Hi JSntgRvr,
Thanks for your help so far. I hope my log helps you!
Deckard's System Scanner v20071014.68
Run by Chris on 2008-05-11 23:36:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 3 Restore Point(s) --
3: 2008-05-11 22:36:13 UTC - RP149 - Deckard's System Scanner Restore Point
2: 2008-05-11 11:49:12 UTC - RP148 - Installed AVG 8.0
1: 2008-05-11 11:01:05 UTC - RP147 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 83% (more than 75%).Total Physical Memory: 447 MiB (512 MiB recommended).-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-11 23:42:15
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\WLTRYSVC.EXE
C:\WINDOWS\system32\BCMWLTRY.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\Program Files\McAfee.com\VSO\McShield.exe
C:\Program Files\McAfee.com\Agent\McTskshd.exe
C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe
C:\Program Files\AVG\AVG8\avgam.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgnsx.exe
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
F:\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3061211
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.qol.qub.ac.uk/R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.google.com/search?q=%sR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.google.co...amp;ibd=3061211R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www1.euro.del.......;l=en&s=genR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www1.euro.del.......;l=en&s=genR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3061211
O2 - BHO: (no name) - {88ebbe0b-5ff8-4b84-b043-71a216374a5b} - C:\WINDOWS\system32\efcDTMgf.dll
O2 - BHO: C:\WINDOWS\system32\jfiehayd.dll - {c5af49a2-94f3-42bd-f434-2604812c897d} - C:\WINDOWS\system32\jfiehayd.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\Program Files\McAfee.com\VSO\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O3 - Toolbar: pvnsmfor - {C17C95A8-9A32-4250-8F46-D7DFBB4B4947} - C:\WINDOWS\pvnsmfor.dll
O4 - HKLM\..\Run: [DLCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,RunDLLEntry
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe
O4 - HKLM\..\Run: [ntuser] C:\WINDOWS\system32\drivers\spools.exe
O4 - HKLM\..\Run: [autoload] C:\Documents and Settings\Chris\cftmon.exe
O4 - HKLM\..\Run: [jdgf894jrghoiiskd] C:\DOCUME~1\Chris\LOCALS~1\Temp\winlogan.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [InetChk] C:\DOCUME~1\Chris\LOCALS~1\Temp\ms1210503532.exe work
O4 - HKCU\..\Run: [ntuser] C:\WINDOWS\system32\drivers\spools.exe
O4 - HKCU\..\Run: [autoload] C:\Documents and Settings\Chris\cftmon.exe
O4 - HKCU\..\Run: [jdgf894jrghoiiskd] C:\DOCUME~1\Chris\LOCALS~1\Temp\winlogan.exe
O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\Chris\LOCALS~1\Temp\csrssc.exe
O4 - HKLM\..\Policies\Explorer\Run: [zsmscc] rundll32.exe C:\WINDOWS\system32\zsmscc071001.dll mymain
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ntuser] C:\WINDOWS\system32\drivers\spools.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [autoload] C:\Documents and Settings\LocalService\cftmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [ntuser] C:\WINDOWS\system32\drivers\spools.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [autoload] C:\Documents and Settings\LocalService\cftmon.exe (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Casino-on-Net - {3015DB92-158E-4b77-9020-85C8E311FBB5} - C:\Program Files\CasinoOnNet\Casino.exe
