Deckard's System Scanner v20071014.68 Run by Compaq_Owner on 2008-04-29 22:14:02 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Compaq_Owner.exe) ---------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:14:09, on 29/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\HP\KBD\KBD.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe C:\Program Files\Hp\Photosmart Essential\HP_IZE.exe C:\Program Files\Hp\Digital Imaging\bin\hpqdirec.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Spyware Doctor\pctsGui.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Documents and Settings\Compaq_Owner\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\COMPAQ~1.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 12429 bytes -- Files created between 2008-03-29 and 2008-04-29 ----------------------------- 2008-04-27 12:27:09 0 d--h----- C:\$AVG8.VAULT$ 2008-04-27 11:54:53 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-04-27 11:54:34 0 d-------- C:\Program Files\SUPERAntiSpyware 2008-04-27 11:54:34 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com 2008-04-27 11:53:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-04-27 11:16:34 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes 2008-04-27 11:14:31 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-04-27 11:14:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-04-27 11:14:13 0 d-------- C:\Program Files\Common Files\Download Manager 2008-04-27 02:03:36 0 d-------- C:\Program Files\Trend Micro 2008-04-27 00:51:21 0 d-------- C:\WINDOWS\system32\drivers\Avg 2008-04-27 00:51:20 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\AVGTOOLBAR 2008-04-27 00:50:32 0 d-------- C:\Program Files\AVG 2008-04-27 00:50:30 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-04-26 13:51:57 0 d-------- C:\Program Files\IrfanView 2008-04-25 23:02:03 0 d-------- C:\Program Files\SpywareBlaster 2008-04-25 18:24:57 0 d-------- C:\Program Files\Moss Bay Software 2008-04-25 18:04:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage 2008-04-24 20:33:58 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\InstallShield 2008-04-24 18:33:45 77824 --a-----t C:\WINDOWS\system32\DRWEBSP.DLL 2008-04-23 17:51:40 0 d--h----- C:\WINDOWS\PIF 2008-04-22 20:07:48 0 d-------- C:\WINDOWS\system32\Adobe 2008-04-19 20:48:10 0 d-------- C:\Program Files\DrWeb 2008-04-18 18:58:32 0 d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder 2008-04-18 18:57:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft 2008-04-18 18:57:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities 2008-04-18 18:57:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\WINDOWS 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Templates 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Start Menu 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\SendTo 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Recent 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\PrintHood 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\NetHood 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\My Documents 2008-04-18 18:57:03 0 d--h----- C:\Documents and Settings\Administrator\Local Settings 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Favorites 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Desktop 2008-04-18 18:57:03 0 d--hs---- C:\Documents and Settings\Administrator\Cookies 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\SampleView 2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real 2008-04-18 18:57:02 782336 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT 2008-04-17 18:05:43 0 d-------- C:\Program Files\World of Warcraft Trial 2008-04-17 17:46:41 0 d-------- C:\Program Files\WoW-2.3.0.7561-enUS 2008-04-17 14:18:47 0 d-------- C:\Documents and Settings\LocalService\Application Data\PC Tools 2008-04-17 14:17:14 0 d-------- C:\Documents and Settings\LocalService\Start Menu 2008-04-17 14:12:35 0 d-------- C:\Documents and Settings\LocalService\Application Data\Adobe 2008-04-17 14:12:04 0 d-------- C:\Documents and Settings\LocalService\Application Data\Google 2008-04-17 14:11:43 0 dr------- C:\Documents and Settings\LocalService\Favorites 2008-04-17 11:57:00 0 d-------- C:\Documents and Settings\Compaq_Owner\DoctorWeb 2008-04-12 15:46:51 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\WinRAR 2008-04-12 14:45:41 0 d-------- C:\Program Files\DVD Decrypter 2008-04-10 23:23:41 0 d-------- C:\Program Files\AutoCAD 2009 2008-04-10 20:04:56 0 d-------- C:\WINDOWS\system32\XPSViewer 2008-04-10 20:04:03 0 d-------- C:\Program Files\Reference Assemblies 2008-04-10 20:00:36 0 d-------- C:\Program Files\Autodesk 2008-04-04 20:23:15 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment 2008-04-01 15:08:49 0 d-------- C:\Program Files\Microsoft Expression 2008-04-01 14:58:33 0 d-------- C:\Program Files\MSBuild 2008-04-01 14:55:09 0 d-------- C:\Program