 03:24:13 164 ----a-w- f:\windows\install.dat
2010-01-11 03:18:46 0 d-----w- f:\program files\Uniblue
2010-01-09 05:57:35 0 d-----w- f:\docume~1\alluse~1\applic~1\CounterPath
2010-01-08 22:06:27 0 d-----w- f:\program files\common files\Intel
2010-01-08 21:43:11 0 d-sh--w- F:\found.000
2010-01-08 06:58:32 0 d-----w- f:\windows\system32\wbem\Repository
2010-01-06 22:11:10 0 d-----w- f:\docume~1\warner~1\applic~1\Mozilla(2)
2010-01-04 04:00:43 0 d-----w- f:\program files\Article Architect
2010-01-04 04:00:43 0 d-----w- f:\docume~1\alluse~1\applic~1\Article Architect
2010-01-04 03:58:26 0 d-----w- f:\program files\MassArticleCreator
2010-01-04 02:54:48 0 d-----w- f:\program files\ArticleSpinner
2010-01-03 20:44:15 0 d-----w- f:\program files\CounterPath
2009-12-27 02:27:01 0 d-----w- f:\docume~1\warner~1\applic~1\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
2009-12-27 02:26:54 0 d-----w- f:\program files\TweetDeck
2009-12-26 04:27:39 20352 ----a-w- f:\windows\system32\drivers\XPCDriver.sys
2009-12-26 04:26:56 0 d-----w- f:\program files\Shuttle
2009-12-26 04:26:46 0 d-----w- f:\documents and settings\warner carter\WINDOWS
2009-12-25 18:27:34 0 d-----w- f:\documents and settings\all users\SEO Elite
2009-12-25 18:27:16 0 d-----w- f:\program files\SEO Elite 4
2009-12-25 16:57:04 0 d-----w- f:\program files\Northworks Solutions Ltd
2009-12-25 16:19:55 3084 ----a-w- f:\documents and settings\warner carter\.NSJP_reg506.prefs
2009-12-25 16:19:52 0 d-----w- f:\documents and settings\warner carter\JPEE_Data
2009-12-25 05:58:07 0 d-----w- f:\program files\EmEx3.com
2009-12-25 03:41:36 0 d-----w- f:\program files\Seesmic Desktop
2009-12-25 01:59:08 0 d-----w- f:\windows\AIK for eset
2009-12-25 01:01:22 0 d-----w- f:\program files\Dealio Toolbar
2009-12-24 05:39:06 0 d-----w- f:\program files\common files\TweakMarketing
2009-12-24 05:39:04 0 d-----w- f:\program files\Advanced Email Extractor PRO
2009-12-24 05:39:03 149504 ----a-w- f:\windows\UNWISE.EXE
2009-12-24 02:50:14 0 d-----w- f:\docume~1\warner~1\applic~1\ubot
2009-12-23 20:47:40 0 d-----w- f:\program files\fec
2009-12-22 20:02:16 0 d-----w- f:\program files\Market Samurai
2009-12-20 12:34:26 0 d-----w- f:\docume~1\warner~1\applic~1\com.ebay.sandimas.public-beta.AA1EEF5552BF52051F68E7EAF27E23FA6449A65C.1
2009-12-16 02:33:05 434688 ----a-w- f:\windows\system32\ss2uinst.exe
2009-12-16 02:33:04 0 d-----w- f:\program files\Allscoop RSS Submit Pro
2009-12-13 17:16:39 0 d-----w- f:\docume~1\warner~1\applic~1\EurekaLog

==================== Find3M ====================

2009-12-04 00:14:06 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2009-12-04 00:13:56 19160 ----a-w- f:\windows\system32\drivers\mbam.sys
2009-10-29 07:46:59 832512 ----a-w- f:\windows\system32\wininet.dll
2009-10-29 07:46:52 78336 ----a-w- f:\windows\system32\ieencode.dll
2009-10-29 07:46:50 17408 ----a-w- f:\windows\system32\corpol.dll
2009-10-13 10:30:16 270336 ----a-w- f:\windows\system32\oakley.dll
2009-09-22 01:33:42 716 ----a-w- f:\program files\CinemasterVideo.4.3.manifest
2009-09-22 01:33:42 572 ----a-w- f:\program files\CinemasterAudio.4.3.manifest
2009-09-22 01:33:42 23558 ----a-w- f:\program files\freeoffers.ico
2009-09-22 01:33:42 222728 ----a-w- f:\program files\realplay.exe
2009-09-22 01:33:42 207 ----a-w- f:\program files\subscription.rnx
2009-09-22 01:33:42 17846 ----a-w- f:\program files\videotest.rm
2009-09-22 01:33:42 1166 ----a-w- f:\program files\realplay.exe.manifest
2009-09-22 01:33:40 685 ----a-w- f:\program files\RecordingManager.exe.manifest
2009-09-22 01:33:40 198208 ----a-w- f:\program files\RecordingManager.exe
2006-11-18 06:24:06 66046 ----a-w- f:\program files\Dupe_Free_0_NO_VISTA.ico

============= FINISH: 19:31:20.15 ===============


Last time I ran RootRepeal it froze my computer but I did run rootkitreveal from microsoft and here is the log

HKU\S-1-5-21-527237240-796845957-725345543-1003\Software\Skype\Toolbars\Firefox\ExtensionVersion 7/19/2009 7:34 AM 9 bytes Data mismatch between Windows API and raw hive data.
