Thread: I need help! Included HJT Log
View Single Post
Old 07-27-2008, 02:06 PM   #5 (permalink)
JustAJacob
Registered User
 
Join Date: Jul 2008
Posts: 5
OS: Windows XP


Re: I need help! Included HJT Log
Oh i thight it was in my other post <.< Here it is.

Deckard's System Scanner v20071014.68
Run by Bjarne on 2008-07-27 22:05:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Bjarne.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:05:06, on 27-07-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\stsystra.exe
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\Programmer\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programmer\OpenOffice.org 2.4\program\soffice.exe
C:\Programmer\OpenOffice.org 2.4\program\soffice.BIN
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Windows Live\installer\WLSetupSvc.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Bjarne\Skrivebord\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Bjarne.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {605BA61C-6840-495A-843F-538E9F47C096} - C:\WINDOWS\system32\ddcaWnnO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {4a207240-26f3-9e39-bc64-a36b58204139} - {93140285-b63a-46cb-93e9-3f62042702a4} - C:\WINDOWS\system32\chwoqt.dll
O2 - BHO: (no name) - {D0A48538-8CA4-4145-BDFC-1C2C9406C107} - C:\WINDOWS\system32\iiffDWmL.dll (file missing)
O2 - BHO: (no name) - {E91C2855-AC7E-4ED9-B488-0F78FAE8AD2D} - C:\WINDOWS\system32\urqRLDVP.dll (file missing)
O2 - BHO: (no name) - {FF332D6F-D61F-48F0-B623-311B078ED47E} - C:\WINDOWS\system32\xxyvtUNG.dll (file missing)
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Programmer\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Programmer\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Windows Logon Applicationedc] C:\Documents and Settings\Bjarne\winlogon.exe
O4 - HKLM\..\Run: [AVP] "C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [f019ac5f] rundll32.exe "C:\WINDOWS\system32\ciqnkgjs.dll",b
O4 - HKLM\..\Run: [BMf32a9fc3] Rundll32.exe "C:\WINDOWS\system32\rakixoik.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\programmer\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Programmer\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Programmer\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programmer\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus-statistik - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Bjarne\Menuen Start\Programmer\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {5CE72DD0-4695-4D18-A4D3-3367ACD37578} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home...fshc/fscax.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: urqRLDVP - urqRLDVP.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Convar task manager (ctm) - Convar Deutschland GmbH - C:\Programmer\Convar\TaskManager\ctm.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9770 bytes

