rendered paste bodyDeckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Sempron(tm) Processor 3200+
Percentage of Memory in Use: 69%
Physical Memory (total/avail): 446.48 MiB / 136.53 MiB
Pagefile Memory (total/avail): 1052.78 MiB / 842.35 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1916.18 MiB
C: is Fixed (NTFS) - 104.69 GiB total, 87.32 GiB free.
D: is Fixed (FAT32) - 7.08 GiB total, 0.36 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST3120213AS - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 104.69 GiB - C:
\PARTITION1 - Unknown - 7.09 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntivirusOverride is set.
FW: Norton Internet Worm Protection v2006 (Symantec) [COLOR=RED]Disabled[/COLOR]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\WINDOWS\\system32\\thwkjaum.exe"="C:\\WINDOWS\\system32\\thw"
"C:\\WINDOWS\\system32\\wcrijwgp.exe"="C:\\WINDOWS\\system32\\wcr"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Compaq_Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-D0F670B45A
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Compaq_Owner
LOGONSERVER=\\YOUR-D0F670B45A
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;c:\Python22;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
USERDOMAIN=YOUR-D0F670B45A
USERNAME=Compaq_Owner
USERPROFILE=C:\Documents and Settings\Compaq_Owner
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Compaq_Owner [I](admin)[/I]
Administrator [I](admin)[/I]
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> Dummy
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Acoustica Effects Pack --> C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{786547F9-59BB-4FA3-B2D8-327FF1F14870}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.5 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
Adssite Browser Optimizer --> C:\WINDOWS\system32\adssite-remove.exe
Adssite Games Collection --> C:\Program Files\Adssite Games Collection\uninstall.exe
Agere Systems PCI-SV92PP Soft Modem --> agrsmdel
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Airlink101 WLAN Monitor --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{47759129-8649-47D1-9EA5-4BB84D86DB97}
America Online (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\aolunins_us.exe
Ancient Sudoku --> "C:\Program Files\HP Games\Ancient Sudoku\Uninstall.exe"
ANIO Service --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
AOL Coach Version 2.0(Build:20041026.5 en) --> C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP
AOL Connectivity Services --> "C:\Program Files\Common Files\AOL\ACS\AcsUninstall.exe" /c
AOL Deskbar --> "C:\Program Files\AOL Deskbar\UNWISE.EXE" /u "C:\Program Files\AOL Deskbar\INSTALL.LOG"
AOL Spyware Protection --> C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
AOL Toolbar 5.0 --> "C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
AOL You've Got Pictures Screensaver --> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
Apple Mobile Device Support --> MsiExec.exe /I{3EBD3749-304E-4A4C-9575-C00E5F015217}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Arachnophilia version 4.0 --> "C:\Program Files\Arachnophilia\unins001.exe"
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
Audio Flash 1.2 --> C:\WINDOWS\system32\ss2uinst.exe "C:\Program Files\Audio Flash\ss2uinst.dat"
Audio Recorder Pro 3.31 --> "C:\Program Files\Audio Recorder Pro\unins000.exe"
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Azureus --> C:\Program Files\Azureus\Uninstall.exe
Bejeweled 2 Deluxe --> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
Blaze Media Pro --> "C:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\setup_blazemp.exe" REMOVE=TRUE MODIFY=FALSE
Bookworm Deluxe --> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
Bridge Cable Driver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ECS\Bridge Cable WinNT Driver\Uninst.isu" -c"C:\Program Files\ECS\Bridge Cable WinNT Driver\uninst.dll"
Chuzzle Deluxe --> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
Collab --> C:\Program Files\Image-Line\Collab\uninstall.exe
COM-1 Operating Instructions (English) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0CE255-7AE1-48FB-ABA4-4347574CF40C}\setup.exe" -l0x9 UNINSTALL -removeonly
Compaq Connections (remove only) --> C:\WINDOWS\HPCPCUninstall-5577497\HPBWSetup.exe -appid 5577497 -uninstall
Crimson Editor (remove only) --> C:\Program Files\Crimson Editor\uninstall.exe
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
Diner Dash --> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
Fairies --> "C:\Program Files\HP Games\Fairies\Uninstall.exe"
Family Feud --> "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
FL Studio 5 --> C:\Program Files\Image-Line\FLStudio5\uninstall.exe
FL Studio v7.0 --> "C:\Program Files\Image-Line\FL Studio 7\unins000.exe"
Free Audio Recorder --> C:\Program Files\Free Audio Recorder\Uninstall.exe
FREE Hi-Q Recorder 1.92 --> "C:\Program Files\FREE Hi-Q Recorder\unins000.exe"
Freecorder Toolbar --> C:\PROGRA~1\FREECO~2\UNWISE.EXE C:\PROGRA~1\FREECO~2\INSTALL.LOG
Freecorder Toolbar 3.0 Application --> "C:\WINDOWS\Freecorder Toolbar\uninstall.exe" "/U:C:\Program Files\Freecorder Toolbar\Uninstall\uninstall.xml"
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
GTK+ 2.8.18-1 runtime environment --> "C:\Program Files\Common Files\GTK\2.0\unins000.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Higher Score on the SAT/PSAT --> "C:\Program Files\Kap.SATr\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Game Console --> "C:\Program Files\WildTangent\Apps\HP Game Console\Uninstall.exe"
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Rhapsody --> C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Support Overview --> "C:\WINDOWS\unins000.exe"
HP Web Helper --> regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
Insaniquarium Deluxe --> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
iTunes --> MsiExec.exe /I{B045B608-4A47-4C77-9EAD-06C394503306}
J2SE Runtime Environment 5.0 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Jewel Quest --> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
Kaplan Essential Review- Biology & Chemistry --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C77A1356-1654-4340-BA5B-A21ED3289B2E}\Setup.exe"
Kaplan Essential Review - Writing and Vocabulary --> MsiExec.exe /I{C19423A6-78AB-4EF0-BE84-6B18342316A5}
Lexmark 5400 Series --> C:\Program Files\Lexmark 5400 Series\Install\x86\Uninst.exe
Lexmark Toolbar --> regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll"
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta Encyclopedia Standard 2005 --> MsiExec.exe /I{055A0040-64A6-4248-A026-9745C1E9E159}
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour --> MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox (2.0.0.11) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
mylo Utility 1.0.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18886756-CD05-41C4-9EAC-AF4C2F30D080}\Setup.exe" -l0x9 UNINSTALL -removeonly
Mystery Case Files --> "C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
Netscape Browser (remove only) --> "C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NVIDIA Drivers --> C:\WINDOWS\system32\nvunrm.exe UninstallGUI
OpenMG AAC Add-on Module 1.0.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3} UNINSTALL
OpenMG Limited Patch 4.5-06-05-12-01 --> C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.5-06-05-12-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.5.01 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{3633BA28-67CE-4AC8-A677-3406CA84C3D8} UNINSTALL
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Photo Toolkit 1.6 --> "C:\Program Files\Photo Toolkit\unins000.exe"
Poker Superstars --> "C:\Program Files\HP Games\Poker Superstars\Uninstall.exe"
Polar Bowler --> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
Polar Golfer --> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Ricochet Lost Worlds --> "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
Security Task Manager 1.7e --> C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Slingo Deluxe --> "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
Snowy The Bears Adventure --> "C:\Program Files\HP Games\Snowy The Bears Adventure\Uninstall.exe"
Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic RecordNow Audio --> MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SonicStage 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly
SpyHunter --> "C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
Spyware Doctor 3.2 --> "C:\Program Files\Spyware Doctor\unins000.exe"
Spyware Doctor 5.1 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SpywareBot 1.9.0 --> "C:\Program Files\SpywareBot\unins000.exe"
SUPER © Version 2007.bld.22 (Mar 14, 2007) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Super Granny --> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
The GIMP 2.2.13 --> "C:\Program Files\GIMP-2.0\unins000.exe"
The Logo Creator v3 --> C:\WINDOWS\unvise32.exe C:\Program Files\The Logo Creator v3\uninstal.log
Tradewinds --> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
Trafficninja.biz Extension --> C:\WINDOWS\system32\ninjaext-uninstall.exe
Translation Pad 1.8 --> "C:\Program Files\Ashkon Technology\Translation Pad\unins000.exe"
Virtual DJ - Atomix Productions --> C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
WavePad Uninstall --> C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
WebIQ Technology Engine --> C:\WINDOWS\system32\WebIQEngineSetup.exe u
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type14889 / Error
Event Submitted/Written: 12/16/2007 04:22:26 PM
Event ID/Source: 1004 / Application Error
Event Description:
Faulting application ANIWZCSdS.exe, version 1.0.3.7034, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00010f29.
