Hi -- I could not get the MBAM program to start up from the website. The link you provided was broken, but I went to the website to try to download the trial version and run it, but it would not, as I said, come up. Thank you so, so much for your help. It is most appreciated.
I did run the Deckard's System Scan, however:
Deckard's System Scanner v20071014.68
Run by I Randolph S. Shiner on 2008-05-20 10:26:26
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
7: 2008-05-14 00:22:32 UTC - RP139 - Software Distribution Service 3.0
6: 2008-05-14 00:22:32 UTC - RP138 - Software Distribution Service 3.0
5: 2008-05-14 00:22:32 UTC - RP137 - Installed iTunes
4: 2008-05-14 00:22:32 UTC - RP136 - Restore Operation
3: 2008-05-14 00:22:32 UTC - RP135 - Installed EPSON EasyPrintModule
-- First Restore Point --
1: 2008-05-14 00:22:32 UTC - RP133 - Configured Microsoft Office Ultimate 2007
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as I Randolph S. Shiner.exe) --------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:28:06, on 20-May-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\ROADRU~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\I Randolph S. Shiner\Local Settings\Temporary Internet Files\Content.IE5\U9IA7EBL\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\IRANDO~1.EXE
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.refdesk.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {7B6EDB1A-06DD-4768-9EC9-4761D3D4E66E} - (no file)
O2 - BHO: (no name) - {7F63FE4D-A96E-486F-8879-7E9DD667EC84} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: {7b638a8d-d213-c958-3f94-92f3d9bbe64c} - {c46ebb9d-3f29-49f3-859c-312dd8a836b7} - C:\WINDOWS\system32\kqpynjgf.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [BM9f244820] Rundll32.exe "C:\WINDOWS\system32\nvirshcy.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Road Runner PhotoShow Media Manager] C:\PROGRA~1\ROADRU~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Append to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=58813O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 8650384140O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 8650829765O16 - DPF: {819F8533-D935-4183-B692-587F8D56AC3C} (iolo.AV.OnlineVirusScanner) -
http://www.iolo.com/threatcenter/App/ocx/AVCheckUp.ocxO16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) -
http://utilities.pcpitstop.com/optimize2/pcpitstop2.dllO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 13560 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*.js - JSFile - shell\open\command - NOTEPAD.EXE %1.reg - regfile - shell\open\command - NOTEPAD.EXE %1.scr - scrfile - shell\open\command - NOTEPAD.EXE %1.vbs - VBSFile - shell\open\command - NOTEPAD.EXE %1-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 FileDisk - c:\windows\system32\drivers\filedisk.sys <Not Verified; iolo technologies, LLC (based on original work by Bo Brantén); filedisk (based on original work by Bo Brantén)>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 CTAudSvcService (Creative Audio Service) - c:\program files\creative\shared files\ctaudsvc.exe <Not Verified; Creative Technology Ltd; Creative Audio Service>
R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-05-19 22:24:16 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-04-20 and 2008-05-20 -----------------------------
2086-02-25 09:04:28 609 --ah----- C:\Documents and Settings\Administrator\layout.bin
2008-05-19 19:21:07 141312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-05-19 19:21:06 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Spyware Terminator
2008-05-19 19:21:06 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spyware Terminator
2008-05-19 19:21:02 0 d-------- C:\Program Files\Spyware Terminator
2008-05-19 18:47:10 0 d-------- C:\Program Files\Trend Micro
2008-05-19 15:09:17 0 d-------- C:\Program Files\PCPitstop
2008-05-19 15:05:07 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Road Runner
2008-05-19 15:04:21 327680 --a------ C:\WINDOWS\Road Runner PhotoShow.scr <Not Verified; Simple Star, Inc.; Road Runner PhotoShow Screen Saver>
2008-05-19 15:03:52 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2008-05-19 15:03:51 38912 --a------ C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2008-05-19 15:02:05 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Simple Star Shared
