Deckard's System Scanner v20071014.68
Run by dimitris on 2008-02-28 18:20:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as dimitris.exe) --------------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-28 18:23:22
Platform: Windows 2000 Service Pack 4 (5.00.2195)
MSIE: Internet Explorer (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\csrss.exe
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SYSTEM32\regsvc.exe
C:\WINDOWS\SYSTEM32\wbem\winmgmt.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SYSTEM32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\SYSTEM32\internat.exe
C:\Documents and Settings\dimitris\Επιφάνεια εργασίας\dss.exe
C:\Program Files\Trend Micro\HijackThis\dimitris.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://topsearch4u.com/sp.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.economist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsof...search.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://topsearch4u.com/sp.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.20.20:3128;https=192.168.20.20:3128;ftp=192.168.20.20:3128;socks=19
2.168.20.20:777
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] "C:\Program Files\Logitech\Video\CameraAssistant.exe"
O4 - HKLM\..\Run: [LogitechVideo[inspector]] "C:\Program Files\Logitech\Video\InstallHelper.exe" /inspect
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} () - http://download.micr...42/wmsp9dmo.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} () - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=58813
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} () - http://download.micr...78f/wvc1dmo.cab
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} () - http://download.micr...C4D/mp43dmo.CAB
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} () - http://codecs.micros...386/wmv9dmo.cab
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} () - http://download.micr...01F/wmvadvd.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.liv...es/MSNPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan....s/ascstubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/p...owserPlugin.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us...nfo/webscan.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan....bs/nanoinst.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.ma...t/ultrashim.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} () - http://v4.windowsupd...8447.4213078704
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) - http://office.micros...ntent/opuc4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ent/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{82E69FF6-289D-4CC8-9A76-B79AD2DCCC3C}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{D6001DD4-2C72-47A6-B4FC-A89E5DB4E03B}: NameServer = 194.219.227.2,193.92.110.1
O17 - HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Υπηρεσία διαχείρισης λογικών δίσκων (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\SYSTEM32\dmadmin.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 10023 bytes
-- Files created between 2008-01-28 and 2008-02-28 -----------------------------
2008-02-28 02:15:07 0 d-------- C:\WINDOWS\ERUNT
2008-02-27 17:53:05 16384 --a-----t C:\WINDOWS\system32\Perflib_Perfdata_230.dat
2008-02-26 01:04:18 0 d-------- C:\Documents and Settings\dimitris\Application Data\Thunderbird
2008-02-26 01:03:47 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-02-25 23:50:51 0 d-------- C:\Documents and Settings\dimitris\Application Data\OfficeUpdate12
2008-02-25 23:47:43 16384 --a-----t C:\WINDOWS\system32\Perflib_Perfdata_344.dat
2008-02-23 01:08:16 0 d-------- C:\Program Files\Panda Security
2008-02-19 19:47:05 16384 --a-----t C:\WINDOWS\system32\Perflib_Perfdata_234.dat
2008-02-19 15:31:33 0 d-------- C:\Documents and Settings\dimitris\Application Data\Talkback
2008-02-19 13:47:16 16384 --a-----t C:\WINDOWS\system32\Perflib_Perfdata_228.dat
2008-02-18 20:30:12 0 d-------- C:\WINDOWS\BDOSCAN8
2008-02-18 14:21:10 918212 ---h----- C:\WINDOWS\ShellIconCache
2008-02-18 10:59:49 16384 --a-----t C:\WINDOWS\system32\Perflib_Perfdata_224.dat
2008-02-17 21:27:19 0 d-------- C:\ComboFix[1]
2008-02-17 19:48:32 164 --a------ C:\install.dat
2008-02-16 16:26:36 0 d-------- C:\Documents and Settings\dimitris\.housecall6.6
2008-02-16 14:18:44 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-02-04 19:56:07 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-02-04 19:56:07 0 d-------- C:\Documents and Settings\dimitris\Application Data\SUPERAntiSpyware.com
2008-02-04 19:55:42 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-04 00:37:32 0 d-------- C:\Documents and Settings\dimitris\Application Data\Grisoft
2008-02-04 00:17:47 0 d-------- C:\Program Files\Trend Micro
2008-02-03 23:14:20 16384 --a-----t C:\WINDOWS\system32\Perflib_Perfdata_220.dat
2008-02-03 15:32:23 0 d-------- C:\Documents and Settings\dimitris\Application Data\mIRC
2008-02-03 15:32:22 0 d-------- C:\Program Files\mIRC
2008-02-03 13:51:03 5707 --a------ C:\WINDOWS\mozver.dat
2008-02-03 12:16:21 335 --a------ C:\WINDOWS\nsreg.dat
2008-02-03 12:16:08 0 d-------- C:\Documents and Settings\dimitris\Application Data\Mozilla
2008-02-02 01:45:07 0 d-------- C:\Program Files\Alwil Software
-- Find3M Report ---------------------------------------------------------------
2008-02-20 10:06:58 0 dra------ C:\Program Files\Common Files
2008-02-03 13:51:16 0 d-a------ C:\Documents and Settings\dimitris\Application Data\Adobe
2008-02-01 22:28:06 0 d-a------ C:\Program Files\SpywareBlaster
2008-02-01 22:15:46 0 d-------- C:\Program Files\QuickTime
2008-01-31 21:38:51 0 d-a------ C:\Program Files\Common Files\Real
2008-01-31 21:37:33 0 d-a------ C:\Documents and Settings\dimitris\Application Data\Real
2008-01-09 15:01:48 53248 --a------ C:\WINDOWS\bdoscandel.exe
2008-01-05 20:08:32 0 d-------- C:\Documents and Settings\dimitris\Application Data\LimeWire
2007-12-20 23:11:52 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [03-07-16 12:00 C:\WINDOWS\SYSTEM32\mobsync.exe]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [06-01-07 01:36 ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [07-09-25 00:11 ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [05-12-09 15:32 ]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [06-01-05 07:58 ]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [06-01-05 08:15 ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [07-12-04 15:00 ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [07-06-11 11:25 ]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"="internat.exe" [03-07-16 12:00 C:\WINDOWS\SYSTEM32\internat.exe]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"internat.exe"=internat.exe
C:\Documents and Settings\All Users\Start Menu\Ź¨¦¨αŁŁ«\„΅΅ε¤©\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 08:05:26]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 14:05:56]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 07-02-27 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
-- End of Deckard's System Scanner: finished at 2008-02-28 18:27:29 ------------