Tech Support Forum - View Single Post - regedit - another program is currently using this log

cyntharris1 · 05-01-2007, 07:24 PM

Deckard's System Scanner v20070426.43
Run by Cynthia on 2007-05-01 at 20:19:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as Cynthia.exe) ---------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 8:19:30 PM, on 5/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Documents and Settings\Cynthia\Local Settings\Temporary Internet Files\Content.IE5\HR2T2T2T\dss[1].exe
C:\PROGRA~1\HIJACK~1\Cynthia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...suk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SMC2862W-G EZ Connect g 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedIn...derControl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1173764241890
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/40...02/Coupons.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/game...ploader_v6.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: gebyw - C:\WINDOWS\system32\gebyw.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

-- Files created between 2007-04-01 and 2007-05-01 -----------------------------

2007-04-30 14:45:23 0 d-------- C:\ie-spyad
2007-04-30 14:40:08 0 d-------- C:\Program Files\SpywareBlaster
2007-04-30 13:09:13 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-04-30 11:32:58 245824 -ra------ C:\WINDOWS\Instexec.exe <Not Verified; Logitech; Logitech>
2007-04-30 11:32:56 245824 -ra------ C:\WINDOWS\system32\InstExec.exe <Not Verified; Logitech; Logitech>
2007-04-30 11:24:56 0 d-------- C:\Program Files\RegistryFix
2007-04-30 10:54:22 0 d-------- C:\Program Files\Logitech
2007-04-30 09:59:00 0 d-------- C:\EmergencyUtils
2007-04-30 07:48:14 0 d--h----- C:\WINDOWS\PIF
2007-04-23 20:57:43 0 d-------- C:\Program Files\Lavasoft
2007-04-23 20:57:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-23 00:02:13 4 --ah----- C:\WINDOWS\uccspecb.sys
2007-04-19 10:26:44 0 d-------- C:\Documents and Settings\Denesha\Application Data\Viewpoint
2007-04-09 16:42:06 0 d-------- C:\Program Files\Ace Utilities
2007-04-09 16:17:23 0 d-------- C:\Program Files\Windows Installer Clean Up
2007-04-09 16:08:39 30592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys <Not Verified; PCTools Research Pty Ltd.; Spyware Doctor>
2007-04-09 16:08:38 51072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys <Not Verified; PCTools Research Pty Ltd.; Spyware Doctor>
2007-04-09 16:04:56 0 d-------- C:\Program Files\Spyware Doctor
2007-04-09 09:02:25 0 d-------- C:\Documents and Settings\NetworkService\Start Menu
2007-04-02 11:22:58 26694 --a------ C:\WINDOWS\system32\khfcyxw.dll
2007-04-02 11:10:26 0 d--hs---- C:\Program Files\outlook