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\Program Files\McAfee\SpamKiller\McApfBHO.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\Program Files\McAfee\SpamKiller\McApfBHO.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.ma...ash/swflash.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: efcDTMgf - C:\WINDOWS\system32\efcDTMgf.dll
O21 - SSODL: mpfanvqg - {3203440F-BBCB-4E16-87BB-E1556B57910B} - C:\WINDOWS\mpfanvqg.dll
O21 - SSODL: vbksrofa - {E3473047-F313-4B6A-9D4A-862270874EAA} - C:\WINDOWS\vbksrofa.dll
O22 - SharedTaskScheduler: jhsf8d984jief8dsfus98jkefn - {C5AF49A2-94F3-42BD-F434-2604812C897D} - C:\WINDOWS\system32\jfiehayd.dll
O23 - Service: 4890AABA - Unknown owner - C:\WINDOWS\system32\7C750A7C.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: dlcf_device - Unknown owner - C:\WINDOWS\system32\dlcfcoms.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\Mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - C:\Program Files\McAfee.com\VSO\McShield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\McTskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\Program Files\McAfee\SpamKiller\MSKSrvr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\spools.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\system32\WLTRYSVC.EXE
--
End of file - 11842 bytes
-- File Associations -----------------------------------------------------------
.exe - exefile - shell\open\command - C:\Documents and Settings\Chris\cftmon.exe "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R1 MPFIREWL - c:\windows\system32\drivers\mpfirewall.sys <Not Verified; McAfee; McAfee Personal Firewall>
R2 Packet (Auto Internet Protocol) - c:\windows\system32\drivers\packet.sys <Not Verified; SingleClick Systems; Auto IP Protocol Driver>
S3 DSproct - c:\program files\dell support\gtaction\triggers\dsproct.sys <Not Verified; GTek Technologies Ltd.; processt>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 NICCONFIGSVC - c:\program files\dell\quickset\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>
S2 4890AABA - c:\windows\system32\7c750a7c.exe -k
S2 ICF - c:\windows\system32\svchost.exe:exe.exe
S2 MskService (McAfee SpamKiller Server) - c:\progra~1\mcafee\spamki~1\msksrvr.exe <Not Verified; McAfee Inc.; McAfee SpamKiller>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Dell Wireless 1390 WLAN Mini-Card
Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&2EA2911C&0&0030
Manufacturer: Broadcom
Name: Dell Wireless 1390 WLAN Mini-Card
PNP Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&2EA2911C&0&0030
Service: BCM43XX
-- Scheduled Tasks -------------------------------------------------------------
2008-04-18 19:27:35 350 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DHKW2N2J-Chris).job
2008-03-16 06:42:09 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-04-11 and 2008-05-11 -----------------------------
2008-05-11 12:49:38 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-11 12:49:17 0 d-------- C:\Program Files\AVG
2008-05-11 12:49:14 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-11 12:09:33 2855 --a------ C:\WINDOWS\system32\drivers\spools.PIF
2008-05-11 12:08:12 0 d--h----- C:\WINDOWS\PIF
2008-05-11 12:00:35 66576 --a------ C:\WINDOWS\system32\k12105036331.exe
2008-05-11 11:58:27 13824 --a------ C:\Documents and Settings\LocalService\cftmon.exe
2008-05-11 11:56:10 0 d-------- C:\Program Files\Helper
2008-05-11 11:54:46 346112 --a------ C:\WINDOWS\system32\ljjjhif.dll
2008-05-11 11:54:28 36352 --a------ C:\WINDOWS\system32\byXNdcCV.dll
2008-05-11 11:54:21 705 --a------ C:\d.exe
