system
30
I ran WinpFnd and here’s what was reported.
[Registry - Non-Microsoft Only]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WNSO.lnk moved successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WNSO.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{733E9132-53CA-4C97-9AC9-145C4502FA20} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{733E9132-53CA-4C97-9AC9-145C4502FA20} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\CustomizeSearch deleted successfully.
[Files/Folders - Created Within 30 days]
C:\WINDOWS\winshow.exe moved successfully.
C:\WINDOWS\SYSTEM32\bcwhocfi.exe moved successfully.
C:\WINDOWS\SYSTEM32\fnajvskc.ini moved successfully.
C:\WINDOWS\SYSTEM32\lrfqotyx.ini moved successfully.
C:\WINDOWS\SYSTEM32\rrutv.bak2 moved successfully.
C:\WINDOWS\SYSTEM32\xytoqfrl.dll moved successfully.
[Files/Folders - Modified Within 30 days]
C:\WINDOWS\SYSTEM32\rrutv.ini moved successfully.
< End of log >
Created on 10/22/2007 20:17:46
I’ll do the following steps next…
