Zlob.trojan.Media-Codec [MALWARE]
Deckard's System Scanner v20071014.68
Run by HONEST STAR TROPICAL on 2008-03-26 22:31:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
84: 2008-03-27 02:32:04 UTC - RP392 - Deckard's System Scanner Restore Point
83: 2008-03-27 02:25:51 UTC - RP391 - Installed Windows Live Sign-in Assistant
82: 2008-03-27 02:24:06 UTC - RP390 - Installed Windows Live Messenger
81: 2008-03-26 19:51:25 UTC - RP389 - System Checkpoint
80: 2008-03-25 18:54:01 UTC - RP388 - Restore Operation
-- First Restore Point --
1: 2007-12-28 01:28:05 UTC - RP309 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as HONEST STAR TROPICAL.exe) --------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:38:17 PM, on 3/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\WINDOWS\system32\RAMAsst.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\HONEST STAR TROPICAL\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HONEST STAR TROPICAL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VAIO Recovery] "c:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] "c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [DISCover] "C:\Program Files\DISC\DISCover.exe" nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [L07AXLRD_3011093] "C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [LDM] "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMAsst.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O24 - Desktop Component 0: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2
--
End of file - 16500 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 DVD-RAM_Service - system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>
R2 RMSvc (Media Center Extender Resource Monitor) - c:\windows\ehome\rmsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
S3 WmcCds (Windows Media Connect (WMC)) - c:\program files\windows media connect\mswmccds.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmcCdsLs (Windows Media Connect (WMC) Helper) - c:\program files\windows media connect\mswmcls.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-25 15:49:08 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-03-25 01:04:19 652 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - HONEST STAR TROPICAL.job
2006-11-09 21:22:33 258 --a------ C:\WINDOWS\Tasks\Registration reminder 3.job
-- Files created between 2008-02-26 and 2008-03-26 -----------------------------
2008-03-26 22:26:39 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Contacts
2008-03-26 22:25:15 0 d-------- C:\WINDOWS\LastGood
2008-03-26 22:24:14 0 d-------- C:\Program Files\MSN Messenger
2008-03-26 22:00:28 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\acccore
2008-03-26 21:59:25 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Viewpoint
2008-03-26 21:59:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-26 21:58:55 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-03-26 21:58:55 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-03-26 21:57:20 0 d-------- C:\Program Files\AIM6
2008-03-26 21:47:09 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Aim
2008-03-26 21:46:56 0 d-------- C:\Program Files\Viewpoint
2008-03-26 21:46:55 0 d-------- C:\Program Files\AOD
2008-03-26 21:46:45 0 d-------- C:\Program Files\AIM
2008-03-26 16:11:03 0 d--h----- C:\WINDOWS\PIF
2008-03-25 15:24:03 0 d-------- C:\Program Files\Trend Micro
2008-03-25 14:50:05 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2008-03-25 02:30:08 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-25 02:30:08 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\SUPERAntiSpyware.com
2008-03-25 01:03:27 4096 --a------ C:\WINDOWS\system32taack.dat
2008-03-25 01:03:27 4096 --a------ C:\WINDOWS\system32hxiwlgpm.dat
2008-03-24 19:31:43 0 d-------- C:\Program Files\GameTap
2008-03-24 19:31:43 0 d-------- C:\Documents and Settings\All Users\Application Data\GameTap
2008-03-23 20:56:01 0 d-------- C:\Dragon NaturallySpeaking Professional 9
2008-03-23 20:53:38 0 d-------- C:\Dragon Naturally Speaking v9.51 Professional + Working CD Key
2008-03-23 20:50:19 0 d-------- C:\Dragon Naturally Speaking Professional 9.5 Yeah
2008-03-21 16:19:18 0 d-------- C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-03-21 16:04:09 0 d-------- C:\Program Files\Common Files\Real
2008-03-21 16:03:51 0 d-------- C:\Program Files\Real
2008-03-21 16:01:07 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Real
2008-03-20 16:08:50 0 d-------- C:\DVR109
2008-03-20 07:33:09 0 d-------- C:\MY_FIRST_EXPERIENCE
2008-03-20 07:07:37 0 d-------- C:\THE_PRINCESS_OF_MY_LIFE_1_AND_2
2008-03-20 01:14:30 241664 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2008-03-20 01:14:30 6029312 --a------ C:\Documents and Settings\HONEST STAR TROPICAL\ntuser.dat
2008-03-19 10:07:51 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Nero
2008-03-19 02:24:59 0 d-------- C:\BEAUTY_AND_THE_BEAST PART 3
2008-03-19 01:20:04 0 d-------- C:\Documents and Settings\Joseph\Application Data\Nero
2008-03-18 18:36:20 167936 -----n--- C:\WINDOWS\system32\RAMAsst.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
