Consequences
Baseband Member
- Messages
- 31
Deckard's System Scanner v20071014.68
Run by AJ on 2008-06-18 13:36:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 511 MiB (512 MiB recommended).
-- HijackThis (run as AJ.exe) --------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:38:21 PM, on 6/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
F:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
F:\Program Files\SpywareGuard\sgmain.exe
F:\WINDOWS\system32\wuauclt.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\SpywareGuard\sgbhp.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\AJ\Desktop\dss.exe
F:\PROGRA~1\TRENDM~1\HIJACK~1\AJ.exe
F:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Internet Explorer Beta 1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = mrfindalot.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - F:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar4.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [LXBUCATS] rundll32 F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Launch LGDCore] "F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKLM\..\Policies\Explorer\Run: [ZboardTray] "F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: SpywareGuard.lnk = F:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &AOL Toolbar Search - f:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\windows\system32\nwprovau.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4943/mcfscan.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
--
End of file - 6547 bytes
-- Files created between 2008-05-18 and 2008-06-18 -----------------------------
2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files\Java
2008-06-13 13:28:50 0 d-------- F:\Program Files\SpywareGuard
2008-06-13 13:25:42 21312 --a------ F:\WINDOWS\choice.exe
2008-06-13 13:21:15 0 d-------- F:\Program Files\SpywareBlaster
2008-06-12 19:40:55 0 d-------- F:\Documents and Settings\AJ\Application Data\Malwarebytes
2008-06-12 19:40:30 0 d-------- F:\Program Files\Malwarebytes' Anti-Malware
2008-06-12 19:40:30 0 d-------- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-08 18:48:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Uniblue
2008-06-05 19:29:50 0 d-------- F:\Documents and Settings\AJ\Application Data\fretsonfire
2008-06-05 19:28:37 0 d-------- F:\Program Files\Frets on Fire
-- Find3M Report ---------------------------------------------------------------
2008-06-13 13:46:37 0 d-------- F:\Program Files\Java
2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files
2008-05-12 14:40:38 315392 --a------ F:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-12 14:08:21 0 d-------- F:\Program Files\PCPitstop
2008-05-12 13:13:29 0 d-------- F:\Program Files\SwiftKit
2008-05-12 13:07:15 0 d-------- F:\Program Files\Miranda IM
2008-05-12 12:55:03 0 d-------- F:\Program Files\Viewpoint
2008-05-12 12:53:23 0 d-------- F:\Documents and Settings\AJ\Application Data\Viewpoint
2008-05-06 19:45:31 0 d-------- F:\Program Files\BfSV
2008-05-06 19:29:01 0 d-------- F:\Program Files\Common Files\Adobe
2008-05-03 18:24:16 0 d-------- F:\Program Files\Windows Defender
2008-05-01 15:47:59 0 d-------- F:\Program Files\LimeWire
2008-04-30 15:14:36 0 d-------- F:\Program Files\RegCure
2008-04-30 15:03:42 0 d-------- F:\Program Files\Steam
2008-04-28 18:15:27 0 d-------- F:\Program Files\Lavasoft
2008-04-28 18:08:38 0 d-------- F:\Program Files\Common Files\Wise Installation Wizard
2008-04-27 21:03:20 0 d-------- F:\Program Files\AIM6
2008-04-27 21:03:16 0 d-------- F:\Program Files\Common Files\AOL
2008-04-27 21:02:32 0 d-------- F:\Program Files\AIMTunes
2008-04-27 21:02:31 0 d-------- F:\Program Files\Ogg Converter
2008-04-27 21:02:31 0 d-------- F:\Program Files\Novel Games
2008-04-27 21:02:27 0 d-------- F:\Program Files\Microsoft Xbox 360 Accessories
2008-04-27 21:02:27 0 d-------- F:\Program Files\Common Files\ATI Technologies
2008-04-27 20:59:14 0 d-------- F:\Program Files\AIM6(2)
2008-04-27 20:54:57 0 d-------- F:\Program Files\Windows Media Connect 2
2008-04-27 20:53:23 0 d-------- F:\Program Files\ffdshow
2008-04-27 20:53:23 0 d-------- F:\Program Files\DivX
2008-04-27 20:50:25 0 d-------- F:\Program Files\Common Files\Java(2)
2008-04-27 20:50:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Ideazon
2008-04-27 20:49:52 0 d--h----- F:\Program Files\InstallShield Installation Information
2008-04-27 20:49:52 0 d-------- F:\Program Files\Ideazon
2008-04-26 13:54:34 0 d-------- F:\Program Files\Trend Micro