2008-05-19 15:01:59 0 d-------- C:\Program Files\Road Runner
2008-05-19 15:01:49 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Simple Star
2008-05-19 15:00:29 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Simple Star
2008-05-19 15:00:29 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Road Runner
2008-05-19 11:36:02 0 d--hs---- C:\INCINERATE
2008-05-19 10:11:17 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\iLike
2008-05-16 23:27:14 0 d-------- C:\Program Files\Lavasoft
2008-05-16 23:25:51 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-16 23:03:14 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2008-05-16 22:45:00 0 d--h---c- C:\WINDOWS\ie8
2008-05-16 16:07:21 90688 --a------ C:\WINDOWS\system32\bpxvviul.dll
2008-05-16 16:04:21 2112 --a------ C:\WINDOWS\system32\oovafyhv.exe
2008-05-16 16:01:32 102464 --a------ C:\WINDOWS\system32\kqpynjgf.dll
2008-05-16 15:45:29 96832 --a------ C:\WINDOWS\system32\nvirshcy.dll
2008-05-16 15:45:18 3648 --a------ C:\WINDOWS\system32\bsrrjqku.dll
2008-05-16 14:01:36 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-05-16 13:46:53 102464 --a------ C:\WINDOWS\system32\utytbbku.dll
2008-05-16 13:43:53 2112 --a------ C:\WINDOWS\system32\scqkbgjm.exe
2008-05-16 13:42:04 3648 --a------ C:\WINDOWS\system32\pkixbguy.dll
2008-05-16 13:41:56 96832 --a------ C:\WINDOWS\system32\tpujpybb.dll
2008-05-16 12:16:28 2112 --a------ C:\WINDOWS\system32\tygrsnoc.exe
2008-05-16 12:10:32 102464 --a------ C:\WINDOWS\system32\forrxril.dll
2008-05-16 12:04:28 3648 --a------ C:\WINDOWS\system32\xnnpvagv.dll
2008-05-16 12:02:07 96832 --a------ C:\WINDOWS\system32\ovughlfe.dll
2008-05-15 12:41:17 2112 --a------ C:\WINDOWS\system32\vdqodkpi.exe
2008-05-15 12:38:16 90176 --a------ C:\WINDOWS\system32\hkinrqrt.dll
2008-05-15 12:35:15 101952 --a------ C:\WINDOWS\system32\xnukidle.dll
2008-05-15 12:29:15 99904 --a------ C:\WINDOWS\system32\oeygvbir.dll
2008-05-15 12:26:15 3648 --a------ C:\WINDOWS\system32\sexteqsp.dll
2008-05-15 10:30:40 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-05-15 08:35:15 0 d-------- C:\Program Files\Spyware Doctor
2008-05-15 08:35:15 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\PC Tools
2008-05-14 12:30:32 294 ---hs---- C:\WINDOWS\system32\dhouafex.ini2
2008-05-14 12:30:24 2112 --a------ C:\WINDOWS\system32\itprpcmx.exe
2008-05-14 12:30:20 92224 --a------ C:\WINDOWS\system32\xefauohd.dll
2008-05-14 12:27:21 101440 --a------ C:\WINDOWS\system32\eghwlqeq.dll
2008-05-14 12:25:18 3648 --a------ C:\WINDOWS\system32\gcopdlgi.dll
2008-05-14 12:25:04 96832 --a------ C:\WINDOWS\system32\ktaetsvl.dll
2008-05-14 12:22:57 101440 --a------ C:\WINDOWS\system32\hjoiarnw.dll
2008-05-14 12:20:07 2112 --a------ C:\WINDOWS\system32\lougdxum.exe
2008-05-14 12:07:09 9341 --a------ C:\WINDOWS\system32\drivers\filedisk.sys <Not Verified; iolo technologies, LLC (based on original work by Bo Brantén); filedisk (based on original work by Bo Brantén)>
2008-05-14 12:07:04 22528 --a------ C:\WINDOWS\system32\smrgdf.exe
2008-05-14 12:07:04 34304 --a------ C:\WINDOWS\system32\iolobtdfg.exe
2008-05-14 11:58:58 96832 --a------ C:\WINDOWS\system32\tolysfgw.dll
2008-05-14 11:58:42 3648 --a------ C:\WINDOWS\system32\davypeyi.dll
2008-05-13 22:07:31 100928 --a------ C:\WINDOWS\system32\xmfhberx.dll
2008-05-13 22:07:24 90688 --a------ C:\WINDOWS\system32\qgxvurnd.dll
2008-05-13 22:04:24 2112 --a------ C:\WINDOWS\system32\viffllhj.exe
2008-05-13 22:02:13 100928 -----n--- C:\WINDOWS\system32\acalshpq.dll
2008-05-13 22:02:10 3648 --a------ C:\WINDOWS\system32\fwqxsjsp.dll
2008-05-13 21:58:10 2112 --a------ C:\WINDOWS\system32\llahsjbd.exe
2008-05-13 21:52:13 100928 --a------ C:\WINDOWS\system32\vccpglov.dll
2008-05-13 21:50:55 3648 --a------ C:\WINDOWS\system32\fmrgisfn.dll
2008-05-13 05:36:07 100928 --a------ C:\WINDOWS\system32\xeygxddv.dll
2008-05-13 05:33:14 2112 --a------ C:\WINDOWS\system32\bsrqnyhj.exe
2008-05-13 05:31:45 100928 --a------ C:\WINDOWS\system32\nskasxad.dll
2008-05-13 05:31:35 3648 --a------ C:\WINDOWS\system32\ppseuyhx.dll
2008-05-13 05:19:54 162 --a------ C:\install.dat
2008-05-12 14:15:02 2112 --a------ C:\WINDOWS\system32\hidiodph.exe