-- Find3M Report ---------------------------------------------------------------

2007-04-30 17:16:49 38745 --a------ C:\logfile
2007-04-30 14:20:51 0 d-------- C:\Program Files\QuickTime
2007-04-30 14:20:05 0 d-------- C:\Program Files\MSN Messenger
2007-04-30 14:17:00 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2007-04-30 14:16:59 0 d-------- C:\Program Files\Microsoft IntelliPoint
2007-04-30 14:14:09 0 d-------- C:\Program Files\Digital Line Detect
2007-04-30 14:12:23 0 d-------- C:\Program Files\AIM6
2007-04-30 11:35:14 0 d-------- C:\Program Files\Common Files\LogiShrd
2007-04-30 11:33:18 0 d-------- C:\Program Files\Common Files\Logitech
2007-04-09 20:28:26 0 d-------- C:\Documents and Settings\Cynthia\Application Data\acccore
2007-04-09 17:41:42 0 d-------- C:\Program Files\Yahoo!
2007-04-09 17:41:42 0 d-------- C:\Program Files\support.com
2007-04-09 17:41:42 0 d-------- C:\Program Files\Modem Helper
2007-04-09 17:40:58 0 d-------- C:\Program Files\FinePixViewer
2007-04-09 17:40:58 0 d-------- C:\Program Files\Dell
2007-04-09 17:40:58 0 d-------- C:\Program Files\America Online 9.0
2007-04-09 17:40:26 0 dr------- C:\Documents and Settings\Cynthia\Application Data\yahoo!
2007-04-09 17:40:25 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Adobe
2007-04-09 16:19:40 0 d-------- C:\Program Files\IrfanView
2007-04-09 16:17:04 0 d-------- C:\Program Files\MSECACHE
2007-04-06 12:01:47 0 d-------- C:\Documents and Settings\Cynthia\Application Data\LimeWire
2007-04-06 00:03:12 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Lavasoft
2007-04-03 17:49:49 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Image Zone Express
2007-03-31 17:55:49 0 d-------- C:\Documents and Settings\Cynthia\Application Data\FUJIFILM
2007-03-31 17:38:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-03-31 17:37:20 0 d-------- C:\Program Files\REGSHAVE
2007-03-23 23:42:26 3610 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-03-23 23:42:24 88 -r-hs---- C:\WINDOWS\system32\4765C39811.sys
2007-03-23 19:40:46 0 d-------- C:\Program Files\Kodak
2007-03-23 19:38:58 0 d-------- C:\Program Files\Common Files\Kodak
2007-03-19 16:47:19 0 d-------- C:\Program Files\GustoSoft
2007-03-18 18:51:07 0 d-------- C:\Program Files\GameHouse
2007-03-16 14:07:57 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Vso
2007-03-16 14:07:57 34 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.log
2007-03-16 14:07:50 47360 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-03-16 14:07:50 1144 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.inf
2007-03-16 14:07:50 7176 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.cat
2007-03-16 14:07:50 81920 --a------ C:\Documents and Settings\Cynthia\Application Data\ezpinst.exe
2007-03-15 07:36:45 0 d-------- C:\Program Files\Enigma Software Group
2007-03-15 07:09:03 1127629 ---hs---- C:\WINDOWS\system32\qttss.bak1
2007-03-14 22:45:11 24576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service>
2007-03-14 20:32:21 282212 -----n--- C:\WINDOWS\system32\ssttq.dll
2007-03-14 17:32:28 1125814 ---hs---- C:\WINDOWS\system32\yybeg.bak1
2007-03-13 18:28:15 1129128 ---hs---- C:\WINDOWS\system32\pstwa.ini2
2007-03-13 17:39:42 1127002 ---hs---- C:\WINDOWS\system32\pstwa.bak2
2007-03-13 07:21:55 1124554 ---hs---- C:\WINDOWS\system32\pstwa.bak1
2007-03-13 00:25:23 0 d-------- C:\Program Files\Intel Desktop Board
2007-03-12 23:03:05 123412 --a------ C:\WINDOWS\system32\bwiopemq.dll
2007-03-12 22:49:09 26637 -----n--- C:\WINDOWS\system32\khffdde.dll
2007-03-12 18:05:57 0 d-------- C:\Program Files\HP
2007-03-10 14:15:54 164 --a------ C:\install.dat
2007-03-09 12:14:23 0 d-------- C:\Program Files\SMC
2007-03-01 21:35:27 66816 --a------ C:\Documents and Settings\Cynthia\Application Data\GDIPFONTCACHEV1.DAT
2007-02-22 16:31:41 18432 --a------ C:\Documents and Settings\Cynthia\Application Data\internaldb41.dat
2007-02-22 16:31:37 384 --a------ C:\Documents and Settings\Cynthia\Application Data\internaldb6334.dat
2007-02-22 16:28:44 194 --a------ C:\Documents and Settings\Cynthia\Application Data\internaldb8467.dat
2007-02-22 16:28:37 363980 --a------ C:\WINDOWS\1-fe5e180d56ed9c233080898276c260cc.exe
2007-02-22 14:37:49 8 --ah----- C:\WINDOWS\system32\adb.dat
2007-02-22 11:28:50 0 --a------ C:\WINDOWS\b.exe
2007-02-19 10:59:24 72 --a------ C:\WINDOWS\sysInf.dat

-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"type32"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"SigmatelSysTrayApp"="stsystra.exe"
"REGSHAVE"="\"C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE\" /AUTORUN"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"PRISMSVR.EXE"="\"C:\\Program Files\\SMC\\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\\PRISMSVR.EXE\" /APPLY"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -startup"
"IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe\""
"HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\""
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"DMXLauncher"="\"C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe\""
"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe\" /startintray"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Aim6"=""

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"WUAppSetup"="C:\\Program Files\\Common Files\\logishrd\\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{733FD72F-103E-4B9E-BCB9-A76064AF3C72}"=""

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebyw

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
Shell\AutoRun\command E:\setup.exe

