I finally got it to reboot and work
Main.txt
Deckard's System Scanner v20071014.68
Run by rakiba mcneil on 2008-04-13 02:59:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Backed up registry hives.
Total Physical Memory: 503 MiB (512 MiB recommended).
-- HijackThis (run as rakiba mcneil.exe) ---------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:00, on 2008-04-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Documents and Settings\rakiba mcneil\desktop\dss.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\PROGRA~1\TRENDM~1\HIJACK~1\RAKIBA~1.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://soulsingles.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://g.msn.com/0SE...S01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: RemindU - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O15 - Trusted Zone: www.apartments.com
O15 - Trusted Zone:
http://www.blackplanet.com
O15 - Trusted Zone:
http://www.blacksingles.com
O15 - Trusted Zone:
http://mailcenter2.comcast.net
O15 - Trusted Zone:
http://playgames.comcast.net
O15 - Trusted Zone:
http://www.comcast.net
O15 - Trusted Zone:
http://www6.comcast.net
O15 - Trusted Zone:
http://ad.doubleclick.net
O15 - Trusted Zone:
http://*.emass2003apollogrp.edu
O15 - Trusted Zone:
http://www.fredericks.com
O15 - Trusted Zone:
http://pagead2.googlesyndication.com
O15 - Trusted Zone:
http://www.hgtv.com
O15 - Trusted Zone:
http://onecare.live.com
O15 - Trusted Zone:
http://www.loverslane.com
O15 - Trusted Zone:
http://www.mylifetime.com
O15 - Trusted Zone:
http://www.nickjr.com
O15 - Trusted Zone: www.rent.com
O15 - Trusted Zone:
http://*.rent.com
O15 - Trusted Zone:
http://www.rockincodes.com
O15 - Trusted Zone:
http://www.slumberparties.com
O15 - Trusted Zone: *.state.pa.us
O15 - Trusted Zone:
http://financial.wellsfargo.com
O15 - Trusted Zone:
http://download.windowsupdate.com
O15 - Trusted Zone:
http://bubblingbeauty.zoomshare.com
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -
https://support.micr...veX/MSDcode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcaf...96/mcinsctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.mi...b?1201977374671
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} -
http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcaf...,26/mcgdmgr.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} -
http://a532.g.akamai...l/installer.exe
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} -
http://by114fd.bay11...ex/HMAtchmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} -
http://chat.msn.com/...s/msnchat45.cab
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O24 - Desktop Component 0: (no name) - (no file)
O24 - Desktop Component 1: (no name) - (no file)
--
End of file - 9650 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080412-235900-457 O16 - DPF: {73D3D8EB-6C71-5444-67C8-54EC132A7D71} -
http://bsa.safetydow...er/setup_en.cab
backup-20080412-235900-677 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20080412-235900-698 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20080412-235902-834 O20 - Winlogon Notify: zfjxhpmq - zfjxhpmq.dll (file missing)
backup-20080413-011742-281 O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
backup-20080413-011742-856 O3 - Toolbar: (no name) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - (no file)
backup-20080413-011743-220 O24 - Desktop Component 0: (no name) - (no file)
backup-20080413-011743-893 O24 - Desktop Component 1: (no name) - (no file)
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfsync04 (StarForce Protection Synchronization Driver (version 4.x)) - c:\windows\system32\drivers\sfsync04.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 MCSTRM - c:\windows\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
R2 SbcpHid - c:\windows\system32\drivers\sbcphid.sys
S3 catchme - c:\docume~1\rakiba~1\locals~1\temp\catchme.sys (file missing)
S3 CoachUsb (Dual Mode Digital Camera on USB) - c:\windows\system32\drivers\coachusb.sys <Not Verified; Accapella Ltd.; USB Driver for Digital Camera>
