I have the virus NOSTKRNL-HOOK. I have run McAfee several times and eliminated all other prob;ems, and the computer is now protected. I have also purchased and run REGCURE several times. I don't know if it is related, but on startup I get RunDLL error cannot find C:\windows\system\plaaykin.dll I don't know what program it is supposed to be associated with.
Thank You
-Joe
DDS (Ver_09-03-16.01) - NTFSx86
Run by MEL at 19:03:19.43 on Wed 04/29/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.225 [GMT -4:00]
AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *disabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\XGI\twatdog.exe
C:\WINDOWS\system32\Trirot.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
\\?\globalroot\systemroot\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Documents and Settings\MEL\Desktop\dds.pif
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.comcast.net/
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.comcast.net/toolbar2.0/search/
uWindow Title = Windows Internet Explorer provided by Comcast
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://support.dell.com/support/downloads/format.aspx?releaseid=R97774&appindex=ds
mSearchAssistant = hxxp://www.comcast.net/toolbar2.0/search/
BHO: {0b014b81-4e12-46f9-806f-55867af8fd3c} - &Research
BHO: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
{9145f945-28ff-415e-b1c6-4a172c03dd9b}
BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\3.9.0\ViewBarBHO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
TB: Viewpoint Toolbar: {f8ad5aa5-d966-4667-9daf-2561d68b2012} - c:\program files\common files\viewpoint\toolbar runtime\3.9.0\IEViewBar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [autochk] rundll32.exe c:\docume~1\mel\protect.dll,[email protected]
mRun: [RegServer] regserve.exe
mRun: [XGIWatchDog] c:\program files\xgi\twatdog.exe
mRun: [Trirot] Trirot.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [iTunesHelper] c:\program files\itunes\iTunesHelper.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [VF0070 STISvc] RunDLL32.exe V0070Pin.dll,RunDLL32EP 513
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [MBkLogOnHook] c:\program files\mcafee\mbk\LogOnHook.exe
mRun: [f47f4b90] rundll32.exe "c:\windows\system32\plaaykin.dll",b
mRun: [autochk] rundll32.exe c:\windows\system32\autochk.dll,[email protected]
mRun: [Framework Windows] frmwrk32.exe
dRun: [<NO NAME>] c:\windows\temp\qznw6tmth.exe
dRun: [Windows Resurections] c:\windows\temp\qznw6tmth.exe
dRun: [A00F1AFE2.exe] c:\windows\temp\_A00F1AFE2.exe
dRun: [A00FE6398.exe] c:\windows\temp\_A00FE6398.exe
dRun: [autochk] rundll32.exe c:\docume~1\locals~1\protect.dll,[email protected]
StartupFolder: c:\documents and settings\mel\start menu\programs\startup\.security
StartupFolder: c:\documents and settings\mel\start menu\programs\startup\ChkDisk.dll
StartupFolder: c:\docume~1\mel\startm~1\programs\startup\chkdisk.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\.security
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\windows\temp\ntdll64.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Notify: __c00694E - c:\windows\system32\__c00694E.dat
AppInit_DLLs: alqjvc.dll uymjov.dll fszogi.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-2-14 201320]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-2-14 359248]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-2-14 144704]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-2-14 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-2-14 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-2-14 35240]
R3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-2-14 33832]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-2-14 40488]
R3 Xgiv3;Xgiv3;c:\windows\system32\drivers\Xgiv3m.sys [2005-1-5 337152]
S0 ayjrchwb;ayjrchwb;c:\windows\system32\drivers\yzvrpcbn.sys []
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2008-10-17 104328]