-- Files created between 2008-06-27 and 2008-07-27 -----------------------------

2008-07-27 21:23:27 0 d-------- C:\Programmer\Data Doctor Recovery Memory Card (Demo)
2008-07-27 15:08:05 95744 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2008-07-27 15:08:05 44544 --a------ C:\WINDOWS\system32\Gif89.dll <Not Verified; ; Gif89 Module>
2008-07-27 15:08:04 1230336 --a------ C:\WINDOWS\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP 1>
2008-07-27 15:08:04 118784 --a------ C:\WINDOWS\system32\DartWeb.dll <Not Verified; Dart Communications; PowerTCP© Tools>
2008-07-27 15:08:04 217088 --a------ C:\WINDOWS\system32\DartSock.dll <Not Verified; Dart Communications; PowerTCP© Tools>
2008-07-27 15:08:03 0 d-------- C:\Programmer\Convar
2008-07-27 09:51:31 354 ---hs---- C:\WINDOWS\system32\sjgknqic.ini2
2008-07-27 02:09:24 83968 --a------ C:\WINDOWS\system32\ciqnkgjs.dll
2008-07-27 02:07:10 101888 --a------ C:\WINDOWS\system32\chwoqt.dll
2008-07-27 02:07:08 101888 --a------ C:\WINDOWS\system32\noakxqec.dll
2008-07-27 0242 93184 --a------ C:\WINDOWS\system32\rakixoik.dll
2008-07-11 12:30:07 0 d-------- C:\Programmer\Wakfu
2008-07-11 10:27:39 450201 --ahs---- C:\WINDOWS\system32\GNUtvyxx.ini2
2008-07-11 09:39:44 0 d-------- C:\Documents and Settings\Bjarne\Application Data\HouseCall 6.6
2008-07-11 08:44:42 0 d-------- C:\Documents and Settings\Jacob\Application Data\ATI
2008-07-10 23:12:50 0 d-------- C:\Programmer\Trend Micro
2008-07-10 22:26:18 96559 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-07-10 22:26:18 87855 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-07-10 22:25:04 0 d-------- C:\Programmer\Kaspersky Lab
2008-07-10 22:25:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-10 22:24:40 27680 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-10 22:24:40 8789792 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-10 22:23:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-07-10 16:33:45 101376 --a------ C:\WINDOWS\system32\pxumutrq.dll
2008-07-10 16:33:45 101376 --a------ C:\WINDOWS\system32\kehslz.dll
2008-07-09 15:15:05 55088 --ahs---- C:\WINDOWS\system32\OnnWacdd.ini2
2008-07-08 22:15:40 52248 --ahs---- C:\WINDOWS\system32\LmWDffii.ini2
2008-07-08 22:10:38 0 d-------- C:\WINDOWS\system32\olixds18
2008-07-08 22:10:38 0 d-------- C:\Temp
2008-07-08 21:34:52 0 d-------- C:\Programmer\MAIET
2008-07-02 16:54:39 0 d-------- C:\Documents and Settings\Bjarne\Application Data\Hewlett-Packard
2008-07-02 16:51:11 82380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS <Not Verified; Oak Technology Inc.; AFS>
2008-07-02 16:47:40 0 d-------- C:\Programmer\Fælles filer\Hewlett-Packard
2008-07-02 16:46:03 0 d-------- C:\Programmer\Hewlett-Packard
2008-07-02 16:45:33 16622 -----n--- C:\WINDOWS\hpomdl01.dat
2008-07-02 16:45:33 20725 -----n--- C:\WINDOWS\hpoins01.dat
2008-06-30 16:09:16 0 d-------- C:\UT2004
2008-06-29 20:54:04 0 d-------- C:\Documents and Settings\Bjarne\Application Data\Search Settings
2008-06-29 20:51:19 0 d-------- C:\WINDOWS\system32\appmgmt
2008-06-29 20:49:38 0 d-------- C:\Programmer\Search Settings
2008-06-29 20:49:23 0 d-------- C:\Programmer\Dealio
2008-06-29 20:49:03 101888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Basic pour Windows>
2008-06-29 20:49:03 119568 --a------ C:\WINDOWS\system32\VB6FR.DLL <Not Verified; Microsoft Corporation; Environnement Visual Basic>
2008-06-29 20:49:03 21504 --a------ C:\WINDOWS\system32\TABCTFR.DLL <Not Verified; Microsoft Corporation; Bibliothèque d'objets TabCtl32>
2008-06-29 20:49:03 141312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL <Not Verified; Microsoft Corporation; COMCTL>
2008-06-29 20:49:03 59904 --a------ C:\WINDOWS\system32\Mscc2fr.dll <Not Verified; Microsoft Corporation; Bibliothèque d'objets de Microsoft Common Controls 2>
2008-06-29 20:49:03 15360 --a------ C:\WINDOWS\system32\inetfr.DLL <Not Verified; Microsoft Corporation; DLL du contrôle Microsoft Internet Transfer>
2008-06-29 20:49:03 32768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL <Not Verified; Microsoft Corporation; CMDIALOG>
2008-06-29 20:49:02 0 d-------- C:\Programmer\Free Audio Pack
2008-06-29 20:46:58 0 d-------- C:\Programmer\Free WMA to MP3 Converter


-- Find3M Report ---------------------------------------------------------------

2008-07-27 22:01:26 0 d-------- C:\Documents and Settings\Bjarne\Application Data\Skype
2008-07-27 15:10:55 0 d-------- C:\Documents and Settings\Bjarne\Application Data\OpenOffice.org2
2008-07-27 15:10:02 0 d-------- C:\Programmer\Steam
2008-07-27 15:08:03 0 d--h----- C:\Programmer\InstallShield Installation Information
2008-07-27 09:52:10 0 d-------- C:\Documents and Settings\Bjarne\Application Data\skypePM
2008-07-27 08:00:09 0 d-------- C:\Documents and Settings\Bjarne\Application Data\AVG7
2008-07-27 02:59:33 0 d-------- C:\Documents and Settings\Bjarne\Application Data\IMVU
2008-07-09 21:22:13 0 d-------- C:\Documents and Settings\Bjarne\Application Data\LimeWire
2008-07-07 15:41:00 0 d-------- C:\Programmer\Warcraft III <WARCRA~1>
2008-07-02 16:43:36 0 d-------- C:\Programmer\Fælles filer
2008-06-13 12:27:39 0 d-------- C:\Programmer\World of Warcraft
2008-06-08 09:29:33 0 d-------- C:\Documents and Settings\Bjarne\Application Data\Apple Computer
2008-06-04 21:21:26 0 d-------- C:\Programmer\IMVU
2008-05-30 20:56:21 0 d-------- C:\Documents and Settings\Bjarne\Application Data\gtk-2.0
2008-05-30 20:54:30 0 d-------- C:\Programmer\GIMP-2.0