S3 Dual Mode (Dual Mode Video Capture) - c:\windows\system32\drivers\coachvc.sys <Not Verified; Accapella Ltd.; Video Capture Minidriver for Digital Camera>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-04-07 05:29:23 408 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F74708FD-5478-4F02-B118-F0836B8D7616}.job
2008-04-07 00:24:36 406 --a------ C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1207541522.job
-- Files created between 2008-03-13 and 2008-04-13 -----------------------------
2008-04-13 01:20:43 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-12 07:45:08 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Malwarebytes
2008-04-12 07:44:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-12 07:07:59 0 -rahs---- C:\MSDOS.SYS
2008-04-12 07:07:59 0 -rahs---- C:\IO.SYS
2008-04-12 07:07:29 0 d-------- C:\WINDOWS\ERUNT
2008-04-09 11:13:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-09 01:45:21 0 d-------- C:\Documents and Settings\B5_BABYGURL\Application Data\Symantec
2008-04-06 23:54:35 16618 -----n--- C:\WINDOWS\hpomdl01.dat
2008-04-06 23:54:35 20454 --a------ C:\WINDOWS\hpoins01.dat
2008-04-03 09:36:43 0 d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-03-28 07:46:51 0 d-------- C:\Program Files\Virtools
2008-03-27 22:22:15 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\MySpace
2008-03-26 21:34:08 0 d-------- C:\Program Files\Windows Sidebar
2008-03-26 21:33:08 0 d-------- C:\Program Files\Norton 360
2008-03-25 22:13:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2008-03-25 19:39:37 0 d-------- C:\Program Files\Trend Micro
2008-03-23 13:10:31 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\LimeWire
2008-03-23 13:09:42 0 d-------- C:\Program Files\LimeWire
2008-03-23 11:56:50 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Printer Info Cache
2008-03-20 01:56:39 0 d-------- C:\Documents and Settings\Michael McNeil\Application Data\Macromedia
2008-03-20 01:47:40 0 d-------- C:\Documents and Settings\Michael McNeil\Application Data\Symantec
2008-03-17 18:57:58 0 d-------- C:\Documents and Settings\All Users\Application Data\EA
2008-03-17 18:57:57 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\EA
2008-03-17 18:57:26 0 d-------- C:\Program Files\Oberon Media
2008-03-17 10:22:40 0 d-------- C:\Program Files\directx
2008-03-17 01:34:12 0 d-------- C:\N360_BACKUP
2008-03-16 20:10:41 68096 --a------ C:\WINDOWS\system32\zip.exe
2008-03-16 20:10:41 98816 --a------ C:\WINDOWS\system32\sed.exe
2008-03-16 20:10:41 80412 --a------ C:\WINDOWS\system32\grep.exe
2008-03-16 20:10:41 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-03-16 17:46:43 1799 --a------ C:\WINDOWS\mozver.dat
2008-03-16 13:54:51 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Symantec
2008-03-16 13:33:14 0 d-------- C:\Program Files\Symantec
2008-03-16 13:33:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-16 12:53:28 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Mozilla
2008-03-16 12:50:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-16 12:40:43 0 d--hs---- C:\Documents and Settings\rakiba mcneil\Application Data\Earthlink
2008-03-15 21:19:01 0 d-------- C:\Documents and Settings\Administrator.PROSPERITY\Application Data\Jasc Software Inc
2008-03-15 21:19:01 0 d-------- C:\Documents and Settings\Administrator.PROSPERITY\Application Data\Identities
2008-03-15 21:19:00 0 dr------- C:\Documents and Settings\Administrator.PROSPERITY\Favorites
2008-03-15 21:19:00 0 d-------- C:\Documents and Settings\Administrator.PROSPERITY\Desktop
2008-03-15 21:19:00 0 d--hs---- C:\Documents and Settings\Administrator.PROSPERITY\Cookies
2008-03-15 21:19:00 0 dr-h----- C:\Documents and Settings\Administrator.PROSPERITY\Application Data
2008-03-15 21:19:00 0 d-------- C:\Documents and Settings\Administrator.PROSPERITY\Application Data\Sun
2008-03-15 21:19:00 0 d-------- C:\Documents and Settings\Administrator.PROSPERITY\Application Data\Sonic
2008-03-15 21:19:00 0 d-------- C:\Documents and Settings\Administrator.PROSPERITY\Application Data\Real
2008-03-15 21:19:00 0 d---s---- C:\Documents and Settings\Administrator.PROSPERITY\Application Data\Microsoft