2008-03-18 18:36:20 113488 -----n--- C:\WINDOWS\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
2008-03-18 18:36:19 110592 -----n--- C:\WINDOWS\system32\DVDRAMSV.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
2008-03-18 18:36:19 135168 -----n--- C:\WINDOWS\system32\DVDMenu.dll <Not Verified; Matsushita Electric Industrial Co., Ltd.; DVDMenu.dll>
2008-03-18 18:36:17 0 d-------- C:\Program Files\DVD-RAM
2008-03-18 18:31:28 57344 --a------ C:\WINDOWS\system32\GenSvcInst.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
2008-03-18 18:31:28 86016 --a------ C:\WINDOWS\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
2008-03-18 18:31:27 32256 --a------ C:\WINDOWS\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
2008-03-18 18:30:01 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\InstallShield
2008-03-18 18:29:55 118784 --a------ C:\WINDOWS\system32\PDvAvi.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV AVI File Read and Write Module>
2008-03-18 18:29:54 36864 --a------ C:\WINDOWS\system32\DvWrite.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV Data Write Filter>
2008-03-18 18:29:54 36864 --a------ C:\WINDOWS\system32\DvRead.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV Read Filter>
2008-03-18 18:28:09 0 d-------- C:\Program Files\Common Files\CNC
2008-03-18 18:28:06 282624 --a------ C:\WINDOWS\system32\PCodec.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV Codec library>
2008-03-18 18:28:06 77824 --a------ C:\WINDOWS\system32\PAvFilt.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic AV Filter library>
2008-03-18 18:28:05 0 d-------- C:\Program Files\Common Files\Panasonic
2008-03-18 18:25:17 0 d-------- C:\Program Files\Panasonic
2008-03-18 02:58:24 0 d-------- C:\Program Files\NeroInstall.bak
2008-03-18 02:54:55 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Nero
2008-03-18 02:46:43 0 d-------- C:\Program Files\Common Files\Nero
2008-03-18 02:46:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-16 23:05:39 0 d-------- C:\Documents and Settings\Joseph\Application Data\Sun
2008-03-16 23:05:09 0 d-------- C:\Documents and Settings\Joseph\Application Data\Macromedia
2008-03-16 23:03:53 0 d-------- C:\Documents and Settings\Joseph\Application Data\Google
2008-03-16 23:03:00 0 d-------- C:\Documents and Settings\Joseph\Application Data\Adobe
2008-03-16 23:01:19 0 d-------- C:\Documents and Settings\Joseph\Application Data\InterMute
2008-03-16 23:01:14 0 d-------- C:\Documents and Settings\Joseph\Application Data\Webroot
2008-03-16 23:00:57 0 d-------- C:\Documents and Settings\Joseph\Application Data\Ahead
2008-03-16 23:00:14 0 d-------- C:\Documents and Settings\Joseph\Application Data\Apple Computer
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\Templates
2008-03-16 23:00:13 0 dr------- C:\Documents and Settings\Joseph\Start Menu
2008-03-16 23:00:13 0 dr-h----- C:\Documents and Settings\Joseph\SendTo
2008-03-16 23:00:13 0 dr-h----- C:\Documents and Settings\Joseph\Recent
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\PrintHood
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\NetHood
2008-03-16 23:00:13 0 dr------- C:\Documents and Settings\Joseph\My Documents
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\Local Settings
2008-03-16 23:00:13 0 dr------- C:\Documents and Settings\Joseph\Favorites
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Desktop
2008-03-16 23:00:13 0 d--hs---- C:\Documents and Settings\Joseph\Cookies
2008-03-16 23:00:13 0 dr-h----- C:\Documents and Settings\Joseph\Application Data
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Symantec
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Sony Corporation
2008-03-16 23:00:13 0 d---s---- C:\Documents and Settings\Joseph\Application Data\Microsoft
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Intuit
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Identities
2008-03-16 23:00:12 1572864 --ah----- C:\Documents and Settings\Joseph\ntuser.dat
2008-03-16 20:40:55 0 d-------- C:\Program Files\MediaMonkey
2008-03-16 19:49:37 0 d--h----- C:\WINDOWS\system32\CanonMF Uninstaller Information
2008-03-16 19:49:30 0 d--h----- C:\CanonMF
2008-03-14 00:21:44 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Sun
2008-03-13 22:45:55 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Mozilla
2008-03-12 22:21:18 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Google
2008-03-11 09:03:06 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Macromedia
2008-03-11 09:00:49 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Google
2008-03-11 01:30:31 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Apple Computer
2008-03-10 22:55:04 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Adobe
2008-03-10 22:54:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-03-10 22:19:41 0 d-------- C:\Program Files\BitComet
2008-03-10 06:49:54 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-03-09 20:41:06 0 d-------- C:\Program Files\iPod
2008-03-09 20:40:54 0 d-------- C:\Program Files\iTunes
2008-03-09 20:37:30 0 d-------- C:\Program Files\Bonjour