Error in creating result PEAP-TLV in response to received PEAP-TLV (ANIWZCSdS.exe!ld!)
Event Record #/Type14883 / Warning
Event Submitted/Written: 12/16/2007 04:19:08 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type14881 / Warning
Event Submitted/Written: 12/16/2007 00:11:52 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{91120409-6000-11D3-8CFE-0150048383C9}', feature 'HandWritingFiles' failed during request for component '{E6BFD503-3A35-4B78-BAB5-9570EDDEF81C}'
Event Record #/Type14880 / Warning
Event Submitted/Written: 12/16/2007 00:11:52 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{91120409-6000-11D3-8CFE-0150048383C9}', feature 'CiceroFiles', component '{D3146E44-B39F-4D61-93CD-07241D982881}' failed. The resource 'C:\WINDOWS\system32\CTFMON.EXE' does not exist.
Event Record #/Type14879 / Warning
Event Submitted/Written: 12/16/2007 00:11:37 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{91120409-6000-11D3-8CFE-0150048383C9}', feature 'HandWritingFiles' failed during request for component '{E6BFD503-3A35-4B78-BAB5-9570EDDEF81C}'
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type40480 / Warning
Event Submitted/Written: 12/16/2007 04:25:34 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%NT AUTHORITY27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %NT AUTHORITY27 can't undo changes that you allow.
For more information please see the following:
%NT AUTHORITY275
Scan ID: {243A428A-C766-47E9-AE2B-B9B90378D5B8}
User: NT AUTHORITY\SYSTEM
Name: %NT AUTHORITY271
ID: %NT AUTHORITY272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %NT AUTHORITY276
Alert Type: %NT AUTHORITY278
Detection Type: 1.1.1593.02
Event Record #/Type40476 / Error
Event Submitted/Written: 12/16/2007 04:24:16 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type40475 / Error
Event Submitted/Written: 12/16/2007 04:24:16 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type40474 / Error
Event Submitted/Written: 12/16/2007 04:24:16 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type40473 / Error
Event Submitted/Written: 12/16/2007 04:24:16 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The PC Tools Auxiliary Service service terminated unexpectedly. It has done this 1 time(s).
-- End of Deckard's System Scanner: finished at 2007-12-16 16:57:03 ------------
Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2007-12-16 16:52:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
9: 2007-12-17 00:52:57 UTC - RP321 - Deckard's System Scanner Restore Point
8: 2007-12-17 00:50:29 UTC - RP320 - Last known good configuration
7: 2007-12-17 00:50:17 UTC - RP319 - System Checkpoint
6: 2007-12-17 00:50:16 UTC - RP318 - Last known good configuration
5: 2007-12-17 00:50:15 UTC - RP317 - Last known good configuration
-- First Restore Point --
1: 2007-12-17 00:50:12 UTC - RP313 - Last known good configuration
Backed up registry hives.
Performed disk cleanup.
[color=red]Total Physical Memory: 447 MiB (512 MiB recommended).[/color]
-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55, on 2007-12-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\wcrijwgp.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.exe
C:\Documents and Settings\Compaq_Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Compaq_Owner.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - Software - (no file)
O2 - BHO: (no name) - {0094B071-5401-435F-B099-55546EE05F60} - C:\WINDOWS\system32\mllmj.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - {17B88DF7-95AB-44DA-8ECD-5FF0B6CAEC67} - C:\WINDOWS\system32\efcyaay.dll
O2 - BHO: {313503e0-e583-ab4b-4744-8fd6f12a4ba1} - {1ab4a21f-6df8-4474-b4ba-385e0e305313} - C:\WINDOWS\system32\xrnypwyk.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: (no name) - {791BB781-B4EB-42FF-8015-8A3BFB1E29C5} - C:\Program Files\Free Audio Recorder\meso83122.dll (file missing)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: (no name) - {AD27C986-2323-4A2B-A13F-7BEDB1E4EBB5} - C:\WINDOWS\system32\ddayx.dll (file missing)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O2 - BHO: (no name) - {f5a9e7d4-86df-40f8-8419-7740aaee73c6} - C:\WINDOWS\system32\icwirt.dll (file missing)
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [58006197] rundll32.exe "C:\WINDOWS\system32\uxqskbdw.dll",b
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1068320733015
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B6F1BFF-9668-4011-A121-0147C63F56FD}: NameServer = 66.75.164.90,66.75.164.89
O17 - HKLM\System\CS1\Services\Tcpip\..\{6B6F1BFF-9668-4011-A121-0147C63F56FD}: NameServer = 66.75.164.90,66.75.164.89
O20 - Winlogon Notify: efcyaay - C:\WINDOWS\SYSTEM32\efcyaay.dll
O20 - Winlogon Notify: icwirt - icwirt.dll (file missing)
O20 - Winlogon Notify: lwnirwep - lwnirwep.dll (file missing)
O20 - Winlogon Notify: nrkfwlei - nrkfwlei.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InstallDriver Table Manager IDriverTSpooler (IDriverTSpooler) - Unknown owner - C:\WINDOWS\system32\aIPHj.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PcdSptiSvr - Sony Cooporation - C:\Program Files\Sony\mylo Utility\PcdSptiSvr.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 11422 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20071209-140339-118 O4 - HKLM\..\RunServices: [p2p networking] p2pnetworking.exe
