Here is the second one.
Deckard's System Scanner v20071014.68
Run by Ken on 2008-02-26 19:32:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 5 Restore Point(s) --
73: 2008-02-26 23:24:18 UTC - RP73 - Deckard's System Scanner Restore Point
72: 2008-02-26 02:53:41 UTC - RP72 - Removed SUPERAntiSpyware Free Edition
71: 2008-02-24 23:42:04 UTC - RP71 - Installed SUPERAntiSpyware Free Edition
70: 2008-02-24 02:47:20 UTC - RP70 - Restore Operation
69: 2008-02-24 00:51:08 UTC - RP69 - Windows Defender Checkpoint
-- First Restore Point --
1: 2008-01-11 15:31:28 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Ken.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:33:28 PM, on 2/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ken\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Ken.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail....es/MSNPUpld.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO21 - SSODL: bxlrvps - {E5A87818-7526-4F1A-8BF0-3DFE9D7F4C8A} - C:\WINDOWS\bxlrvps.dll (file missing)
O21 - SSODL: alofkmn - {6ABC2A07-45D9-4F3C-8EC2-40C80A63AAAF} - C:\WINDOWS\alofkmn.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 7204 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080226-175056-100 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157backup-20080226-175056-506 O21 - SSODL: alofkmn - {80AD81FB-B87D-4675-A1DA-83F52812773C} - C:\WINDOWS\alofkmn.dll
backup-20080226-175056-797 O21 - SSODL: bxlrvps - {57C84522-83C1-4BB8-9D31-EC8C272337F9} - C:\WINDOWS\bxlrvps.dll
backup-20080226-175056-947 O21 - SSODL: DriveSrv - {002e758a-4c36-42a2-b0e2-d67f7a816809} - C:\WINDOWS\Installer\{002e758a-4c36-42a2-b0e2-d67f7a816809}\DriveSrv.dll
backup-20080226-175734-575 O21 - SSODL: DriveSrv - {002e758a-4c36-42a2-b0e2-d67f7a816809} - C:\WINDOWS\Installer\{002e758a-4c36-42a2-b0e2-d67f7a816809}\DriveSrv.dll
backup-20080226-175734-658 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://softwarerefer...=...6Ojg5&lid=2backup-20080226-190231-322 O21 - SSODL: DriveSrv - {002e758a-4c36-42a2-b0e2-d67f7a816809} - C:\WINDOWS\Installer\{002e758a-4c36-42a2-b0e2-d67f7a816809}\DriveSrv.dll (file missing)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
S3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_D6088086&REV_01\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_D6088086&REV_01\3&11583659&0&FB
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-02-26 19:28:53 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-02-23 14:23:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-02-23 07:43:29 552 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Ken.job
-- Files created between 2008-01-26 and 2008-02-26 -----------------------------
2008-02-26 19:09:21 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-02-26 19:09:20 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-02-26 19:09:20 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-02-26 19:09:20 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-02-26 19:09:20 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-02-26 19:09:20 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-02-26 19:09:20 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-02-26 19:09:20 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-02-26 19:09:20 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-02-26 19:09:20 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-02-26 19:09:20 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-02-26 19:09:20 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-02-26 19:09:20 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-02-26 19:09:20 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-02-26 19:09:20 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-02-25 21:53:45 0 d-------- C:\WINDOWS\system32\appmgmt
2008-02-24 18:42:12 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-24 18:42:05 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-02-24 18:42:05 0 d-------- C:\Documents and Settings\Ken\Application Data\SUPERAntiSpyware.com
2008-02-24 18:24:38 0 d-------- C:\Program Files\SpywareBlaster
2008-02-23 21:34:59 0 d-------- C:\Program Files\Trend Micro