2008-03-09 20:36:01 0 d-------- C:\Program Files\QuickTime
2008-03-09 20:33:29 0 d-------- C:\Program Files\Apple Software Update
2008-03-09 20:32:04 0 d-------- C:\Program Files\Common Files\Apple
2008-03-09 20:32:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-03-09 18:21:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-03-09 16:48:56 0 d-------- C:\Program Files\Strike! Bowling
2008-03-09 05:25:15 0 d-------- C:\Program Files\DISC
2008-03-09 05:21:34 1167 --a------ C:\WINDOWS\mozver.dat
2008-03-09 03:27:05 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\InterMute
2008-03-09 03:26:54 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Webroot
2008-03-09 03:26:31 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Ahead
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Symantec
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Sony Corporation
2008-03-09 03:25:25 0 d---s---- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Microsoft
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Intuit
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Identities
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\Templates
2008-03-09 03:25:24 0 dr------- C:\Documents and Settings\HONESTSTARTROPICAL\Start Menu
2008-03-09 03:25:24 0 dr-h----- C:\Documents and Settings\HONESTSTARTROPICAL\SendTo
2008-03-09 03:25:24 0 dr-h----- C:\Documents and Settings\HONESTSTARTROPICAL\Recent
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\PrintHood
2008-03-09 03:25:24 1835008 --ah----- C:\Documents and Settings\HONESTSTARTROPICAL\ntuser.dat
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\NetHood
2008-03-09 03:25:24 0 dr------- C:\Documents and Settings\HONESTSTARTROPICAL\My Documents
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\Local Settings
2008-03-09 03:25:24 0 dr------- C:\Documents and Settings\HONESTSTARTROPICAL\Favorites
2008-03-09 03:25:24 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Desktop
2008-03-09 03:25:24 0 d--hs---- C:\Documents and Settings\HONESTSTARTROPICAL\Cookies
2008-03-09 03:25:24 0 dr-h----- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data
2008-03-09 01:56:22 0 d-------- C:\WINDOWS\network diagnostic
2008-03-09 01:52:20 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-03-09 01:52:10 0 d-------- C:\Program Files\Webroot
2008-03-09 01:52:10 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Webroot
2008-03-09 01:52:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-03-09 01:51:12 164 --a------ C:\install.dat
2008-03-09 01:47:16 0 d-------- C:\Program Files\MSXML 6.0
2008-03-09 01:36:13 0 d-------- C:\Program Files\MSXML 4.0
2008-03-09 01:08:32 0 d-------- C:\WINDOWS\system32\PreInstall
2008-03-09 00:46:37 0 d-------- C:\WINDOWS\Sun
2008-03-09 00:46:37 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Sun
2008-03-09 00:44:45 0 d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-03-09 00:25:15 0 d-------- C:\DVRA09
2008-03-09 00:15:03 0 d-------- C:\Program Files\Windows Sidebar
2008-03-09 00:13:56 0 d-------- C:\Program Files\Norton Internet Security
2008-03-08 23:46:42 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-03-08 23:09:19 0 d-------- C:\Documents and Settings\MCX1\Application Data\Macromedia
2008-03-08 23:09:19 0 d-------- C:\Documents and Settings\MCX1\Application Data\Adobe
2008-03-08 23:06:21 0 d-------- C:\Documents and Settings\MCX1\Application Data\Mozilla
2008-03-08 23:03:27 0 d-------- C:\Documents and Settings\MCX1\Application Data\Identities
2008-03-08 23:03:26 0 d--h----- C:\Documents and Settings\MCX1\NetHood
2008-03-08 23:03:26 0 dr------- C:\Documents and Settings\MCX1\My Documents
2008-03-08 23:03:26 0 d--h----- C:\Documents and Settings\MCX1\Local Settings
2008-03-08 23:03:26 0 dr------- C:\Documents and Settings\MCX1\Favorites
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Desktop
2008-03-08 23:03:26 0 d--hs---- C:\Documents and Settings\MCX1\Cookies
2008-03-08 23:03:26 0 dr-h----- C:\Documents and Settings\MCX1\Application Data
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Application Data\Symantec
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Application Data\Sony Corporation
2008-03-08 23:03:26 0 d---s---- C:\Documents and Settings\MCX1\Application Data\Microsoft
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Application Data\Intuit
2008-03-08 23:03:25 0 d--h----- C:\Documents and Settings\MCX1\Templates
2008-03-08 23:03:25 0 dr------- C:\Documents and Settings\MCX1\Start Menu
2008-03-08 23:03:25 0 dr-h----- C:\Documents and Settings\MCX1\SendTo
2008-03-08 23:03:25 0 dr-h----- C:\Documents and Settings\MCX1\Recent
2008-03-08 23:03:25 0 d--h----- C:\Documents and Settings\MCX1\PrintHood
2008-03-08 23:03:25 1048576 --ah----- C:\Documents and Settings\MCX1\ntuser.dat
2008-03-08 22:50:37 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-03-08 22:49:33 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Mozilla
2008-03-08 21:30:31 0 d--hs---- C:\Documents and Settings\HONEST STAR TROPICAL\UserData
2008-03-08 20:19:13 0 d-------- C:\WINDOWS\system32\LogFiles
2008-03-04 11:34:53 0 d-------- C:\Program Files\MUSICMATCH