2008-05-11 11:54:14 2 --a------ C:\1209778742
2008-05-11 11:54:09 10000 --a------ C:\WINDOWS\system32\jfiehayd.dll
2008-05-11 11:54:07 13824 --a------ C:\WINDOWS\system32\drivers\spools.exe
2008-05-11 11:54:07 13824 --a------ C:\Documents and Settings\Chris\cftmon.exe
2008-05-11 11:54:05 1 --a------ C:\WINDOWS\system32\kr_done1de
2008-05-11 11:54:02 13824 --a------ C:\ddrjjhqh.exe
2008-05-11 11:54:00 76288 --a------ C:\ftklhae.exe
2008-05-11 11:53:51 66576 --a------ C:\WINDOWS\system32\k12105032291.exe
2008-05-11 11:53:51 29824 --a------ C:\WINDOWS\system32\efcDTMgf.dll
2008-05-11 11:53:39 327680 --a------ C:\WINDOWS\vbksrofa.dll
2008-05-11 11:53:39 184320 --a------ C:\WINDOWS\pvnsmfor.dll
2008-05-11 11:53:39 94208 --a------ C:\WINDOWS\oadkxrts.exe
2008-05-11 11:53:39 212992 --a------ C:\WINDOWS\mpfanvqg.dll
2008-05-11 11:53:39 253952 --a------ C:\WINDOWS\fvowketqsoq.dll
2008-05-11 11:53:36 160256 --a------ C:\WINDOWS\system32\blackster.scr <Not Verified; Peter's Productions; Bugs!>
2008-05-11 11:53:31 96256 --a------ C:\WINDOWS\system32\ctfmona.exe
2008-05-10 18:54:57 66576 --a------ C:\WINDOWS\system32\k12104420961.exe
2008-05-10 17:54:54 66576 --a------ C:\WINDOWS\system32\k12104384931.exe
2008-05-10 12:39:36 66576 --a------ C:\WINDOWS\system32\k12104195741.exe
2008-05-09 12:34:08 66576 --a------ C:\WINDOWS\system32\k12103328461.exe
2008-05-09 10:41:27 66576 --a------ C:\WINDOWS\system32\k12103260851.exe
2008-05-09 00:05:04 66576 --a------ C:\WINDOWS\system32\k12102879021.exe
2008-05-08 23:06:39 66576 --a------ C:\WINDOWS\system32\k12102843981.exe
2008-05-08 21:06:04 66576 --a------ C:\WINDOWS\system32\k12102771621.exe
2008-05-08 20:05:47 66576 --a------ C:\WINDOWS\system32\k12102735461.exe
2008-05-08 19:05:44 66576 --a------ C:\WINDOWS\system32\k12102699421.exe
2008-05-08 18:05:40 66576 --a------ C:\WINDOWS\system32\k12102663381.exe
2008-05-08 17:05:37 66576 --a------ C:\WINDOWS\system32\k12102627351.exe
2008-05-08 16:05:33 66576 --a------ C:\WINDOWS\system32\k12102591321.exe
2008-05-08 15:05:30 66576 --a------ C:\WINDOWS\system32\k12102555281.exe
2008-05-08 14:04:53 66576 --a------ C:\WINDOWS\system32\k12102518921.exe
2008-05-08 13:04:47 66576 --a------ C:\WINDOWS\system32\k12102482851.exe
2008-05-08 12:04:42 66576 --a------ C:\WINDOWS\system32\k12102446811.exe
2008-05-08 11:04:39 66576 --a------ C:\WINDOWS\system32\k12102410771.exe
2008-05-08 01:01:34 66576 --a------ C:\WINDOWS\system32\k12102048921.exe
2008-05-08 00:01:31 66576 --a------ C:\WINDOWS\system32\k12102012891.exe
2008-05-07 23:01:28 66576 --a------ C:\WINDOWS\system32\k12101976861.exe
2008-05-07 22:01:24 66576 --a------ C:\WINDOWS\system32\k12101940831.exe
2008-05-07 21:01:22 66576 --a------ C:\WINDOWS\system32\k12101904801.exe
2008-05-07 20:01:18 66576 --a------ C:\WINDOWS\system32\k12101868771.exe
2008-05-07 16:08:55 66576 --a------ C:\WINDOWS\system32\k12101729341.exe
2008-05-07 15:08:52 66576 --a------ C:\WINDOWS\system32\k12101693301.exe
2008-05-07 14:08:49 66576 --a------ C:\WINDOWS\system32\k12101657271.exe
2008-05-07 13:08:45 66576 --a------ C:\WINDOWS\system32\k12101621241.exe
2008-05-07 12:08:42 66576 --a------ C:\WINDOWS\system32\k12101585211.exe
2008-05-07 11:08:40 66576 --a------ C:\WINDOWS\system32\k12101549191.exe
2008-05-07 07:12:46 66576 --a------ C:\WINDOWS\system32\k12101407641.exe
2008-05-06 22:30:15 66576 --a------ C:\WINDOWS\system32\k12101094131.exe
2008-05-06 21:30:11 66576 --a------ C:\WINDOWS\system32\k12101058091.exe
2008-05-06 17:49:18 66576 --a------ C:\WINDOWS\system32\k12100925561.exe
