Tech Support Forum - View Single Post

Pinion00 · 06-30-2008, 05:32 AM

UPDATE:

I was a little hasty earlier and have had a chance to run through the 5 steps for posting here. the only issue i ran into was running the Panda scan -- most webpages i attempt to load are not loading (they appear to be for several minutes before timing out), and the e-mail link to confirm registration is one of them. i have tried several times and each it simply will nto load, thus no confirmation and no scan. i even tried different email accounts but same reult with each. everything passed, though. below are the results of my DSS scan and the extra.txt should be attached. again, thank you in advance for your time -- this is getting ridiculous!

Deckard's System Scanner v20071014.68
Run by Johnny H. Christ on 2008-06-30 05:21:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
8: 2008-06-30 12:21:43 UTC - RP251 - Deckard's System Scanner Restore Point
7: 2008-06-29 15:21:54 UTC - RP250 - pre reg edit
6: 2008-06-29 11:38:31 UTC - RP249 - Installed Java 2 Runtime Environment, SE v1.4.2_15
5: 2008-06-28 00:05:59 UTC - RP248 - System Checkpoint
4: 2008-06-26 16:58:45 UTC - RP247 - Last known good configuration

-- First Restore Point --
1: 2008-06-26 16:58:33 UTC - RP244 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Johnny H. Christ.exe) ------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:23:59 AM, on 6/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPatchMixDSP.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Johnny H. Christ\Local Settings\Temporary Internet Files\Content.IE5\3WLRHIH1\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Johnny H. Christ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: (no name) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {14CC3D5C-74EC-4CDC-9286-5932017DEF2C} - C:\WINDOWS\system32\hgGxXqQI.dll (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {eab926a1-d43b-2199-b7d4-80e8bc68f569} - {965f86cb-8e08-4d7b-9912-b34d1a629bae} - C:\WINDOWS\system32\betaia.dll
O3 - Toolbar: (no name) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [a088094f] rundll32.exe "C:\WINDOWS\system32\gsnwlwdm.dll",b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe"
O4 - HKLM\..\Run: [BMa3bb3ad3] Rundll32.exe "C:\WINDOWS\system32\arcdefxv.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...bs/tgctlsr.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} (LightSurfUploadCtl Class) - http://pictures.sprintpcs.com/active...oadControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1193266776421
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1193273452609
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) - http://javadl-esd.sun.com/update/1.4...ndows-i586.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{682F2F44-F27B-4BC9-97E6-96AE98CE5865}: NameServer = 68.94.156.1 206.13.30.12
O20 - Winlogon Notify: winrkc32 - C:\WINDOWS\SYSTEM32\winrkc32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9495 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 MaVctrl - c:\windows\system32\drivers\mavc2k.sys <Not Verified; Mobile Action Technology Inc.; Handset Manager>
R3 CLEDX (Team H2O CLEDX service) - c:\windows\system32\drivers\cledx.sys <Not Verified; Team H2O; CLEDX>
R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 USBMN4X4 (M-Audio USB MidiSport 4x4) - c:\windows\system32\drivers\usbmn4x4.sys <Not Verified; Doug Fetter Software Wizardry; Midiman USB MidiSport 4x4 Midi Interface>

S3 mamm9000mi00 - c:\windows\system32\drivers\ma9kmi00.sys <Not Verified; Mobile Action Technology Inc.; Handset Manager>
S3 mamm9000mi01 - c:\windows\system32\drivers\ma9kmi01.sys <Not Verified; Mobile Action Technology Inc.; Handset Manager>
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 RDID1065 (Roland SH-201) - c:\windows\system32\drivers\rdwm1065.sys <Not Verified; Roland Corporation; >
S3 RT25USBAP (Nintendo Wi-Fi USB Connector Service) - c:\windows\system32\drivers\rt25usbap.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
S3 USB44LDR (M-Audio USB MidiSport 4x4 Loader) - c:\windows\system32\drivers\usb44ldr.sys <Not Verified; MIDIMAN; Midiman USB MidiSport 4x4 Loader>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>

S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" (file missing)

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Realtek High Definition Audio
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0861&SUBSYS_1043C603&REV_1003\5&1C6A08EA&0&0001
Manufacturer: Realtek
Name: Realtek High Definition Audio
PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0861&SUBSYS_1043C603&REV_1003\5&1C6A08EA&0&0001
Service: IntcAzAudAddService

-- Files created between 2008-05-30 and 2008-06-30 -----------------------------

2008-06-30 05:13:10 0 d-------- C:\ie-spyad_zo
2008-06-30 05

23 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-30 05

12 0 d-------- C:\Program Files\SpywareBlaster
2008-06-30 02:52:18 0 d-------- C:\Program Files\Trend Micro
2008-06-29 08:07:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-29 05:12:44 81920 --a------ C:\WINDOWS\system32\W32n50.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-06-29 05:12:44 17162 --a------ C:\WINDOWS\system32\Pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-06-29 05:12:44 16848 --a------ C:\WINDOWS\system32\Pcandis4.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-06-29 05:12:43 0 d-------- C:\Program Files\Common Files\Motive
2008-06-29 04:40:13 0 d-------- C:\WINDOWS\Sun
2008-06-29 04:39:40 0 d-------- C:\Documents and Settings\Johnny H. Christ\Application Data\Sun
2008-06-29 04:38:52 0 d-------- C:\Program Files\Java
2008-06-29 04:38:32 0 d-------- C:\Program Files\Common Files\Java
2008-06-28 16:31:15 0 d-------- C:\2x2 MIDISport
2008-06-28 04:23:39 0 d-------- C:\Program Files\Enigma Software Group
2008-06-27 10