2008-03-04 11:34:09 155648 --a------ C:\WINDOWS\system32\ifc21.dll <Not Verified; Immersion Corporation; Immersion Foundation Classes>
2008-03-04 11:34:08 97792 --a------ C:\WINDOWS\system32\LGUICOM.DLL <Not Verified; Logitech Inc.; MouseWare>
2008-03-04 11:34:08 94208 --a------ C:\WINDOWS\system32\FEELIT.DLL <Not Verified; Immersion Corporation; Immersion's FEELit Software>
2008-03-04 11:34:08 104960 --a------ C:\WINDOWS\system32\COMNCTR.DLL <Not Verified; Logitech Inc.; MouseWare>
2008-03-04 11:34:08 0 d-------- C:\Program Files\Common Files\Logitech
2008-03-04 11:34:05 0 d-------- C:\Program Files\Logitech
-- Find3M Report ---------------------------------------------------------------
2008-03-26 22:35:17 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-03-26 21:58:12 0 d-------- C:\Program Files\Common Files\AOL
2008-03-26 02:00:13 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-25 14:56:04 0 d-------- C:\Program Files\Google
2008-03-24 19:31:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-21 16:06:53 0 d-------- C:\Program Files\Common Files
2008-03-18 02:46:43 0 d-------- C:\Program Files\Nero
2008-03-18 02:26:14 0 d-------- C:\Program Files\Common Files\Ahead
2008-03-16 19:40:49 0 d-------- C:\Program Files\Canon
2008-03-10 06:47:11 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Vso
2008-03-09 00:48:36 0 d-------- C:\Program Files\Symantec
2008-03-09 00:17:26 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Symantec
2008-03-08 20:51:31 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Adobe
2008-02-21 22:57:57 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Macromedia
2008-01-26 17:08:17 0 d-------- C:\Program Files\EPSON Print CD
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
08/24/2007 11:51 PM 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
03/09/2008 12:46 AM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [08/24/2007 11:51 PM 316784]
[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [10/08/2004 01:50 PM C:\WINDOWS\AGRSMMSG.exe]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 04:56 PM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [03/23/2005 12:05 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 06:48 AM]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [06/17/2005 10:56 AM]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [01/14/2005 04:43 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [08/09/2004 09:03 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [02/16/2005 05:15 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [07/19/2005 02:09 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [07/19/2005 02:06 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [07/19/2005 02:10 PM]
"VAIO Recovery"="c:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/20/2003 12:08 AM]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [09/30/2003 01:14 AM]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [03/21/2006 02:19 PM]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [06/05/2006 10:06 AM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [02/18/2008 04:29 PM]
"Logitech Utility"="Logi_MwX.Exe" [11/07/2003 05:50 AM C:\WINDOWS\LOGI_MWX.EXE]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [10/01/2003 11:01 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/18/2008 03:37 PM]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [08/25/2007 12:53 AM]
"DISCover"="C:\Program Files\DISC\DISCover.exe" [11/16/2007 08:49 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/31/2008 11:13 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/19/2008 01:10 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [02/28/2008 09:59 AM]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [01/04/2008 09:56 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 08:00 AM]
"L07AXLRD_3011093"="C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.exe" [06/10/2006 05:10 AM]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [03/04/2008 11:36 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [03/10/2008 10:54 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [03/06/2008 04:50 PM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
C:\Documents and Settings\HONEST STAR TROPICAL\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 9:16:50 PM]
PowerReg Scheduler.exe [8/5/2007 1:32:25 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 7:44:06 AM]
Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe [10/20/2005 8:55:40 PM]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [3/4/2008 11:36:53 AM]
RAMASST.lnk - C:\WINDOWS\system32\RAMAsst.exe [3/18/2008 6:36:20 PM]
SpySubtract.lnk - C:\Program Files\InterMute\SpySubtract\SpySub.exe [5/4/2006 10:24:15 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE QWAVE
*Newly Created Service* - COMHOST
*Newly Created Service* - USNJSVC
*Newly Created Service* - VIEWPOINT_MANAGER_SERVICE
-- End of Deckard's System Scanner: finished at 2008-03-26 22:39:24 ------------
Run by HONEST STAR TROPICAL on 2008-03-26 22:31:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
84: 2008-03-27 02:32:04 UTC - RP392 - Deckard's System Scanner Restore Point
