This topic is locked
Deckard's System Scanner v20071014.68
Run by Kent on 2007-10-15 00:12:53
Computer is in Safe Mode with Networking.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Failed to create restore point; computer is in safe mode.
-- Last 5 Restore Point(s) --
38: 2007-10-13 01:05:24 UTC - RP182 - Restore Operation
37: 2007-10-01 19:57:19 UTC - RP181 - Restore Operation
36: 2007-10-01 19:52:51 UTC - RP180 - Restore Operation
35: 2007-10-01 19:43:40 UTC - RP179 - Restore Operation
34: 2007-10-01 19:41:37 UTC - RP178 - Restore Operation
-- First Restore Point --
1: 2007-09-05 10:28:40 UTC - RP145 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 77% (more than 75%).
Total Physical Memory: 504 MiB (512 MiB recommended).
System Drive C: has 3.55 GiB (less than 15%) free.
-- HijackThis (run as Kent.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:56 AM, on 10/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Kent\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kent.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/itunes/download/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3E80EA04-3EBA-40E2-B1C1-58D119F6518a} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {54E6D360-DCF8-4E50-92C9-8792126D2864} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
O2 - BHO: (no name) - {6B8ADCEE-02B2-475A-803C-F3ADF8B773F8} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
O2 - BHO: (no name) - {74F932E6-C714-4D49-83DA-C48F9FD61A76} - C:\WINDOWS\system32\fbiugbyy.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {A91DB785-7D93-42AE-AC4C-E6F0BD0CA45D} - C:\WINDOWS\AppPatch\natimxl.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {D023390D-0F52-4437-B2FF-58561E3368A5} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
O2 - BHO: (no name) - {D0329530-48D1-4AD6-AAB6-E90338C13212} - C:\WINDOWS\system32\djqfhsn.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [xcdtggyl] C:\vrjocsqy.bat
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://titanium.full...cweb/awswax.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com...ageUploader.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures06.ai...AIM.9.5.1.8.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.ritea...PhotoOnline.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://mainstreet.f...perSetupSP1.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Remote Procedure Call (RPC) Se (RPCSEO) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - http://www.google.com/
O24 - Desktop Component 1: MySpace - http://www.myspace.com/
--
End of file - 9721 bytes
-- File Associations -----------------------------------------------------------
.js - unable to read key
.js - unable to read key
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 Vax347b - c:\windows\system32\drivers\vax347b.sys
R0 Vax347s - c:\windows\system32\drivers\vax347s.sys
R0 xcqyangz - c:\windows\system32\drivers\coohlwms.sys
R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys <Not Verified; SlySoft, Inc.; AnyDVD>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
S1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
S1 StyleXPHelper - c:\program files\tgtsoft\stylexp\stylexphelper.exe <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S2 Diskeeper - "c:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper ™ Disk Defragmenter>
S2 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
