Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
Deckard's System Scanner v20071014.68
Run by Administrator on 2008-05-11 09:49:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 0.91 GiB (less than 15%) free.
-- HijackThis (run as Administrator.exe) ---------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:51:58 AM, on 5/11/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\Winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://top-find4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://top-find4u.com/sp.htm
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tr...Transporter.cab?
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/...1ee4b511a6285be
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
--
End of file - 8110 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MCSTRM - c:\winnt\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
R3 allegro (ESS Allegro Audio Driver (WDM)) - c:\winnt\system32\drivers\es198x.sys <Not Verified; ESS Technology, Inc.; Windows ® 2000 DDK driver>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S2 NNServ - "c:\program files\newdotnet\nnrun.exe" "c:\program files\newdotnet\nncore.dll" servicestart (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-04-11 and 2008-05-11 -----------------------------
2008-05-11 01:43:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-11 01:43:21 0 d-------- C:\WINNT\system32\Kaspersky Lab
2008-05-11 01:27:12 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_23c.dat
2008-05-11 00:10:44 0 d-------- C:\Program Files\Java
2008-05-11 00:10:38 0 d-------- C:\Program Files\Common Files\Java
2008-05-11 00:10:07 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-05-10 09:03:04 0 d-------- C:\Program Files\Lavasoft
2008-05-08 17:34:12 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_244.dat
2008-05-05 19:10:20 50688 --a------ C:\Program Files\ATF-Cleaner.exe <Not Verified; Atribune.org; ATF Cleaner>
2008-05-05 18:48:49 0 d-------- C:\Program Files\backups
2008-05-01 12:20:14 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_368.dat
2008-05-01 12:19:54 316071 --ahs---- C:\WINNT\system32\wFikTvut.ini2
2008-04-30 20:59:42 102400 --a------ C:\WINNT\xbaqktfv.exe
2008-04-30 20:59:42 241664 --a------ C:\WINNT\qadovnel.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\winlogonpc.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\taack.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\taack.dat
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\ssurf022.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\sncntr.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\psoft1.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\psof1.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\ps1.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\netode.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\mwin32.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\msnbho.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\medup012.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hxiwlgpm.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hxiwlgpm.dat
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hoproxy.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\bsva-egihsg52.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\vcatchpi.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\thun32.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\thun.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\temp#01.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\ssvchost.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\ssvchost.com
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\Rundl1.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\regm64.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\regc64.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\newsd32.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\mtr2.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\msvchost.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\msgp.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\emesx.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\dpcproxy.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\anticipator.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\akttzn.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\WINWGPX.EXE
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\winsystem.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\vbsys2.dll
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\sysreq.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\mssecu.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\bdn.com
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\awtoolb.dll
2008-04-30 20:58:08 0 d-------- C:\Documents and Settings\All Users\Application Data\rcdkbyhg
2008-04-26 21:24:05 0 d-------- C:\Program Files\ZoneAlarmSB
2008-04-26 21:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-04-26 21:19:53 4212 ---h----- C:\WINNT\system32\zllictbl.dat
2008-04-26 21:18:12 0 d-------- C:\WINNT\system32\ZoneLabs
2008-04-26 20:47:20 0 d-a------ C:\WINNT\Internet Logs
2008-04-17 20:49:09 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-17 20:48:50 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-17 20:48:50 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-04-15 08:39:45 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_24c.dat
2008-04-14 23:14:11 0 d-------- C:\Program Files\Alwil Software
2008-04-14 23:05:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-14 23:04:37 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
-- Find3M Report ---------------------------------------------------------------
2008-05-11 00:10:38 0 d-a------ C:\Program Files\Common Files
2008-05-09 13:57:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\WeatherBug
2008-05-05 15:33:57 0 d-------- C:\Program Files\Trend Micro
2008-04-28 08:13:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-04-18 22:29:19 0 d-------- C:\Program Files\fsupport
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
04/26/08 09:24p 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [04/26/08 09:24p 262144]
[-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [06/19/03 12:05p C:\WINNT\system32\mobsync.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/24/05 02:13p]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/13/04 04:49p]
"WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [04/26/02 12:53p]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/29/08 12:37p]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/08 04:28a]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [01/06/06 10:57a]
"License Manager"="C:\Program Files\License_Manager\license_manager.exe" []
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [08/27/07 04:19p]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 8:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 8:50:52 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/06 12:55p 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/07 12:41p 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\tuvTkiFw
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"projselector"="C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe" -r
"RoxioEngineUtility"="C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
"RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
-- End of Deckard's System Scanner: finished at 2008-05-11 09:53:30 ------------
Run by Administrator on 2008-05-11 09:49:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 0.91 GiB (less than 15%) free.