2008-02-23 20:16:41 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-23 19:49:17 0 d-------- C:\Program Files\Windows Defender
2008-02-23 08:03:21 81920 --a------ C:\WINDOWS\fkxvkns.exe
2008-02-23 03:01:14 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-02-20 22:45:49 0 d-------- C:\Documents and Settings\Ken\Application Data\Apple Computer
2008-02-20 22:45:35 0 d-------- C:\Program Files\iPod
2008-02-20 22:45:29 0 d-------- C:\Program Files\iTunes
2008-02-20 22:45:15 0 d-------- C:\Program Files\Bonjour
2008-02-20 22:44:36 0 d-------- C:\Program Files\QuickTime
2008-02-20 22:44:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-20 22:44:16 0 d-------- C:\Program Files\Apple Software Update
2008-02-20 22:43:52 0 d-------- C:\Program Files\Common Files\Apple
2008-02-20 22:43:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-02-04 12:59:35 0 d-------- C:\WINDOWS\BBSTORE
2008-02-04 12:59:08 212480 --a------ C:\WINDOWS\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2008-02-04 12:47:42 53248 --a------ C:\WINDOWS\system32\PretzelSpellCheck.dll <Not Verified; ; PretzelSpellCheck Module>
2008-02-04 12:47:42 45056 --a------ C:\WINDOWS\system32\ImportClient.dll <Not Verified; Mattel Interactive, Inc.; >
2008-02-04 12:47:42 73728 --a------ C:\WINDOWS\system32\ImageServerMI.dll <Not Verified; Mattel Interactive, Inc.; >
2008-02-04 12:47:37 4128 --a------ C:\WINDOWS\system32\WBTRVRES.DLL <Not Verified; Btrieve Technologies, Inc.; >
2008-02-04 12:47:37 17704 --a------ C:\WINDOWS\system32\WBTRLOCL.DLL <Not Verified; Btrieve Technologies, Incorporated; >
2008-02-04 12:47:37 16496 --a------ C:\WINDOWS\system32\WBTRCALL.DLL <Not Verified; Btrieve Technologies, Inc.; >
2008-02-04 12:47:37 317116 --a------ C:\WINDOWS\system32\WBTR32.EXE <Not Verified; Btrieve Technologies, Incorporated; >
2008-02-04 12:47:37 4280 --a------ C:\WINDOWS\system32\WBT32RES.DLL <Not Verified; Btrieve Technologies, Incorporated; >
2008-02-04 12:47:37 114176 --a------ C:\WINDOWS\system32\SSCE4132.DLL <Not Verified; Wintertree Software Inc.; Sentry Spelling-Checker Engine>
2008-02-04 12:47:37 96768 --a------ C:\WINDOWS\system32\Ptsacx40.dll <Not Verified; Parsons Technology, Inc.; Address Book for Windows>
2008-02-04 12:47:37 116640 --a------ C:\WINDOWS\system32\Ptsaci40.dll
2008-02-04 12:47:37 50048 --a------ C:\WINDOWS\system32\PTSAABDB.DLL <Not Verified; Parsons Technology, Inc.; Address Book for Windows>
2008-02-04 12:47:36 101376 --a------ C:\WINDOWS\system32\Ptsaab32.dll <Not Verified; Parsons Technology, Inc.; Address Book for Windows>
2008-02-04 12:47:36 21840 --a------ C:\WINDOWS\system32\PTSAAB30.DLL <Not Verified; Parsons Technology, Inc.; Address Book for Windows>
2008-02-04 12:47:36 30080 --a------ C:\WINDOWS\system32\Ptabimp3.exe <Not Verified; ; PTABIMP3>
2008-02-04 12:46:01 0 d-------- C:\Program Files\Web Publish
2008-02-04 12:44:34 0 d-------- C:\Program Files\Broderbund
2008-02-04 12:39:19 299520 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-02-04 12:37:38 0 d-------- C:\Documents and Settings\Ken\WINDOWS
2008-01-30 16:26:21 0 d-------- C:\WINDOWS\Sun
2008-01-30 16:26:20 0 d-------- C:\Documents and Settings\Ken\Application Data\Sun
2008-01-29 11:45:11 0 d-------- C:\Documents and Settings\Ken\Application Data\Move Networks
-- Find3M Report ---------------------------------------------------------------
2008-02-25 21:53:45 0 d-------- C:\Program Files\Common Files
2008-02-24 18:03:21 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-22 12:07:41 0 d-------- C:\Documents and Settings\Ken\Application Data\LimeWire
2008-02-14 20:19:20 0 d-------- C:\Program Files\Sun Palace Casino
2008-02-13 17:57:28 0 d-------- C:\Program Files\PartyGaming
2008-02-12 20:10:37 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-21 09:25:10 0 d-------- C:\Program Files\Java
2008-01-20 20:35:48 0 d-------- C:\Program Files\LimeWire
2008-01-20 20:34:49 0 d-------- C:\Program Files\Common Files\Java
2008-01-17 13:06:31 0 d-------- C:\Documents and Settings\Ken\Application Data\Adobe
2008-01-16 17:07:36 11163 --a------ C:\Documents and Settings\Ken\Application Data\Microsoft Excel.CAL