Files\Microsoft Visual Studio 8 2008-03-30 17:20:46 0 d-------- C:\Program Files\PowerISO 2008-03-30 14:47:06 0 d-------- C:\Program Files\MagicDisc 2008-03-30 13:59:46 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools 2008-03-30 13:48:08 0 d-------- C:\Program Files\Universal Extractor 2008-03-30 11:02:27 0 d-------- C:\Program Files\Sony -- Find3M Report --------------------------------------------------------------- 2008-04-29 22:13:12 0 d-------- C:\Program Files\Spyware Doctor 2008-04-29 15:02:34 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express 2008-04-28 13:20:18 0 d-------- C:\Program Files\Common Files\Autodesk Shared 2008-04-27 11:53:06 0 d-------- C:\Program Files\Common Files 2008-04-26 23:48:05 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-04-17 17:46:41 1283912 --a------ C:\Program Files\WoW-2.3.0.7561-enUS-downloader.exe 2008-04-16 12:20:20 2216 --a------ C:\Documents and Settings\Compaq_Owner\Application Data\ViewerApp.dat 2008-04-11 00:12:15 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Autodesk 2008-03-30 12:58:14 0 d-------- C:\Program Files\QuickTime 2008-03-20 21:49:22 0 d-------- C:\Program Files\Essentials Codec Pack 2008-03-20 21:40:27 0 d-------- C:\Program Files\DivX 2008-03-20 20:11:50 0 d-------- C:\Program Files\GSpot 2008-03-18 10:24:08 0 d-------- C:\Program Files\Windows Media Connect 2 2008-03-17 09:50:04 0 d-------- C:\Program Files\Common Files\PC Tools 2008-03-16 23:01:37 0 d-------- C:\Program Files\Microsoft Silverlight 2008-03-16 22:42:07 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Media Player Classic 2008-03-16 22:31:13 0 d-------- C:\Program Files\Cucusoft 2008-03-16 22:14:51 73728 --a------ C:\WINDOWS\ALCFDRTM.EXE 2008-03-13 09:19:15 0 d-------- C:\Program Files\Java 2008-03-10 19:13:45 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Azureus -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] 27/04/2008 00:51 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [27/04/2008 00:51 2050816] [-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07/05/1998 17:04] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [08/01/2005 01:07 C:\WINDOWS\system32\HdAShCut.exe] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [15/04/2005 05:05] "SoundMan"="SOUNDMAN.EXE" [04/05/2005 02:43 C:\WINDOWS\SOUNDMAN.EXE] "AlcWzrd"="ALCWZRD.EXE" [04/05/2005 18:01 C:\WINDOWS\ALCWZRD.EXE] "Alcmtr"="ALCMTR.EXE" [04/05/2005 02:43 C:\WINDOWS\ALCMTR.EXE] "KBD"="C:\HP\KBD\KBD.EXE" [03/02/2005 00:44] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [03/01/2005 06:57] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [05/05/2005 01:21] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14/04/2004 21:43] "PCDrProfiler"="" [] "PS2"="C:\WINDOWS\system32\ps2.exe" [25/10/2004 23:17] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [11/05/2005 01:50] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11/05/2005 23:12] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 20:51] "RegistryMechanic"="" [] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [22/07/2002 03:10] "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [09/07/2002 09:50] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/01/2005 07:02] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [23/01/2007 15:44 C:\WINDOWS\KHALMNPR.Exe] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [24/11/2006 01:06] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [28/07/2004 00:50] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [28/07/2004 00:50] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [03/12/2007 15:21] "CXMon"="C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" [27/08/2001 11:52] "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe" [03/07/2001 10:11] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57] "Media Codec Update Service"="C:\Program Files\Essentials Codec Pack\update.exe" [08/04/2007 17:44] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24/08/2007 07:00] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [15/03/2008 00:50] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [27/04/2008 00:50] "ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [01/02/2008 11:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 13:00] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [27/04/2008 14:36] C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [24/08/2007 04:45:42] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [18/02/2008 11:25:30] HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [11/05/2005 23:23:26] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSaveSettings"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [05/02/2007 16:39 294400] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 27/04/2008 14:37 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup" -- End of Deckard's System Scanner: finished at 2008-04-29 22:14:56 ------------