2008-05-12 14:09:02 101440 --a------ C:\WINDOWS\system32\rkybhuet.dll
2008-05-12 14:03:02 3648 --a------ C:\WINDOWS\system32\gueglyes.dll
2008-05-12 14:00:45 100416 --a------ C:\WINDOWS\system32\aowjxwev.dll
2008-05-12 10:51:14 0 d-------- C:\Program Files\MagicDVDRipper
2008-05-12 10:49:46 43520 --a------ C:\WINDOWS\system32\cbXRLbYr.dll
2008-05-12 02:33:23 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\dvdcss
2008-05-11 23:56:15 42496 --a------ C:\WINDOWS\system32\mlJBQGXq.dll
2008-05-11 23:56:05 42496 --a------ C:\WINDOWS\system32\fccDWOGA.dll
2008-05-11 23:55:46 42496 --a------ C:\WINDOWS\system32\byXoNebA.dll
2008-05-11 23:55:07 42496 --a------ C:\WINDOWS\system32\pmnmMGYO.dll
2008-05-11 23:54:07 42496 --a------ C:\WINDOWS\system32\vtUnkHYO.dll
2008-05-11 23:53:36 42496 --a------ C:\WINDOWS\system32\mlJCVoLE.dll
2008-05-11 23:53:09 45056 --a------ C:\WINDOWS\system32\WNASPI32.DLL <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-05-11 23:53:09 16512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-05-11 23:52:22 0 d-------- C:\Program Files\Xilisoft
2008-05-11 23:48:30 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\BitZipper
2008-05-11 23:48:06 0 d-------- C:\Program Files\BitZipper
2008-05-11 12:24:24 0 d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-05-10 10:16:31 2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2008-05-09 23:28:25 0 d-------- C:\WINDOWS\Performance
2008-05-09 23:27:59 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Corporation
2008-05-09 14:58:01 0 d-------- C:\101MITCH
2008-05-08 13:22:51 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Elaborate Bytes
2008-05-08 04:18:43 0 d-------- C:\WINDOWS\Prefetch
2008-05-08 02:13:34 0 d-------- C:\WINDOWS\system32\scripting
2008-05-08 02:13:32 0 d-------- C:\WINDOWS\l2schemas
2008-05-08 02:13:27 0 d-------- C:\WINDOWS\system32\en
2008-05-07 21:19:35 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
2008-05-07 20:42:35 0 d-------- C:\Program Files\Keygens
2008-05-07 20:40:16 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Download Manager
2008-05-07 18:30:52 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2008-05-07 17:05:02 70088 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2008-05-07 11:33:22 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Logitech
2008-05-07 11:32:37 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\LogiShrd
2008-05-06 15:06:21 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Ahead
2008-05-06 15:05:31 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ahead
2008-05-06 14:58:26 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2008-04-29 20:55:33 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\CyberScrub
2008-04-29 20:33:41 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-29 20:30:16 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-04-29 20:28:52 0 d-------- C:\Program Files\Reference Assemblies
2008-04-28 03:53:33 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY.001\Desktop
2008-04-27 21:00:26 0 d-------- C:\Program Files\THQ
2008-04-27 21:00:26 0 d-------- C:\Program Files\MSXML 4.0
2008-04-27 20:43:06 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-04-27 20:41:40 0 d-------- C:\Program Files\MSBuild
2008-04-27 20:29:12 0 d-------- C:\Program Files\Unknown Artist
2008-04-27 19:45:52 0 d-------- C:\Program Files\MSBuild(2)
2008-04-27 18:56:08 0 d-------- C:\My Music <MYMUSI~1>
2008-04-27 18:21:31 0 d-------- C:\My Music from C Office
2008-04-27 18:15:33 0 d-------- C:\ITunes Music <ITUNES~1>
2008-04-27 17:19:11 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Lasersoft Imaging
2008-04-27 17:19:11 20000 --ah----- C:\Documents and Settings\All Users.WINDOWS\Application Data\T09F8
2008-04-26 17:27:58 5767168 --a------ C:\Documents and Settings\I Randolph S. Shiner\ntuser.dat
2008-04-23 13:43:48 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY.001\Application Data\iolo
2008-04-23 13:43:37 126976 --a------ C:\WINDOWS\system32\iavlsp.dll
2008-04-23 13:38:25 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg7
2008-04-23 13:36:14 74703 --a------ C:\WINDOWS\system32\mfc45.dll
2008-04-23 13:34:54 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\iolo
2008-04-23 13:34:54 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\iolo