HKLM\SECURITY\Policy\Secrets\SAC* 5/12/2008 12:16 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 5/12/2008 12:15 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SCM:{3D14228D-FBE1-11D0-995D-00C04FD919C1}* 2/11/2009 8:46 AM 0 bytes Key name contains embedded nulls (*)
C:\OLD MARIKA STUFF\marika's web pix\ FILEtest.htm 9/25/1619 1:47 AM 239 bytes Visible in Windows API, but not in MFT or directory index.
C:\OLD MARIKA STUFF\marika's web pix\FILEtest.htm 11/22/16416 1:45 AM 239 bytes Hidden from Windows API.
F:\Documents and Settings\LocalService\Local Settings\Application Data\ESET\ESET Smart Security\Quarantine\2085A146BA7BB18C87B025F33D44C8F191DD8F93.NDF 1/10/2010 5:56 PM 976 bytes Hidden from Windows API.
F:\Documents and Settings\LocalService\Local Settings\Application Data\ESET\ESET Smart Security\Quarantine\2085A146BA7BB18C87B025F33D44C8F191DD8F93.NQF 1/10/2010 5:47 PM 68.00 KB Hidden from Windows API.
F:\Documents and Settings\LocalService\My Documents 1/10/2010 5:30 PM 0 bytes Hidden from Windows API.
F:\Documents and Settings\LocalService\My Documents\desktop.ini 1/10/2010 5:30 PM 77 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Application Data\GoodSync\Mirrors\https-online.roboform.com-users-0905102038\_gsdata_\2010-0110-163942-BLUE-RoboForm Online.log 1/10/2010 4:40 PM 2.85 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Application Data\GoodSync\Mirrors\https-online.roboform.com-users-0905102038\_gsdata_\2010-0110-164004-BLUE-RoboForm Online.log 1/10/2010 4:40 PM 1.16 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\searchplugins\alexa.xml 1/10/2010 4:27 PM 2.25 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Application Data\skypePM\2010-01-10-2.ezlog 1/10/2010 6:05 PM 2.56 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\01F1CF4Fd01 1/10/2010 3:51 PM 66.31 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\048DC29Fd01 1/10/2010 1:44 PM 58.04 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\04E67141d01 1/10/2010 12:11 PM 91.67 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\04F836D7d01 1/10/2010 6:13 PM 73.01 KB Visible in directory index, but not Windows API or MFT.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\054A409Bd01 1/10/2010 4:05 PM 115.13 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\0772D13Bd01 1/10/2010 6:03 PM 122.54 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\0B0293E3d01 1/10/2010 5:57 PM 21.28 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\0E1BDF20d01 1/10/2010 12:12 PM 26.11 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\101003C0d01 1/10/2010 4:12 PM 22.95 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\15A31E3Ad01 1/10/2010 5:45 PM 20.45 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\17E9D408d01 1/10/2010 12:09 PM 29.93 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\188AA686d01 1/10/2010 5:57 PM 19.27 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\210D3335d01 1/10/2010 4:12 PM 22.85 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\21B7099Dd01 1/10/2010 12:18 PM 11.46 MB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\2739AC05d01 1/10/2010 12:13 PM 16.70 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\2739AF05d01 1/10/2010 12:13 PM 21.82 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\2EBC8E04d01 1/10/2010 12:12 PM 40.94 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\301E0BD0d01 1/10/2010 2:08 PM 19.30 KB Visible in Windows API, MFT, but not in directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3029B3EBd01 1/10/2010 3:47 PM 20.16 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\315F2225d01 1/10/2010 12:14 PM 30.48 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3652CE2Dd01 1/10/2010 4:37 PM 81.70 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3750CC42d01 1/10/2010 4:33 PM 21.87 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\379266A7d01 1/10/2010 3:48 PM 24.28 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\384A9B9Cd01 1/10/2010 3:44 PM 27.31 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3ADD20B6d01 1/10/2010 12:13 PM 19.84 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3BD32E79d01 1/10/2010 12:55 PM 40.30 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3C1E45C5d01 1/10/2010 3:52 PM 61.40 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3DB6AE50d01 1/10/2010 4:30 PM 51.44 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3E64F6D8d01 1/10/2010 5:57 PM 30.31 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\3FF8B4B2d01 1/10/2010 4:29 PM 137.20 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\417F75A7d01 1/10/2010 4:26 PM 44.27 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\44BBE7F0d01 1/10/2010 1:44 PM 230.13 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\4592BA7Fd01 