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{605BA61C-6840-495A-843F-538E9F47C096}]
C:\WINDOWS\system32\ddcaWnnO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{93140285-b63a-46cb-93e9-3f62042702a4}]
27-07-2008 02:07 101888 --a------ C:\WINDOWS\system32\chwoqt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0A48538-8CA4-4145-BDFC-1C2C9406C107}]
C:\WINDOWS\system32\iiffDWmL.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E91C2855-AC7E-4ED9-B488-0F78FAE8AD2D}]
C:\WINDOWS\system32\urqRLDVP.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF332D6F-D61F-48F0-B623-311B078ED47E}]
C:\WINDOWS\system32\xxyvtUNG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [28-06-2008 09:50]
"!AVG Anti-Spyware"="C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11-06-2007 11:25]
"ATIPTA"="C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [05-08-2005 22:05]
"SigmatelSysTrayApp"="stsystra.exe" [22-03-2005 19:20 C:\WINDOWS\stsystra.exe]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe" [22-02-2008 05:25]
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11-01-2008 23:16]
"CTSysVol"="C:\Programmer\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [15-02-2005 17:10]
"P17Helper"="P17.dll" [03-05-2005 13:38 C:\WINDOWS\system32\P17.dll]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [11-05-2000 02:00]
"StartCCC"="C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21-01-2008 12:17]
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [28-03-2008 23:37]
"iTunesHelper"="C:\Programmer\iTunes\iTunesHelper.exe" [30-03-2008 10:36]
"SearchSettings"="C:\Programmer\Search Settings\SearchSettings.exe" [12-06-2008 16:57]
"Windows Logon Applicationedc"="C:\Documents and Settings\Bjarne\winlogon.exe" []
"AVP"="C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [28-06-2007 11:51]
"f019ac5f"="C:\WINDOWS\system32\ciqnkgjs.dll" [27-07-2008 02:09]
"BMf32a9fc3"="C:\WINDOWS\system32\rakixoik.dll" [27-07-2008 02:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [26-08-2004 18:53]
"Steam"="c:\programmer\steam\steam.exe" [28-03-2008 10:12]
"MsnMsgr"="C:\Programmer\Windows Live\Messenger\MsnMsgr.exe" []
"Uniblue RegistryBooster 2"="C:\Programmer\Uniblue\RegistryBooster 2\RegistryBooster.exe" []
"Uniblue Registry Booster"="C:\Programmer\Uniblue\Registry Booster\RegistryBooster.exe" []
"Skype"="C:\Programmer\Skype\Phone\Skype.exe" [06-02-2008 19:37]

C:\Documents and Settings\Bjarne\Menuen Start\Programmer\Start\
OpenOffice.org 2.4.lnk - C:\Programmer\OpenOffice.org 2.4\program\quickstart.exe [16-03-2008 17:54:44]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
hp psc 1000 series.lnk - C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [02-12-2002 21:08:34]
hpoddt01.exe.lnk - C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [02-12-2002 20:56:10]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office\OSA9.EXE [21-01-2000 09:15:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E91C2855-AC7E-4ED9-B488-0F78FAE8AD2D}"= C:\WINDOWS\system32\urqRLDVP.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqRLDVP]
urqRLDVP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\xxyvtUNG

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7d543db-1449-11dd-86c9-00123fb6fa2b}]
AutoRun\command- J:\setupSNK.exe

*Newly Created Service* - CTM
*Newly Created Service* - WLSETUPSVC



-- End of Deckard's System Scanner: finished at 2008-07-27 22:05:35 ------------
JustAJacob is offline