backup-20071209-140339-264 O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe
backup-20071210-231830-850 F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,c:\windows\system32\undname.exe,c:\windows\system32\idaw64.exe,,,,C:\WINDOWS\system32\ntos.exe,
-- File Associations -----------------------------------------------------------
[COLOR=red].scr - PhEdit.scr - shell\open\command - C:\Program Files\VCW VicMan's Photo Editor\vcwphoto.exe %1[/COLOR]
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 076e276a.sys - c:\windows\system32\drivers\076e276a.sys
R1 166d5217.sys - c:\windows\system32\drivers\166d5217.sys
R1 20ae241b.sys - c:\windows\system32\drivers\20ae241b.sys
R1 2fe44a57.sys - c:\windows\system32\drivers\2fe44a57.sys
R1 3086cd41.sys - c:\windows\system32\drivers\3086cd41.sys
R1 3beb923a.sys - c:\windows\system32\drivers\3beb923a.sys
R1 574c94d3.sys - c:\windows\system32\drivers\574c94d3.sys
R1 6cc99aed.sys - c:\windows\system32\drivers\6cc99aed.sys
R1 8d1e483f.sys - c:\windows\system32\drivers\8d1e483f.sys
R1 a0d32327.sys - c:\windows\system32\drivers\a0d32327.sys
R1 a1ad6f7c.sys - c:\windows\system32\drivers\a1ad6f7c.sys
R1 eccf58e7.sys - c:\windows\system32\drivers\eccf58e7.sys
R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
R3 catchme - c:\docume~1\compaq~1\locals~1\temp\catchme.sys (file missing)
R3 rt2870 (Ralink 802.11n USB Wireless LAN Card Driver) - c:\windows\system32\drivers\rt2870.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11n Wireless Adapters>
R3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys <Not Verified; America Online, Inc.; Wan Miniport (ATW)>
S0 ftsata2 - c:\windows\system32\drivers\ftsata2.sys (file missing)
S1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing)
S3 SoC PC-Camera Service (SoC PC-Camera) - c:\windows\system32\drivers\pfc027.sys
S3 TnIDriver - c:\docume~1\compaq~1\locals~1\temp\tni50.tmp (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R? DomainService -
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Wireless Service; ANIWZCS2 Service Launcher (NT)>
S2 IDriverTSpooler (InstallDriver Table Manager IDriverTSpooler) - c:\windows\system32\aiphj.exe srv
S2 LiveUpdate Notice Service - "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifeng.dll" <Not Verified; Symantec Corporation; LiveUpdate Notice>
S2 lxct_device - c:\windows\system32\lxctcoms.exe -service <Not Verified; ; Printer Communication System>
S3 PcdSptiSvr - c:\program files\sony\mylo utility\pcdsptisvr.exe <Not Verified; Sony Cooporation; PcdSptiSvr Module>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0269\4&180DF4C5&0&01
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0269\4&180DF4C5&0&01
Service: NVENETFD
-- Scheduled Tasks -------------------------------------------------------------
2007-12-16 16:27:25 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2007-12-16 16:22:43 502 --a------ C:\WINDOWS\Tasks\SpywareBot Scheduled Scan.job
-- Files created between 2007-11-16 and 2007-12-16 -----------------------------
2007-12-16 12:16:21 85568 --a------ C:\WINDOWS\system32\uxqskbdw.dll
2007-12-16 12:13:36 80448 --a------ C:\WINDOWS\system32\xrnypwyk.dll
2007-12-16 12:10:23 74304 --a------ C:\WINDOWS\system32\wcrijwgp.exe <Not Verified; ; DDC>
2007-12-13 22:37:14 89664 --a------ C:\WINDOWS\system32\svevggxa.exe <Not Verified; ; DDC>
2007-12-13 15:37:28 85568 --a------ C:\WINDOWS\system32\oyauhmdx.dll
2007-12-12 22:39:51 80448 --a------ C:\WINDOWS\system32\tovrnxyu.dll
2007-12-12 22:36:53 89664 --a------ C:\WINDOWS\system32\tbatwbdm.exe <Not Verified; ; DDC>
2007-12-12 04:23:14 0 d-------- C:\WINDOWS\ERUNT
2007-12-11 22:00:45 80448 --a------ C:\WINDOWS\system32\mcnyxlts.dll
2007-12-11 21:55:26 89664 --a------ C:\WINDOWS\system32\thwkjaum.exe <Not Verified; ; DDC>
2007-12-10 22:34:03 3804 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-10 22:33:01 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-10 22:33:01 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2007-12-10 22:33:01 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-12-10 22:33:01 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2007-12-10 22:33:01 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-10 22:32:43 0 d-------- C:\WINDOWS\SmitfraudFix
2007-12-10 22:28:36 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2007-12-09 14:10:36 0 d-------- C:\Documents and Settings\Administrator\Application Data\SpywareBot
2007-12-09 13:47:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\Netscape
2007-12-08 09:50:21 430470 --ahs---- C:\WINDOWS\system32\jmllm.ini2
2007-12-08 09:50:03 336992 -----n--- C:\WINDOWS\system32\mllmj.dll
2007-12-08 09:41:51 36864 --a------ C:\WINDOWS\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service>
2007-12-08 09:19:27 0 d-------- C:\VundoFix Backups
2007-12-07 23:00:09 89664 --a------ C:\WINDOWS\system32\lxcegusk.exe <Not Verified; ; DDC>
2007-12-07 22:01:53 0 d-------- C:\Program Files\MetaStream