83: 2008-03-27 02:25:51 UTC - RP391 - Installed Windows Live Sign-in Assistant
82: 2008-03-27 02:24:06 UTC - RP390 - Installed Windows Live Messenger
81: 2008-03-26 19:51:25 UTC - RP389 - System Checkpoint
80: 2008-03-25 18:54:01 UTC - RP388 - Restore Operation
-- First Restore Point --
1: 2007-12-28 01:28:05 UTC - RP309 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as HONEST STAR TROPICAL.exe) --------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:38:17 PM, on 3/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\WINDOWS\system32\RAMAsst.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\HONEST STAR TROPICAL\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HONEST STAR TROPICAL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VAIO Recovery] "c:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] "c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [DISCover] "C:\Program Files\DISC\DISCover.exe" nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [L07AXLRD_3011093] "C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [LDM] "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMAsst.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O24 - Desktop Component 0: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2
--
End of file - 16500 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 DVD-RAM_Service - system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>
R2 RMSvc (Media Center Extender Resource Monitor) - c:\windows\ehome\rmsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
S3 WmcCds (Windows Media Connect (WMC)) - c:\program files\windows media connect\mswmccds.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmcCdsLs (Windows Media Connect (WMC) Helper) - c:\program files\windows media connect\mswmcls.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-25 15:49:08 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-03-25 01:04:19 652 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - HONEST STAR TROPICAL.job
2006-11-09 21:22:33 258 --a------ C:\WINDOWS\Tasks\Registration reminder 3.job
-- Files created between 2008-02-26 and 2008-03-26 -----------------------------
2008-03-26 22:26:39 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Contacts
2008-03-26 22:25:15 0 d-------- C:\WINDOWS\LastGood
2008-03-26 22:24:14 0 d-------- C:\Program Files\MSN Messenger
2008-03-26 22:00:28 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\acccore
2008-03-26 21:59:25 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Viewpoint
2008-03-26 21:59:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-26 21:58:55 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-03-26 21:58:55 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-03-26 21:57:20 0 d-------- C:\Program Files\AIM6
2008-03-26 21:47:09 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Aim
2008-03-26 21:46:56 0 d-------- C:\Program Files\Viewpoint
2008-03-26 21:46:55 0 d-------- C:\Program Files\AOD
2008-03-26 21:46:45 0 d-------- C:\Program Files\AIM
2008-03-26 16:11:03 0 d--h----- C:\WINDOWS\PIF
2008-03-25 15:24:03 0 d-------- C:\Program Files\Trend Micro
2008-03-25 14:50:05 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2008-03-25 02:30:08 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-25 02:30:08 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\SUPERAntiSpyware.com
2008-03-25 01:03:27 4096 --a------ C:\WINDOWS\system32taack.dat
2008-03-25 01:03:27 4096 --a------ C:\WINDOWS\system32hxiwlgpm.dat
2008-03-24 19:31:43 0 d-------- C:\Program Files\GameTap
2008-03-24 19:31:43 0 d-------- C:\Documents and Settings\All Users\Application Data\GameTap
2008-03-23 20:56:01 0 d-------- C:\Dragon NaturallySpeaking Professional 9
2008-03-23 20:53:38 0 d-------- C:\Dragon Naturally Speaking v9.51 Professional + Working CD Key
2008-03-23 20:50:19 0 d-------- C:\Dragon Naturally Speaking Professional 9.5 Yeah
2008-03-21 16:19:18 0 d-------- C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-03-21 16:04:09 0 d-------- C:\Program Files\Common Files\Real
2008-03-21 16:03:51 0 d-------- C:\Program Files\Real
2008-03-21 16:01:07 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Real
2008-03-20 16:08:50 0 d-------- C:\DVR109
2008-03-20 07:33:09 0 d-------- C:\MY_FIRST_EXPERIENCE
2008-03-20 07:07:37 0 d-------- C:\THE_PRINCESS_OF_MY_LIFE_1_AND_2
2008-03-20 01:14:30 241664 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2008-03-20 01:14:30 6029312 --a------ C:\Documents and Settings\HONEST STAR TROPICAL\ntuser.dat
2008-03-19 10:07:51 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Nero
2008-03-19 02:24:59 0 d-------- C:\BEAUTY_AND_THE_BEAST PART 3
2008-03-19 01:20:04 0 d-------- C:\Documents and Settings\Joseph\Application Data\Nero
2008-03-18 18:36:20 167936 -----n--- C:\WINDOWS\system32\RAMAsst.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
2008-03-18 18:36:20 113488 -----n--- C:\WINDOWS\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
2008-03-18 18:36:19 110592 -----n--- C:\WINDOWS\system32\DVDRAMSV.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