2008-04-22 21:21:49 0 d-------- C:\Program Files\Elaborate Bytes
2008-04-22 19:31:53 0 d-------- C:\NVIDIA
2008-04-22 19:26:45 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\skypePM
2008-04-22 19:26:45 32 --ah----- C:\Documents and Settings\All Users.WINDOWS\Application Data\ezsid.dat
2008-04-22 19:24:43 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Skype
2008-04-22 19:21:03 0 d-------- C:\Downloads
2008-04-22 19:20:48 0 d-------- C:\Program Files\BitComet
2008-04-22 18:10:50 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Leadertech
2008-04-22 18:09:57 495616 --a------ C:\WINDOWS\system32\PICSDK2.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-04-22 18:09:57 73728 --a------ C:\WINDOWS\system32\PICSDK.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-04-22 18:09:57 77824 --a------ C:\WINDOWS\system32\PICEntry.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-04-22 18:09:57 45056 --a------ C:\WINDOWS\system32\EpPicPrt.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-04-22 18:09:57 73220 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat
2008-04-22 18:09:57 1140 --a------ C:\WINDOWS\system32\EPPICPresetData_PT.dat
2008-04-22 18:09:57 1130 --a------ C:\WINDOWS\system32\EPPICPresetData_FR.dat
2008-04-22 18:09:57 1137 --a------ C:\WINDOWS\system32\EPPICPresetData_ES.dat
2008-04-22 18:09:57 1104 --a------ C:\WINDOWS\system32\EPPICPresetData_EN.dat
2008-04-22 18:09:57 1130 --a------ C:\WINDOWS\system32\EPPICPresetData_CF.dat
2008-04-22 18:09:57 1140 --a------ C:\WINDOWS\system32\EPPICPresetData_BP.dat
2008-04-22 18:09:57 4943 --a------ C:\WINDOWS\system32\EPPICPattern6.dat
2008-04-22 18:09:57 15670 --a------ C:\WINDOWS\system32\EPPICPattern5.dat
2008-04-22 18:09:57 10673 --a------ C:\WINDOWS\system32\EPPICPattern4.dat
2008-04-22 18:09:57 21021 --a------ C:\WINDOWS\system32\EPPICPattern3.dat
2008-04-22 18:09:57 13280 --a------ C:\WINDOWS\system32\EPPICPattern2.dat
2008-04-22 18:09:57 31053 --a------ C:\WINDOWS\system32\EPPICPattern131.dat
2008-04-22 18:09:57 27417 --a------ C:\WINDOWS\system32\EPPICPattern121.dat
2008-04-22 18:09:57 29114 --a------ C:\WINDOWS\system32\EPPICPattern1.dat
2008-04-22 18:09:57 45056 --a------ C:\WINDOWS\system32\EpPicMgr.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-04-22 16:01:18 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2008-04-22 15:52:52 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Google
2008-04-22 15:52:44 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
2008-04-22 15:52:29 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-04-22 15:49:02 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Yahoo!
2008-04-22 13:57:30 0 d-------- C:\Program Files\MSXML 6.0
2008-04-22 13:35:55 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo!
2008-04-22 13:11:38 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\OfficeUpdate12
2008-04-22 13:11:06 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Office Genuine Advantage
2008-04-22 10:35:35 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Apple Computer
2008-04-22 10:34:02 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-04-22 10:33:20 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-04-22 10:02:47 0 d-------- C:\Program Files\Microsoft Small Business
2008-04-22 09:23:55 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-22 09:22:44 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-04-22 03:07:47 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY.001\Start Menu
2008-04-21 18:50:09 0 d-------- C:\WINDOWS\ServicePackFiles
-- Find3M Report ---------------------------------------------------------------
2008-05-19 15:03:56 2 --a------ C:\Documents and Settings\I Randolph S. Shiner\Application Data\7zip_progress_91378E44-F406-44E3-9F33-133668ACD985.txt
2008-05-19 15:03:49 0 d-------- C:\Program Files\Common Files\Simple Star Shared
2008-05-19 15:03:46 2 --a------ C:\Documents and Settings\I Randolph S. Shiner\Application Data\7zip_progress_98B28C71-32DC-4F77-9E8A-58B64682778F.txt
2008-05-19 10:11:08 0 d-------- C:\Program Files\iTunes
2008-05-16 23:44:02 0 d-------- C:\Program Files\Google
2008-05-16 23:26:54 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-16 23:25:32 0 d-------- C:\Program Files\Common Files\Skype
2008-05-16 23:03:13 0 d-------- C:\Program Files\Yahoo!