2007-12-07 21:57:17 122432 --a------ C:\WINDOWS\system32\odldmypx.exe <Not Verified; ; DDC>
2007-12-06 22:58:37 0 d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2007-12-06 22:57:12 0 d-------- C:\Program Files\Security Task Manager
2007-12-06 17:42:37 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-12-06 17:15:37 0 d-------- C:\Program Files\Trend Micro
2007-12-06 16:35:58 80448 --a------ C:\WINDOWS\system32\dpfchxdg.dll
2007-12-06 16:28:55 187968 --a------ C:\WINDOWS\system32\dydumnne.exe <Not Verified; ; DDC>
2007-12-05 16:20:07 81984 --a------ C:\WINDOWS\system32\sllfoiwn.dll
2007-12-05 16:15:37 89664 --a------ C:\WINDOWS\system32\wqokwijq.exe <Not Verified; ; DDC>
2007-12-05 00:58:16 0 d-------- C:\Program Files\Ashkon Technology
2007-12-03 18:55:21 167 --a------ C:\WINDOWS\system32\9197.bat
2007-12-03 18:55:02 37376 --a------ C:\WINDOWS\system32\khfffcd.dll
2007-12-03 17:16:46 77376 --a------ C:\WINDOWS\system32\xecgguye.dll
2007-12-03 15:45:12 39936 --a------ C:\WINDOWS\system32\awtrpqr.dll
2007-12-03 15:44:56 37376 --a------ C:\WINDOWS\system32\ddccawu.dll
2007-12-03 15:44:25 68486 --a------ C:\WINDOWS\system32\qkunoeq.exe
2007-12-03 15:44:25 173541 --a------ C:\WINDOWS\system32\pjzpe.exe
2007-12-03 15:44:25 134022 --a------ C:\WINDOWS\system32\nipbvq.exe
2007-12-03 15:28:32 35718 --a------ C:\WINDOWS\system32\pnilsu.exe
2007-12-03 15:28:32 101254 -----n--- C:\WINDOWS\system32\hffkhtr.exe
2007-12-03 15:28:32 42469 --a------ C:\WINDOWS\system32\ekyselxk.exe
2007-12-03 05:20:07 37376 --a------ C:\WINDOWS\system32\cbxywtt.dll
2007-12-03 05:20:07 37376 --a------ C:\WINDOWS\system32\byxusrs.dll
2007-12-03 05:20:07 39936 --a------ C:\WINDOWS\system32\awttstq.dll
2007-12-03 05:19:23 42469 --a------ C:\WINDOWS\system32\yatnwwfd.exe
2007-12-03 05:19:23 42469 --a------ C:\WINDOWS\system32\pvhqbwm.exe
2007-12-03 05:19:23 35718 --a------ C:\WINDOWS\system32\prxu.exe
2007-12-03 05:19:23 68486 --a------ C:\WINDOWS\system32\acclvwve.exe
2007-12-02 22:47:51 39936 --a------ C:\WINDOWS\system32\vturpqo.dll
2007-12-02 22:47:51 37376 --a------ C:\WINDOWS\system32\opnnono.dll
2007-12-02 22:47:51 37376 --a------ C:\WINDOWS\system32\jkkkkkj.dll
2007-12-02 22:46:25 75237 --a------ C:\WINDOWS\system32\mwykrzh.exe
2007-12-02 22:46:25 68486 --a------ C:\WINDOWS\system32\hqwn.exe
2007-12-02 22:46:24 173541 --a------ C:\WINDOWS\system32\ngooec.exe
2007-12-02 22:46:24 68486 --a------ C:\WINDOWS\system32\acza.exe
2007-12-02 21:51:57 37376 --a------ C:\WINDOWS\system32\rqrpooo.dll
2007-12-02 21:51:56 39936 --a------ C:\WINDOWS\system32\qomjhge.dll
2007-12-02 21:51:56 37376 --a------ C:\WINDOWS\system32\cbxuuts.dll
2007-12-02 21:51:09 75237 --a------ C:\WINDOWS\system32\zguasm.exe
2007-12-02 21:51:09 35718 --a------ C:\WINDOWS\system32\kgxe.exe
2007-12-02 21:51:09 42469 --a------ C:\WINDOWS\system32\juxpelf.exe
2007-12-02 21:51:09 35718 --a------ C:\WINDOWS\system32\dphpf.exe
2007-12-02 18:23:51 0 d-------- C:\Program Files\Enigma Software Group
2007-12-02 17:12:36 76864 --a------ C:\WINDOWS\system32\xlkjusbw.dll
2007-12-02 17:08:10 86592 --a------ C:\WINDOWS\system32\orxuwmgm.exe <Not Verified; ; DDC>
2007-12-02 12:09:18 75237 --a------ C:\WINDOWS\system32\dvuppuq.exe
2007-12-02 12:09:17 35718 --a------ C:\WINDOWS\system32\wpmfg.exe
2007-12-02 12:09:17 68486 --a------ C:\WINDOWS\system32\vossarq.exe
2007-12-02 12:09:17 42469 --a------ C:\WINDOWS\system32\kvueqzs.exe
2007-12-02 10:32:48 75237 --a------ C:\WINDOWS\system32\rtdfya.exe
2007-12-02 10:32:48 75237 --a------ C:\WINDOWS\system32\osha.exe
2007-12-02 10:32:48 35718 --a------ C:\WINDOWS\system32\atlpozdp.exe
2007-12-02 10:32:48 35718 --a------ C:\WINDOWS\system32\aczgxsme.exe
2007-12-02 10:09:48 35718 --a------ C:\WINDOWS\system32\hvkhbn.exe
2007-12-02 10:09:48 101254 --a------ C:\WINDOWS\system32\arzlobb.exe
2007-12-02 10:09:47 75237 --a------ C:\WINDOWS\system32\tawxdbij.exe
2007-12-02 10:09:44 42469 --a------ C:\WINDOWS\system32\cobvoz.exe
2007-12-01 21:11:17 37376 --a------ C:\WINDOWS\system32\qomlmmk.dll
2007-12-01 21:11:16 37376 --a------ C:\WINDOWS\system32\iifghhg.dll
2007-12-01 21:11:16 39936 --a------ C:\WINDOWS\system32\byxwwts.dll
2007-12-01 21:10:47 35718 --a------ C:\WINDOWS\system32\vysgyah.exe
2007-12-01 21:10:47 140773 --a------ C:\WINDOWS\system32\udmot.exe
2007-12-01 21:10:47 134022 --a------ C:\WINDOWS\system32\izjvz.exe
2007-12-01 21:10:47 42469 --a------ C:\WINDOWS\system32\bkdf.exe
2007-12-01 20:41:58 35718 --a------ C:\WINDOWS\system32\sizqdsrc.exe
2007-12-01 20:41:58 77824 --a------ C:\WINDOWS\system32\pzzzh.exe
2007-12-01 20:41:58 77824 --a------ C:\WINDOWS\system32\nmpzs.exe
2007-12-01 20:41:58 75237 --a------ C:\WINDOWS\system32\dprodiip.exe
2007-12-01 20:41:58 42469 --a------ C:\WINDOWS\system32\bzchf.exe
2007-12-01 20:41:58 114176 --a------ C:\WINDOWS\system32\bixhlldp.exe
2007-12-01 20:41:58 68486 --a------ C:\WINDOWS\system32\arrogtm.exe
2007-12-01 19:38:11 68486 --a------ C:\WINDOWS\system32\unror.exe
2007-12-01 19:38:08 110592 --a------ C:\WINDOWS\system32\xobrczo.exe
2007-12-01 19:38:08 110592 --a------ C:\WINDOWS\system32\phgfbjc.exe
2007-12-01 19:38:08 66048 --a------ C:\WINDOWS\system32\evnf.exe
2007-12-01 19:38:07 75237 --a------ C:\WINDOWS\system32\vgeyfdub.exe