2008-05-06 16:49:16 66576 --a------ C:\WINDOWS\system32\k12100889531.exe
2008-05-06 15:03:44 66576 --a------ C:\WINDOWS\system32\k12100826211.exe
2008-05-06 09:40:12 66576 --a------ C:\WINDOWS\system32\k12100632101.exe
2008-05-06 05:23:50 66576 --a------ C:\WINDOWS\system32\k12100478281.exe
2008-05-05 22:56:33 66576 --a------ C:\WINDOWS\system32\k12100245921.exe
2008-05-05 21:56:40 66576 --a------ C:\WINDOWS\system32\k12100209881.exe
2008-05-05 20:56:27 66576 --a------ C:\WINDOWS\system32\k12100173851.exe
2008-05-05 19:56:23 66576 --a------ C:\WINDOWS\system32\k12100137821.exe
2008-05-05 18:56:21 66576 --a------ C:\WINDOWS\system32\k12100101791.exe
2008-05-05 17:56:17 66576 --a------ C:\WINDOWS\system32\k12100065761.exe
2008-05-04 18:23:41 66576 --a------ C:\WINDOWS\system32\k12099218201.exe
2008-05-04 11:04:50 66576 --a------ C:\WINDOWS\system32\k12098954881.exe
2008-05-03 07:33:56 66576 --a------ C:\WINDOWS\system32\k12097964341.exe
2008-05-03 06:33:52 66576 --a------ C:\WINDOWS\system32\k12097928301.exe
2008-05-03 05:33:49 66576 --a------ C:\WINDOWS\system32\k12097892271.exe
2008-05-03 04:33:46 66576 --a------ C:\WINDOWS\system32\k12097856241.exe
2008-05-03 03:33:43 66576 --a------ C:\WINDOWS\system32\k12097820211.exe
2008-05-03 00:59:42 66576 --a------ C:\WINDOWS\system32\k12097727801.exe
2008-05-02 22:43:24 66576 --a------ C:\WINDOWS\system32\k12097646021.exe
2008-05-02 20:44:47 66576 --a------ C:\WINDOWS\system32\k12097574851.exe
2008-05-02 19:44:44 66576 --a------ C:\WINDOWS\system32\k12097538821.exe
2008-05-01 23:35:48 66576 --a------ C:\WINDOWS\system32\k12096813461.exe
2008-05-01 22:35:44 66576 --a------ C:\WINDOWS\system32\k12096777421.exe
2008-05-01 05:20:41 66576 --a------ C:\WINDOWS\system32\k12096156401.exe
2008-05-01 04:20:38 66576 --a------ C:\WINDOWS\system32\k12096120371.exe
2008-05-01 03:20:35 66576 --a------ C:\WINDOWS\system32\k12096084331.exe
2008-05-01 02:20:31 66576 --a------ C:\WINDOWS\system32\k12096048301.exe
2008-05-01 01:20:28 66576 --a------ C:\WINDOWS\system32\k12096012261.exe
2008-05-01 00:20:25 66576 --a------ C:\WINDOWS\system32\k12095976231.exe
2008-04-30 23:20:21 66576 --a------ C:\WINDOWS\system32\k12095940201.exe
2008-04-30 22:20:18 66576 --a------ C:\WINDOWS\system32\k12095904151.exe
2008-04-30 21:20:06 66576 --a------ C:\WINDOWS\system32\k12095868021.exe
2008-04-30 18:19:16 66576 --a------ C:\WINDOWS\system32\k12095759541.exe
2008-04-30 16:18:52 66576 --a------ C:\WINDOWS\system32\k12095687281.exe
2008-04-30 15:18:49 66576 --a------ C:\WINDOWS\system32\k12095651241.exe
2008-04-30 14:18:41 66576 --a------ C:\WINDOWS\system32\k12095615191.exe
2008-04-30 12:18:23 66576 --a------ C:\WINDOWS\system32\k12095543011.exe
2008-04-30 01:22:38 66576 --a------ C:\WINDOWS\system32\k12095149471.exe
2008-04-29 23:22:13 66576 --a------ C:\WINDOWS\system32\k12095077321.exe
2008-04-29 22:22:04 66576 --a------ C:\WINDOWS\system32\k12095041191.exe
2008-04-29 21:21:53 66576 --a------ C:\WINDOWS\system32\k12095005111.exe
2008-04-29 19:13:58 66576 --a------ C:\WINDOWS\system32\k12094928331.exe
2008-04-29 18:13:50 66576 --a------ C:\WINDOWS\system32\k12094892281.exe
2008-04-28 09:18:45 66576 --a------ C:\WINDOWS\system32\k12093707231.exe
2008-04-28 07:05:26 66576 --a------ C:\WINDOWS\system32\k12093627221.exe
2008-04-27 20:07:39 66576 --a------ C:\WINDOWS\system32\k12093232571.exe
2008-04-27 18:48:10 66576 --a------ C:\WINDOWS\system32\k12093184881.exe
2008-04-27 14:33:02 0 d-------- C:\Documents and Settings\LocalService\Application Data\Roxio