2008-03-18 18:36:19 135168 -----n--- C:\WINDOWS\system32\DVDMenu.dll <Not Verified; Matsushita Electric Industrial Co., Ltd.; DVDMenu.dll>
2008-03-18 18:36:17 0 d-------- C:\Program Files\DVD-RAM
2008-03-18 18:31:28 57344 --a------ C:\WINDOWS\system32\GenSvcInst.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
2008-03-18 18:31:28 86016 --a------ C:\WINDOWS\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
2008-03-18 18:31:27 32256 --a------ C:\WINDOWS\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
2008-03-18 18:30:01 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\InstallShield
2008-03-18 18:29:55 118784 --a------ C:\WINDOWS\system32\PDvAvi.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV AVI File Read and Write Module>
2008-03-18 18:29:54 36864 --a------ C:\WINDOWS\system32\DvWrite.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV Data Write Filter>
2008-03-18 18:29:54 36864 --a------ C:\WINDOWS\system32\DvRead.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV Read Filter>
2008-03-18 18:28:09 0 d-------- C:\Program Files\Common Files\CNC
2008-03-18 18:28:06 282624 --a------ C:\WINDOWS\system32\PCodec.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic DV Codec library>
2008-03-18 18:28:06 77824 --a------ C:\WINDOWS\system32\PAvFilt.dll <Not Verified; Matsushita Electric Ind.Co.,LTD.; Panasonic AV Filter library>
2008-03-18 18:28:05 0 d-------- C:\Program Files\Common Files\Panasonic
2008-03-18 18:25:17 0 d-------- C:\Program Files\Panasonic
2008-03-18 02:58:24 0 d-------- C:\Program Files\NeroInstall.bak
2008-03-18 02:54:55 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Nero
2008-03-18 02:46:43 0 d-------- C:\Program Files\Common Files\Nero
2008-03-18 02:46:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-16 23:05:39 0 d-------- C:\Documents and Settings\Joseph\Application Data\Sun
2008-03-16 23:05:09 0 d-------- C:\Documents and Settings\Joseph\Application Data\Macromedia
2008-03-16 23:03:53 0 d-------- C:\Documents and Settings\Joseph\Application Data\Google
2008-03-16 23:03:00 0 d-------- C:\Documents and Settings\Joseph\Application Data\Adobe
2008-03-16 23:01:19 0 d-------- C:\Documents and Settings\Joseph\Application Data\InterMute
2008-03-16 23:01:14 0 d-------- C:\Documents and Settings\Joseph\Application Data\Webroot
2008-03-16 23:00:57 0 d-------- C:\Documents and Settings\Joseph\Application Data\Ahead
2008-03-16 23:00:14 0 d-------- C:\Documents and Settings\Joseph\Application Data\Apple Computer
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\Templates
2008-03-16 23:00:13 0 dr------- C:\Documents and Settings\Joseph\Start Menu
2008-03-16 23:00:13 0 dr-h----- C:\Documents and Settings\Joseph\SendTo
2008-03-16 23:00:13 0 dr-h----- C:\Documents and Settings\Joseph\Recent
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\PrintHood
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\NetHood
2008-03-16 23:00:13 0 dr------- C:\Documents and Settings\Joseph\My Documents
2008-03-16 23:00:13 0 d--h----- C:\Documents and Settings\Joseph\Local Settings
2008-03-16 23:00:13 0 dr------- C:\Documents and Settings\Joseph\Favorites
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Desktop
2008-03-16 23:00:13 0 d--hs---- C:\Documents and Settings\Joseph\Cookies
2008-03-16 23:00:13 0 dr-h----- C:\Documents and Settings\Joseph\Application Data
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Symantec
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Sony Corporation
2008-03-16 23:00:13 0 d---s---- C:\Documents and Settings\Joseph\Application Data\Microsoft
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Intuit
2008-03-16 23:00:13 0 d-------- C:\Documents and Settings\Joseph\Application Data\Identities
2008-03-16 23:00:12 1572864 --ah----- C:\Documents and Settings\Joseph\ntuser.dat
2008-03-16 20:40:55 0 d-------- C:\Program Files\MediaMonkey
2008-03-16 19:49:37 0 d--h----- C:\WINDOWS\system32\CanonMF Uninstaller Information
2008-03-16 19:49:30 0 d--h----- C:\CanonMF
2008-03-14 00:21:44 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Sun
2008-03-13 22:45:55 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Mozilla
2008-03-12 22:21:18 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Google
2008-03-11 09:03:06 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Macromedia
2008-03-11 09:00:49 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Google
2008-03-11 01:30:31 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Apple Computer
2008-03-10 22:55:04 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Adobe
2008-03-10 22:54:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-03-10 22:19:41 0 d-------- C:\Program Files\BitComet
2008-03-10 06:49:54 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-03-09 20:41:06 0 d-------- C:\Program Files\iPod
2008-03-09 20:40:54 0 d-------- C:\Program Files\iTunes
2008-03-09 20:37:30 0 d-------- C:\Program Files\Bonjour
2008-03-09 20:36:01 0 d-------- C:\Program Files\QuickTime
2008-03-09 20:33:29 0 d-------- C:\Program Files\Apple Software Update
2008-03-09 20:32:04 0 d-------- C:\Program Files\Common Files\Apple