=============== Created Last 30 ================
2009-04-29 18:57 <DIR> --d----- C:\Docum
2009-04-29 18:03 <DIR> --d----- c:\program files\common files\Viewpoint
2009-04-29 17:15 <DIR> --d----- C:\WINDO
2009-04-29 17:14 1,400 a------- c:\windows\system32\ahtn.htm
2009-04-29 17:14 4,785 a------- c:\windows\system32\warning.gif
2009-04-29 17:14 439 a------- c:\windows\system32\win32hlp.cnf
2009-04-29 17:13 104,960 a------- c:\windows\system32\dllcache\userinit.exe
2009-04-29 17:13 1 a------- c:\windows\system32\uniq.tll
2009-04-29 17:13 28,672 a------- c:\windows\system32\frmwrk32.exe
2009-04-29 17:13 28,672 a------- c:\windows\system32\loader49.exe
2009-04-29 16:58 24,064 a--sh--- c:\windows\system32\autochk.dll
2009-04-29 16:58 24,064 a--sh--- c:\documents and settings\mel\protect.dll
2009-04-29 16:57 27,648 a------- c:\windows\system32\lmppcsetup.exe
2009-04-29 16:55 221 a------- c:\windows\HP_RedboxHprblog_HPSU.ini
2009-04-29 16:52 27,648 a------- c:\windows\system32\__c0037110.dat
2009-04-26 13:58 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-04-26 13:57 <DIR> --d----- c:\program files\common files\PC Tools
2009-04-23 23:27 <DIR> --d----- c:\docume~1\mel\applic~1\RegTool
2009-04-23 23:23 <DIR> --d----- c:\program files\Angle Interactive
2009-04-23 19:26 28,160 a------- c:\windows\system32\__c00694E.dat
2009-04-23 19:25 39,936 a------- c:\windows\system32\winglsetup.exe
2009-04-23 10:43 46 a------- c:\windows\system32\p2hhr.bat
2009-04-23 10:42 15,000 a------- c:\windows\system32\sf87wuijndoio43j.dll
2009-04-22 21:43 0 a---h--- c:\windows\.security
2009-04-22 21:43 0 a---h--- C:\.security
2009-04-22 21:42 <DIR> --d----- c:\program files\AntiSpyware Pro
==================== Find3M ====================
2009-04-29 17:13 104,960 a------- c:\windows\system32\userinit.exe
2009-02-26 16:24 7,706 a--sh--- c:\windows\system32\EhNVyccf.ini2
2009-02-15 11:30 31,980 a--sh--- c:\windows\system32\AcLllnmp.ini2
2009-04-29 19:03 24,064 a--sh--- c:\windows\system32\autochk.dll
2006-05-29 02:27 297,318 ac-sh--- c:\windows\system32\edeeg.bak1
2006-05-29 20:58 438,641 ac-sh--- c:\windows\system32\edeeg.bak2
============= FINISH: 19:04:19.37 ===============
Thank You
-Joe
DDS (Ver_09-03-16.01) - NTFSx86
Run by MEL at 19:03:19.43 on Wed 04/29/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.225 [GMT -4:00]
AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *disabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\XGI\twatdog.exe
C:\WINDOWS\system32\Trirot.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
\\?\globalroot\systemroot\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Documents and Settings\MEL\Desktop\dds.pif
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.comcast.net/
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.comcast.net/toolbar2.0/search/
uWindow Title = Windows Internet Explorer provided by Comcast
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://support.dell.com/support/downloads/format.aspx?releaseid=R97774&appindex=ds
mSearchAssistant = hxxp://www.comcast.net/toolbar2.0/search/
BHO: {0b014b81-4e12-46f9-806f-55867af8fd3c} - &Research
BHO: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
{9145f945-28ff-415e-b1c6-4a172c03dd9b}
BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\3.9.0\ViewBarBHO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
TB: Viewpoint Toolbar: {f8ad5aa5-d966-4667-9daf-2561d68b2012} - c:\program files\common files\viewpoint\toolbar runtime\3.9.0\IEViewBar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [autochk] rundll32.exe c:\docume~1\mel\protect.dll,[email protected]
mRun: [RegServer] regserve.exe
mRun: [XGIWatchDog] c:\program files\xgi\twatdog.exe
mRun: [Trirot] Trirot.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [iTunesHelper] c:\program files\itunes\iTunesHelper.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [VF0070 STISvc] RunDLL32.exe V0070Pin.dll,RunDLL32EP 513