2008-04-27 14:31:34 0 d--hs---- C:\WINDOWS\ftpcache
2008-04-22 08:55:07 0 d-------- C:\Program Files\Lavasoft
2008-04-22 08:55:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
-- Find3M Report ---------------------------------------------------------------
2008-05-11 11:59:01 40960 --a------ C:\WINDOWS\system32\6343B22A.DLL
2008-05-11 11:58:52 107008 -r-hs---- C:\WINDOWS\system32\zsmscc32.dll
2008-05-08 17:05:43 25600 -----n--- C:\WINDOWS\system32\zsmscc071001.dll
2008-05-02 19:07:33 256 --a------ C:\WINDOWS\system32\pool.bin
2008-04-27 14:32:55 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-04-27 14:31:33 0 d-------- C:\Documents and Settings\Chris\Application Data\uTorrent
2008-04-27 14:28:50 0 d-------- C:\Program Files\LimeWire
2008-04-23 04:37:43 40960 --a------ C:\WINDOWS\system32\6343B22A(2)(3).DLL
2008-04-22 08:54:25 0 d-------- C:\Program Files\Common Files
2008-04-20 07:52:52 0 d-------- C:\Program Files\Common Files\Research In Motion
2008-04-18 17:16:58 0 d-------- C:\Program Files\Dl_cats
2008-04-01 23:26:44 66576 --a------ C:\WINDOWS\system32\k12070887841.exe
2008-04-01 13:43:31 66576 --a------ C:\WINDOWS\system32\k12070538061.exe
2008-04-01 12:43:25 66576 --a------ C:\WINDOWS\system32\k12070502011.exe
2008-03-31 15:23:15 0 d-------- C:\Documents and Settings\Chris\Application Data\Roxio
2008-03-31 15:12:55 0 d-------- C:\Documents and Settings\Chris\Application Data\Research In Motion
2008-03-31 15:12:20 66576 --a------ C:\WINDOWS\system32\k12069727361.exe
2008-03-31 14:53:40 66576 --a------ C:\WINDOWS\system32\k12069716141.exe
2008-03-31 14:18:26 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-03-31 14:18:03 0 d-------- C:\Program Files\Roxio
2008-03-31 14:11:46 0 d-------- C:\Documents and Settings\Chris\Application Data\Blackberry Desktop
2008-03-31 14:10:39 0 d-------- C:\Program Files\Research In Motion
2008-03-31 13:05:47 66576 --a------ C:\WINDOWS\system32\k12069651401.exe
2008-03-31 11:56:50 66576 --a------ C:\WINDOWS\system32\k12069609911.exe
2008-03-31 10:56:35 66576 --a------ C:\WINDOWS\system32\k12069573841.exe
2008-03-31 09:56:24 66576 --a------ C:\WINDOWS\system32\k12069537771.exe
2008-03-31 01:36:15 66576 --a------ C:\WINDOWS\system32\k12069237671.exe
2008-03-31 00:36:12 66576 --a------ C:\WINDOWS\system32\k12069201601.exe
2008-03-30 23:36:01 66576 --a------ C:\WINDOWS\system32\k12069165521.exe
2008-03-30 22:35:54 66576 --a------ C:\WINDOWS\system32\k12069129481.exe
2008-03-30 21:36:10 66576 --a------ C:\WINDOWS\system32\k12069093401.exe
2008-03-30 20:35:43 66576 --a------ C:\WINDOWS\system32\k12069057361.exe
2008-03-30 19:35:43 66576 --a------ C:\WINDOWS\system32\k12069021311.exe
2008-03-30 18:44:12 66576 --a------ C:\WINDOWS\system32\k12068990431.exe
2008-03-30 17:44:14 66576 --a------ C:\WINDOWS\system32\k12068954401.exe
2008-03-30 16:44:03 66576 --a------ C:\WINDOWS\system32\k12068918351.exe
2008-03-30 15:47:45 66576 --a------ C:\WINDOWS\system32\k12068884551.exe
2008-03-29 18:05:50 66576 --a------ C:\WINDOWS\system32\k12068103451.exe
2008-03-29 17:05:50 66576 --a------ C:\WINDOWS\system32\k12068067421.exe
2008-03-28 20:16:37 66576 --a------ C:\WINDOWS\system32\k12067317921.exe
2008-03-28 17:14:12 66576 --a------ C:\WINDOWS\system32\k12067208461.exe
2008-03-28 17:07:32 66576 --a------ C:\WINDOWS\system32\k12067204331.exe
2008-03-24 02:26:47 66576 --a------ C:\WINDOWS\system32\k12063220021.exe
2008-03-24 01:26:42 66576 --a------ C:\WINDOWS\system32\k12063183971.exe