2007-12-01 19:38:07 35718 --a------ C:\WINDOWS\system32\oabkjnt.exe
2007-12-01 19:38:07 108005 --a------ C:\WINDOWS\system32\mbvv.exe
2007-12-01 16:42:43 42469 --a------ C:\WINDOWS\system32\zwqh.exe
2007-12-01 16:42:43 68486 --a------ C:\WINDOWS\system32\widw.exe
2007-12-01 16:42:43 35718 --a------ C:\WINDOWS\system32\uhhrgcb.exe
2007-12-01 16:42:43 42469 --a------ C:\WINDOWS\system32\sdessm.exe
2007-12-01 16:35:42 78400 --a------ C:\WINDOWS\system32\lfcoxhqq.dll
2007-12-01 16:30:25 86592 --a------ C:\WINDOWS\system32\qnxfchsr.exe <Not Verified; ; DDC>
2007-12-01 16:25:09 37376 --a------ C:\WINDOWS\system32\yayvvww.dll
2007-12-01 16:25:09 39936 --a------ C:\WINDOWS\system32\wvuttrp.dll
2007-12-01 16:24:31 179712 -----n--- C:\WINDOWS\system32\btnqmca.exe
2007-12-01 16:24:28 68486 --a------ C:\WINDOWS\system32\xdoa.exe
2007-12-01 16:24:28 35718 --a------ C:\WINDOWS\system32\nwwylf.exe
2007-12-01 16:24:28 75237 --a------ C:\WINDOWS\system32\nfhkjl.exe
2007-12-01 16:24:28 108005 --a------ C:\WINDOWS\system32\cmylgkok.exe
2007-12-01 13:50:46 81408 --a------ C:\WINDOWS\system32\imgkouow.exe
2007-12-01 13:50:44 110592 --a------ C:\WINDOWS\system32\vtxnxmr.exe
2007-12-01 13:50:43 108005 --a------ C:\WINDOWS\system32\ymjxftms.exe
2007-12-01 13:50:43 42469 --a------ C:\WINDOWS\system32\pbbiqo.exe
2007-12-01 13:50:43 68486 --a------ C:\WINDOWS\system32\fppac.exe
2007-12-01 13:50:43 35718 --a------ C:\WINDOWS\system32\cpmvwao.exe
2007-12-01 13:50:43 110592 --a------ C:\WINDOWS\system32\akxvch.exe
2007-12-01 13:38:32 68486 --a------ C:\WINDOWS\system32\gxee.exe
2007-12-01 13:38:31 108005 --a------ C:\WINDOWS\system32\yswgijyr.exe
2007-12-01 13:38:31 140773 --a------ C:\WINDOWS\system32\unqp.exe
2007-12-01 13:38:31 68486 --a------ C:\WINDOWS\system32\ccnkkhup.exe
2007-12-01 13:21:18 0 d-------- C:\Program Files\AIM6
2007-12-01 11:16:03 37376 --a------ C:\WINDOWS\system32\xxyvtqp.dll
2007-12-01 11:16:03 39936 --a------ C:\WINDOWS\system32\wvusron.dll
2007-12-01 11:16:03 37376 --a------ C:\WINDOWS\system32\gebyxvu.dll
2007-12-01 11:15:40 35718 --a------ C:\WINDOWS\system32\fbsgkvwb.exe
2007-12-01 11:15:40 42469 --a------ C:\WINDOWS\system32\dwcth.exe
2007-12-01 11:15:39 134022 --a------ C:\WINDOWS\system32\tpuc.exe
2007-12-01 11:15:39 75237 --a------ C:\WINDOWS\system32\hbcdjfci.exe
2007-11-30 23:51:42 37376 --a------ C:\WINDOWS\system32\pmnnnkh.dll
2007-11-30 23:51:40 39936 --a------ C:\WINDOWS\system32\xxyvspq.dll
2007-11-30 23:51:38 37376 --a------ C:\WINDOWS\system32\efcyvvv.dll
2007-11-30 23:51:13 42469 --a------ C:\WINDOWS\system32\lsarxecn.exe
2007-11-30 23:51:13 68486 --a------ C:\WINDOWS\system32\khiq.exe
2007-11-30 23:51:13 81408 -----n--- C:\WINDOWS\system32\gkkirsg.exe
2007-11-30 23:51:13 110592 -----n--- C:\WINDOWS\system32\cmcbzyhx.exe
2007-11-30 23:51:13 35718 --a------ C:\WINDOWS\system32\cimwt.exe
2007-11-30 23:46:20 101254 --a------ C:\WINDOWS\system32\zteg.exe
2007-11-30 23:46:20 77824 --a------ C:\WINDOWS\system32\qnuuhmu.exe
2007-11-30 23:46:20 110592 --a------ C:\WINDOWS\system32\luggh.exe
2007-11-30 23:46:20 81408 --a------ C:\WINDOWS\system32\gasespeq.exe
2007-11-30 23:46:20 42469 --a------ C:\WINDOWS\system32\bsqtdeeh.exe
2007-11-30 23:46:19 35718 --a------ C:\WINDOWS\system32\zsojj.exe
2007-11-30 22:00:36 37376 --a------ C:\WINDOWS\system32\wvussrs.dll
2007-11-30 22:00:33 39936 --a------ C:\WINDOWS\system32\mljgffd.dll
2007-11-30 22:00:05 77824 -----n--- C:\WINDOWS\system32\srvvtcx.exe
2007-11-30 22:00:05 101254 --a------ C:\WINDOWS\system32\lnpsjc.exe
2007-11-30 22:00:05 42469 --a------ C:\WINDOWS\system32\gadr.exe
2007-11-30 22:00:05 35718 --a------ C:\WINDOWS\system32\agqgcaau.exe
2007-11-30 21:48:27 37376 --a------ C:\WINDOWS\system32\gebxvss.dll
2007-11-30 21:48:27 39936 --a------ C:\WINDOWS\system32\byxxyxx.dll
2007-11-30 21:48:26 37376 --a------ C:\WINDOWS\system32\awttusq.dll
2007-11-30 21:47:49 35718 --a------ C:\WINDOWS\system32\prooywq.exe
2007-11-30 21:47:46 75237 --a------ C:\WINDOWS\system32\zgupuc.exe
2007-11-30 21:47:46 35718 --a------ C:\WINDOWS\system32\bcxokh.exe
2007-11-30 20:56:20 37376 --a------ C:\WINDOWS\system32\cbxvurq.dll
2007-11-30 20:56:18 37376 --a------ C:\WINDOWS\system32\vtuurrq.dll
2007-11-30 20:56:16 39936 --a------ C:\WINDOWS\system32\cbxywuv.dll
2007-11-30 20:55:34 77824 -----n--- C:\WINDOWS\system32\qrnzrtp.exe
2007-11-30 20:55:34 81408 -----n--- C:\WINDOWS\system32\kvvridd.exe
2007-11-30 20:55:33 68486 --a------ C:\WINDOWS\system32\pzwhw.exe
2007-11-30 20:55:33 166790 --a------ C:\WINDOWS\system32\inxzw.exe
2007-11-30 20:55:33 75237 --a------ C:\WINDOWS\system32\bfbxazng.exe
2007-11-30 18:45:37 39936 --a------ C:\WINDOWS\system32\pmnkihi.dll
2007-11-30 18:45:36 37376 --a------ C:\WINDOWS\system32\ljjjhhf.dll
2007-11-30 18:45:08 42469 --a------ C:\WINDOWS\system32\tfgknp.exe
2007-11-30 18:45:08 114176 -----n--- C:\WINDOWS\system32\ndtr.exe
2007-11-30 18:45:07 35718 --a------ C:\WINDOWS\system32\svzssm.exe
2007-11-30 18:45:07 35718 --a------ C:\WINDOWS\system32\mxiaik.exe
2007-11-30 16:04:19 78912 --a------ C:\WINDOWS\system32\mkipqxal.dll
2007-11-30 15:52:39 86592 --a------ C:\WINDOWS\system32\xymxjeun.exe <Not Verified; ; DDC>