1/10/2010 5:47 PM 43.40 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\46C1B1B3d01 1/10/2010 3:47 PM 41.66 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\46DBA154d01 1/10/2010 4:31 PM 43.14 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\47153937d01 1/10/2010 2:00 PM 41.83 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\48922B96d01 1/10/2010 1:16 PM 39.65 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\496FC34Fd01 1/10/2010 4:38 PM 290.61 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\49B5CCDBd01 1/10/2010 1:38 PM 537.50 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\4AAE7D63d01 1/10/2010 4:31 PM 22.77 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\4FAA7856d01 1/10/2010 12:18 PM 37.53 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5077D730d01 1/10/2010 4:34 PM 21.69 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\529F0976d01 1/10/2010 1:44 PM 46.98 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5449F9BBd01 1/10/2010 3:49 PM 83.08 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\55F0C3C3d01 1/10/2010 6:02 PM 1.87 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5651E79Ad01 1/10/2010 3:49 PM 182.81 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5A4A98B1d01 1/10/2010 3:48 PM 39.57 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5C80305Bd01 1/10/2010 4:34 PM 21.35 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5F0C3C13d01 1/10/2010 6:04 PM 1.87 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5FAB034Fd01 1/10/2010 6:03 PM 37.83 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\5FD62CF9d01 1/10/2010 4:06 PM 17.75 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6017ACCDd01 1/10/2010 4:38 PM 32.47 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\60260AEDd01 1/10/2010 4:31 PM 29.58 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\610C5039d01 1/10/2010 12:13 PM 29.12 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6160BE4Ed01 1/10/2010 6:03 PM 21.75 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6171EA84d01 1/10/2010 1:28 PM 40.50 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\61F7AB5Ed01 1/10/2010 1:15 PM 32.06 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6226240Bd01 1/10/2010 4:21 PM 20.24 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6365C1F1d01 1/10/2010 4:21 PM 35.29 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\675344ECd01 1/10/2010 4:16 PM 16.54 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\69588B0Ad01 1/10/2010 4:04 PM 17.97 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6C5A9E27d01 1/10/2010 3:49 PM 33.02 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6CA13AEBd01 1/10/2010 4:29 PM 29.89 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6D225925d01 1/10/2010 5:57 PM 99.03 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6D455574d01 1/10/2010 3:48 PM 34.63 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6DA04E2Ed01 1/10/2010 3:48 PM 79.37 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6E6BE2D2d01 1/10/2010 4:31 PM 51.56 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\6EFDD075d01 1/10/2010 6:13 PM 22.46 KB Visible in directory index, but not Windows API or MFT.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\70122508d01 1/10/2010 3:48 PM 26.96 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\70292C5Bd01 1/10/2010 1:54 PM 18.50 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\71875689d01 1/10/2010 4:37 PM 35.98 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\71EC4BCEd01 1/10/2010 1:44 PM 17.78 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\73F5E392d01 1/10/2010 12:11 PM 39.56 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\750DC55Ad01 1/10/2010 12:10 PM 30.67 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\75B4B291d01 1/10/2010 3:58 PM 108.15 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\75B655F6d01 1/10/2010 3:58 PM 37.79 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\75C55567d01 1/10/2010 3:48 PM 305.21 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\78DA5825d01 1/10/2010 4:31 PM 35.93 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\798C4789d01 1/10/2010 1:16 PM 1.32 MB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\7A82EE80d01 1/10/2010 3:52 PM 239.71 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\7AE7A4D7d01 1/10/2010 6:09 PM 16.83 KB Visible in directory index, but not Windows API or MFT.