-- End of Deckard's System Scanner: finished at 2007-05-01 at 20:19:57 ---------

05-01-2007, 07:24 PM	#4 (permalink)
cyntharris1 Registered User Join Date: Apr 2007 Posts: 10 OS: XP	regedit - another program is currently using this log Deckard's System Scanner v20070426.43 Run by Cynthia on 2007-05-01 at 20:19:24 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Cynthia.exe) --------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 8:19:30 PM, on 5/1/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\stsystra.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\AIM6\aolsoftware.exe C:\Documents and Settings\Cynthia\Local Settings\Temporary Internet Files\Content.IE5\HR2T2T2T\dss[1].exe C:\PROGRA~1\HIJACK~1\Cynthia.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...suk&channel=us R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE" /APPLY O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O4 - Global Startup: SMC2862W-G EZ Connect g 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedIn...derControl.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1173764241890 O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/40...02/Coupons.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/game...ploader_v6.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: gebyw - C:\WINDOWS\system32\gebyw.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing) O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing) O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- Files created between 2007-04-01 and 2007-05-01 ----------------------------- 2007-04-30 14:45:23 0 d-------- C:\ie-spyad 2007-04-30 14:40:08 0 d-------- C:\Program Files\SpywareBlaster 2007-04-30 13:09:13 0 d-------- C:\WINDOWS\system32\ActiveScan 2007-04-30 11:32:58 245824 -ra------ C:\WINDOWS\Instexec.exe <Not Verified; Logitech; Logitech> 2007-04-30 11:32:56 245824 -ra------ C:\WINDOWS\system32\InstExec.exe <Not Verified; Logitech; Logitech> 2007-04-30 11:24:56 0 d-------- C:\Program Files\RegistryFix 2007-04-30 10:54:22 0 d-------- C:\Program Files\Logitech 2007-04-30 09:59:00 0 d-------- C:\EmergencyUtils 2007-04-30 07:48:14 0 d--h----- C:\WINDOWS\PIF 2007-04-23 20:57:43 0 d-------- C:\Program Files\Lavasoft 2007-04-23 20:57:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-04-23 00:02:13 4 --ah----- C:\WINDOWS\uccspecb.sys 2007-04-19 10:26:44 0 d-------- C:\Documents and Settings\Denesha\Application Data\Viewpoint 2007-04-09 16:42:06 0 d-------- C:\Program Files\Ace Utilities 2007-04-09 16:17:23 0 d-------- C:\Program Files\Windows Installer Clean Up 2007-04-09 16:08:39 30592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys <Not Verified; PCTools Research Pty Ltd.; Spyware Doctor> 2007-04-09 16:08:38 51072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys <Not Verified; PCTools Research Pty Ltd.; Spyware Doctor> 2007-04-09 16:04:56 0 d-------- C:\Program Files\Spyware Doctor 2007-04-09 09:02:25 0 d-------- C:\Documents and Settings\NetworkService\Start Menu 2007-04-02 11:22:58 26694 --a------ C:\WINDOWS\system32\khfcyxw.dll 2007-04-02 11:10:26 0 d--hs---- C:\Program Files\outlook -- Find3M Report --------------------------------------------------------------- 2007-04-30 17:16:49 38745 --a------ C:\logfile 2007-04-30 14:20:51 0 d-------- C:\Program Files\QuickTime 2007-04-30 14:20:05 0 d-------- C:\Program Files\MSN Messenger 2007-04-30 14:17:00 0 d-------- C:\Program Files\Microsoft IntelliType Pro 2007-04-30 14:16:59 0 d-------- C:\Program Files\Microsoft IntelliPoint 2007-04-30 14:14:09 0 d-------- C:\Program Files\Digital Line Detect 2007-04-30 14:12:23 0 d-------- C:\Program Files\AIM6 2007-04-30 11:35:14 0 d-------- C:\Program Files\Common Files\LogiShrd 2007-04-30 11:33:18 0 d-------- C:\Program Files\Common Files\Logitech 2007-04-09 20:28:26 0 d-------- C:\Documents and Settings\Cynthia\Application Data\acccore 2007-04-09 17:41:42 0 d-------- C:\Program Files\Yahoo! 2007-04-09 17:41:42 0 d-------- C:\Program Files\support.com 2007-04-09 17:41:42 0 d-------- C:\Program Files\Modem Helper 2007-04-09 17:40:58 0 d-------- C:\Program Files\FinePixViewer 2007-04-09 17:40:58 0 d-------- C:\Program Files\Dell 2007-04-09 17:40:58 0 d-------- C:\Program Files\America Online 9.0 2007-04-09 17:40:26 0 dr------- C:\Documents and Settings\Cynthia\Application Data\yahoo! 