2007-11-30 15:47:45 37376 --a------ C:\WINDOWS\system32\urqrsss.dll
2007-11-30 15:47:45 37376 --a------ C:\WINDOWS\system32\tuvvsqq.dll
2007-11-30 15:47:45 39936 --a------ C:\WINDOWS\system32\ddcyxyy.dll
2007-11-30 15:47:12 114176 -----n--- C:\WINDOWS\system32\bgseee.exe
2007-11-30 15:47:11 143360 -----n--- C:\WINDOWS\system32\tiny.exe
2007-11-30 15:47:10 35718 --a------ C:\WINDOWS\system32\xkxk.exe
2007-11-30 15:47:10 35718 --a------ C:\WINDOWS\system32\usxswmd.exe
2007-11-30 15:47:10 42469 --a------ C:\WINDOWS\system32\kepaer.exe
2007-11-30 15:39:47 176128 --a------ C:\WINDOWS\system32\zwbk.exe
2007-11-30 15:39:41 81408 --a------ C:\WINDOWS\system32\xfvaxbwq.exe
2007-11-30 15:39:41 143360 --a------ C:\WINDOWS\system32\gtvc.exe
2007-11-30 15:39:37 108005 --a------ C:\WINDOWS\system32\ejulxc.exe
2007-11-30 15:39:34 35718 --a------ C:\WINDOWS\system32\blfgdzbs.exe
2007-11-29 22:43:21 37376 --a------ C:\WINDOWS\system32\urqrpop.dll
2007-11-29 22:43:21 37376 --a------ C:\WINDOWS\system32\opnolli.dll
2007-11-29 22:43:21 37376 --a------ C:\WINDOWS\system32\efcbayw.dll
2007-11-29 22:42:50 42469 --a------ C:\WINDOWS\system32\vcnqnka.exe
2007-11-29 22:42:50 35718 --a------ C:\WINDOWS\system32\symmd.exe
2007-11-29 22:42:50 35718 --a------ C:\WINDOWS\system32\aivx.exe
2007-11-29 22:35:02 77824 --a------ C:\WINDOWS\system32\uimdom.exe
2007-11-29 22:35:02 143360 --a------ C:\WINDOWS\system32\kjndxven.exe
2007-11-29 22:35:02 110592 --a------ C:\WINDOWS\system32\glppgu.exe
2007-11-29 22:35:00 42469 --a------ C:\WINDOWS\system32\wevi.exe
2007-11-29 22:35:00 68486 --a------ C:\WINDOWS\system32\tnagtgtp.exe
2007-11-29 22:35:00 68486 --a------ C:\WINDOWS\system32\mrucvdsm.exe
2007-11-29 18:18:45 35718 --a------ C:\WINDOWS\system32\svlrdr.exe
2007-11-29 18:18:45 68486 --a------ C:\WINDOWS\system32\exlbwg.exe
2007-11-29 18:18:45 75237 --a------ C:\WINDOWS\system32\akxjhrf.exe
2007-11-29 17:57:38 37376 --a------ C:\WINDOWS\system32\xxyabxx.dll
2007-11-29 17:57:38 37376 --a------ C:\WINDOWS\system32\tuvwxxv.dll
2007-11-29 17:57:38 37376 --a------ C:\WINDOWS\system32\ssqopqp.dll
2007-11-29 17:57:03 68486 --a------ C:\WINDOWS\system32\lhlwk.exe
2007-11-29 17:57:03 35718 --a------ C:\WINDOWS\system32\atxsswyp.exe
2007-11-29 17:57:02 75237 --a------ C:\WINDOWS\system32\hywmw.exe
2007-11-29 17:52:08 101254 --a------ C:\WINDOWS\system32\skfgfmnw.exe
2007-11-29 17:52:08 68486 --a------ C:\WINDOWS\system32\simnpll.exe
2007-11-29 17:52:07 42469 --a------ C:\WINDOWS\system32\cnnbci.exe
2007-11-29 17:33:44 35718 --a------ C:\WINDOWS\system32\wqlnzdg.exe
2007-11-29 17:33:44 134022 --a------ C:\WINDOWS\system32\pfrbeu.exe
2007-11-29 17:33:44 42469 --a------ C:\WINDOWS\system32\luoc.exe
2007-11-29 17:20:27 0 d-------- C:\Program Files\Blaze Media Pro
2007-11-29 17:17:06 35718 --a------ C:\WINDOWS\system32\pype.exe
2007-11-29 17:17:06 108005 --a------ C:\WINDOWS\system32\fwskk.exe
2007-11-29 17:17:06 101254 --a------ C:\WINDOWS\system32\dmrx.exe
2007-11-29 17:15:56 0 d-------- C:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}
2007-11-29 17:09:02 0 d--hs---- C:\WINDOWS\IA
2007-11-29 17:08:39 2375 --a------ C:\x.dat
2007-11-29 17:08:33 60040 --a------ C:\z.dat
2007-11-29 17:08:31 0 d-------- C:\WINDOWS\system32\mm6
2007-11-29 17:08:31 0 d-------- C:\WINDOWS\system32\hv2
2007-11-29 17:08:31 0 d-------- C:\WINDOWS\system32\dr1
2007-11-29 17:08:15 0 d-------- C:\WINDOWS\system32\daSgo05
2007-11-29 15:48:42 77888 --a------ C:\WINDOWS\system32\kmuewxwt.dll
2007-11-29 15:45:14 86592 --a------ C:\WINDOWS\system32\yyqywchl.exe <Not Verified; ; DDC>
2007-11-29 15:43:24 108005 --a------ C:\WINDOWS\system32\zxais.exe
2007-11-29 15:43:24 35718 --a------ C:\WINDOWS\system32\pmadyqdn.exe
2007-11-29 15:43:24 68486 --a------ C:\WINDOWS\system32\bqbg.exe
2007-11-29 06:01:26 37376 --a------ C:\WINDOWS\system32\awtsqno.dll
2007-11-29 06:01:18 37376 --a------ C:\WINDOWS\system32\cbxwtsq.dll
2007-11-29 05:53:02 37376 --a------ C:\WINDOWS\system32\hgghijh.dll
2007-11-29 05:52:55 37376 --a------ C:\WINDOWS\system32\fccdcbb.dll
2007-11-29 05:44:50 37376 --a------ C:\WINDOWS\system32\efcddcc.dll
2007-11-29 05:19:56 37376 --a------ C:\WINDOWS\system32\vtutsqo.dll
2007-11-29 04:55:10 37376 --a------ C:\WINDOWS\system32\wvurrom.dll
2007-11-29 04:48:10 37376 --a------ C:\WINDOWS\system32\ssqrqqn.dll
2007-11-29 04:48:10 37376 --a------ C:\WINDOWS\system32\jkkkkhg.dll
2007-11-29 04:48:10 37376 --a------ C:\WINDOWS\system32\jkkiigh.dll
2007-11-29 04:47:23 42469 --a------ C:\WINDOWS\system32\zyvll.exe
2007-11-29 04:47:23 35718 --a------ C:\WINDOWS\system32\msqksh.exe
2007-11-29 04:47:23 35718 --a------ C:\WINDOWS\system32\kpdiu.exe
2007-11-29 04:43:35 35718 --a------ C:\WINDOWS\system32\pqrn.exe
2007-11-29 04:43:35 35718 --a------ C:\WINDOWS\system32\mwoedz.exe
2007-11-29 04:43:35 108005 --a------ C:\WINDOWS\system32\dahv.exe
2007-11-28 23:56:07 35718 --a------ C:\WINDOWS\system32\ukewapzf.exe
2007-11-28 23:56:07 35718 --a------ C:\WINDOWS\system32\uizfxvjo.exe
2007-11-28 23:56:07 42469 --a------ C:\WINDOWS\system32\sxanpe.exe
2007-11-28 21:51:48 35718 --a------ C:\WINDOWS\system32\zmwemw.exe