-- HijackThis (run as Administrator.exe) ---------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:51:58 AM, on 5/11/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\Winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://top-find4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://top-find4u.com/sp.htm
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tr...Transporter.cab?
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/...1ee4b511a6285be
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
--
End of file - 8110 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MCSTRM - c:\winnt\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
R3 allegro (ESS Allegro Audio Driver (WDM)) - c:\winnt\system32\drivers\es198x.sys <Not Verified; ESS Technology, Inc.; Windows ® 2000 DDK driver>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S2 NNServ - "c:\program files\newdotnet\nnrun.exe" "c:\program files\newdotnet\nncore.dll" servicestart (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-04-11 and 2008-05-11 -----------------------------
2008-05-11 01:43:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-11 01:43:21 0 d-------- C:\WINNT\system32\Kaspersky Lab
2008-05-11 01:27:12 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_23c.dat
2008-05-11 00:10:44 0 d-------- C:\Program Files\Java
2008-05-11 00:10:38 0 d-------- C:\Program Files\Common Files\Java
2008-05-11 00:10:07 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-05-10 09:03:04 0 d-------- C:\Program Files\Lavasoft
2008-05-08 17:34:12 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_244.dat
2008-05-05 19:10:20 50688 --a------ C:\Program Files\ATF-Cleaner.exe <Not Verified; Atribune.org; ATF Cleaner>
2008-05-05 18:48:49 0 d-------- C:\Program Files\backups
2008-05-01 12:20:14 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_368.dat
2008-05-01 12:19:54 316071 --ahs---- C:\WINNT\system32\wFikTvut.ini2
2008-04-30 20:59:42 102400 --a------ C:\WINNT\xbaqktfv.exe
2008-04-30 20:59:42 241664 --a------ C:\WINNT\qadovnel.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\winlogonpc.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\taack.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\taack.dat
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\ssurf022.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\sncntr.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\psoft1.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\psof1.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\ps1.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\netode.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\mwin32.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\msnbho.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\medup012.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hxiwlgpm.exe
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hxiwlgpm.dat
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\hoproxy.dll
2008-04-30 20:58:22 4096 --a------ C:\WINNT\system32\bsva-egihsg52.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\vcatchpi.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\thun32.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\thun.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\temp#01.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\ssvchost.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\ssvchost.com
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\Rundl1.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\regm64.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\regc64.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\newsd32.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\mtr2.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\msvchost.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\msgp.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\emesx.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\dpcproxy.exe
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\anticipator.dll
2008-04-30 20:58:21 4096 --a------ C:\WINNT\system32\akttzn.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\WINWGPX.EXE
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\winsystem.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\vbsys2.dll
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\sysreq.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\mssecu.exe
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\bdn.com
2008-04-30 20:58:20 4096 --a------ C:\WINNT\system32\awtoolb.dll
2008-04-30 20:58:08 0 d-------- C:\Documents and Settings\All Users\Application Data\rcdkbyhg
2008-04-26 21:24:05 0 d-------- C:\Program Files\ZoneAlarmSB
2008-04-26 21:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-04-26 21:19:53 4212 ---h----- C:\WINNT\system32\zllictbl.dat
2008-04-26 21:18:12 0 d-------- C:\WINNT\system32\ZoneLabs
2008-04-26 20:47:20 0 d-a------ C:\WINNT\Internet Logs
2008-04-17 20:49:09 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-17 20:48:50 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-17 20:48:50 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-04-15 08:39:45 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_24c.dat
2008-04-14 23:14:11 0 d-------- C:\Program Files\Alwil Software
2008-04-14 23:05:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-14 23:04:37 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
-- Find3M Report ---------------------------------------------------------------
2008-05-11 00:10:38 0 d-a------ C:\Program Files\Common Files
2008-05-09 13:57:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\WeatherBug
2008-05-05 15:33:57 0 d-------- C:\Program Files\Trend Micro
2008-04-28 08:13:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-04-18 22:29:19 0 d-------- C:\Program Files\fsupport
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
04/26/08 09:24p 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [04/26/08 09:24p 262144]
[-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [06/19/03 12:05p C:\WINNT\system32\mobsync.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/24/05 02:13p]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/13/04 04:49p]
"WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [04/26/02 12:53p]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/29/08 12:37p]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/08 04:28a]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [01/06/06 10:57a]
"License Manager"="C:\Program Files\License_Manager\license_manager.exe" []
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [08/27/07 04:19p]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 8:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 8:50:52 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/06 12:55p 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/07 12:41p 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\tuvTkiFw
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"projselector"="C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe" -r
"RoxioEngineUtility"="C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
"RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
-- End of Deckard's System Scanner: finished at 2008-05-11 09:53:30 ------------
Back to top