S2 RPCSEO (Remote Procedure Call (RPC) Se) - c:\program files\intel\service <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 TUWinStylerThemeSvc (TuneUp WinStyler Theme Service) - "c:\program files\tuneup utilities 2006\winstylerthemesvc.exe" <Not Verified; TuneUp Software GmbH; TuneUp Utilities>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-10-13 14:27:06 362 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-09-28 21:17:39 388 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
2007-09-24 17:43:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2007-09-15 and 2007-10-15 -----------------------------
2007-10-15 00:01:47 126976 --a------ C:\zip.exe
2007-10-15 00:01:47 60416 --a------ C:\WINDOWS\system32\drivers\wcassojb.sys
2007-10-15 00:01:47 1080 --a------ C:\vrjocsqy.bat
2007-10-15 00:01:47 19814 --a------ C:\reboot.exe
2007-10-15 00:01:47 336 --a------ C:\reboot.bat
2007-10-15 00:01:47 353 --a------ C:\avexport.bat
2007-10-14 18:48:28 75284 --a------ C:\WINDOWS\system32\gelnihsr.exe <Not Verified; ; DDC>
2007-10-14 18:43:06 0 d-------- C:\!KillBox
2007-10-14 14:37:18 75284 --a------ C:\WINDOWS\system32\mbkfwfgn.exe <Not Verified; ; DDC>
2007-10-13 14:37:08 75284 --a------ C:\WINDOWS\system32\guoicais.exe <Not Verified; ; DDC>
2007-10-13 14:29:25 75284 --a------ C:\WINDOWS\system32\dnqnepfw.exe <Not Verified; ; DDC>
2007-10-13 14:04:10 75284 --a------ C:\WINDOWS\system32\jfwrxtrg.exe <Not Verified; ; DDC>
2007-10-13 13:58:34 75284 --a------ C:\WINDOWS\system32\xbpaoyop.exe <Not Verified; ; DDC>
2007-10-13 02:37:07 0 d-------- C:\VundoFix Backups
2007-10-12 23:53:49 75284 --a------ C:\WINDOWS\system32\yhcvvvim.exe <Not Verified; ; DDC>
2007-10-12 23:41:45 0 d-------- C:\Program Files\Trend Micro
2007-10-12 18:55:27 75284 --a------ C:\WINDOWS\system32\hwugjfqh.exe <Not Verified; ; DDC>
2007-10-07 19:40:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\ICAClient
2007-10-03 18:16:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Aim
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\SendTo
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\My Documents <MYDOCU~1>
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\Local Settings <LOCALS~1>
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\Favorites <FAVORI~1>
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\Cookies
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\Application Data <APPLIC~1>
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\Application Data\Sonic
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\Application Data\Real
2007-10-02 00:14:23 0 d-------- C:\Documents and Settings\New\Application Data\Microsoft
2007-10-02 00:14:22 0 d-------- C:\Documents and Settings\New\Templates <TEMPLA~1>
2007-10-02 00:14:22 1048576 --ah----- C:\Documents and Settings\New\NTUSER.DAT
2007-10-01 18:06:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2007-10-01 13:02:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2007-10-01 13:02:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\Opera
2007-10-01 12:56:52 9437184 --a------ C:\Documents and Settings\Kent\ntuser.dat
2007-10-01 08:53:10 548352 -r-hs---- C:\WINDOWS\serivce.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-01 01:29:39 75284 --a------ C:\WINDOWS\system32\oekuilff.exe <Not Verified; ; DDC>
2007-09-30 01:29:20 75284 --a------ C:\WINDOWS\system32\uplkxpkh.exe <Not Verified; ; DDC>
2007-09-29 08:26:14 59392 --a------ C:\WINDOWS\system32\cryptsva.dll
2007-09-29 08:24:59 75284 --a------ C:\WINDOWS\system32\duxgbkrt.exe <Not Verified; ; DDC>
2007-09-28 08:25:37 59392 --a------ C:\WINDOWS\system32\d3dx9_3.dll
2007-09-28 08:24:37 75284 --a------ C:\WINDOWS\system32\malnvsid.exe <Not Verified; ; DDC>
2007-09-27 12:39:16 4736 --a------ C:\WINDOWS\system32\drivers\jmwsmxkv.sys
