Tech Support Forum - View Single Post - Pop ups- Virtumonde + loads of others.

kiko · 06-06-2008, 11:26 AM

Hey, I've been scanning my laptop with Spybot and it's showing numerous spyware such as virtumonde, microsostwindowssecuritycenter_disabled, adrevolver, double click and more.

I was unable to do step 4 even after typing services.msc into run and following the intructions.

Any help much appreciated!

Deckard's System Scanner v20071014.68
Run by marino on 2008-06-06 18:17:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as marino.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:18:27, on 06/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\marino\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\marino.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seetickets.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: {2134850e-462d-159b-6244-b95fa70e3680} - {0863e07a-f59b-4426-b951-d264e0584312} - C:\WINDOWS\system32\owcaxnoq.dll
O2 - BHO: (no name) - {1E63E817-9B51-48A8-844C-62A180075373} - C:\WINDOWS\system32\fccdayXo.dll (file missing)
O2 - BHO: (no name) - {3AD397C5-E588-4B89-8E10-4EE5AD6313F8} - C:\WINDOWS\system32\hgGywUlI.dll (file missing)
O2 - BHO: (no name) - {514A5C49-0C7D-42c3-A71B-38864A269B7A} - C:\WINDOWS\system32\kqdblloc.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {BE352D57-8E7D-4FBA-BD7E-F08816D12BB2} - C:\WINDOWS\system32\pmnmlmjj.dll
O2 - BHO: (no name) - {C36F829A-0B11-43B3-BC7D-77BCCC89EB3D} - C:\WINDOWS\system32\hgGxULbB.dll (file missing)
O2 - BHO: (no name) - {E23136A1-1AC4-4D1B-926F-5D537CFFF359} - C:\WINDOWS\system32\cbXOGWnN.dll (file missing)
O2 - BHO: (no name) - {E876FC95-6515-4D5D-A130-94E0C6967ABA} - C:\WINDOWS\system32\vtUliFxx.dll (file missing)
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [c4eab45d] rundll32.exe "C:\WINDOWS\system32\lpivmyyl.dll",b
O4 - HKLM\..\Run: [BMc7d987c1] Rundll32.exe "C:\WINDOWS\system32\qrbdrvxm.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1156237481000
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: cbXOGWnN - cbXOGWnN.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 10100 bytes

-- Files created between 2008-05-06 and 2008-06-06 -----------------------------

2008-06-06 18:17:57 0 d-------- C:\Program Files\Trend Micro
2008-06-06 14:43:14 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-06 14:23:00 117248 --a------ C:\WINDOWS\system32\lpivmyyl.dll
2008-06-06 14:20:00 2356 --a------ C:\WINDOWS\system32\dfmvdeqh.exe
2008-06-06 14:14:00 134656 --a------ C:\WINDOWS\system32\owcaxnoq.dll
2008-06-06 14:11:00 125440 --a------ C:\WINDOWS\system32\qrbdrvxm.dll
2008-06-06 14:08:00 92160 --a------ C:\WINDOWS\system32\kqdblloc.dll
2008-06-05 14:42:40 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-05 14:42:17 0 d-------- C:\Documents and Settings\marino\Application Data\Nokia
2008-06-05 14:40:35 0 d-------- C:\Program Files\Common Files\PCSuite
2008-06-05 14:40:34 0 d-------- C:\Program Files\Common Files\Nokia
2008-06-05 14:40:13 0 d-------- C:\Program Files\DIFX
2008-06-05 14:40:04 0 d-------- C:\Documents and Settings\marino\Application Data\PC Suite
2008-06-05 14:39:44 0 d-------- C:\Program Files\PC Connectivity Solution
2008-06-05 14:39:00 0 d-------- C:\Program Files\Nokia
2008-06-05 14:21:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-06-02 19:46:54 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-02 19:46:38 0 d-------- C:\Program Files\SpywareBlaster
2008-06-02 19:25:25 0 d-------- C:\Program Files\Panda Security
2008-06-02 15:56:31 2356 --a------ C:\WINDOWS\system32\bppvrcoo.exe
2008-06-02 15:53:31 132096 --a------ C:\WINDOWS\system32\klpfxeak.dll
2008-06-02 15:50:41 92160 --a------ C:\WINDOWS\system32\rhqbkeam.dll
2008-06-02 15:17:41 528671 --ahs---- C:\WINDOWS\system32\jjmlmnmp.ini2
2008-06-02 15:17:37 373248 --a------ C:\WINDOWS\system32\pmnmlmjj.dll
2008-06-01 19:56:16 132096 --a------ C:\WINDOWS\system32\nqcjouls.dll
2008-06-01 19:44:16 92160 --a------ C:\WINDOWS\system32\pxavhvbi.dll
2008-05-31 19:54:58 132096 --a------ C:\WINDOWS\system32\hvncsyyi.dll
2008-05-31 19:39:58 92160 --a------ C:\WINDOWS\system32\lqdaautd.dll
2008-05-31 19:37:17 92160 --a------ C:\WINDOWS\system32\surmbanp.dll
2008-05-28 00:01:35 133632 --a------ C:\WINDOWS\system32\wbsxjkua.dll
2008-05-27 23:56:54 92160 --a------ C:\WINDOWS\system32\tlxrmhwu.dll
2008-05-27 23:54:35 126976 --a------ C:\WINDOWS\system32\sweshijo.dll
2008-05-27 23:53:54 594569 --ahs---- C:\WINDOWS\system32\xxFilUtv.ini2
2008-05-23 22:10:34 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-05-23 14:54:09 136192 --a------ C:\WINDOWS\system32\ctdrnkam.dll
2008-05-23 14:48:20 125952 --a------ C:\WINDOWS\system32\baknblal.dll
2008-05-23 14:46:39 125952 --a------ C:\WINDOWS\system32\sfbrsmnx.dll
2008-05-23 14:46:31 92160 --a------ C:\WINDOWS\system32\jepcovpv.dll
2008-05-23 14:45:49 1573 --ahs---- C:\WINDOWS\system32\oXyadccf.ini2
2008-05-23 14:34:22 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-05-23 13:47:55 92160 --a------ C:\WINDOWS\system32\kwukuibn.dll
2008-05-23 12:53:50 556348 --ahs---- C:\WINDOWS\system32\IlUwyGgh.ini2
2008-05-23 12:35:56 0 d-------- C:\WINDOWS\pss
2008-05-23 12:18:14 114176 --a------ C:\WINDOWS\system32\cnauueim.dll
2008-05-23 12:15:40 136192 --a------ C:\WINDOWS\system32\cbdyqdyk.dll
2008-05-23 12:13:52 92160 --a------ C:\WINDOWS\system32\pwqorhej.dll
2008-05-23 12:13:16 125952 --a------ C:\WINDOWS\system32\radwenap.dll
2008-05-23 11:37:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-23 00:07:33 0 dr-h----- C:\Documents and Settings\marino\Recent
2008-05-22 12:14:21 135680 --a------ C:\WINDOWS\system32\yrhthggl.dll
2008-05-22 12:11:14 92160 --a------ C:\WINDOWS\system32\fvymagui.dll
2008-05-22 12:09:18 126976 --a------ C:\WINDOWS\system32\iijybxkw.dll
2008-05-21 12:29:59 559119 --ahs---- C:\WINDOWS\system32\BbLUxGgh.ini2
2008-05-20 14:39:23 0 d-------- C:\Documents and Settings\marino\Application Data\MixMeister Technology
2008-05-20 14:38:00 0 d-------- C:\Program Files\MixMeister Studio 7.2.2