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\7AEB76A2d01 1/10/2010 3:48 PM 45.93 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\7FD03331d01 1/10/2010 3:48 PM 49.23 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8934DF1Ad01 1/10/2010 6:05 PM 2.21 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8ABAA17Ad01 1/10/2010 1:08 PM 19.67 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8ABD5AF2d01 1/10/2010 3:48 PM 56.00 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8C06CEF6d01 1/10/2010 1:53 PM 42.13 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8D90E451d01 1/10/2010 5:57 PM 1.79 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8E4ABC19d01 1/10/2010 12:12 PM 27.79 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8ED5FCBCd01 1/10/2010 1:39 PM 693.00 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\8F7318F6d01 1/10/2010 4:01 PM 29.16 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\927C6C19d01 1/10/2010 12:12 PM 35.13 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\92A2AA54d01 1/10/2010 1:54 PM 137.15 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\9465461Bd01 1/10/2010 4:17 PM 19.15 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\950FD737d01 1/10/2010 3:49 PM 21.43 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\95C046B2d01 1/10/2010 12:16 PM 36.46 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\965AA24Cd01 1/10/2010 1:54 PM 85.96 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\99557C6Bd01 1/10/2010 4:23 PM 20.18 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\9AA6EB7Fd01 1/10/2010 1:54 PM 37.16 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\9B138E30d01 1/10/2010 4:24 PM 18.57 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\9BB9BD16d01 1/10/2010 12:09 PM 28.17 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\9E7A7CC2d01 1/10/2010 4:37 PM 44.26 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\A01AE47Bd01 1/10/2010 12:18 PM 29.27 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\A0A53937d01 1/10/2010 1:57 PM 21.86 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\A2923D5Fd01 1/10/2010 1:28 PM 242.20 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\A4E34316d01 1/10/2010 4:01 PM 182.81 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\A4EE8A4Bd01 1/10/2010 2:08 PM 17.95 KB Visible in Windows API, MFT, but not in directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\A8E63FF9d01 1/10/2010 1:44 PM 29.32 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\AA87A3F4d01 1/10/2010 4:14 PM 17.34 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\AB5E75BBd01 1/10/2010 6:00 PM 1.79 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\ABAD879Fd01 1/10/2010 12:14 PM 24.16 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\AD1D7EB8d01 1/10/2010 3:52 PM 18.37 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\AD3CF86Ad01 1/10/2010 12:10 PM 38.74 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\AE61E35Ad01 1/10/2010 4:21 PM 19.75 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\AFBCFAB0d01 1/10/2010 4:26 PM 44.90 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B01CE646d01 1/10/2010 3:47 PM 21.26 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B0A13D57d01 1/10/2010 3:49 PM 31.96 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B1BA09E0d01 1/10/2010 6:09 PM 17.13 KB Visible in directory index, but not Windows API or MFT.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B1C42233d01 1/10/2010 2:08 PM 29.40 KB Visible in Windows API, MFT, but not in directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B234126Cd01 1/10/2010 3:51 PM 16.52 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B4234A81d01 1/10/2010 4:38 PM 33.56 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B469D48Ad01 1/10/2010 6:05 PM 21.08 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B54B4035d01 1/10/2010 4:21 PM 29.10 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B6C4372Cd01 1/10/2010 12:12 PM 20.30 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B7E7413Cd01 1/10/2010 12:11 PM 22.21 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\B9C096EEd01 1/10/2010 4:47 PM 30.45 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\BA3551DCd01 1/10/2010 1:53 PM 24.59 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\BB357169d01 1/10/2010 2:08 PM 125.27 KB Visible in Windows API, MFT, but not in directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\BD073300d01 1/10/2010 3:49 PM 34.74 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\BDFBAF0Bd01 1/10/2010 12:13 PM 71.89 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\BE01D218d01 1/10/2010 5:39 PM 20.75 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C0418B0Ed01 1/10/2010 4:18 PM 16.44 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C112ECC8d01 1/10/2010 4:30 PM 20.05 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C3B72326d01 1/10/2010 1:54 PM 16.44 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C44D6793d01 1/10/2010 3:52 PM 37.72 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C4AE7E59d01 1/10/2010 