2007-09-27 12:39:04 59392 --a------ C:\WINDOWS\system32\comaddi.dll
2007-09-27 12:37:56 104447 --a------ C:\WINDOWS\system32\djqfhsn.dll
2007-09-27 12:37:38 75284 --a------ C:\WINDOWS\system32\fktqqvoy.exe <Not Verified; ; DDC>
2007-09-26 14:23:48 17920 --a------ C:\WINDOWS\system32\drivers\coohlwms.sys
2007-09-26 14:22:34 91648 --a------ C:\WINDOWS\system32\cmcfg3.dll
2007-09-26 03:01:15 237568 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2007-09-25 19:45:42 75284 --a------ C:\WINDOWS\system32\turkcmlr.exe <Not Verified; ; DDC>
2007-09-25 16:59:53 75284 --a------ C:\WINDOWS\system32\tdnblsyp.exe <Not Verified; ; DDC>
2007-09-25 16:45:51 0 d-------- C:\Documents and Settings\LocalService\Application Data\Google
2007-09-25 16:45:30 0 dr------- C:\Documents and Settings\LocalService\Favorites <FAVORI~1>
2007-09-25 15:52:44 75284 --a------ C:\WINDOWS\system32\wsentjip.exe <Not Verified; ; DDC>
2007-09-23 21:14:46 75284 --a------ C:\WINDOWS\system32\utyedard.exe <Not Verified; ; DDC>
2007-09-23 21:01:21 75284 --a------ C:\WINDOWS\system32\jtjcfuhd.exe <Not Verified; ; DDC>
2007-09-23 12:16:14 75284 --a------ C:\WINDOWS\system32\jyijuiyu.exe <Not Verified; ; DDC>
2007-09-22 03:01:52 1048576 --a------ C:\Documents and Settings\Administrator\ntuser.dat
2007-09-22 03:01:49 7843840 --a------ C:\Documents and Settings\HP_Owner\ntuser.dat
2007-09-21 21:34:58 75284 --a------ C:\WINDOWS\system32\sfiqjqis.exe <Not Verified; ; DDC>
2007-09-21 13:42:59 75284 --a------ C:\WINDOWS\system32\dihqnfiw.exe <Not Verified; ; DDC>
2007-09-20 18:25:11 75284 --a------ C:\WINDOWS\system32\loytijnr.exe <Not Verified; ; DDC>
2007-09-20 17:41:12 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Opera
2007-09-20 11:38:47 0 d-------- C:\spoolerlogs
2007-09-18 14:18:44 75284 --a------ C:\WINDOWS\system32\kuvjrgkn.exe <Not Verified; ; DDC>
2007-09-18 12:42:38 75284 --a------ C:\WINDOWS\system32\dniiutqn.exe <Not Verified; ; DDC>
2007-09-18 10:05:27 75284 --a------ C:\WINDOWS\system32\hvtxbfrx.exe <Not Verified; ; DDC>
2007-09-17 13:33:04 75284 --a------ C:\WINDOWS\system32\aajavlmu.exe <Not Verified; ; DDC>
2007-09-17 11:33:18 75284 --a------ C:\WINDOWS\system32\fwynsrdj.exe <Not Verified; ; DDC>
2007-09-16 19:56:23 75284 --a------ C:\WINDOWS\system32\alfemeiy.exe <Not Verified; ; DDC>
2007-09-16 18:26:53 75284 --a------ C:\WINDOWS\system32\dxfdothm.exe <Not Verified; ; DDC>
2007-09-15 18:26:38 75284 --a------ C:\WINDOWS\system32\xetlijiu.exe <Not Verified; ; DDC>
2007-09-15 16:52:48 75284 --a------ C:\WINDOWS\system32\jvhlovxi.exe <Not Verified; ; DDC>
2007-09-15 15:00:10 75284 --a------ C:\WINDOWS\system32\wukmusea.exe <Not Verified; ; DDC>
2007-09-15 11:21:39 75284 --a------ C:\WINDOWS\system32\whmcrvsj.exe <Not Verified; ; DDC>
2007-09-15 05:49:29 75284 --a------ C:\WINDOWS\system32\ipphseug.exe <Not Verified; ; DDC>
-- Find3M Report ---------------------------------------------------------------
2007-10-13 14:26:55 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-13 14:22:03 0 d-------- C:\Documents and Settings\Kent\Application Data\Juniper Networks
2007-10-12 23:46:39 0 d-------- C:\Program Files\Google
2007-10-01 12:50:50 0 d-------- C:\Program Files\Intel
2007-09-30 01:27:48 562688 -----n--- C:\WINDOWS\Intel.DLL
2007-09-25 16:33:05 0 d-------- C:\Program Files\Dartfish
2007-09-25 16:24:52 0 d-------- C:\Program Files\CoffeeCup Software
2007-09-24 11:44:50 0 d-------- C:\Documents and Settings\Kent\Application Data\LimeWire
2007-09-14 16:35:23 75284 --a------ C:\WINDOWS\system32\mkugioqi.exe <Not Verified; ; DDC>