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [MBkLogOnHook] c:\program files\mcafee\mbk\LogOnHook.exe
mRun: [f47f4b90] rundll32.exe "c:\windows\system32\plaaykin.dll",b
mRun: [autochk] rundll32.exe c:\windows\system32\autochk.dll,[email protected]
mRun: [Framework Windows] frmwrk32.exe
dRun: [<NO NAME>] c:\windows\temp\qznw6tmth.exe
dRun: [Windows Resurections] c:\windows\temp\qznw6tmth.exe
dRun: [A00F1AFE2.exe] c:\windows\temp\_A00F1AFE2.exe
dRun: [A00FE6398.exe] c:\windows\temp\_A00FE6398.exe
dRun: [autochk] rundll32.exe c:\docume~1\locals~1\protect.dll,[email protected]
StartupFolder: c:\documents and settings\mel\start menu\programs\startup\.security
StartupFolder: c:\documents and settings\mel\start menu\programs\startup\ChkDisk.dll
StartupFolder: c:\docume~1\mel\startm~1\programs\startup\chkdisk.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\.security
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\windows\temp\ntdll64.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Notify: __c00694E - c:\windows\system32\__c00694E.dat
AppInit_DLLs: alqjvc.dll uymjov.dll fszogi.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-2-14 201320]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-2-14 359248]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-2-14 144704]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-2-14 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-2-14 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-2-14 35240]
R3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-2-14 33832]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-2-14 40488]
R3 Xgiv3;Xgiv3;c:\windows\system32\drivers\Xgiv3m.sys [2005-1-5 337152]
S0 ayjrchwb;ayjrchwb;c:\windows\system32\drivers\yzvrpcbn.sys []
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2008-10-17 104328]
=============== Created Last 30 ================
2009-04-29 18:57 <DIR> --d----- C:\Docum
2009-04-29 18:03 <DIR> --d----- c:\program files\common files\Viewpoint
2009-04-29 17:15 <DIR> --d----- C:\WINDO
2009-04-29 17:14 1,400 a------- c:\windows\system32\ahtn.htm
2009-04-29 17:14 4,785 a------- c:\windows\system32\warning.gif
2009-04-29 17:14 439 a------- c:\windows\system32\win32hlp.cnf
2009-04-29 17:13 104,960 a------- c:\windows\system32\dllcache\userinit.exe
2009-04-29 17:13 1 a------- c:\windows\system32\uniq.tll
2009-04-29 17:13 28,672 a------- c:\windows\system32\frmwrk32.exe
2009-04-29 17:13 28,672 a------- c:\windows\system32\loader49.exe
2009-04-29 16:58 24,064 a--sh--- c:\windows\system32\autochk.dll
2009-04-29 16:58 24,064 a--sh--- c:\documents and settings\mel\protect.dll
2009-04-29 16:57 27,648 a------- c:\windows\system32\lmppcsetup.exe
2009-04-29 16:55 221 a------- c:\windows\HP_RedboxHprblog_HPSU.ini
2009-04-29 16:52 27,648 a------- c:\windows\system32\__c0037110.dat
2009-04-26 13:58 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-04-26 13:57 <DIR> --d----- c:\program files\common files\PC Tools
2009-04-23 23:27 <DIR> --d----- c:\docume~1\mel\applic~1\RegTool
2009-04-23 23:23 <DIR> --d----- c:\program files\Angle Interactive
2009-04-23 19:26 28,160 a------- c:\windows\system32\__c00694E.dat
2009-04-23 19:25 39,936 a------- c:\windows\system32\winglsetup.exe
2009-04-23 10:43 46 a------- c:\windows\system32\p2hhr.bat
2009-04-23 10:42 15,000 a------- c:\windows\system32\sf87wuijndoio43j.dll
2009-04-22 21:43 0 a---h--- c:\windows\.security
2009-04-22 21:43 0 a---h--- C:\.security
2009-04-22 21:42 <DIR> --d----- c:\program files\AntiSpyware Pro
==================== Find3M ====================
2009-04-29 17:13 104,960 a------- c:\windows\system32\userinit.exe
2009-02-26 16:24 7,706 a--sh--- c:\windows\system32\EhNVyccf.ini2
2009-02-15 11:30 31,980 a--sh--- c:\windows\system32\AcLllnmp.ini2
2009-04-29 19:03 24,064 a--sh--- c:\windows\system32\autochk.dll
2006-05-29 02:27 297,318 ac-sh--- c:\windows\system32\edeeg.bak1
2006-05-29 20:58 438,641 ac-sh--- c:\windows\system32\edeeg.bak2
============= FINISH: 19:04:19.37 ===============