2008-03-09 20:32:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-03-09 18:21:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-03-09 16:48:56 0 d-------- C:\Program Files\Strike! Bowling
2008-03-09 05:25:15 0 d-------- C:\Program Files\DISC
2008-03-09 05:21:34 1167 --a------ C:\WINDOWS\mozver.dat
2008-03-09 03:27:05 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\InterMute
2008-03-09 03:26:54 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Webroot
2008-03-09 03:26:31 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Ahead
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Symantec
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Sony Corporation
2008-03-09 03:25:25 0 d---s---- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Microsoft
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Intuit
2008-03-09 03:25:25 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data\Identities
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\Templates
2008-03-09 03:25:24 0 dr------- C:\Documents and Settings\HONESTSTARTROPICAL\Start Menu
2008-03-09 03:25:24 0 dr-h----- C:\Documents and Settings\HONESTSTARTROPICAL\SendTo
2008-03-09 03:25:24 0 dr-h----- C:\Documents and Settings\HONESTSTARTROPICAL\Recent
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\PrintHood
2008-03-09 03:25:24 1835008 --ah----- C:\Documents and Settings\HONESTSTARTROPICAL\ntuser.dat
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\NetHood
2008-03-09 03:25:24 0 dr------- C:\Documents and Settings\HONESTSTARTROPICAL\My Documents
2008-03-09 03:25:24 0 d--h----- C:\Documents and Settings\HONESTSTARTROPICAL\Local Settings
2008-03-09 03:25:24 0 dr------- C:\Documents and Settings\HONESTSTARTROPICAL\Favorites
2008-03-09 03:25:24 0 d-------- C:\Documents and Settings\HONESTSTARTROPICAL\Desktop
2008-03-09 03:25:24 0 d--hs---- C:\Documents and Settings\HONESTSTARTROPICAL\Cookies
2008-03-09 03:25:24 0 dr-h----- C:\Documents and Settings\HONESTSTARTROPICAL\Application Data
2008-03-09 01:56:22 0 d-------- C:\WINDOWS\network diagnostic
2008-03-09 01:52:20 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-03-09 01:52:10 0 d-------- C:\Program Files\Webroot
2008-03-09 01:52:10 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Webroot
2008-03-09 01:52:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-03-09 01:51:12 164 --a------ C:\install.dat
2008-03-09 01:47:16 0 d-------- C:\Program Files\MSXML 6.0
2008-03-09 01:36:13 0 d-------- C:\Program Files\MSXML 4.0
2008-03-09 01:08:32 0 d-------- C:\WINDOWS\system32\PreInstall
2008-03-09 00:46:37 0 d-------- C:\WINDOWS\Sun
2008-03-09 00:46:37 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Sun
2008-03-09 00:44:45 0 d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-03-09 00:25:15 0 d-------- C:\DVRA09
2008-03-09 00:15:03 0 d-------- C:\Program Files\Windows Sidebar
2008-03-09 00:13:56 0 d-------- C:\Program Files\Norton Internet Security
2008-03-08 23:46:42 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-03-08 23:09:19 0 d-------- C:\Documents and Settings\MCX1\Application Data\Macromedia
2008-03-08 23:09:19 0 d-------- C:\Documents and Settings\MCX1\Application Data\Adobe
2008-03-08 23:06:21 0 d-------- C:\Documents and Settings\MCX1\Application Data\Mozilla
2008-03-08 23:03:27 0 d-------- C:\Documents and Settings\MCX1\Application Data\Identities
2008-03-08 23:03:26 0 d--h----- C:\Documents and Settings\MCX1\NetHood
2008-03-08 23:03:26 0 dr------- C:\Documents and Settings\MCX1\My Documents
2008-03-08 23:03:26 0 d--h----- C:\Documents and Settings\MCX1\Local Settings
2008-03-08 23:03:26 0 dr------- C:\Documents and Settings\MCX1\Favorites
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Desktop
2008-03-08 23:03:26 0 d--hs---- C:\Documents and Settings\MCX1\Cookies
2008-03-08 23:03:26 0 dr-h----- C:\Documents and Settings\MCX1\Application Data
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Application Data\Symantec
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Application Data\Sony Corporation
2008-03-08 23:03:26 0 d---s---- C:\Documents and Settings\MCX1\Application Data\Microsoft
2008-03-08 23:03:26 0 d-------- C:\Documents and Settings\MCX1\Application Data\Intuit
2008-03-08 23:03:25 0 d--h----- C:\Documents and Settings\MCX1\Templates
2008-03-08 23:03:25 0 dr------- C:\Documents and Settings\MCX1\Start Menu
2008-03-08 23:03:25 0 dr-h----- C:\Documents and Settings\MCX1\SendTo
2008-03-08 23:03:25 0 dr-h----- C:\Documents and Settings\MCX1\Recent
2008-03-08 23:03:25 0 d--h----- C:\Documents and Settings\MCX1\PrintHood
2008-03-08 23:03:25 1048576 --ah----- C:\Documents and Settings\MCX1\ntuser.dat
2008-03-08 22:50:37 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-03-08 22:49:33 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Mozilla
2008-03-08 21:30:31 0 d--hs---- C:\Documents and Settings\HONEST STAR TROPICAL\UserData
2008-03-08 20:19:13 0 d-------- C:\WINDOWS\system32\LogFiles
2008-03-04 11:34:53 0 d-------- C:\Program Files\MUSICMATCH
2008-03-04 11:34:09 155648 --a------ C:\WINDOWS\system32\ifc21.dll <Not Verified; Immersion Corporation; Immersion Foundation Classes>