2008-05-16 16:15:13 0 d-------- C:\Program Files\Webroot
2008-05-16 14:48:57 0 d-------- C:\Program Files\Windows Defender
2008-05-14 12:05:57 0 d-------- C:\Program Files\iolo
2008-05-12 13:54:15 0 d-------- C:\Program Files\Windows Desktop Search
2008-05-08 02:15:24 0 d-------- C:\Program Files\Messenger
2008-05-08 02:13:24 0 d-------- C:\Program Files\Movie Maker
2008-05-08 01:59:55 0 d-------- C:\Program Files\Windows NT
2008-05-08 00:23:06 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Adobe
2008-05-07 20:57:37 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-07 11:42:53 0 d-------- C:\Program Files\Common Files\Logishrd
2008-05-06 15:03:34 0 d-------- C:\Program Files\Common Files\Ahead
2008-04-29 08:49:04 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-27 20:41:37 0 d-------- C:\Program Files\Microsoft Works
2008-04-27 20:37:44 0 d-------- C:\Program Files\epson
2008-04-26 17:28:17 0 d-------- C:\Program Files\iPod
2008-04-25 12:28:50 0 d-------- C:\Program Files\Apple Software Update
2008-04-22 13:57:41 0 d-------- C:\Program Files\Microsoft SQL Server
2008-04-22 10:34:55 0 d-------- C:\Program Files\Bonjour
2008-04-22 10:34:29 0 d-------- C:\Program Files\QuickTime
2008-04-22 10:01:03 0 d-------- C:\Program Files\Microsoft.NET
2008-04-19 17:02:12 0 d-------- C:\Program Files\Analog Devices
2008-04-19 17:00:42 413696 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-04-19 17:00:42 110592 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2008-04-19 17:00:13 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Creative
2008-04-19 16:52:20 0 d-------- C:\Program Files\ATI
2008-04-19 16:51:29 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-04-19 16:43:29 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Macromedia
2008-04-19 16:42:08 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-04-19 16:42:06 0 d-------- C:\Program Files\SystemRequirementsLab
2008-04-19 16:24:16 0 d-------- C:\Documents and Settings\I Randolph S. Shiner\Application Data\Identities
2008-04-19 16:19:09 0 --a------ C:\CONFIG.SYS
2008-04-19 16:19:09 0 --a------ C:\AUTOEXEC.BAT
2008-04-19 16:16:31 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-19 09:02:27 62 --ahs---- C:\Documents and Settings\I Randolph S. Shiner\Application Data\desktop.ini
2008-03-28 21:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-03-17 14:49:26 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>
2008-02-20 20:58:50 3072 --a------ C:\WINDOWS\CTXFIRES.DLL <Not Verified; ; CTxfiRes Dynamic Link Library>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B6EDB1A-06DD-4768-9EC9-4761D3D4E66E}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7F63FE4D-A96E-486F-8879-7E9DD667EC84}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c46ebb9d-3f29-49f3-859c-312dd8a836b7}]
16-May-08 16:01 102464 --a------ C:\WINDOWS\system32\kqpynjgf.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21-Jan-08 12:17]
"CTHelper"="CTHELPER.EXE" [20-Feb-08 20:58 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [20-Feb-08 20:58 C:\WINDOWS\system32\Ctxfihlp.exe]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24-Aug-07 07:00]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [01-Jan-07 14:22]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30-Mar-08 10:36]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01-Mar-07 14:57]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [17-May-07 10:53]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [11-Jan-08 19:54]
"@"="" []
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe" [06-May-08 16:48]
"iolo AntiVirus"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe" [05-Mar-08 11:48]
"BM9f244820"="C:\WINDOWS\system32\nvirshcy.dll" [16-May-08 15:45]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [13-Apr-08 17:12]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [05-Jul-07 07:44]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [23-Apr-08 17:45]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [22-Jan-08 10:13]
"Road Runner PhotoShow Media Manager"="C:\PROGRA~1\ROADRU~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [22-Jun-07 14:08]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SMRequiresRestart"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
-- Hosts -----------------------------------------------------------------------
127.0.0.1
http://www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
http://www.008k.com127.0.0.1 008k.com
127.0.0.1
http://www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
http://www.032439.com127.0.0.1 032439.com
8382 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-05-20 10:32:06 ------------