Here is the DSS main.txt log
Deckard's System Scanner v20071014.68
Run by HP_Owner on 2008-04-17 15:20:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
74: 2008-04-17 14:20:58 UTC - RP74 - Deckard's System Scanner Restore Point
73: 2008-04-17 09:54:51 UTC - RP73 - Installed DSA Theory Test
72: 2008-04-16 09:41:46 UTC - RP72 - System Checkpoint
71: 2008-04-15 09:11:19 UTC - RP71 - System Checkpoint
70: 2008-04-13 19:23:00 UTC - RP70 - System Checkpoint
-- First Restore Point --
1: 2008-02-14 14:42:26 UTC - RP1 - Removed Norton Security Center
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 76% (more than 75%).Total Physical Memory: 504 MiB (512 MiB recommended).-- HijackThis (run as HP_Owner.exe) --------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:23:00, on 17/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HP_Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://update.zonelabs.com/downloadrequ ... 1558015737O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\E_S2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [alnkad] c:\documents and settings\hp_owner\local settings\application data\alnkad.exe alnkad
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1006.cabO16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) -
http://67.15.101.33/g_bin/eng/darts_2_0_0_42.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b56907.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/Mi ... b56986.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 10648 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-04-17 15:13:02 266 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-04-15 00:02:22 278 --a------ C:\WINDOWS\Tasks\Easy Internet Sign-up.job
-- Files created between 2008-03-17 and 2008-04-17 -----------------------------
2008-04-17 15:00:08 0 d-------- C:\Program Files\Navilog1
2008-04-17 10:59:35 0 dr-h----- C:\Documents and Settings\HP_Owner\Application Data\SecuROM
2008-04-17 10:55:07 0 d-------- C:\Program Files\DSA Theory Test
2008-04-16 21:47:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-04-16 21:46:50 0 d-------- C:\Program Files\Valusoft
2008-04-16 13:03:03 0 d-------- C:\Documents and Settings\Christopher\Application Data\Mozilla
2008-04-15 16:07:17 0 d-------- C:\Documents and Settings\kaylee\Contacts
2008-04-15 16:00:03 0 d-------- C:\Documents and Settings\kaylee\Application Data\Mozilla
2008-04-15 15:58:59 0 d-------- C:\Documents and Settings\kaylee\Application Data\Macromedia
2008-04-15 15:58:59 0 d-------- C:\Documents and Settings\kaylee\Application Data\Adobe
2008-04-15 14:40:20 0 d-------- C:\Documents and Settings\kaylee\Application Data\Google
2008-04-15 00:41:09 0 d-------- C:\Documents and Settings\kaylee\Application Data\Grisoft
2008-04-15 00:40:18 0 dr------- C:\Documents and Settings\kaylee\Favorites
2008-04-15 00:40:18 0 d-------- C:\Documents and Settings\kaylee\Desktop
2008-04-15 00:40:18 0 d--hs---- C:\Documents and Settings\kaylee\Cookies
2008-04-15 00:40:18 0 dr-h----- C:\Documents and Settings\kaylee\Application Data
2008-04-15 00:40:18 0 d-------- C:\Documents and Settings\kaylee\Application Data\Symantec
2008-04-15 00:40:18 0 d-------- C:\Documents and Settings\kaylee\Application Data\Sun
2008-04-15 00:40:18 0 d-------- C:\Documents and Settings\kaylee\Application Data\SampleView
2008-04-15 00:40:18 0 d---s---- C:\Documents and Settings\kaylee\Application Data\Microsoft
2008-04-15 00:40:18 0 d-------- C:\Documents and Settings\kaylee\Application Data\Intervideo
2008-04-15 00:40:18 0 d-------- C:\Documents and Settings\kaylee\Application Data\Identities
2008-04-15 00:40:18 0 d-------- C:\Documents and Settings\kaylee\Application Data\Apple Computer
2008-04-15 00:40:17 0 d-------- C:\Documents and Settings\kaylee\WINDOWS
2008-04-15 00:40:17 0 d--h----- C:\Documents and Settings\kaylee\Templates
2008-04-15 00:40:17 0 dr------- C:\Documents and Settings\kaylee\Start Menu
2008-04-15 00:40:17 0 dr-h----- C:\Documents and Settings\kaylee\SendTo
2008-04-15 00:40:17 0 dr-h----- C:\Documents and Settings\kaylee\Recent
2008-04-15 00:40:17 0 d--h----- C:\Documents and Settings\kaylee\PrintHood
2008-04-15 00:40:17 1835008 --ah----- C:\Documents and Settings\kaylee\NTUSER.DAT
2008-04-15 00:40:17 0 d--h----- C:\Documents and Settings\kaylee\NetHood
2008-04-15 00:40:17 0 dr------- C:\Documents and Settings\kaylee\My Documents
2008-04-15 00:40:17 0 d--h----- C:\Documents and Settings\kaylee\Local Settings
2008-04-12 20:27:25 0 d-------- C:\Program Files\Winter Olympics
2008-04-08 12:54:08 0 d-------- C:\Program Files\Trend Micro
2008-04-08 12:51:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-08 12:45:51 0 dr-h----- C:\Documents and Settings\HP_Owner\Recent
2008-04-08 12:31:46 0 d-------- C:\Program Files\ZoneAlarmSB
2008-04-04 19:22:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-04 19:22:26 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-03 12:48:08 0 d-------- C:\kav