-- Find3M Report ---------------------------------------------------------------

2008-06-06 16:17:59 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-05 14:40:35 0 d-------- C:\Program Files\Common Files
2008-06-05 14:07:50 0 d-------- C:\Program Files\Symantec
2008-06-02 20:04:21 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-23 00:29:00 0 d-------- C:\Program Files\Yahoo!
2008-05-20 12:55:55 0 d-------- C:\Program Files\Last.fm
2008-05-02 16:50:47 0 d-------- C:\Documents and Settings\marino\Application Data\Sun
2008-05-02 16:48:50 0 d-------- C:\Program Files\Java
2008-05-02 16:45:54 0 d-------- C:\Program Files\Common Files\Java
2008-04-29 14:36:59 0 d-------- C:\Program Files\Picasa2
2008-04-29 14:34:05 0 d-------- C:\Program Files\Google
2008-04-28 19:25:56 0 d-------- C:\Documents and Settings\marino\Application Data\Apple Computer
2008-04-21 19:55:15 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-12 16:21:44 0 d-------- C:\Program Files\CCleaner
2008-04-09 13:39:50 0 d-------- C:\Program Files\iTunes
2008-03-17 19:41:15 50 --a------ C:\xmp.bat
2008-03-11 17:36:53 1158 --a------ C:\WINDOWS\mozver.dat

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0863e07a-f59b-4426-b951-d264e0584312}]
06/06/2008 14:14 134656 --a------ C:\WINDOWS\system32\owcaxnoq.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1E63E817-9B51-48A8-844C-62A180075373}]
C:\WINDOWS\system32\fccdayXo.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3AD397C5-E588-4B89-8E10-4EE5AD6313F8}]
C:\WINDOWS\system32\hgGywUlI.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{514A5C49-0C7D-42c3-A71B-38864A269B7A}]
06/06/2008 14:08 92160 --a------ C:\WINDOWS\system32\kqdblloc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BE352D57-8E7D-4FBA-BD7E-F08816D12BB2}]
02/06/2008 15:17 373248 --a------ C:\WINDOWS\system32\pmnmlmjj.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C36F829A-0B11-43B3-BC7D-77BCCC89EB3D}]
C:\WINDOWS\system32\hgGxULbB.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E23136A1-1AC4-4D1B-926F-5D537CFFF359}]
C:\WINDOWS\system32\cbXOGWnN.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E876FC95-6515-4D5D-A130-94E0C6967ABA}]
C:\WINDOWS\system32\vtUliFxx.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [25/08/2007 04:51 316784]

[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [09/12/2004 02:44]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [31/01/2008 14:15]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [24/03/2008 23:05]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [28/03/2008 23:37]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30/03/2008 10:36]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [18/06/2007 15:10]
"c4eab45d"="C:\WINDOWS\system32\lpivmyyl.dll" [06/06/2008 14:23]
"BMc7d987c1"="C:\WINDOWS\system32\qrbdrvxm.dll" [06/06/2008 14:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [28/02/2006 13:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [22/08/2006 09:31:12]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E23136A1-1AC4-4D1B-926F-5D537CFFF359}"= C:\WINDOWS\system32\cbXOGWnN.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbXOGWnN]
cbXOGWnN.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmnmlmjj

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^marino^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Documents and Settings\marino\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

*Newly Created Service* - COMHOST

-- End of Deckard's System Scanner: finished at 2008-06-06 18:19:16 ------------