2008-04-17 19:37:11 1338 --a------ F:\WINDOWS\mozver.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXBUCATS"="F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [09/10/2004 07:55 AM]
"Launch LGDCore"="F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [12/13/2007 06:57 PM]
"Launch LCDMon"="F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [12/13/2007 06:43 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="F:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 12:34 PM]
"Uniblue RegistryBooster 2"="F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
F:\Documents and Settings\AJ\Start Menu\Programs\Startup\
SpywareGuard.lnk - F:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"ZboardTray"="F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Zboard]
Winlognotif.dll 09/03/2003 07:14 AM 49152 F:\WINDOWS\system32\Winlognotif.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=interceptor.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^AJ^Start Menu^Programs^Startup^Registration .LNK]
backup=F:\WINDOWS\pss\Registration .LNKStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
F:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Echovoice Gamer Statistics]
F:\Program Files\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"F:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lsass]
"F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize2 Reminder]
F:\Program Files\PCPitstop\Optimize2\Reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"F:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
%systemroot%\system32\dumprep 0 -u
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
F:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
"f:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3 (0x3)
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"ATI Smart"=2 (0x2)
"VRSService"=2 (0x2)
"iPod Service"=3 (0x3)
"usnjsvc"=3 (0x3)
"McSysmon"=2 (0x2)
"McShield"=2 (0x2)
"McODS"=2 (0x2)
"mcmispupdmgr"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Emproxy"=3 (0x3)
"WMPNetworkSvc"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"RichVideo"=2 (0x2)
"NVSvc"=2 (0x2)
"MDM"=2 (0x2)
"McRedirector"=2 (0x2)
"mcpromgr"=2 (0x2)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"McAfee HackerWatch Service"=2 (0x2)
"aawservice"=2 (0x2)
-- End of Deckard's System Scanner: finished at 2008-06-18 13:44:06 ------------
Run by AJ on 2008-06-18 13:36:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 511 MiB (512 MiB recommended).
-- HijackThis (run as AJ.exe) --------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:38:21 PM, on 6/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
F:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
F:\Program Files\SpywareGuard\sgmain.exe
F:\WINDOWS\system32\wuauclt.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\SpywareGuard\sgbhp.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\AJ\Desktop\dss.exe
F:\PROGRA~1\TRENDM~1\HIJACK~1\AJ.exe
F:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Internet Explorer Beta 1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = mrfindalot.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - F:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar4.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [LXBUCATS] rundll32 F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Launch LGDCore] "F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKLM\..\Policies\Explorer\Run: [ZboardTray] "F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: SpywareGuard.lnk = F:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &AOL Toolbar Search - f:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\windows\system32\nwprovau.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4943/mcfscan.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
--
End of file - 6547 bytes
-- Files created between 2008-05-18 and 2008-06-18 -----------------------------
2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files\Java
2008-06-13 13:28:50 0 d-------- F:\Program Files\SpywareGuard
2008-06-13 13:25:42 21312 --a------ F:\WINDOWS\choice.exe
2008-06-13 13:21:15 0 d-------- F:\Program Files\SpywareBlaster
2008-06-12 19:40:55 0 d-------- F:\Documents and Settings\AJ\Application Data\Malwarebytes
2008-06-12 19:40:30 0 d-------- F:\Program Files\Malwarebytes' Anti-Malware
2008-06-12 19:40:30 0 d-------- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-08 18:48:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Uniblue
2008-06-05 19:29:50 0 d-------- F:\Documents and Settings\AJ\Application Data\fretsonfire
2008-06-05 19:28:37 0 d-------- F:\Program Files\Frets on Fire