2008-03-15 21:18:59 0 d--h----- C:\Documents and Settings\Administrator.PROSPERITY\Templates
2008-03-15 21:18:59 0 dr------- C:\Documents and Settings\Administrator.PROSPERITY\Start Menu
2008-03-15 21:18:59 0 dr-h----- C:\Documents and Settings\Administrator.PROSPERITY\SendTo
2008-03-15 21:18:59 0 dr-h----- C:\Documents and Settings\Administrator.PROSPERITY\Recent
2008-03-15 21:18:59 0 d--h----- C:\Documents and Settings\Administrator.PROSPERITY\PrintHood
2008-03-15 21:18:59 0 d--h----- C:\Documents and Settings\Administrator.PROSPERITY\NetHood
2008-03-15 21:18:59 0 dr------- C:\Documents and Settings\Administrator.PROSPERITY\My Documents
2008-03-15 21:18:59 0 d--h----- C:\Documents and Settings\Administrator.PROSPERITY\Local Settings
2008-03-15 21:18:57 1048576 --ah----- C:\Documents and Settings\Administrator.PROSPERITY\NTUSER.DAT
2008-03-15 18:21:26 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Webroot
2008-03-15 12:44:51 0 d-------- C:\Documents and Settings\Michael McNeil\Application Data\Adobe
-- Find3M Report ---------------------------------------------------------------
2008-04-13 02:44:47 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-12 10:30:07 0 d-------- C:\Program Files\Common Files
2008-04-12 02:20:16 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\OpenOffice.org2
2008-04-08 07:06:31 0 d-------- C:\Program Files\RegistryFix
2008-04-08 03:15:29 0 d-------- C:\Program Files\Java
2008-04-07 09:37:07 0 d-------- C:\Program Files\Hasbro Interactive
2008-04-07 09:37:06 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-27 22:22:09 0 d-------- C:\Program Files\MySpace
2008-03-26 21:35:10 0 d-------- C:\Program Files\Yahoo!
2008-03-23 11:56:40 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Image Zone Express
2008-03-22 19:21:15 0 d-------- C:\Program Files\Windows NT
2008-03-17 10:21:45 592 --a----c- C:\WINDOWS\PowerReg.dat
2008-03-15 18:23:28 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Apple Computer
2008-03-15 13:45:37 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\McAfee
2008-03-07 00:13:15 0 d-------- C:\Program Files\OpenOffice.org 2.0
2008-03-06 20:12:45 0 d-------- C:\Program Files\Webroot
2008-03-05 20:08:47 0 d-------- C:\Program Files\Napster
2008-03-03 15:11:22 0 d-------- C:\Program Files\Google
2008-03-03 14:51:48 164 --a------ C:\install.dat
2008-03-02 14:49:04 0 d-------- C:\Program Files\3B Software
2008-03-02 11:09:34 0 d-------- C:\Documents and Settings\rakiba mcneil\Application Data\Lavasoft
2008-03-02 11:08:48 0 d-------- C:\Program Files\TurboTax
2008-03-02 11:08:34 0 d-------- C:\Program Files\Common Files\Intuit
2008-03-02 11:00:32 0 dr-h----- C:\Documents and Settings\rakiba mcneil\Application Data\yahoo!
2008-03-02 01:10:07 0 d-------- C:\Program Files\FinePixViewer
2008-03-02 01:08:14 0 d-------- C:\Program Files\Comcast Play Games
2008-03-01 21:45:51 0 d-------- C:\Program Files\Incomplete
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
2008-02-23 22:08 349552 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2008-03-26 21:35 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [2008-02-23 22:08 349552]
[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCMSMMSG"="BCMSMMSG.exe" [2003-06-02 07:00 C:\WINDOWS\BCMSMMSG.exe]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 02:01]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 15:37]
"osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 10:50]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 16:27]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 16:32]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Documents and Settings\rakiba mcneil\Start Menu\Programs\Startup\
DESKTOP.INI [2002-09-03 11:00:00]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
DESKTOP.INI [2002-09-03 11:00:00]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 01:06:58]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
*Newly Created Service* - COMHOST
-- End of Deckard's System Scanner: finished at 2008-04-13 03:01:57 ------------