2008-03-04 11:34:08 97792 --a------ C:\WINDOWS\system32\LGUICOM.DLL <Not Verified; Logitech Inc.; MouseWare>
2008-03-04 11:34:08 94208 --a------ C:\WINDOWS\system32\FEELIT.DLL <Not Verified; Immersion Corporation; Immersion's FEELit Software>
2008-03-04 11:34:08 104960 --a------ C:\WINDOWS\system32\COMNCTR.DLL <Not Verified; Logitech Inc.; MouseWare>
2008-03-04 11:34:08 0 d-------- C:\Program Files\Common Files\Logitech
2008-03-04 11:34:05 0 d-------- C:\Program Files\Logitech
-- Find3M Report ---------------------------------------------------------------
2008-03-26 22:35:17 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-03-26 21:58:12 0 d-------- C:\Program Files\Common Files\AOL
2008-03-26 02:00:13 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-25 14:56:04 0 d-------- C:\Program Files\Google
2008-03-24 19:31:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-21 16:06:53 0 d-------- C:\Program Files\Common Files
2008-03-18 02:46:43 0 d-------- C:\Program Files\Nero
2008-03-18 02:26:14 0 d-------- C:\Program Files\Common Files\Ahead
2008-03-16 19:40:49 0 d-------- C:\Program Files\Canon
2008-03-10 06:47:11 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Vso
2008-03-09 00:48:36 0 d-------- C:\Program Files\Symantec
2008-03-09 00:17:26 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Symantec
2008-03-08 20:51:31 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Adobe
2008-02-21 22:57:57 0 d-------- C:\Documents and Settings\HONEST STAR TROPICAL\Application Data\Macromedia
2008-01-26 17:08:17 0 d-------- C:\Program Files\EPSON Print CD
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
08/24/2007 11:51 PM 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
03/09/2008 12:46 AM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [08/24/2007 11:51 PM 316784]
[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [10/08/2004 01:50 PM C:\WINDOWS\AGRSMMSG.exe]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 04:56 PM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [03/23/2005 12:05 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 06:48 AM]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [06/17/2005 10:56 AM]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [01/14/2005 04:43 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [08/09/2004 09:03 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [02/16/2005 05:15 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [07/19/2005 02:09 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [07/19/2005 02:06 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [07/19/2005 02:10 PM]
"VAIO Recovery"="c:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/20/2003 12:08 AM]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [09/30/2003 01:14 AM]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [03/21/2006 02:19 PM]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [06/05/2006 10:06 AM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [02/18/2008 04:29 PM]
"Logitech Utility"="Logi_MwX.Exe" [11/07/2003 05:50 AM C:\WINDOWS\LOGI_MWX.EXE]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [10/01/2003 11:01 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/18/2008 03:37 PM]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [08/25/2007 12:53 AM]
"DISCover"="C:\Program Files\DISC\DISCover.exe" [11/16/2007 08:49 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/31/2008 11:13 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/19/2008 01:10 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [02/28/2008 09:59 AM]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [01/04/2008 09:56 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 08:00 AM]
"L07AXLRD_3011093"="C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.exe" [06/10/2006 05:10 AM]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [03/04/2008 11:36 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [03/10/2008 10:54 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [03/06/2008 04:50 PM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
C:\Documents and Settings\HONEST STAR TROPICAL\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 9:16:50 PM]
PowerReg Scheduler.exe [8/5/2007 1:32:25 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 7:44:06 AM]
Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe [10/20/2005 8:55:40 PM]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [3/4/2008 11:36:53 AM]
RAMASST.lnk - C:\WINDOWS\system32\RAMAsst.exe [3/18/2008 6:36:20 PM]
SpySubtract.lnk - C:\Program Files\InterMute\SpySubtract\SpySub.exe [5/4/2006 10:24:15 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE QWAVE
*Newly Created Service* - COMHOST
*Newly Created Service* - USNJSVC
*Newly Created Service* - VIEWPOINT_MANAGER_SERVICE
-- End of Deckard's System Scanner: finished at 2008-03-26 22:39:24 ------------
Attachments
-
32 KB Views: 27
- Status
- Not open for further replies.
1 - 1 of 1 Posts
1 - 1 of 1 Posts
- Status
- Not open for further replies.
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Recommended Communities