-- Find3M Report ---------------------------------------------------------------
2008-06-13 13:46:37 0 d-------- F:\Program Files\Java
2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files
2008-05-12 14:40:38 315392 --a------ F:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-12 14:08:21 0 d-------- F:\Program Files\PCPitstop
2008-05-12 13:13:29 0 d-------- F:\Program Files\SwiftKit
2008-05-12 13:07:15 0 d-------- F:\Program Files\Miranda IM
2008-05-12 12:55:03 0 d-------- F:\Program Files\Viewpoint
2008-05-12 12:53:23 0 d-------- F:\Documents and Settings\AJ\Application Data\Viewpoint
2008-05-06 19:45:31 0 d-------- F:\Program Files\BfSV
2008-05-06 19:29:01 0 d-------- F:\Program Files\Common Files\Adobe
2008-05-03 18:24:16 0 d-------- F:\Program Files\Windows Defender
2008-05-01 15:47:59 0 d-------- F:\Program Files\LimeWire
2008-04-30 15:14:36 0 d-------- F:\Program Files\RegCure
2008-04-30 15:03:42 0 d-------- F:\Program Files\Steam
2008-04-28 18:15:27 0 d-------- F:\Program Files\Lavasoft
2008-04-28 18:08:38 0 d-------- F:\Program Files\Common Files\Wise Installation Wizard
2008-04-27 21:03:20 0 d-------- F:\Program Files\AIM6
2008-04-27 21:03:16 0 d-------- F:\Program Files\Common Files\AOL
2008-04-27 21:02:32 0 d-------- F:\Program Files\AIMTunes
2008-04-27 21:02:31 0 d-------- F:\Program Files\Ogg Converter
2008-04-27 21:02:31 0 d-------- F:\Program Files\Novel Games
2008-04-27 21:02:27 0 d-------- F:\Program Files\Microsoft Xbox 360 Accessories
2008-04-27 21:02:27 0 d-------- F:\Program Files\Common Files\ATI Technologies
2008-04-27 20:59:14 0 d-------- F:\Program Files\AIM6(2)
2008-04-27 20:54:57 0 d-------- F:\Program Files\Windows Media Connect 2
2008-04-27 20:53:23 0 d-------- F:\Program Files\ffdshow
2008-04-27 20:53:23 0 d-------- F:\Program Files\DivX
2008-04-27 20:50:25 0 d-------- F:\Program Files\Common Files\Java(2)
2008-04-27 20:50:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Ideazon
2008-04-27 20:49:52 0 d--h----- F:\Program Files\InstallShield Installation Information
2008-04-27 20:49:52 0 d-------- F:\Program Files\Ideazon
2008-04-26 13:54:34 0 d-------- F:\Program Files\Trend Micro
2008-04-17 19:37:11 1338 --a------ F:\WINDOWS\mozver.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXBUCATS"="F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [09/10/2004 07:55 AM]
"Launch LGDCore"="F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [12/13/2007 06:57 PM]
"Launch LCDMon"="F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [12/13/2007 06:43 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="F:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 12:34 PM]
"Uniblue RegistryBooster 2"="F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
F:\Documents and Settings\AJ\Start Menu\Programs\Startup\
SpywareGuard.lnk - F:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"ZboardTray"="F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Zboard]
Winlognotif.dll 09/03/2003 07:14 AM 49152 F:\WINDOWS\system32\Winlognotif.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=interceptor.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^AJ^Start Menu^Programs^Startup^Registration .LNK]
backup=F:\WINDOWS\pss\Registration .LNKStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
F:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Echovoice Gamer Statistics]
F:\Program Files\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"F:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lsass]
"F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize2 Reminder]
F:\Program Files\PCPitstop\Optimize2\Reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"F:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
%systemroot%\system32\dumprep 0 -u
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
F:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
"f:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3 (0x3)
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"ATI Smart"=2 (0x2)
"VRSService"=2 (0x2)
"iPod Service"=3 (0x3)
"usnjsvc"=3 (0x3)
"McSysmon"=2 (0x2)
"McShield"=2 (0x2)
"McODS"=2 (0x2)
"mcmispupdmgr"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Emproxy"=3 (0x3)
"WMPNetworkSvc"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"RichVideo"=2 (0x2)
"NVSvc"=2 (0x2)
"MDM"=2 (0x2)
"McRedirector"=2 (0x2)
"mcpromgr"=2 (0x2)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"McAfee HackerWatch Service"=2 (0x2)
"aawservice"=2 (0x2)
-- End of Deckard's System Scanner: finished at 2008-06-18 13:44:06 ------------