2008-03-23 17:12:22 5642 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-03-23 17:12:11 168 -r-hs---- C:\WINDOWS\system32\935B7F7769.sys
2008-03-23 15:16:07 66576 --a------ C:\WINDOWS\system32\k12062817571.exe
2008-03-23 14:16:00 66576 --a------ C:\WINDOWS\system32\k12062781511.exe
2008-03-22 08:38:25 66576 --a------ C:\WINDOWS\system32\k12061714841.exe
2008-03-22 07:38:03 66576 --a------ C:\WINDOWS\system32\k12061678761.exe
2008-03-22 06:37:59 66576 --a------ C:\WINDOWS\system32\k12061642721.exe
2008-03-22 04:38:03 66576 --a------ C:\WINDOWS\system32\k12061570641.exe
2008-03-22 03:37:49 66576 --a------ C:\WINDOWS\system32\k12061534461.exe
2008-03-22 02:37:35 66576 --a------ C:\WINDOWS\system32\k12061498381.exe
2008-03-22 01:37:27 66576 --a------ C:\WINDOWS\system32\k12061462311.exe
2008-03-22 00:37:40 66576 --a------ C:\WINDOWS\system32\k12061426271.exe
2008-03-21 23:37:19 66576 --a------ C:\WINDOWS\system32\k12061390231.exe
2008-03-21 21:40:00 66576 --a------ C:\WINDOWS\system32\k12061319801.exe
2008-03-21 20:39:46 66576 --a------ C:\WINDOWS\system32\k12061283751.exe
2008-03-21 20:07:40 0 d-------- C:\Documents and Settings\Chris\Application Data\Viewpoint
2008-03-21 19:39:37 66576 --a------ C:\WINDOWS\system32\k12061247691.exe
2008-03-19 18:12:07 66576 --a------ C:\WINDOWS\system32\k12059467221.exe
2008-03-16 16:41:06 66576 --a------ C:\WINDOWS\system32\k12056820621.exe
2008-03-16 11:43:19 66576 --a------ C:\WINDOWS\system32\k12056641941.exe
2008-03-16 10:43:15 66576 --a------ C:\WINDOWS\system32\k12056605901.exe
2008-03-16 09:43:14 66576 --a------ C:\WINDOWS\system32\k12056569871.exe
2008-03-16 08:43:09 66576 --a------ C:\WINDOWS\system32\k12056533831.exe
2008-03-16 07:42:00 66576 --a------ C:\WINDOWS\system32\k12056497151.exe
2008-03-12 23:07:07 66576 --a------ C:\WINDOWS\system32\k12053595961.exe
2008-03-12 21:09:35 66576 --a------ C:\WINDOWS\system32\k12053525601.exe
2008-03-12 20:09:22 66576 --a------ C:\WINDOWS\system32\k12053489561.exe
2008-03-12 02:09:44 66576 --a------ C:\WINDOWS\system32\k12052841791.exe
2008-03-11 23:07:32 66576 --a------ C:\WINDOWS\system32\k12052732191.exe
2008-03-11 01:14:17 66576 --a------ C:\WINDOWS\system32\k12051944501.exe
2008-03-11 00:14:25 66576 --a------ C:\WINDOWS\system32\k12051908461.exe
2008-03-10 23:14:17 66576 --a------ C:\WINDOWS\system32\k12051872421.exe
2008-03-10 18:30:52 66576 --a------ C:\WINDOWS\system32\k12051702331.exe
2008-03-10 18:06:39 66576 --a------ C:\WINDOWS\system32\k12051687881.exe
2008-03-10 17:06:25 66576 --a------ C:\WINDOWS\system32\k12051651751.exe
2008-03-10 16:01:52 66576 --a------ C:\WINDOWS\system32\k12051612781.exe
2008-03-10 15:01:22 66576 --a------ C:\WINDOWS\system32\k12051576651.exe
2008-03-10 14:01:27 66576 --a------ C:\WINDOWS\system32\k12051540621.exe
2008-03-10 01:11:18 66576 --a------ C:\WINDOWS\system32\k12051059011.exe
2008-03-09 15:00:24 66576 --a------ C:\WINDOWS\system32\k12050711901.exe
2008-03-09 04:27:31 66576 --a------ C:\WINDOWS\system32\k12050332181.exe
2008-03-07 18:01:41 66576 --a------ C:\WINDOWS\system32\k12049092651.exe
2008-03-07 17:01:12 66576 --a------ C:\WINDOWS\system32\k12049056611.exe
2008-03-07 16:01:13 66576 --a------ C:\WINDOWS\system32\k12049020551.exe
2008-03-07 08:55:04 66576 --a------ C:\WINDOWS\system32\k12048764961.exe
2008-03-07 07:55:02 66576 --a------ C:\WINDOWS\system32\k12048728921.exe
2008-03-07 06:54:56 66576 --a------ C:\WINDOWS\system32\k12048692851.exe
2008-03-06 17:35:48 66576 --a------ C:\WINDOWS\system32\k12048213421.exe