02 81920 --a------ C:\WINDOWS\system32\gsnwlwdm.dll
2008-06-27 10:02:46 103424 --a------ C:\WINDOWS\system32\betaia.dll
2008-06-27 10:02:44 103424 --a------ C:\WINDOWS\system32\ulblgloq.dll
2008-06-27 09:59:54 90624 --a------ C:\WINDOWS\system32\arcdefxv.dll
2008-06-26 10:04:23 106496 --a------ C:\WINDOWS\system32\omtuofca.dll
2008-06-26 10:01:23 80896 --a------ C:\WINDOWS\system32\sbxduwqg.dll
2008-06-26 09:59:17 91648 --a------ C:\WINDOWS\system32\gxiltxyc.dll
2008-06-26 09:58:23 654260 --ahs---- C:\WINDOWS\system32\yyyyGfhk.ini2
2008-06-25 22:56:01 0 d-------- C:\Program Files\Super_DVD_Creator_9.8
2008-06-25 21:24:32 0 d-------- C:\Program Files\AVS4YOU
2008-06-25 18:20:40 0 d-------- C:\Program Files\Common Files\AVSMedia
2008-06-25 11:22:43 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-06-25 08:42:15 0 d-------- C:\Program Files\Lavasoft
2008-06-25 08:42:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-25 06:47:43 1187 --ahs---- C:\WINDOWS\system32\IQqXxGgh.ini2
2008-06-25 06:42:23 0 d-------- C:\WINDOWS\system32\349168
2008-06-25 06:42:19 32768 --a------ C:\WINDOWS\system32\winrkc32.dll
2008-06-25 06:08:55 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-06-25 05:03:41 0 d-------- C:\Documents and Settings\Johnny H. Christ\Application Data\AVSMedia
2008-06-24 22:42:37 139264 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-24 22:42:37 524288 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-24 22:42:37 413760 --a------ C:\WINDOWS\system32\mpg4c32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec>
2008-06-24 22:42:37 261632 --a------ C:\WINDOWS\system32\mcdvd_32.dll <Not Verified; MainConcept; MainConcept DV Codec "2.0.4>
2008-06-24 22:21:26 0 d-------- C:\Documents and Settings\Johnny H. Christ\Application Data\AVS4YOU
2008-06-24 22:21:22 0 d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-06-22 04:52:49 0 d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-06-22 03:50:27 0 d-------- C:\Documents and Settings\Johnny H. Christ\Application Data\MySpace
2008-06-22 03:50:24 0 d-------- C:\Program Files\MySpace

-- Find3M Report ---------------------------------------------------------------

2008-06-30 05:23:35 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-29 05:12:43 0 d-------- C:\Program Files\Common Files
2008-06-28 16:13:55 0 d-------- C:\Documents and Settings\Johnny H. Christ\Application Data\dvdcss
2008-06-28 04:43:08 0 d-------- C:\Program Files\The_Pirate_Bay
2008-06-28 04:09:29 0 d-------- C:\Documents and Settings\Johnny H. Christ\Application Data\BitTorrent
2008-06-25 21:10:11 0 d-------- C:\Documents and Settings\Johnny H. Christ\Application Data\Propellerhead Software
2008-06-25 08:42:16 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-25 08:41:18 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-03 20:04:11 0 d-------- C:\Program Files\Symantec
2008-05-27 21:02:42 0 d-------- C:\Program Files\WiFiConnector
2008-05-14 14:40:45 0 d-------- C:\Program Files\M-Audio Midisport 4x4
2008-05-14 14:40:26 724992 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-05-09 15:35:39 214016 --a------ C:\WINDOWS\system32\usbmn4x4.dll <Not Verified; Doug Fetter Software Wizardry; Midiman USB MidiSport 4x4 Midi Interface>
2008-05-08 19:39:36 0 d-------- C:\Program Files\Norton 360

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{14CC3D5C-74EC-4CDC-9286-5932017DEF2C}]
C:\WINDOWS\system32\hgGxXqQI.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965f86cb-8e08-4d7b-9912-b34d1a629bae}]
06/27/2008 10:02 AM 103424 --a------ C:\WINDOWS\system32\betaia.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [03/10/2005 08:33 PM C:\WINDOWS\system32\VTTimer.exe]
"SkyTel"="SkyTel.EXE" [05/15/2006 08:04 PM C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [09/11/2006 06:58 PM C:\WINDOWS\RTHDCPL.EXE]
"Alcmtr"="ALCMTR.EXE" [05/02/2005 05:00 PM C:\WINDOWS\ALCMTR.EXE]
"CTHelper"="CTHELPER.EXE" [10/05/2004 08:48 PM C:\WINDOWS\CTHELPER.EXE]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [11/13/2006 03:25 PM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [01/29/2008 05:38 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/09/2007 01:59 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"a088094f"="C:\WINDOWS\system32\gsnwlwdm.dll" [06/27/2008 10:06 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe" [05/22/2007 05:39 PM]
"BMa3bb3ad3"="C:\WINDOWS\system32\arcdefxv.dll" [06/27/2008 09:59 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
"SetDefaultMIDI"="MIDIDef.exe" [10/05/2004 08:22 PM C:\WINDOWS\MIDIDEF.EXE]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" []
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispScrSavPage"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [02/05/2007 03:39 PM 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrkc32]
winrkc32.dll 06/25/2008 06:42 AM 32768 C:\WINDOWS\system32\winrkc32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
"C:\Program Files\BitTorrent_DNA\dna.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 7\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe

*Newly Created Service* - COMHOST

-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8756 more entries in hosts file.

-- End of Deckard's System Scanner: finished at 2008-06-30 05:24:34 ------------