12:16 PM 20.30 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C541F513d01 1/10/2010 6:04 PM 21.53 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C9A73ACCd01 1/10/2010 12:12 PM 1.25 MB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\C9D233C0d01 1/10/2010 12:14 PM 68.03 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\CAA1F89Dd01 1/10/2010 4:21 PM 19.28 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\CC423732d01 1/10/2010 4:30 PM 21.79 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D1971A59d01 1/10/2010 6:03 PM 23.01 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D1C73AD0d01 1/10/2010 12:18 PM 16.06 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D3AF3C77d01 1/10/2010 3:54 PM 19.57 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D401E024d01 1/10/2010 3:49 PM 36.96 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D56A5080d01 1/10/2010 6:10 PM 27.25 KB Visible in directory index, but not Windows API or MFT.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D695D2D0d01 1/10/2010 12:11 PM 20.05 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D6B53902d01 1/10/2010 2:00 PM 67.74 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D860DCD2d01 1/10/2010 5:56 PM 56.87 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\D8CF9D4Cd01 1/10/2010 6:09 PM 163.70 KB Visible in directory index, but not Windows API or MFT.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\DB0BB30Bd01 1/10/2010 3:49 PM 88.12 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\DFB610B1d01 1/10/2010 4:17 PM 18.12 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E062AE95d01 1/10/2010 3:58 PM 28.09 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E0785D63d01 1/10/2010 12:11 PM 37.62 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E0D51301d01 1/10/2010 1:47 PM 160.44 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E1144B66d01 1/10/2010 6:06 PM 2.68 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E1BA5483d01 1/10/2010 1:14 PM 31.38 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E1E53902d01 1/10/2010 2:03 PM 286.99 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E232DB82d01 1/10/2010 5:59 PM 4.38 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E55A4C8Fd01 1/10/2010 4:30 PM 16.39 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E58A70A4d01 1/10/2010 12:09 PM 49.94 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E5D344BAd01 1/10/2010 4:38 PM 51.18 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E5FE429Dd01 1/10/2010 12:11 PM 27.99 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E821D234d01 1/10/2010 4:16 PM 18.66 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E93F403Dd01 1/10/2010 4:48 PM 26.68 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\E9AEB8A6d01 1/10/2010 4:31 PM 55.93 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\EA26296Cd01 1/10/2010 4:38 PM 34.84 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\EB0BD161d01 1/10/2010 6:09 PM 33.04 KB Visible in directory index, but not Windows API or MFT.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\EB419D20d01 1/10/2010 4:21 PM 32.18 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\ECAA73E8d01 1/10/2010 4:29 PM 16.71 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\EED4DC93d01 1/10/2010 12:13 PM 29.27 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F0FD3D32d01 1/10/2010 5:56 PM 22.67 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F46595A6d01 1/10/2010 4:23 PM 30.69 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F53934B4d01 1/10/2010 4:23 PM 18.33 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F71738B7d01 1/10/2010 1:54 PM 17.02 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F71BEEABd01 1/10/2010 1:44 PM 17.07 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F7AFD71Dd01 1/10/2010 3:58 PM 18.24 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F7C225EFd01 1/10/2010 12:12 PM 43.78 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\F96AB8F1d01 1/10/2010 5:39 PM 28.37 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\FCB1A485d01 1/10/2010 1:14 PM 24.40 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\FD90003Cd01 1/10/2010 12:10 PM 30.71 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\FF2C1562d01 1/10/2010 4:32 PM 253.75 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Application Data\Mozilla\Firefox\Profiles\1v5x5r53.default\Cache\FFC25125d01 1/10/2010 4:01 PM 30.13 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temp\flaC35.tmp 1/10/2010 6:06 PM 2.68 MB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temp\plugtmp 1/10/2010 6:07 PM 0 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temp\plugtmp\plugin-crossdomain-1.xml 1/10/2010 6:05 PM 298 