SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 07/13/2007 at 07:19 PM
Application Version : 3.9.1008
Core Rules Database Version : 3269
Trace Rules Database Version: 1280
Scan type : Complete Scan
Total Scan Time : 00:35:23
Memory items scanned : 644
Memory threats detected : 0
Registry items scanned : 6626
Registry threats detected : 26
File items scanned : 55480
File threats detected : 96
Adware.RX Toolbar
HKLM\Software\Classes\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\InprocServer32
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\InprocServer32#ThreadingModel
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\ProgID
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\Programmable
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\TypeLib
HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\VersionIndependentProgID
C:\PROGRAM FILES\RXTOOLBAR\RXTOOLBAR.DLL
HKLM\Software\Classes\CLSID\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}
HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}
HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}
HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\InprocServer32
HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\InprocServer32#ThreadingModel
HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\ProgID
HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\VersionIndependentProgID
Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\InprocServer32
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\InprocServer32#ThreadingModel
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\KeyPhrasesFileName
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\ProgID
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\VersionIndependentProgID
C:\PROGRAM FILES\RXTOOLBAR\SFCONT.DLL
HKCR\PROTOCOLS\Filter\text/html
HKCR\PROTOCOLS\Filter\text/html#CLSID
Malware.DrAntiSpy
C:\Program Files\DrAntispy\DrAntispy.lic
C:\Program Files\DrAntispy\Uninstall.exe
C:\Program Files\DrAntispy
Malware.VirusProtectPro
C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR\LOCAL SETTINGS\TEMP\~NSU.TMP\AU_.EXE
C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\JRHZRPGK\VPP_INSTALL[1].EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP285\A0024618.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP285\A0024634.EXE
Adware.Need2Find
C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\PLUGINS\NPND2FN.DLL
Trojan.Smitfraud Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP295\A0025122.DLL
Malware.DriveCleaner
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP298\A0026202.EXE
Malware.Installer-Pkg/Gen
D:\I386\APPS\APP29223\SRC\INSTALL\WORLDWIDE-MEDIACENTER\GAMES\{0C84A7C5-2762-4932-96BF-44A77202DCC3}.EXE
D:\I386\APPS\APP29223\SRC\INSTALL\WORLDWIDE-MEDIACENTER\GAMES\{B2AA88B1-4920-462B-9F7C-019782B3C4DB}.EXE
Trace.Known Threat Sources
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\31JPUHU4\kaiyalynnbgvid006.wmv_medium[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\31JPUHU4\sunshinebgvid007.wmv_medium[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\3LXYMTBV\jazminbgvid011.wmv_medium[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\3LXYMTBV\lc[1].js
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\NJ4YZ2GE\Layout[1].js
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\8TEN496Z\cathyvidall.wmv_medium[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\909PJ1TJ\virusprotectpro[1].htm
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\05YBK5IN\lc[1].js
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\main_bg[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\bul[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\icon_update[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\dillanlaurenbgvid003.wmv_small[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\logo_bot[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\main_features[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\button_company[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\nav_bg[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\button_buy_pressed[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\r[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\fl_l[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\lainoibgvidall.wmv_small[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\minify[1].php
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\button_download[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\btn_get[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\menu_left[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\button_privacy_pressed[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\minify[2].php
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\fl_btn[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\style[3].css
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\blur[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\button_buy_now[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\main_fill[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\fl_r[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\sep1[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\nav_r[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\f_bg[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\viruslocker[1].htm
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\button_support[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\kellyklinebgvid010.wmv_small[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\icon_scanner[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\block_bg[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\menu_fill[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\style[2].css
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\button_features[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\joleanhardvid006.wmv_small[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\how[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\dbver[1].dat
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\images[1].js
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\top_head[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\icon_update[2].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\slogan[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\lc[2].js
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\icon_shield[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\fl_sep[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\logo_top[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\button_affiliates[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\jaynaosobgvid010.wmv_small[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\button_support_pressed[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\protect[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\footer[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\email[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\button_download[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\l[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\main_bg_fill[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\coleconnerbgvid004.wmv_small[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\line_dotted[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\home[2].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\button_company_pressed[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\havanagingerbgvidall.wmv_small[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\b_l[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\menu_right[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\special_offer[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\h[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\button_buy[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\logo[2].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\bn_download[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\2NYBIDYR\screen[1].jpg
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\icon_scan[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WNVNIWT5\top_bg[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\flag_fr[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\freescan_button[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\JRHZRPGK\button_privacy[1].gif
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\K50P63CH\features[1].gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:30:43 PM, on 7/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\arservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\DriveCleaner Free\dcsm.exe
C:\Program Files\DISC\DiscGui.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://renewalcenter.symantec.com/s...locale=iso:USA&vendid=002&vendtag=ER902AA-ABA
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ProfileWatcher] C:\Program Files\ProfileWatcher\profilewatcher.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [dcsm] "C:\Program Files\Common Files\DriveCleaner Free\dcsm.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents and Settings\HP_Administrator\Local Settings\Temp\{711BAB58-ACCE-4F9B-8822-5D4A76F6AE9A}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.trymedia.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://download.games.yahoo.com/games/web_games/popcap/chuzzle/popcaploader_v6.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
--
End of file - 9959 bytes