2007-11-28 21:51:48 42469 --a------ C:\WINDOWS\system32\oibvvn.exe
2007-11-28 21:51:48 101254 --a------ C:\WINDOWS\system32\jgnidqh.exe
2007-11-28 20:12:55 42469 --a------ C:\WINDOWS\system32\ufpuoxxc.exe
2007-11-28 20:12:55 35718 --a------ C:\WINDOWS\system32\jaljjl.exe
2007-11-28 20:12:55 35718 --a------ C:\WINDOWS\system32\iaktggva.exe
2007-11-28 19:27:39 81984 --a------ C:\WINDOWS\system32\gurkvujx.dll
2007-11-28 19:14:48 119360 --a------ C:\WINDOWS\system32\xxcasiux.exe <Not Verified; ; DDC>
2007-11-28 17:39:04 42469 --a------ C:\WINDOWS\system32\zdvnztr.exe
2007-11-28 17:39:04 35718 --a------ C:\WINDOWS\system32\uvcp.exe
2007-11-28 17:39:04 35718 --a------ C:\WINDOWS\system32\ikdpejk.exe
2007-11-28 16:20:37 35718 --a------ C:\WINDOWS\system32\vaspjz.exe
2007-11-28 16:20:37 42469 -----n--- C:\WINDOWS\system32\dsstqg.exe
2007-11-28 16:20:37 35718 --a------ C:\WINDOWS\system32\dqdm.exe
2007-11-28 16:15:44 35718 --a------ C:\WINDOWS\system32\yrsols.exe
2007-11-28 16:15:43 68486 --a------ C:\WINDOWS\system32\xyuoxkb.exe
2007-11-28 16:15:43 42469 --a------ C:\WINDOWS\system32\npxkxf.exe
2007-11-28 15:53:59 108005 --a------ C:\WINDOWS\system32\mfbamdj.exe
2007-11-28 15:53:59 35718 --a------ C:\WINDOWS\system32\ehbanbas.exe
2007-11-28 15:53:59 101254 --a------ C:\WINDOWS\system32\apihbsuz.exe
2007-11-28 15:28:16 68486 --a------ C:\WINDOWS\system32\ograj.exe
2007-11-28 15:28:16 35718 --a------ C:\WINDOWS\system32\kabiktev.exe
2007-11-28 15:28:16 42469 --a------ C:\WINDOWS\system32\exxmiidx.exe
2007-11-28 00:43:10 38400 --a------ C:\WINDOWS\system32\wvuvspn.dll
2007-11-28 00:35:06 38400 --a------ C:\WINDOWS\system32\yayvurs.dll
2007-11-28 00:35:06 38400 --a------ C:\WINDOWS\system32\ddcyayw.dll
2007-11-28 00:34:07 35718 --a------ C:\WINDOWS\system32\ugqudhuh.exe
2007-11-28 00:34:07 42469 --a------ C:\WINDOWS\system32\ihigvvh.exe
2007-11-28 00:34:07 35718 --a------ C:\WINDOWS\system32\gxezgnqe.exe
2007-11-27 20:37:33 35718 --a------ C:\WINDOWS\system32\wzzeuaj.exe
2007-11-27 20:37:33 134022 --a------ C:\WINDOWS\system32\vsjip.exe
2007-11-27 20:37:33 75237 --a------ C:\WINDOWS\system32\rjol.exe
2007-11-27 19:07:31 35718 --a------ C:\WINDOWS\system32\wmlqhm.exe
2007-11-27 19:07:31 101254 --a------ C:\WINDOWS\system32\qyaq.exe
2007-11-27 19:07:31 42469 --a------ C:\WINDOWS\system32\glctueve.exe
2007-11-27 06:13:12 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-27 06:09:14 38400 --a------ C:\WINDOWS\system32\nnnmnmm.dll
2007-11-27 06:09:14 38400 --a------ C:\WINDOWS\system32\ljjhggh.dll
2007-11-27 06:09:14 38400 --a------ C:\WINDOWS\system32\efcyaay.dll
2007-11-27 06:08:54 35718 --a------ C:\WINDOWS\system32\xjqqrbu.exe
2007-11-27 06:08:54 108005 --a------ C:\WINDOWS\system32\limezgkb.exe
2007-11-27 06:08:54 35718 --a------ C:\WINDOWS\system32\dyineu.exe
2007-11-27 06:08:52 109568 -----n--- C:\WINDOWS\system32\ushcvgu.exe
2007-11-27 06:08:52 109568 -----n--- C:\WINDOWS\system32\eehct.exe
2007-11-27 04:50:27 166790 --a------ C:\WINDOWS\system32\zeuttvn.exe
2007-11-27 04:50:27 35718 --a------ C:\WINDOWS\system32\qrur.exe
2007-11-27 04:50:27 108005 --a------ C:\WINDOWS\system32\hmdfjszx.exe
2007-11-26 22:54:50 68486 --a------ C:\WINDOWS\system32\vsfwa.exe
2007-11-26 22:54:50 166790 --a------ C:\WINDOWS\system32\poxnfv.exe
2007-11-26 22:54:48 42469 --a------ C:\WINDOWS\system32\cfhokpfc.exe
2007-11-26 22:42:24 68486 --a------ C:\WINDOWS\system32\trmg.exe
2007-11-26 22:42:24 35718 --a------ C:\WINDOWS\system32\fqvrvcin.exe
2007-11-26 22:42:24 108005 --a------ C:\WINDOWS\system32\eiphre.exe
2007-11-21 16:35:45 117 --a------ C:\WINDOWS\system32\ceoejsu.bat
2007-11-21 05:34:49 240404 --a------ C:\Program Files\zia02852
2007-11-18 15:04:35 117 --a------ C:\WINDOWS\system32\siqyvpz.bat
2007-11-16 18:34:44 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\acccore
2007-11-16 16:32:04 118 --a------ C:\WINDOWS\system32\hepao.bat
-- Find3M Report ---------------------------------------------------------------
2007-12-16 12:07:22 7 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{6B6F1BFF-9668-4011-A121-0147C63F56FD}
2007-12-16 09:00:45 2563 --a------ C:\WINDOWS\mozver.dat
2007-12-15 16:33:22 0 d-------- C:\Program Files\SpywareBot
2007-12-15 16:33:22 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\SpywareBot
2007-12-12 04:43:18 0 d--hs---- C:\Program Files\outlook
2007-12-12 04:35:35 0 d-------- C:\Program Files\Spyware Doctor
2007-12-11 22:19:15 0 d-------- C:\Program Files\Lx_cats
2007-12-10 16:05:47 312 --ahs---- C:\WINDOWS\system32\1476419896.dat
2007-12-09 16:44:25 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
2007-12-09 16:41:37 4096 --ahs---- C:\Program Files\Thumbs.db
2007-12-05 22:43:29 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Azureus
2007-12-05 22:41:51 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent
2007-12-02 10:20:59 0 d-------- C:\Program Files\Free Audio Recorder
2007-12-02 10:20:59 0 d-------- C:\Program Files\Apple Software Update
2007-11-29 04:53:50 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
2007-11-28 19:48:00 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-26 22:31:46 0 d-------- C:\Program Files\Symantec