2008-03-06 00:54:27 66576 --a------ C:\WINDOWS\system32\k12047612591.exe
2008-03-05 23:10:56 66576 --a------ C:\WINDOWS\system32\k12047550451.exe
2008-03-05 02:08:23 66576 --a------ C:\WINDOWS\system32\k12046792971.exe
2008-03-05 01:08:25 66576 --a------ C:\WINDOWS\system32\k12046756941.exe
2008-03-05 00:08:24 66576 --a------ C:\WINDOWS\system32\k12046720901.exe
2008-03-04 23:08:12 66576 --a------ C:\WINDOWS\system32\k12046684781.exe
2008-03-04 22:08:07 66576 --a------ C:\WINDOWS\system32\k12046648741.exe
2008-03-04 21:08:31 66576 --a------ C:\WINDOWS\system32\k12046612701.exe
2008-03-04 20:09:22 66576 --a------ C:\WINDOWS\system32\k12046576671.exe
2008-03-04 19:07:54 66576 --a------ C:\WINDOWS\system32\k12046540631.exe
2008-03-04 18:07:54 66576 --a------ C:\WINDOWS\system32\k12046504591.exe
2008-03-04 02:08:06 66576 --a------ C:\WINDOWS\system32\k12045928681.exe
2008-03-04 01:07:51 66576 --a------ C:\WINDOWS\system32\k12045892551.exe
2008-03-03 17:33:01 66576 --a------ C:\WINDOWS\system32\k12045618971.exe
2008-03-03 16:31:45 66576 --a------ C:\WINDOWS\system32\k12045582901.exe
2008-03-03 06:23:31 66576 --a------ C:\WINDOWS\system32\k12045217971.exe
2008-03-03 05:23:30 66576 --a------ C:\WINDOWS\system32\k12045181861.exe
2008-03-03 04:00:08 66576 --a------ C:\WINDOWS\system32\k12045131901.exe
2008-03-03 02:59:58 66576 --a------ C:\WINDOWS\system32\k12045095771.exe
2008-03-03 01:59:57 66576 --a------ C:\WINDOWS\system32\k12045059731.exe
2008-03-03 01:00:02 66576 --a------ C:\WINDOWS\system32\k12045023681.exe
2008-03-02 23:59:48 66576 --a------ C:\WINDOWS\system32\k12044987641.exe
2008-03-02 22:59:37 66576 --a------ C:\WINDOWS\system32\k12044951611.exe
2008-03-02 21:59:47 66576 --a------ C:\WINDOWS\system32\k12044915571.exe
2008-03-02 21:59:15 5398 --a------ C:\WINDOWS\system32\k12044879501.exe
2008-03-02 18:00:21 66576 --a------ C:\WINDOWS\system32\k12044771351.exe
2008-03-02 17:00:10 66576 --a------ C:\WINDOWS\system32\k12044735291.exe
2008-03-02 15:59:21 66576 --a------ C:\WINDOWS\system32\k12044699221.exe
2008-03-02 14:59:52 66576 --a------ C:\WINDOWS\system32\k12044663181.exe
2008-03-02 13:58:51 66576 --a------ C:\WINDOWS\system32\k12044627081.exe
2008-03-01 01:04:16 66576 --a------ C:\WINDOWS\system32\k12043298331.exe
2008-02-29 23:03:37 66576 --a------ C:\WINDOWS\system32\k12043225831.exe
2008-02-29 22:03:38 66576 --a------ C:\WINDOWS\system32\k12043189801.exe
2008-02-29 21:03:43 66576 --a------ C:\WINDOWS\system32\k12043153631.exe
2008-02-28 19:12:58 66576 --a------ C:\WINDOWS\system32\k12042223241.exe
2008-02-28 18:12:08 66576 --a------ C:\WINDOWS\system32\k12042187171.exe
2008-02-28 16:12:05 66576 --a------ C:\WINDOWS\system32\k12042114981.exe
2008-02-28 15:12:17 66576 --a------ C:\WINDOWS\system32\k12042078921.exe
2008-02-28 14:12:12 66576 -r-hs---- C:\WINDOWS\system32\zsmscc071001.exe
2008-02-28 14:12:12 66576 --a------ C:\WINDOWS\system32\k12042042841.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88ebbe0b-5ff8-4b84-b043-71a216374a5b}]
11/05/2008 11:53 29824 --a------ C:\WINDOWS\system32\efcDTMgf.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d}]
11/05/2008 11:54 10000 --a------ C:\WINDOWS\system32\jfiehayd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLCFCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [08/09/2005 07:55]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [22/09/2006 12:47]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [27/09/2005 01:34]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [11/01/2006 13:05]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [29/06/2007 06:24]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [22/09/2005 19:29]