2008-04-02 20:32:08 0 d-------- C:\Documents and Settings\HP_Owner\.housecall6.6
2008-04-01 18:11:32 0 d-------- C:\Program Files\Driving Test Success 2007-2008
2008-04-01 18:11:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Driving Test Success
2008-03-28 18:25:02 0 d-------- C:\Program Files\a-squared Free
-- Find3M Report ---------------------------------------------------------------
2008-04-17 15:17:14 764 --a------ C:\Documents and Settings\HP_Owner\Application Data\wklnhst.dat
2008-04-17 10:59:06 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-15 13:47:51 0 d-------- C:\Program Files\SpywareBlaster
2008-04-15 00:02:22 0 d-------- C:\Program Files\Easy Internet signup
2008-04-08 12:32:27 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-03-28 13:29:13 0 d-------- C:\Program Files\Messenger Plus! Live
2008-03-18 20:12:01 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-15 01:38:06 0 d-------- C:\Program Files\Common Files\logishrd
2008-03-13 18:13:54 0 d-------- C:\Program Files\Logitech
2008-03-13 18:06:48 0 d-------- C:\Program Files\Common Files
2008-03-13 11:59:34 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-03-12 14:58:35 0 d-------- C:\Program Files\EPSON
2008-03-12 13:51:59 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Template
2008-03-01 15:43:25 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Walgreens
2008-02-28 19:45:55 0 d-------- C:\Program Files\Microsoft Works
2008-02-28 18:36:50 0 d-------- C:\Program Files\MSECache
2008-02-25 20:23:58 4 --a------ C:\WINDOWS\system32\proc-220146841.bin
2008-02-25 20:23:58 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\GanymedeNet
2008-02-21 01:53:05 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AdobeUM
2008-02-21 01:52:50 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Adobe
2008-02-18 14:22:40 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Google
2008-02-18 14:21:51 0 d-------- C:\Program Files\Google
2008-02-17 22:26:29 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Macromedia
2008-02-17 12:44:43 0 d-------- C:\Program Files\HTC
2008-02-17 00:09:15 0 d-------- C:\Program Files\InternetGameBox
2008-02-16 22:15:34 1396544 --a------ C:\WINDOWS\FSX_Screensaver.scr
2008-02-14 16:48:11 1158 --a------ C:\WINDOWS\mozver.dat
2008-02-14 16:12:41 0 --a------ C:\WINDOWS\nsreg.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
08/04/2008 12:31 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [08/04/2008 12:31 262144]
[-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [01/01/2005 10:23]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07/05/1998 17:04]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [20/08/2004 23:51]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [07/06/2004 19:53]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [07/06/2004 19:42]
"KBD"="C:\HP\KBD\KBD.EXE" [11/02/2003 20:02]
"Home Theater SchSvr"="C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" [05/11/2004 08:26]
"WINREMOTE"="C:\Program Files\InterVideo\Common\Bin\WinRemote.exe" [05/11/2004 09:44]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [16/06/2004 14:03]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [16/06/2004 14:03]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [04/06/2004 20:38]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14/04/2004 21:43]
"VTTimer"="VTTimer.exe" []
"SiSPower"="SiSPower.dll" [24/09/2004 10:49 C:\WINDOWS\system32\SiSPower.dll]
"AGRSMMSG"="AGRSMMSG.exe" [29/06/2004 18:06 C:\WINDOWS\AGRSMMSG.exe]
"PS2"="C:\WINDOWS\system32\ps2.exe" [25/10/2004 22:17]
"AlcxMonitor"="ALCXMNTR.EXE" [07/09/2004 21:47 C:\WINDOWS\ALCXMNTR.EXE]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [14/10/2004 22:54]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [29/03/2008 18:37]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 10:25]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/01/2005 11:36]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [13/03/2008 23:11]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25/10/2007 17:37]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25/10/2007 17:33]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 04:00]
"EPSON Stylus DX4000 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.exe" [21/09/2006 05:01]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [03/03/2008 22:21]
"alnkad"="c:\documents and settings\hp_owner\local settings\application data\alnkad.exe" []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [29/05/2004 06:31:38]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06/03/2008 13:11 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 06/03/2008 13:11 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56b8a910-db07-11dc-99c5-806d6172696f}]
AutoRun\command- E:\RunMe.exe
*Newly Created Service* - CATCHME
-- End of Deckard's System Scanner: finished at 2008-04-17 15:24:48 ------------