2007-11-26 22:30:45 0 d-------- C:\Program Files\Common Files
2007-11-22 15:28:23 411764 --a------ C:\Program Files\RCX2A.tmp
2007-11-18 15:04:44 417808 --a------ C:\Program Files\RCX1C.tmp
2007-11-15 22:22:37 0 d-------- C:\Program Files\Crimson Editor
2007-11-12 21:59:41 121 --a------ C:\WINDOWS\system32\qrzgpxwa.bat
2007-11-11 15:44:03 120 --a------ C:\WINDOWS\system32\sctnnbx.bat
2007-11-11 09:54:37 117 --a------ C:\WINDOWS\system32\imfrgqp.bat
2007-11-10 23:08:38 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
2007-11-08 23:07:28 0 d-------- C:\Program Files\Audio Flash
2007-11-08 23:06:54 434688 --a------ C:\WINDOWS\system32\ss2uinst.exe <Not Verified; Virtualzone.de; SetupStream 2>
2007-10-29 20:43:20 0 d-------- C:\Program Files\Usability Sciences
2007-10-27 22:51:45 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
2007-10-22 22:34:14 0 d-------- C:\Program Files\Windows Defender
2007-10-21 09:41:58 0 d-------- C:\Program Files\Admiresoft
2007-10-21 09:35:08 0 d-------- C:\Program Files\Audio Recorder Pro
2007-10-21 09:00:52 0 d-------- C:\Program Files\FREE Hi-Q Recorder
2007-10-21 08:57:19 0 d-------- C:\Program Files\Audacity
2007-10-21 08:54:54 0 d-------- C:\Program Files\Freecorder
2007-10-21 08:54:37 0 d-------- C:\Program Files\Freecorder Toolbar
2007-10-17 07:38:38 0 d-------- C:\Program Files\Winamp
2007-10-04 15:20:44 40966 --a------ C:\WINDOWS\system32\ld.exe <Not Verified; Microsoft; _>
2007-10-04 15:20:44 51200 --a------ C:\WINDOWS\system32\g82.exe
2007-10-04 15:20:44 2 --a------ C:\WINDOWS\system32\faxwin32.bin
2007-10-04 15:20:44 33280 --a------ C:\WINDOWS\system32\1190904309.exe <Not Verified; MskSoftStudy Corp.; Anti-Virus Project (AVP) spyware removal module>
2007-10-03 17:24:02 158496 --a------ C:\WINDOWS\system32\b493b4b2.sys
2007-10-02 15:15:05 3284 --a------ C:\WINDOWS\system32\ANIWZCS{6B6F1BFF-9668-4011-A121-0147C63F56FD}
2007-10-02 14:55:01 7 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME
2007-10-02 05:06:45 20480 --a------ C:\rkburvxa.exe
2007-09-30 19:20:25 79832 --a------ C:\WINDOWS\system32\adssite-remove.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0094B071-5401-435F-B099-55546EE05F60}]
2007-12-08 09:50 336992 --------- C:\WINDOWS\system32\mllmj.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2007-11-28 19:21 1502232 --a------ C:\Program Files\Freecorder\tbFre1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{17B88DF7-95AB-44DA-8ECD-5FF0B6CAEC67}]
2007-11-27 06:09 38400 --a------ C:\WINDOWS\system32\efcyaay.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1ab4a21f-6df8-4474-b4ba-385e0e305313}]
2007-12-16 12:13 80448 --a------ C:\WINDOWS\system32\xrnypwyk.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{791BB781-B4EB-42FF-8015-8A3BFB1E29C5}]
C:\Program Files\Free Audio Recorder\meso83122.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AD27C986-2323-4A2B-A13F-7BEDB1E4EBB5}]
C:\WINDOWS\system32\ddayx.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f5a9e7d4-86df-40f8-8419-7740aaee73c6}]
C:\WINDOWS\system32\icwirt.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= C:\Program Files\Freecorder\tbFre1.dll [2007-11-28 19:21 1502232]
[-HKEY_CLASSES_ROOT\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 03:54 C:\WINDOWS\RTHDCPL.EXE]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-24 18:15]
"nwiz"="nwiz.exe" [2006-01-24 18:15 C:\WINDOWS\system32\nwiz.exe]
"PCDrProfiler"="" []
"AOL Spyware Protection"="C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-18 16:42]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 17:30]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 22:50]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 22:50]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42]
"WinampAgent"="C:\Program Files\Winamp\wianmpa.exe" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" []
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2007-11-30 13:47]
"LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 04:09]
"58006197"="C:\WINDOWS\system32\uxqskbdw.dll" [2007-12-16 12:16]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="C:\PROGRA~1\AWS\WEATHE~1\Weather.exe" []
"SpywareBot"="C:\Program Files\SpywareBot\SpywareBot.exe" [2007-11-30 13:48]
"Spyware Doctor"="C:\Program Files\Spyware Doctor\swdoctor.exe" [2005-03-18 16:18]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 15:24]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-10-04 07:20]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-06-19 06:57:40]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{17B88DF7-95AB-44DA-8ECD-5FF0B6CAEC67}"= C:\WINDOWS\system32\efcyaay.dll [2007-11-27 06:09 38400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcyaay]
efcyaay.dll 2007-11-27 06:09 38400 C:\WINDOWS\system32\efcyaay.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\icwirt]
icwirt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\lwnirwep]
lwnirwep.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nrkfwlei]
nrkfwlei.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mllmj.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
-- End of Deckard's System Scanner: finished at 2007-12-16 16:57:03 ------------