2007-04-09 17:40:25 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Adobe 2007-04-09 16:19:40 0 d-------- C:\Program Files\IrfanView 2007-04-09 16:17:04 0 d-------- C:\Program Files\MSECACHE 2007-04-06 12:01:47 0 d-------- C:\Documents and Settings\Cynthia\Application Data\LimeWire 2007-04-06 00:03:12 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Lavasoft 2007-04-03 17:49:49 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Image Zone Express 2007-03-31 17:55:49 0 d-------- C:\Documents and Settings\Cynthia\Application Data\FUJIFILM 2007-03-31 17:38:24 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-03-31 17:37:20 0 d-------- C:\Program Files\REGSHAVE 2007-03-23 23:42:26 3610 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-03-23 23:42:24 88 -r-hs---- C:\WINDOWS\system32\4765C39811.sys 2007-03-23 19:40:46 0 d-------- C:\Program Files\Kodak 2007-03-23 19:38:58 0 d-------- C:\Program Files\Common Files\Kodak 2007-03-19 16:47:19 0 d-------- C:\Program Files\GustoSoft 2007-03-18 18:51:07 0 d-------- C:\Program Files\GameHouse 2007-03-16 14:07:57 0 d-------- C:\Documents and Settings\Cynthia\Application Data\Vso 2007-03-16 14:07:57 34 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.log 2007-03-16 14:07:50 47360 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> 2007-03-16 14:07:50 1144 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.inf 2007-03-16 14:07:50 7176 --a------ C:\Documents and Settings\Cynthia\Application Data\pcouffin.cat 2007-03-16 14:07:50 81920 --a------ C:\Documents and Settings\Cynthia\Application Data\ezpinst.exe 2007-03-15 07:36:45 0 d-------- C:\Program Files\Enigma Software Group 2007-03-15 07:09:03 1127629 ---hs---- C:\WINDOWS\system32\qttss.bak1 2007-03-14 22:45:11 24576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service> 2007-03-14 20:32:21 282212 -----n--- C:\WINDOWS\system32\ssttq.dll 2007-03-14 17:32:28 1125814 ---hs---- C:\WINDOWS\system32\yybeg.bak1 2007-03-13 18:28:15 1129128 ---hs---- C:\WINDOWS\system32\pstwa.ini2 2007-03-13 17:39:42 1127002 ---hs---- C:\WINDOWS\system32\pstwa.bak2 2007-03-13 07:21:55 1124554 ---hs---- C:\WINDOWS\system32\pstwa.bak1 2007-03-13 00:25:23 0 d-------- C:\Program Files\Intel Desktop Board 2007-03-12 23:03:05 123412 --a------ C:\WINDOWS\system32\bwiopemq.dll 2007-03-12 22:49:09 26637 -----n--- C:\WINDOWS\system32\khffdde.dll 2007-03-12 18:05:57 0 d-------- C:\Program Files\HP 2007-03-10 14:15:54 164 --a------ C:\install.dat 2007-03-09 12:14:23 0 d-------- C:\Program Files\SMC 2007-03-01 21:35:27 66816 --a------ C:\Documents and Settings\Cynthia\Application Data\GDIPFONTCACHEV1.DAT 2007-02-22 16:31:41 18432 --a------ C:\Documents and Settings\Cynthia\Application Data\internaldb41.dat 2007-02-22 16:31:37 384 --a------ C:\Documents and Settings\Cynthia\Application Data\internaldb6334.dat 2007-02-22 16:28:44 194 --a------ C:\Documents and Settings\Cynthia\Application Data\internaldb8467.dat 2007-02-22 16:28:37 363980 --a------ C:\WINDOWS\1-fe5e180d56ed9c233080898276c260cc.exe 2007-02-22 14:37:49 8 --ah----- C:\WINDOWS\system32\adb.dat 2007-02-22 11:28:50 0 --a------ C:\WINDOWS\b.exe 2007-02-19 10:59:24 72 --a------ C:\WINDOWS\sysInf.dat -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "type32"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\"" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "SigmatelSysTrayApp"="stsystra.exe" "REGSHAVE"="\"C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE\" /AUTORUN" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "PRISMSVR.EXE"="\"C:\\Program Files\\SMC\\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\\PRISMSVR.EXE\" /APPLY" "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start" "ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -startup" "IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe\"" "HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\"" "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe" "DMXLauncher"="\"C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe\"" "DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE" "ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe\" /startintray" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "Aim6"="" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "WUAppSetup"="C:\\Program Files\\Common Files\\logishrd\\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\ 63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\ 6d,73,73,74,79,6c,65,73,00 "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\ 73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoCDBurning"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{733FD72F-103E-4B9E-BCB9-A76064AF3C72}"="" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebyw HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}] Shell\AutoRun\command E:\setup.exe -- End of Deckard's System Scanner: finished at 2007-05-01 at 20:19:57 ---------