2008-01-14 08:54:34 0 d-------- C:\Documents and Settings\Ken\Application Data\Macromedia
2008-01-13 10:52:35 0 d-------- C:\Program Files\MSBuild
2008-01-13 10:49:59 0 d-------- C:\Program Files\Reference Assemblies
2008-01-13 10:49:04 0 d-------- C:\Program Files\MSXML 6.0
2008-01-13 10:48:33 0 d-------- C:\Program Files\Windows Media Connect 2
2008-01-12 17:07:33 0 d-------- C:\Documents and Settings\Ken\Application Data\Ahead
2008-01-12 12:14:14 0 d-------- C:\Program Files\Common Files\LightScribe
2008-01-12 12:13:53 0 d-------- C:\Program Files\Common Files\Ahead
2008-01-12 12:09:47 0 d-------- C:\Program Files\Nero
2008-01-12 07:43:29 68965 --a------ C:\WINDOWS\hpoins05.dat
2008-01-12 07:41:54 0 d-------- C:\Program Files\Common Files\HP
2008-01-12 07:40:22 0 d-------- C:\Program Files\HP
2008-01-12 07:40:17 0 d-------- C:\Program Files\Hewlett-Packard
2008-01-12 07:39:25 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-01-12 07:17:07 0 d-------- C:\Program Files\Microsoft.NET
2008-01-12 07:17:04 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-01-12 00:05:29 0 d-------- C:\Program Files\Norton AntiVirus
2008-01-12 00:03:44 0 d-------- C:\Program Files\Symantec
2008-01-11 23:58:21 0 d-------- C:\Program Files\Windows Sidebar
2008-01-11 22:57:57 0 d-------- C:\Program Files\Messenger
2008-01-11 10:36:39 0 d-------- C:\Program Files\Realtek
2008-01-11 10:36:38 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-11 10:36:36 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-01-11 10:36:33 0 d-------- C:\Program Files\Common Files\InstallShield
2008-01-11 10:34:15 0 d-------- C:\Documents and Settings\Ken\Application Data\InstallShield
2008-01-11 10:27:46 0 d-------- C:\Program Files\Intel
2008-01-11 10:20:48 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-01-11 10:20:15 0 d-------- C:\Program Files\windows nt
2008-01-11 09:57:51 0 d-------- C:\Program Files\MSXML 4.0
2008-01-11 09:54:28 0 d-------- C:\Documents and Settings\Ken\Application Data\Identities
2008-01-11 09:49:57 0 d-------- C:\Program Files\msn gaming zone
2008-01-11 09:49:57 0 d-------- C:\Program Files\microsoft frontpage
2008-01-11 09:49:46 0 -rahs---- C:\MSDOS.SYS
2008-01-11 09:49:46 0 -rahs---- C:\IO.SYS
2008-01-11 09:49:46 0 --a------ C:\CONFIG.SYS
2008-01-11 09:49:46 0 --a------ C:\AUTOEXEC.BAT
2008-01-11 09:48:57 0 d--h----- C:\Program Files\WindowsUpdate
2008-01-11 09:48:54 0 d-------- C:\Program Files\Online Services
2008-01-11 09:48:17 0 d-------- C:\Program Files\Common Files\MSSoap
2008-01-11 09:48:11 0 d-------- C:\Program Files\Movie Maker
2008-01-11 04:35:33 0 d-------- C:\Program Files\Common Files\ODBC
2008-01-11 04:35:30 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-01-11 04:35:12 62 --ahs---- C:\Documents and Settings\Ken\Application Data\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
01/30/2008 11:35 PM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [07/11/2007 11:00 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [07/11/2007 11:00 PM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [07/11/2007 11:00 PM]
"RTHDCPL"="RTHDCPL.EXE" [06/13/2007 01:49 AM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 05:43 AM C:\WINDOWS\Alcmtr.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/31/2008 01:15 PM]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [08/24/2007 11:53 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/13/2004 03:49 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01/12/2006 03:40 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/31/2008 11:13 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/04/2008 02:18 PM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:00 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 7:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 7:50:52 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bxlrvps"= {E5A87818-7526-4F1A-8BF0-3DFE9D7F4C8A} - C:\WINDOWS\bxlrvps.dll [ ]
"alofkmn"= {6ABC2A07-45D9-4F3C-8EC2-40C80A63AAAF} - C:\WINDOWS\alofkmn.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
-- End of Deckard's System Scanner: finished at 2008-02-26 19:33:53 ------------