"@"="" []
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [23/04/2007 11:43]
"ctfmona"="C:\WINDOWS\system32\ctfmona.exe" [11/05/2008 11:53]
"ntuser"="C:\WINDOWS\system32\drivers\spools.exe" [11/05/2008 11:54]
"autoload"="C:\Documents and Settings\Chris\cftmon.exe" [11/05/2008 11:54]
"jdgf894jrghoiiskd"="C:\DOCUME~1\Chris\LOCALS~1\Temp\winlogan.exe" []
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [11/05/2008 12:49]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/08/2007 13:35]
"InetChk"="C:\DOCUME~1\Chris\LOCALS~1\Temp\ms1210503532.exe" []
"ntuser"="C:\WINDOWS\system32\drivers\spools.exe" [11/05/2008 11:54]
"autoload"="C:\Documents and Settings\Chris\cftmon.exe" [11/05/2008 11:54]
"jdgf894jrghoiiskd"="C:\DOCUME~1\Chris\LOCALS~1\Temp\winlogan.exe" []
"Jnskdfmf9eldfd"="C:\DOCUME~1\Chris\LOCALS~1\Temp\csrssc.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ntuser"=C:\WINDOWS\system32\drivers\spools.exe
"autoload"=C:\Documents and Settings\LocalService\cftmon.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [11/12/2006 13:25:30]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
"DisableRegistryTools"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"zsmscc"=rundll32.exe C:\WINDOWS\system32\zsmscc071001.dll mymain
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFolderOptions"=1 (0x1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{C5AF49A2-94F3-42BD-F434-2604812C897D}"= C:\WINDOWS\system32\jfiehayd.dll [11/05/2008 11:54 10000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88EBBE0B-5FF8-4B84-B043-71A216374A5B}"= C:\WINDOWS\system32\efcDTMgf.dll [11/05/2008 11:53 29824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"mpfanvqg"= {3203440F-BBCB-4E16-87BB-E1556B57910B} - C:\WINDOWS\mpfanvqg.dll [10/05/2008 01:12 212992]
"vbksrofa"= {E3473047-F313-4B6A-9D4A-862270874EAA} - C:\WINDOWS\vbksrofa.dll [10/05/2008 01:13 327680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcDTMgf]
efcDTMgf.dll 11/05/2008 11:53 29824 C:\WINDOWS\system32\efcDTMgf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\AOL 9.0 Tray Icon.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
C:\Program Files\NetWaiting\netWaiting.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE]
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt]
C:\Program Files\McAfee.com\VSO\oasclnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
stsystra.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c4d117c-8a9d-11db-87d3-806d6172696f}]
auto\command- C:\auto.exe
autorun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10f818c0-ba35-11dc-88a4-00197d00b753}]
Auto\command- auto.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{187e70b4-92e7-11dc-886f-00038a000015}]
auto\command- auto.exe
autorun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42661d38-afbf-11dc-889d-00038a000015}]
Auto\command- E:\auto.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{511c27e7-8baa-11db-87d7-00038a000015}]
Auto\command- E:\auto.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{576f288c-9b01-11dc-887e-00038a000015}]
Auto\command- E:\auto.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd41601a-ff2c-11dc-891e-00038a000015}]
Auto\command- E:\auto.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
-- End of Deckard's System Scanner: finished at 2008-05-12 00:57:49 ------------