2007-09-14 13:18:51 75284 --a------ C:\WINDOWS\system32\duqoroxt.exe <Not Verified; ; DDC>
2007-09-14 13:07:19 75284 --a------ C:\WINDOWS\system32\jkofxmkh.exe <Not Verified; ; DDC>
2007-09-14 11:49:47 75284 --a------ C:\WINDOWS\system32\gvkdinpk.exe <Not Verified; ; DDC>
2007-09-13 13:43:03 75284 --a------ C:\WINDOWS\system32\alrcwofr.exe <Not Verified; ; DDC>
2007-09-12 13:42:44 75284 --a------ C:\WINDOWS\system32\toeqnomx.exe <Not Verified; ; DDC>
2007-09-12 03:28:28 75284 --a------ C:\WINDOWS\system32\sfbphhvl.exe <Not Verified; ; DDC>
2007-09-11 16:23:49 75284 --a------ C:\WINDOWS\system32\tjjvopsb.exe <Not Verified; ; DDC>
2007-09-11 06:22:15 75284 --a------ C:\WINDOWS\system32\eimwelfo.exe <Not Verified; ; DDC>
2007-09-10 13:20:55 75284 --a------ C:\WINDOWS\system32\qcifeqmt.exe <Not Verified; ; DDC>
2007-09-09 22:20:30 75284 --a------ C:\WINDOWS\system32\unxqjkdq.exe <Not Verified; ; DDC>
2007-09-09 20:50:42 75284 --a------ C:\WINDOWS\system32\gwuhnjwi.exe <Not Verified; ; DDC>
2007-09-09 17:51:57 75284 --a------ C:\WINDOWS\system32\tboikamb.exe <Not Verified; ; DDC>
2007-09-09 17:17:40 75284 --a------ C:\WINDOWS\system32\onphsxqi.exe <Not Verified; ; DDC>
2007-09-09 12:40:28 75284 --a------ C:\WINDOWS\system32\iecpewka.exe <Not Verified; ; DDC>
2007-09-09 11:51:08 75284 --a------ C:\WINDOWS\system32\tfywfoag.exe <Not Verified; ; DDC>
2007-09-08 21:03:54 75284 --a------ C:\WINDOWS\system32\gkgnwigm.exe <Not Verified; ; DDC>
2007-09-08 13:26:17 75284 --a------ C:\WINDOWS\system32\cjhcwyrv.exe <Not Verified; ; DDC>
2007-09-08 11:49:00 75284 --a------ C:\WINDOWS\system32\ijsprjxb.exe <Not Verified; ; DDC>
2007-09-08 06:07:09 75284 --a------ C:\WINDOWS\system32\dhfsqbqr.exe <Not Verified; ; DDC>
2007-09-07 21:12:43 75284 --a------ C:\WINDOWS\system32\fowhurxy.exe <Not Verified; ; DDC>
2007-09-07 10:09:03 75284 --a------ C:\WINDOWS\system32\kqpcevsu.exe <Not Verified; ; DDC>
2007-09-07 04:57:33 75284 --a------ C:\WINDOWS\system32\djyyifwu.exe <Not Verified; ; DDC>
2007-09-06 13:10:27 75284 --a------ C:\WINDOWS\system32\njkocwph.exe <Not Verified; ; DDC>
2007-09-06 05:22:05 75284 --a------ C:\WINDOWS\system32\vkackwdv.exe <Not Verified; ; DDC>
2007-09-05 13:51:14 75284 --a------ C:\WINDOWS\system32\ldhiumsb.exe <Not Verified; ; DDC>
2007-09-05 08:40:02 75284 --a------ C:\WINDOWS\system32\lhvlmcty.exe <Not Verified; ; DDC>
2007-09-05 02:12:23 75284 --a------ C:\WINDOWS\system32\phhisrpb.exe <Not Verified; ; DDC>
2007-09-04 11:26:10 75284 --a------ C:\WINDOWS\system32\vqhjluwh.exe <Not Verified; ; DDC>
2007-09-03 22:08:22 75284 --a------ C:\WINDOWS\system32\eafsegnr.exe <Not Verified; ; DDC>
2007-09-03 10:54:12 75284 --a------ C:\WINDOWS\system32\frsqnevt.exe <Not Verified; ; DDC>
2007-09-03 10:42:50 75284 --a------ C:\WINDOWS\system32\vgmnpblu.exe <Not Verified; ; DDC>
2007-09-02 16:30:33 75284 --a------ C:\WINDOWS\system32\bkdmpwxf.exe <Not Verified; ; DDC>
2007-09-02 15:36:15 75284 --a------ C:\WINDOWS\system32\qxpglalv.exe <Not Verified; ; DDC>
2007-09-02 15:03:16 75284 --a------ C:\WINDOWS\system32\ncgiscci.exe <Not Verified; ; DDC>
2007-09-02 14:32:23 75284 --a------ C:\WINDOWS\system32\eljfonwp.exe <Not Verified; ; DDC>
2007-09-02 14:20:23 75284 --a------ C:\WINDOWS\system32\ejrnjjdk.exe <Not Verified; ; DDC>
2007-09-01 22:56:45 75284 --a------ C:\WINDOWS\system32\mthydijq.exe <Not Verified; ; DDC>
2007-09-01 17:29:20 75284 --a------ C:\WINDOWS\system32\qrfvcjeh.exe <Not Verified; ; DDC>
2007-09-01 15:30:19 75284 --a------ C:\WINDOWS\system32\ejqoohxr.exe <Not Verified; ; DDC>
2007-09-01 14:01:14 75284 --a------ C:\WINDOWS\system32\miglvumo.exe <Not Verified; ; DDC>
2007-09-01 01:08:29 75284 --a------ C:\WINDOWS\system32\bqchjhxr.exe <Not Verified; ; DDC>
2007-08-31 15:38:37 75284 --a------ C:\WINDOWS\system32\jwxnrdnn.exe <Not Verified; ; DDC>
2007-08-31 15:30:16 75284 --a------ C:\WINDOWS\system32\lmddxjam.exe <Not Verified; ; DDC>
2007-08-31 13:39:02 75284 --a------ C:\WINDOWS\system32\kkttfcty.exe <Not Verified; ; DDC>
2007-08-31 10:52:14 75284 --a------ C:\WINDOWS\system32\xbybiely.exe <Not Verified; ; DDC>
2007-08-31 04:28:36 75284 --a------ C:\WINDOWS\system32\repinkly.exe <Not Verified; ; DDC>
2007-08-30 04:28:16 75284 --a------ C:\WINDOWS\system32\wxaljrka.exe <Not Verified; ; DDC>
2007-08-30 03:53:23 75284 --a------ C:\WINDOWS\system32\cmymcveo.exe <Not Verified; ; DDC>
2007-08-30 03:35:04 75284 --a------ C:\WINDOWS\system32\qmpqeifj.exe <Not Verified; ; DDC>
2007-08-30 00:18:18 75284 --a------ C:\WINDOWS\system32\yaowydmt.exe <Not Verified; ; DDC>
2007-08-29 16:56:45 75284 --a------ C:\WINDOWS\system32\egafhqke.exe <Not Verified; ; DDC>
2007-08-29 15:42:47 75284 --a------ C:\WINDOWS\system32\jwqttdqr.exe <Not Verified; ; DDC>
2007-08-28 15:42:31 75284 --a------ C:\WINDOWS\system32\ajftrmrg.exe <Not Verified; ; DDC>
2007-08-22 21:25:38 0 d-------- C:\Documents and Settings\Kent\Application Data\Adobe
2007-08-22 10:02:18 0 d-------- C:\Documents and Settings\Kent\Application Data\U3
2007-08-22 01:00:39 304161 --a------ C:\WINDOWS\system32\qwdwlvis.exe
2007-08-21 10:01:10 304161 --a------ C:\WINDOWS\system32\ufjvjefy.exe
2007-08-15 22:51:20 73 --a------ C:\WINDOWS\sysInf.dat
2007-08-15 08:08:45 75284 --a------ C:\WINDOWS\system32\biwwqgqo.exe <Not Verified; ; DDC>
2007-08-15 04:03:30 0 d-------- C:\Program Files\MSXML 6.0
2007-08-15 03:33:20 75284 --a------ C:\WINDOWS\system32\bxdbtmip.exe <Not Verified; ; DDC>
2007-08-14 18:38:38 75284 --a------ C:\WINDOWS\system32\fdoygvbc.exe <Not Verified; ; DDC>
2007-08-13 18:38:11 75284 --a------ C:\WINDOWS\system32\srnultya.exe <Not Verified; ; DDC>
2007-08-13 15:59:34 75284 --a------ C:\WINDOWS\system32\jvlibgfw.exe <Not Verified; ; DDC>
2007-08-13 09:02:51 75284 --a------ C:\WINDOWS\system32\pwmnfwak.exe <Not Verified; ; DDC>
2007-08-13 08:45:25 75284 --a------ C:\WINDOWS\system32\bujqkwqg.exe <Not Verified; ; DDC>
2007-08-12 10:35:43 75284 --a------ C:\WINDOWS\system32\cwldftju.exe <Not Verified; ; DDC>
2007-08-12 10:35:27 66068 --a------ C:\WINDOWS\system32\dprwiyub.exe
2007-08-12 10:31:50 75284 --a------ C:\WINDOWS\system32\kwpmalnp.exe <Not Verified; ; DDC>
2007-08-12 10:31:23 66068 --a------ C:\WINDOWS\system32\dqyqxsih.exe
2007-08-12 10:26:51 75284 --a------ C:\WINDOWS\system32\jikaqtno.exe <Not Verified; ; DDC>
2007-08-12 10:26:22 66068 --a------ C:\WINDOWS\system32\bcoqflmh.exe
2007-08-12 10:24:41 75284 --a------ C:\WINDOWS\system32\jecbgxdr.exe <Not Verified; ; DDC>
2007-08-12 09:58:37 75284 --a------ C:\WINDOWS\system32\ulmsgbtk.exe <Not Verified; ; DDC>
2007-08-11 09:58:23 75284 --a------ C:\WINDOWS\system32\hgyhvejm.exe <Not Verified; ; DDC>
2007-08-10 13:07:59 120852 --a------ C:\WINDOWS\system32\vicynhrx.dll
2007-08-10 13:07:35 75284 --a------ C:\WINDOWS\system32\pvwlgeya.exe <Not Verified; ; DDC>
2007-08-10 03:33:04 75284 --a------ C:\WINDOWS\system32\nykijyjr.exe <Not Verified; ; DDC>
2007-08-09 18:41:45 75284 --a------ C:\WINDOWS\system32\muvqxvql.exe <Not Verified; ; DDC>
2007-08-09 18:41:16 66068 --a------ C:\WINDOWS\system32\ouldhhks.exe
2007-08-09 18:36:28 75284 --a------ C:\WINDOWS\system32\tvscetsi.exe <Not Verified; ; DDC>
2007-08-09 14:06:50 75284 --a------ C:\WINDOWS\system32\awyrbjcf.exe <Not Verified; ; DDC>
2007-08-08 14:06:22 75284 --a------ C:\WINDOWS\system32\pwcdrrch.exe <Not Verified; ; DDC>
2007-08-08 14:06:08 66068 --a------ C:\WINDOWS\system32\yfsxnsno.exe
2007-08-08 14:01:46 75284 --a------ C:\WINDOWS\system32\vlrnfuhl.exe <Not Verified; ; DDC>
2007-08-08 14:01:39 304161 --a------ C:\WINDOWS\system32\jlsjdadm.exe
2007-08-08 14:01:08 66068 --a------ C:\WINDOWS\system32\dmdnwxoi.exe
2007-08-08 13:56:00 75284 --a------ C:\WINDOWS\system32\wrumtpei.exe <Not Verified; ; DDC>
2007-08-08 13:52:11 66068 --a------ C:\WINDOWS\system32\tfoogfgc.exe
2007-08-08 09:27:43 75284 --a------ C:\WINDOWS\system32\gnuxrand.exe <Not Verified; ; DDC>
2007-08-07 09:27:15 66068 --a------ C:\WINDOWS\system32\jkindolm.exe
2007-08-06 09:27:01 66068 --a------ C:\WINDOWS\system32\idkxgbju.exe
2007-08-05 14:02:33 66068 --a------ C:\WINDOWS\system32\uklialsr.exe
2007-08-05 14:02:00 66068 --a------ C:\WINDOWS\system32\fnubjdka.exe
2007-08-05 12:48:09 66068 --a------ C:\WINDOWS\system32\wlvfywnd.exe
2007-08-04 12:47:49 66068 --a------ C:\WINDOWS\system32\ebeijatl.exe
2007-08-04 12:36:14 66068 --a------ C:\WINDOWS\system32\rysxqegy.exe
2007-08-04 12:30:35 66068 --a------ C:\WINDOWS\system32\xoxsioxg.exe
2007-08-03 22:50:35 66068 --a------ C:\WINDOWS\system32\klgfyife.exe
2007-08-03 22:41:46 66068 --a------ C:\WINDOWS\system32\dfkhgjtq.exe
2007-08-03 18:45:32 121876 --a------ C:\WINDOWS\system32\gfdrqjls.dll
2007-08-03 18:45:18 66068 --a------ C:\WINDOWS\system32\ydsgrmcx.exe
2007-08-03 18:41:13 66068 --a------ C:\WINDOWS\system32\yijjynhs.exe
2007-08-03 17:15:44 66068 --a------ C:\WINDOWS\system32\cqrqdqap.exe
2007-08-03 12:26:07 121876 --a------ C:\WINDOWS\system32\eaykkcoo.dll
2007-08-03 12:26:03 66068 --a------ C:\WINDOWS\system32\aephbyrq.exe
2007-08-03 12:25:41 66068 --a------ C:\WINDOWS\system32\wwqrysnr.exe
2007-08-03 10:15:04 66068 --a------ C:\WINDOWS\system32\qykmjaok.exe
2007-08-03 10:11:11 66068 --a------ C:\WINDOWS\system32\fdtctvap.exe
2007-08-03 10:10:42 66068 --a------ C:\WINDOWS\system32\vondahac.exe
2007-08-03 10:05:09 66068 --a------ C:\WINDOWS\system32\lyqcgfsr.exe
2007-08-03 08:32:30 66068 --a------ C:\WINDOWS\system32\hrbdmqjj.exe
2007-08-03 08:32:03 66068 --a------ C:\WINDOWS\system32\mbjodnlr.exe
2007-08-03 08:24:45 66068 --a------ C:\WINDOWS\system32\qrvtayyi.exe
2007-08-03 08:23:46 66068 --a------ C:\WINDOWS\system32\kijnmjxw.exe
2007-08-02 16:09:47 66068 --a------ C:\WINDOWS\system32\lcgehnrd.exe
2007-08-02 13:32:11 66068 --a------ C:\WINDOWS\system32\kykevwos.exe
2007-08-02 09:26:36 66068 --a------ C:\WINDOWS\system32\kkgidcuq.exe
2007-08-02 09:22:10 66068 --a------ C:\WINDOWS\system32\ysfhjpsm.exe
2007-08-02 09:17:00 66068 --a------ C:\WINDOWS\system32\vxwuwajr.exe
2007-08-02 08:53:56 66068 --a------ C:\WINDOWS\system32\emjwxsbl.exe
2007-08-02 04:07:08 66068 --a------ C:\WINDOWS\system32\fixhllik.exe
2007-08-02 04:06:26 66068 --a------ C:\WINDOWS\system32\huwnoygf.exe
2007-08-01 19:15:03 66068 --a------ C:\WINDOWS\system32\dpxkycfp.exe
2007-08-01 17:55:29 66068 --a------ C:\WINDOWS\system32\bvasruwp.exe
2007-08-01 11:47:41 66068 --a------ C:\WINDOWS\system32\vahpixhy.exe
2007-07-31 11:47:34 125972 --a------ C:\WINDOWS\system32\yfyaphis.dll
2007-07-31 11:47:17 66068 --a------ C:\WINDOWS\system32\yehwhift.exe
2007-07-30 11:46:58 125972 --a------ C:\WINDOWS\system32\kovssvbt.dll
2007-07-30 11:46:49 66068 --a------ C:\WINDOWS\system32\ksruawvt.exe
2007-07-29 11:46:37 66068 --a------ C:\WINDOWS\system32\vmwysees.exe
2007-07-28 11:46:46 125972 --a------ C:\WINDOWS\system32\ppyldnwj.dll
2007-07-28 11:46:26 66068 --a------ C:\WINDOWS\system32\rstparab.exe
2007-07-27 15:14:46 103144 --a------ C:\Documents and Settings\Kent\Application Data\GDIPFONTCACHEV1.DAT
2007-07-27 12:10:27 33 --a------ C:\Documents and Settings\Kent\Application Data\pcouffin.log
2007-07-27 12:10:25 81920 --a------ C:\Documents and Settings\Kent\Application Data\ezpinst.exe
2007-07-27 12:10:24 47360 --a------ C:\Documents and Settings\Kent\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-07-27 12:10:24 1144 --a------ C:\Documents and Settings\Kent\Application Data\pcouffin.inf
2007-07-27 12:10:24 7176 --a------ C:\Documents and Settings\Kent\Application Data\pcouffin.cat
2007-07-27 11:45:55 66068 --a------ C:\WINDOWS\system32\cdmpmrvr.exe
2007-07-26 22:41:46 139 --a------ C:\AUTOEXEC.BAT
2007-07-26 11:45:20 66068 --a------ C:\WINDOWS\system32\jsuyyqje.exe
2007-07-26 11:44:03 66068 --a------ C:\WINDOWS\system32\secrtjrg.exe
2007-07-26 03:28:20 66068 --a------ C:\WINDOWS\system32\ohefsopx.exe
2007-07-25 21:54:13 66068 --a------ C:\WINDOWS\system32\lmwlskyy.exe
2007-07-25 19:49:45 66068 --a------ C:\WINDOWS\system32\dxfmfvdu.exe
2007-07-25 17:10:25 66068 --a------ C:\WINDOWS\system32\bsqhnsib.exe
2007-07-24 17:10:08 66068 --a------ C:\WINDOWS\system32\tvxtwwxv.exe
2007-07-23 23:20:46 66068 --a------ C:\WINDOWS\system32\cgnulkci.exe
2007-07-23 22:16:47 66068 --a------ C:\WINDOWS\system32\rjklcuji.exe
2007-07-23 21:12:34 66068 --a------ C:\WINDOWS\system32\jpfeujcl.exe
2007-07-23 20:34:50 66068 --a------ C:\WINDOWS\system32\rgyvwyjr.exe
2007-07-22 13:43:33 66068 --a------ C:\WINDOWS\system32\gjnkhxfk.exe
2007-07-21 22:29:33 66068 --a------ C:\WINDOWS\system32\fainjfeb.exe
2007-07-20 22:29:24 66068 --a------ C:\WINDOWS\system32\dqfmcfti.exe
2007-07-19 22:48:40 66068 --a------ C:\WINDOWS\system32\ljgaiwaw.exe
2007-07-19 04:20:29 66068 --a------ C:\WINDOWS\system32\vuvijarb.exe
2007-07-19 04:12:36 66068 --a------ C:\WINDOWS\system32\jnohlhbk.exe
2007-07-19 03:54:45 66068 --a------ C:\WINDOWS\system32\pmneqbwd.exe
2007-07-19 02:26:33 66068 --a------ C:\WINDOWS\system32\thwsfyyv.exe
2007-07-18 22:25:36 110612 --a------ C:\WINDOWS\system32\fldabjwx.dll
2007-07-18 22:25:18 66068 --a------ C:\WINDOWS\system32\xtqvwniy.exe
2007-07-18 19:17:52 110612 --a------ C:\WINDOWS\system32\vopwnect.dll
2007-07-18 19:17:25 66068 --a------ C:\WINDOWS\system32\pbgtodee.exe
2007-07-17 18:59:45 110612 --a------ C:\WINDOWS\system32\rqehndhr.dll
2007-07-17 18:59:04 66068 --a------ C:\WINDOWS\system32\fivnpekq.exe
2007-07-17 18:54:33 66068 --a------ C:\WINDOWS\system32\clbbdlgj.exe
2007-07-17 11:16:01 66068 --a------ C:\WINDOWS\system32\wlbxrjtx.exe
2007-07-17 09:15:37 66068 --a------ C:\WINDOWS\system32\jmieyhyp.exe
2007-07-17 09:07:59 66068 --a------ C:\WINDOWS\system32\gaiyykeh.exe
2007-07-17 06:00:18 66068 --a------ C:\WINDOWS\system32\kkaosqvr.exe
2007-07-16 10:01:14 66068 --a------ C:\WINDOWS\system32\bmkhidev.exe
2007-07-16 09:00:52 66068 --a------ C:\WINDOWS\system32\gcuxoapo.exe
2007-07-15 14:23:19 66068 --a------ C:\WINDOWS\system32\xtjerxdu.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E80EA04-3EBA-40E2-B1C1-58D119F6518a}]
C:\WINDOWS\system32\ksqsoelb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54E6D360-DCF8-4E50-92C9-8792126D2864}]
C:\WINDOWS\system32\ksqsoelb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B8ADCEE-02B2-475A-803C-F3ADF8B773F8}]
C:\WINDOWS\system32\ksqsoelb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74F932E6-C714-4D49-83DA-C48F9FD61A76}]
C:\WINDOWS\system32\fbiugbyy.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A91DB785-7D93-42AE-AC4C-E6F0BD0CA45D}]
C:\WINDOWS\AppPatch\natimxl.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D023390D-0F52-4437-B2FF-58561E3368A5}]
C:\WINDOWS\system32\ksqsoelb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0329530-48D1-4AD6-AAB6-E90338C13212}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [09/21/2005 10:24 AM C:\WINDOWS\SOUNDMAN.EXE]
"PS2"="C:\WINDOWS\system32\ps2.exe" [10/25/2004 04:17 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [04/17/2004 12:41 PM]
"AlcxMonitor"="ALCXMNTR.EXE" [09/07/2004 08:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"AlcWzrd"="ALCWZRD.EXE" [09/21/2005 03:32 PM C:\WINDOWS\ALCWZRD.EXE]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 06:43 PM C:\WINDOWS\ALCMTR.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [06/29/2004 05:06 PM C:\WINDOWS\AGRSMMSG.exe]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [01/13/2007 09:47 AM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [01/13/2007 09:47 AM]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [04/09/2007 05:23 AM]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [10/14/2004 09:54 PM]
"KBD"="C:\HP\KBD\KBD.EXE" [02/02/2005 05:44 PM]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [05/07/1998 04:04 PM]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [06/07/2004 06:53 PM]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [06/07/2004 06:42 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" []
"xcdtggyl"="C:\vrjocsqy.bat" [10/15/2007 12:01 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 09:24 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [09/25/2006 08:24 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"wininet.dll"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll 12/20/2001 10:34 PM 24576 C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"AIM"=C:\Program Files\AIM\aim.exe -cnetwait.odl
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
"PopUpStopperFreeEdition"="C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
"LaunchList"=C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
"STYLEXP"=C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"THGuard"="C:\Program Files\TrojanHunter 4.5\THGuard.exe"
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"HostManager"=C:\Program Files\Common Files\AOL\1128563132\ee\AOLSoftware.exe
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"msci"=C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\2006621212256_mcinfo.exe /insfin
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"IPHSend"=C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
"DeadAIM"=rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
"DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" /STARTUP
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
"kav"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
"Symantec NetDriver Monitor"=C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
"Ulead Quick-Drop"="C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5 Plus\Ulead DVD MovieFactory 5\Quick-Drop.exe" WINDOWCALL
"PrintDrive"=rundll32.exe "C:\WINDOWS\system32\svlesekg.dll",setvm
"GPLv3"=rundll32.exe "C:\WINDOWS\system32\acpbapku.dll",realset
"SecurityUpdate"=rundll32.exe C:\WINDOWS\system32\pjditur.dll,TurnOn2
"j6221430"=rundll32 C:\WINDOWS\system32\j6221430.dll sook
"SearchIndexer"=rundll32.exe "C:\WINDOWS\system32\tihcnhpr.dll",sitypnow
"Persistence"=C:\WINDOWS\system32\igfxpers.exe
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
AutoRun\command- P:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2007-10-15 00:51:55 ------------
Sign In
Create Account
