Deckard's System Scanner v20071014.68
Run by I lOvE nIkKi on 2008-03-01 12:48:28
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Unable to create WMI object; The operation completed successfully.
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 504 MiB (512 MiB recommended).
-- HijackThis (run as I lOvE nIkKi.exe) ----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:52:00 PM, on 3/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\PROGRA~1\McAfee\MSC\McOEMMGr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Documents and Settings\I lOvE nIkKi\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\I lOvE nIkKi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.n...lbar2.0/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
F3 - REG:win.ini: run="C:\WINDOWS\system32\winupdate.exe"
O2 - BHO: (no name) - {0380F6F6-4734-4885-9CD8-CB82E7144652} - C:\WINDOWS\system32\mljjh.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - (no file)
O2 - BHO: (no name) - {30F7927D-E3E6-48F0-887D-9EAC0E782A34} - C:\WINDOWS\system32\pmkji.dll (file missing)
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: 0 - {87C95BC9-7AEA-4868-4D9C-79830CDB04A0} - C:\Program Files\ComPlus Applications\lavuhaw640.dll (file missing)
O2 - BHO: (no name) - {BC831C34-2B7C-4C8A-833A-6E7236C62DCC} - C:\Program Files\Common Files\hoken555077.dll (file missing)
O2 - BHO: (no name) - {bfaa9f81-923d-4d6f-9d86-6a7f7795c979} - C:\WINDOWS\system32\lsphkll.dll (file missing)
O2 - BHO: (no name) - {E9383002-FC55-4330-B9C9-67E03BC5C840} - C:\WINDOWS\system32\qomnlif.dll (file missing)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EVENTLISTENER] C:\Program Files\Common Files\FotoNation\EvLstnr.exe
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\AVSystemCare\bm.exe" dm=http://[email protected] ad=http://[email protected] sd=http://[email protected]
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [MWLExe] C:\PROGRA~1\Mcafee\MWL\MWLGuiSt.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu572.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [b4fe43bd] rundll32.exe "C:\WINDOWS\system32\wpnvdoaj.dll",b
O4 - HKLM\..\Run: [IESet] IExplorer.dll .dbt
O4 - HKLM\..\Run: [BMb7cd7021] Rundll32.exe "C:\WINDOWS\system32\vxnbnnrn.dll",s
O4 - HKLM\..\RunServices: [IESet] IExplorer.dll .dbt
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [IESet] IExplorer.dll .dbt
O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
O4 - HKUS\S-1-5-21-3908285732-430737011-3835062590-1011\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-3908285732-430737011-3835062590-1011\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (User '?')
O4 - HKUS\S-1-5-21-3908285732-430737011-3835062590-1011\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-3908285732-430737011-3835062590-1011\..\Run: [IESet] IExplorer.dll .dbt (User '?')
O4 - HKUS\S-1-5-21-3908285732-430737011-3835062590-1011\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - S-1-5-18 Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe (User '?')
O4 - .DEFAULT Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe (User 'Default user')
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = ?
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O20 - Winlogon Notify: kcghuzos - kcghuzos.dll (file missing)
O20 - Winlogon Notify: qomnlif - qomnlif.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 10463 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080329-111705-225 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://superiorads.biz/bc/123kah.php
backup-20080329-111705-508 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
backup-20080329-111705-620 O8 - Extra context menu item: &Search - http://kl.bar.need2f...earch.html?p=KL
backup-20080329-111705-778 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
-- File Associations -----------------------------------------------------------
.bat - batfile - shell\edit\command - rtgertyjrg.exe %1
.reg - regfile - shell\edit\command - rtgertyjrg.exe %1
.txt - txtfile - shell\open\command - notepad.exe %1
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
3 AgereSoftModem (Agere Systems Soft Modem) - c:\windows\system32\drivers\agrsm.sys <Not Verified; Agere Systems; Agere SoftModem Driver>
3 ALCXSENS (Service for WDM 3D Audio Driver) - c:\windows\system32\drivers\alcxsens.sys <Not Verified; Sensaura Ltd; >
3 DIGIRPS (Digi PortServer Driver) - c:\windows\system32\drivers\digirlpt.sys <Not Verified; Digi International, Inc.; Digi RealPort® Driver>
0 fasttx2k - c:\windows\system32\drivers\fasttx2k.sys <Not Verified; Promise Technology, Inc.; Promise FastTrak Series Driver>
3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT®>
2 irda (IrDA Protocol) - c:\windows\system32\drivers\irda.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
3 irsir (Microsoft Serial Infrared Driver) - c:\windows\system32\drivers\irsir.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
1 mupp - system32\drivers\mupp.sys (file missing)
2 NwlnkIpx (NWLink IPX/SPX/NetBIOS Compatible Transport Protocol) - c:\windows\system32\drivers\nwlnkipx.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2 NwlnkNb (NWLink NetBIOS) - c:\windows\system32\drivers\nwlnknb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2 NwlnkSpx (NWLink SPX/SPXII Protocol) - c:\windows\system32\drivers\nwlnkspx.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
3 Ps2 - c:\windows\system32\drivers\ps2.sys <Not Verified; Hewlett-Packard Company; Hewlett-Packard Company PS2 SYS>
3 Rasirda (WAN Miniport (IrDA)) - c:\windows\system32\drivers\rasirda.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
3 SiS315 - c:\windows\system32\drivers\sisgrp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS ® Compatible Super VGA Miniport Driver for Windows XP>
1 SiSkp - c:\windows\system32\drivers\srvkp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS ® WindowsXP Display Manager>
3 usb_rndisx (USB RNDIS Adapter) - c:\windows\system32\drivers\usb8023x.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
3 viagfx - c:\windows\system32\drivers\vtmini.sys <Not Verified; Copyright © VIA/S3 Graphics Co, Ltd.; UniChrome(Pro) IGP Driver>
3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys <Not Verified; America Online, Inc.; Wan Miniport (ATW)>
3 wceusbsh (Windows CE USB Serial Host Driver) - c:\windows\system32\drivers\wceusbsh.sys <Not Verified; Microsoft Corporation; Windows CE USB Serial Host Driver>
3 WscNetDr (MWL Filter Miniport) - c:\windows\system32\drivers\wscnetdr.sys <Not Verified; McAfee, Inc.; McAfee Wireless Home Network Security>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
2 aawservice (Ad-Aware 2007 Service) - c:\program files\lavasoft\ad-aware 2007\aawservice.exe
2 Irmon (Infrared Monitor) - c:\windows\system32\svchost.exe
2 MSK80Service (McAfee Anti-Spam Service) - c:\program files\mcafee\msk\msksrver.exe
2 NwSapAgent (SAP Agent) - c:\windows\system32\svchost.exe
2 sprtsvc_ddoctorv2 (SupportSoft Sprocket Service (ddoctorv2)) - c:\program files\comcast\desktop doctor\bin\sprtsvc.exe
-- Device Manager: Disabled ----------------------------------------------------
Unable to create WMI object.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-31 14:02:00 412 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2008-03-01 19:04:59 354 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-03-01 19:04:58 346 --a------ C:\WINDOWS\Tasks\McQcTask.job
-- Files created between 2008-02-01 and 2008-03-01 -----------------------------
2008-03-31 15:21:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-03-31 15:21:02 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Azureus
2008-03-31 15:13:30 0 d-------- C:\Program Files\Azureus
2008-03-30 11:42:58 0 dr-h----- C:\$VAULT$.AVG
2008-03-30 11:39:44 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\AVG7
2008-03-30 11:38:07 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-03-30 11:35:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-30 11:35:49 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-03-29 12:00:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2008-03-29 11:59:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-03-29 10:50:36 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-03-29 10:50:36 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-03-29 10:50:35 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-03-29 10:50:35 0 dr------- C:\Documents and Settings\Administrator\My Documents <MYDOCU~1>
2008-03-29 10:50:35 0 d--h----- C:\Documents and Settings\Administrator\Local Settings <LOCALS~1>
2008-03-29 10:50:35 0 dr------- C:\Documents and Settings\Administrator\Favorites <FAVORI~1>
2008-03-29 10:50:35 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-03-29 10:50:35 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-03-29 10:50:35 0 dr-h----- C:\Documents and Settings\Administrator\Application Data <APPLIC~1>
2008-03-29 10:50:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-03-29 10:50:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-03-29 10:50:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-03-29 10:50:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2008-03-29 10:50:35 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-03-29 10:50:34 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-03-29 10:50:34 0 d--h----- C:\Documents and Settings\Administrator\Templates <TEMPLA~1>
2008-03-29 10:50:34 0 dr------- C:\Documents and Settings\Administrator\Start Menu <STARTM~1>
2008-03-29 10:50:34 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-03-29 10:50:34 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-03-29 10:50:34 0 d--h----- C:\Documents and Settings\Administrator\PrintHood <PRINTH~1>
2008-03-29 10:50:33 2097152 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2008-03-29 10:23:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-29 10:18:47 38400 --a------ C:\WINDOWS\system32\opnlmkj.dll
2008-03-29 10:13:06 0 d-------- C:\Program Files\Trend Micro
2008-03-28 10:52:08 87616 --a------ C:\WINDOWS\system32\vxnbnnrn.dll
2008-03-25 11:48:35 0 d-------- C:\WINDOWS\system32\aqVreo01
2008-03-25 11:48:31 38400 --a------ C:\WINDOWS\system32\pmnkiji.dll
2008-03-24 23:04:00 0 d-------- C:\Documents and Settings\Rob\Program Files
2008-03-24 23:03:56 0 d-------- C:\Documents and Settings\Rob\Application Data\BitTorrent
2008-03-24 22:49:00 91200 --a------ C:\WINDOWS\system32\nbyaugma.dll
2008-03-24 21:56:24 91200 --a------ C:\WINDOWS\system32\scaxxhxl.dll
2008-03-24 20:47:10 91200 --a------ C:\WINDOWS\system32\txjyopcq.dll
2008-03-24 20:32:46 91200 --a------ C:\WINDOWS\system32\mrbocicm.dll
2008-03-21 17:25:57 91712 --a------ C:\WINDOWS\system32\akebvwmw.dll
2008-03-18 18:51:05 0 d-------- C:\Documents and Settings\Rob\Application Data\vlc
2008-03-15 18:55:47 98368 --a------ C:\WINDOWS\system32\fwkffyfc.dll
2008-03-15 18:17:31 0 d-------- C:\Program Files\LimeWire
2008-03-15 17:48:26 0 dr------- C:\Shared
2008-03-14 18:33:36 275769 --ahs---- C:\WINDOWS\system32\ijkmp.ini2
2008-03-09 23:01:52 0 d-------- C:\Documents and Settings\[email protected]\Application Data\vlc
2008-03-09 22:44:28 0 d-------- C:\Program Files\VideoLAN
2008-03-06 23:19:59 0 d-------- C:\Documents and Settings\[email protected]\Application Data\BitTorrent
2008-03-06 23:19:30 0 d-------- C:\Program Files\DNA
2008-03-06 23:19:30 0 d-------- C:\Documents and Settings\[email protected]\Application Data\DNA
2008-03-06 18:31:33 0 d-------- C:\Documents and Settings\[email protected]\Application Data\Adobe
2008-03-05 19:13:20 0 d---s---- C:\Documents and Settings\Rob\UserData
2008-03-05 18:49:57 0 d-------- C:\Documents and Settings\Rob\Application Data\acccore
2008-03-05 18:32:59 0 d-------- C:\Documents and Settings\Rob\Application Data\Adobe
2008-03-05 18:31:15 0 d-------- C:\Documents and Settings\Rob\Application Data\Macromedia
2008-03-05 18:26:54 0 d-------- C:\Documents and Settings\Rob\Application Data\Google
2008-03-05 18:26:51 0 d-------- C:\Documents and Settings\Rob\Application Data\COMCASTTOOLBAR
2008-03-05 18:26:26 0 d-------- C:\Documents and Settings\Rob\Application Data\Talkback
2008-03-05 18:26:01 0 d-------- C:\Documents and Settings\Rob\Application Data\Mozilla
2008-03-05 18:22:26 0 dr------- C:\Documents and Settings\Rob\Favorites <FAVORI~1>
2008-03-05 18:22:26 0 d-------- C:\Documents and Settings\Rob\Desktop
2008-03-05 18:22:26 0 d---s---- C:\Documents and Settings\Rob\Cookies
2008-03-05 18:22:26 0 dr-h----- C:\Documents and Settings\Rob\Application Data <APPLIC~1>
2008-03-05 18:22:26 0 d-------- C:\Documents and Settings\Rob\Application Data\Symantec
2008-03-05 18:22:26 0 d-------- C:\Documents and Settings\Rob\Application Data\Sun
2008-03-05 18:22:26 0 d-------- C:\Documents and Settings\Rob\Application Data\SampleView
2008-03-05 18:22:26 0 d-------- C:\Documents and Settings\Rob\Application Data\Real
2008-03-05 18:22:26 0 d---s---- C:\Documents and Settings\Rob\Application Data\Microsoft
2008-03-05 18:22:26 0 d-------- C:\Documents and Settings\Rob\Application Data\Identities
2008-03-05 18:22:26 0 d-------- C:\Documents and Settings\Rob\Application Data\Apple Computer
2008-03-05 18:22:25 0 d-------- C:\Documents and Settings\Rob\WINDOWS
2008-03-05 18:22:25 0 d--h----- C:\Documents and Settings\Rob\Templates <TEMPLA~1>
2008-03-05 18:22:25 0 dr------- C:\Documents and Settings\Rob\Start Menu <STARTM~1>
2008-03-05 18:22:25 0 dr-h----- C:\Documents and Settings\Rob\SendTo
2008-03-05 18:22:25 0 dr-h----- C:\Documents and Settings\Rob\Recent
2008-03-05 18:22:25 0 d--h----- C:\Documents and Settings\Rob\PrintHood <PRINTH~1>
2008-03-05 18:22:25 0 d--h----- C:\Documents and Settings\Rob\NetHood
2008-03-05 18:22:25 0 dr------- C:\Documents and Settings\Rob\My Documents <MYDOCU~1>
2008-03-05 18:22:25 0 d--h----- C:\Documents and Settings\Rob\Local Settings <LOCALS~1>
2008-03-05 18:22:24 2170880 --a------ C:\Documents and Settings\Rob\NTUSER.DAT
2008-03-04 20:23:05 1167 --a------ C:\WINDOWS\mozver.dat
2008-03-04 16:12:14 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\AdobeUM
2008-03-04 16:11:25 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Adobe
2008-03-04 15:59:50 159744 --a------ C:\WINDOWS\system32\igfxres.dll <Not Verified; Intel Corporation; Intel® Common User Interface>
2008-03-02 19:03:55 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Talkback
2008-03-02 18:29:09 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Mozilla
2008-03-02 16:05:45 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-02 15:53:03 0 d-------- C:\WINDOWS\system32\PreInstall
2008-03-01 22:11:08 0 d-------- C:\Documents and Settings\[email protected]\Application Data\acccore
2008-03-01 19:51:52 23040 --a------ C:\p9kels.exe
2008-03-01 19:44:03 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\acccore
2008-03-01 19:42:14 0 d-------- C:\Program Files\AIM6
2008-03-01 19:37:19 23040 --a------ C:\0q19rp.exe
2008-03-01 19:21:51 86848 --a------ C:\WINDOWS\system32\drivers\WscNetDr.sys <Not Verified; McAfee, Inc.; McAfee Wireless Home Network Security>
2008-03-01 19:19:06 143360 --a------ C:\WINDOWS\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL>
2008-03-01 19:02:46 0 d-------- C:\Program Files\McAfee.com
2008-03-01 19:01:27 0 d-------- C:\Program Files\Common Files\McAfee
2008-03-01 19:00:46 0 d-------- C:\Program Files\McAfee
2008-03-01 19:00:28 0 d-------- C:\Program Files\Lavasoft
2008-03-01 19:00:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-01 18:56:47 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-01 18:47:51 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-03-01 18:41:45 0 d--hs---- C:\Documents and Settings\I lOvE nIkKi\UserData
2008-03-01 17:54:25 0 d-------- C:\Documents and Settings\[email protected]\Application Data\MSNInstaller
2008-03-01 13:26:01 0 d---s---- C:\Documents and Settings\[email protected]\UserData
2008-03-01 11:21:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\AVG7
2008-03-01 10:49:37 0 d-------- C:\Program Files\Fisher-Price
2008-03-01 10:39:16 9600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-01 10:38:41 24960 --a------ C:\WINDOWS\system32\drivers\hidparse.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-01 10:38:33 20992 --a------ C:\WINDOWS\system32\hid.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-01 10:38:21 36224 --a------ C:\WINDOWS\system32\drivers\hidclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-01 10:37:32 31616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-01 10:37:00 36352 --a------ C:\WINDOWS\system32\drivers\disk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-01 10:37:00 0 d-------- C:\WINDOWS\LastGood
2008-02-29 23:14:07 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Macromedia
2008-02-29 23:10:49 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\COMCASTTOOLBAR
2008-02-29 23:09:52 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\AVSystemCare
2008-02-29 22:37:55 0 d-------- C:\Documents and Settings\[email protected]\Application Data\Viewpoint
2008-02-29 21:53:57 0 d-------- C:\Documents and Settings\[email protected]\Application Data\Sammsoft
2008-02-29 21:12:15 0 d-------- C:\Documents and Settings\[email protected]\Application Data\AVSystemCare
2008-02-29 21:11:49 0 dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-02-29 21:11:43 0 d-------- C:\WINDOWS\system32\NtmsData
2008-02-29 20:40:27 280554 --ahs---- C:\WINDOWS\system32\hjjlm.ini2
2008-02-29 20:34:49 0 d-------- C:\Documents and Settings\LocalService\Application Data\NetMon
2008-02-29 20:31:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Rabio
2008-02-29 20:30:11 0 d-------- C:\Program Files\Outerinfo
2008-02-29 20:30:10 0 d-------- C:\Program Files\s?curity
2008-02-29 20:29:48 0 d-------- C:\Documents and Settings\NetworkService\Application Data\NetMon
2008-02-29 20:29:44 0 d--hs---- C:\WINDOWS\IA
2008-02-29 20:29:35 0 d-------- C:\WINDOWS\system32\x3
2008-02-29 20:29:35 0 d-------- C:\WINDOWS\system32\s7
2008-02-29 20:29:35 0 d-------- C:\WINDOWS\system32\k8
2008-02-29 20:29:35 0 d-------- C:\WINDOWS\system32\c4
2008-02-29 20:29:35 0 d-------- C:\WINDOWS\system32\c2
2008-02-29 20:29:34 0 d-------- C:\Program Files\Common Files\a?sembly
2008-02-29 20:29:31 0 d-------- C:\WINDOWS\system32\iDlo01
2008-02-29 20:08:40 0 d-------- C:\Program Files\AIMTunes
2008-02-29 20:07:42 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-02-29 19:47:50 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-02-29 19:47:24 0 d-------- C:\Documents and Settings\[email protected]\Application Data\AVG7
2008-02-29 19:42:19 0 d-------- C:\Program Files\ComcastToolbar
2008-02-29 19:42:19 0 d-------- C:\Documents and Settings\[email protected]\Application Data\ComcastToolbar
2008-02-29 19:41:26 0 d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-02-29 19:41:16 0 d-------- C:\Program Files\Comcast
2008-02-10 04:53:28 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\PlayFirst
2008-02-02 04:41:46 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Template
2008-02-02 04:26:57 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Google
2008-02-02 04:26:24 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Apple Computer
2008-02-02 04:26:23 0 d-------- C:\Documents and Settings\I lOvE nIkKi\WINDOWS
2008-02-02 04:26:23 0 d--h----- C:\Documents and Settings\I lOvE nIkKi\Templates <TEMPLA~1>
2008-02-02 04:26:23 0 dr------- C:\Documents and Settings\I lOvE nIkKi\Start Menu <STARTM~1>
2008-02-02 04:26:23 0 dr-h----- C:\Documents and Settings\I lOvE nIkKi\SendTo
2008-02-02 04:26:23 0 dr-h----- C:\Documents and Settings\I lOvE nIkKi\Recent
2008-02-02 04:26:23 0 d--h----- C:\Documents and Settings\I lOvE nIkKi\PrintHood <PRINTH~1>
2008-02-02 04:26:23 0 d--h----- C:\Documents and Settings\I lOvE nIkKi\NetHood
2008-02-02 04:26:23 0 dr------- C:\Documents and Settings\I lOvE nIkKi\My Documents <MYDOCU~1>
2008-02-02 04:26:23 0 d--h----- C:\Documents and Settings\I lOvE nIkKi\Local Settings <LOCALS~1>
2008-02-02 04:26:23 0 dr------- C:\Documents and Settings\I lOvE nIkKi\Favorites <FAVORI~1>
2008-02-02 04:26:23 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Desktop
2008-02-02 04:26:23 0 d--hs---- C:\Documents and Settings\I lOvE nIkKi\Cookies
2008-02-02 04:26:23 0 dr-h----- C:\Documents and Settings\I lOvE nIkKi\Application Data <APPLIC~1>
2008-02-02 04:26:23 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Symantec
2008-02-02 04:26:23 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Sun
2008-02-02 04:26:23 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\SampleView
2008-02-02 04:26:23 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Real
2008-02-02 04:26:23 0 d-------- C:\Documents and Settings\I lOvE nIkKi\Application Data\Identities
2008-02-02 04:26:22 4718592 --ah----- C:\Documents and Settings\I lOvE nIkKi\NTUSER.DAT
2008-02-02 04:15:48 106496 --a------ C:\WINDOWS\system32\ssdinerdash2.scr
-- Find3M Report ---------------------------------------------------------------
2008-03-27 13:14:26 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-03-27 11:20:23 0 d-------- C:\Program Files\WildTangent
2008-03-14 12:28:44 0 d-------- C:\Program Files\Common Files
2008-03-07 20:47:30 0 d-------- C:\Program Files\Google
2008-03-07 20:25:55 0 d-------- C:\Program Files\UNO Freeware
2008-03-07 20:25:55 0 d-------- C:\Program Files\SilverCreekCommonFiles
2008-03-07 20:25:21 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-07 20:25:15 0 d-------- C:\Program Files\DAP
2008-03-07 20:25:13 0 d-------- C:\Program Files\Common Files\aolshare
2008-03-07 20:25:09 0 d-------- C:\Program Files\AOL 9.0
2008-03-03 15:47:55 0 d-------- C:\Program Files\Messenger
2008-03-01 22:08:41 0 d-------- C:\Program Files\Common Files\a?sembly
2008-03-01 18:00:44 0 d-------- C:\Program Files\Common Files\AOL
2008-03-01 17:56:01 0 d-------- C:\Program Files\Motorola
2008-03-01 17:33:14 10 --a------ C:\WINDOWS\smdat32m.sys
2008-03-01 17:17:35 0 d-------- C:\Program Files\Hardwood Spades
2008-03-01 17:11:55 0 d-------- C:\Program Files\Easy Internet signup
2008-02-29 23:13:06 256 --a------ C:\Documents and Settings\I lOvE nIkKi\Application Data\urlredir.cfg
2008-02-29 23:11:51 292 --a------ C:\WINDOWS\smdat32a.sys
2008-02-29 20:58:35 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-29 20:58:33 0 d-------- C:\Program Files\Symantec
2008-02-29 20:30:10 0 d-------- C:\Program Files\s?curity
2008-02-29 19:42:21 0 d-------- C:\Program Files\Common Files\Scanner
2008-02-10 05:27:22 2528 --a------ C:\Documents and Settings\I lOvE nIkKi\Application Data\$_hpcst$.hpc
2008-01-08 11:55:08 208896 --a------ C:\WINDOWS\ss245sd.exe <Not Verified; ; ss245sd>
2008-01-01 20:45:10 0 d-------- C:\Program Files\Nikon
2008-01-01 20:45:10 0 d-------- C:\Program Files\Common Files\FotoNation
2007-12-04 13:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0380F6F6-4734-4885-9CD8-CB82E7144652}]
C:\WINDOWS\system32\mljjh.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D8282E6-BC4F-469B-AAED-7E4FF077AD93}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F7927D-E3E6-48F0-887D-9EAC0E782A34}]
C:\WINDOWS\system32\pmkji.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
09/19/2007 09:15 AM 329032 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87C95BC9-7AEA-4868-4D9C-79830CDB04A0}]
C:\Program Files\ComPlus Applications\lavuhaw640.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BC831C34-2B7C-4C8A-833A-6E7236C62DCC}]
C:\Program Files\Common Files\hoken555077.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bfaa9f81-923d-4d6f-9d86-6a7f7795c979}]
C:\WINDOWS\system32\lsphkll.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E9383002-FC55-4330-B9C9-67E03BC5C840}]
C:\WINDOWS\system32\qomnlif.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe" [12/07/2004 12:31 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/07/2004 04:03 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [04/21/2004 08:28 PM]
"VTTimer"="VTTimer.exe" []
"AGRSMMSG"="AGRSMMSG.exe" [06/29/2004 07:06 PM C:\WINDOWS\AGRSMMSG.exe]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [10/20/2004 09:40 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [08/07/2004 04:20 PM]
"EVENTLISTENER"="C:\Program Files\Common Files\FotoNation\EvLstnr.exe" [06/20/2000 10:46 PM]
"ddoctorv2"="C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [04/19/2007 05:21 PM]
"@"="" []
"bm"="C:\Program Files\Common Files\AVSystemCare\bm.exe" []
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/04/2007 01:33 AM]
"MWLExe"="C:\PROGRA~1\Mcafee\MWL\MWLGuiSt.exe" [07/28/2007 12:32 PM]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [07/22/2007 11:29 PM]
"AlcxMonitor"="ALCXMNTR.EXE" [09/07/2004 04:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"AutoTBar"="c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE" []
"runner1"="C:\WINDOWS\mrofinu572.exe" []
"MDNS"="C:\WINDOWS\system32\service.exe" []
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [03/30/2008 11:36 AM]
"b4fe43bd"="C:\WINDOWS\system32\wpnvdoaj.dll" []
"IESet"="IExplorer.dll" []
"BMb7cd7021"="C:\WINDOWS\system32\vxnbnnrn.dll" [03/28/2008 10:52 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:00 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [01/03/2008 11:15 AM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 10:43 AM]
"IESet"="IExplorer.dll" []
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [03/30/2008 11:36 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"IESet"=IExplorer.dll .dbt
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"=1 (0x1)
"NoActiveDesktopChanges"=1 (0x1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E9383002-FC55-4330-B9C9-67E03BC5C840}"= C:\WINDOWS\system32\qomnlif.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\kcghuzos]
kcghuzos.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qomnlif]
qomnlif.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkji.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f6aaba0-c564-11dc-86bd-00038a000015}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8073 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-03-01 12:53:22 ------------