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temp\plugtmp\plugin-crossdomain-2.xml 1/10/2010 6:07 PM 102 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temp\plugtmp\plugin-crossdomain-3.xml 1/10/2010 6:07 PM 102 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temp\plugtmp\plugin-crossdomain.xml 1/10/2010 4:21 PM 98 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temp\plugtmp\plugin-showPlayerConfig 1/10/2010 4:21 PM 1.91 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temporary Internet Files\Content.IE5\S7ASLIAQ\VALUESTABLE[1] 1/10/2010 4:39 PM 1.06 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Local Settings\Temporary Internet Files\Content.IE5\Y1M9AQK3\30d[1].png 1/10/2010 5:35 PM 19.37 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\111 Page One Business\Page One Business\.htaccess 1/10/2010 5:38 PM 61 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\111 Page One Business\Page One Business\htaccess.txt 1/10/2010 5:38 PM 61 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\111 Page One Business\Search Engine Top Placement Blog\0MFedtdXjLaM58sEhassshlRXh0.txt 1/10/2010 4:23 PM 69 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\111 Page One Business\Search Engine Top Placement Blog\0MFedtdXjLaM58sEhassshlRXh0.txt:Zone.Identifier 1/10/2010 4:23 PM 46 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2009-1226-145716-BLUE-RoboForm Online.log 12/26/2009 2:58 PM 2.26 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2009-1226-151001-BLUE-RoboForm Online.log 12/26/2009 3:12 PM 2.31 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2009-1226-151552-BLUE-RoboForm Online.log 12/26/2009 3:19 PM 2.31 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2009-1226-154630-BLUE-RoboForm Online.log 12/26/2009 3:46 PM 2.26 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2009-1226-154724-BLUE-RoboForm Online.log 12/26/2009 3:47 PM 2.26 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2009-1226-154929-BLUE-RoboForm Online.log 12/26/2009 3:49 PM 2.25 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2009-1226-160212-BLUE-RoboForm Online.log 12/26/2009 4:02 PM 2.25 KB Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2010-0110-163942-BLUE-RoboForm Online.log 1/10/2010 4:40 PM 2.85 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\_gsdata_\2010-0110-164004-BLUE-RoboForm Online.log 1/10/2010 4:40 PM 1.16 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\My RoboForm Data\Default Profile\ME\Delicious - Page One Google.rfp 1/10/2010 4:39 PM 615 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\WORDPRESS 08\Plugins Jan 2010\.htaccess 1/10/2010 5:34 PM 427 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\My Documents\WORDPRESS 08\Plugins Jan 2010\htaccess.txt 1/10/2010 5:33 PM 61 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Recent\.htaccess (2).lnk 1/10/2010 5:37 PM 973 bytes Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Recent\0MFedtdXjLaM58sEhassshlRXh0.txt.lnk 1/10/2010 4:23 PM 1.20 KB Hidden from Windows API.
F:\Documents and Settings\Warner Carter\Recent\Craigs List ADS.txt (2).lnk 1/9/2010 7:24 PM 986 bytes Visible in Windows API, but not in MFT or directory index.
F:\Documents and Settings\Warner Carter\Recent\Search Engine Top Placement Blog.lnk 1/10/2010 4:23 PM 782 bytes Hidden from Windows API.
F:\System Volume Information\_restore{7ADBB2C6-E688-4711-9C99-97784041BD15}\RP631\A0165778.exe 6/17/2009 8:53 PM 68.00 KB Visible in Windows API, but not in MFT or directory index.
F:\System Volume Information\_restore{7ADBB2C6-E688-4711-9C99-97784041BD15}\RP634\A0184670.exe 1/10/2010 5:56 PM 68.00 KB Hidden from Windows API.
F:\WINDOWS\dzinst.exe 6/17/2009 8:53 PM 68.00 KB Visible in Windows API, but not in MFT or directory index.
F:\WINDOWS\Prefetch\FILEZILLA.EXE-1C946DD3.pf 1/10/2010 5:29 PM 73.27 KB Hidden from Windows API.
F:\WINDOWS\Prefetch\PASSCARDS.EXE-27438077.pf 1/10/2010 4:38 PM 67.53 KB Hidden from Windows API.

Edited by warner444, 10 January 2010 - 11:17 PM.

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

1. Please download OTL from following mirror:
   • This is THE Mirror
2. Save it to your desktop.
3. Double click on the icon on your desktop.
4. Click the "Scan All Users" checkbox.
5. Push the button.
6. Two reports will open, copy and paste them in a reply here:
   • OTL.txt <-- Will be opened
   • Extra.txt <-- Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

1. Please download OTL from following mirror:
   • This is THE Mirror
2. Save it to your desktop.
3. Double click on the icon on your desktop.
4. Click the "Scan All Users" checkbox.
5. Push the button.
6. Two reports will open, copy and paste them in a reply here:
   • OTL.txt <-- Will be opened
   • Extra.txt <-- Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti