Deckard's System Scanner v20071014.68
Run by Jonie on 2008-01-19 15:36:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-01-19 21:36:38 UTC - RP102 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Jonie.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:40:20 PM, on 1/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Jonie\Desktop\dss.exe
C:\DOCUME~1\Jonie\MYDOCU~1\DOWNLO~1\Jonie.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c9 -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c9 -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: Append to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://utilities.pcpitstop.com/da/PCPitStop.CABO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 5786792109O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cabO16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www.ca.com/us/securityadvisor/vi ... ebscan.cabO18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcq_device - - C:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 9164 bytes
-- File Associations -----------------------------------------------------------
.js - jsfile - DefaultIcon - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe",7.js - jsfile - shell\open\command - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys <Not Verified; Adaptec, Inc.; Dell RAID Controller>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 QBCFMonitorService - "c:\program files\common files\intuit\quickbooks\qbcfmonitorservice.exe" <Not Verified; Intuit; QuickBooks for Windows>
S2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" (file missing)
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 QBFCService (Intuit QuickBooks FCS) - "c:\program files\common files\intuit\quickbooks\fcs\intuit.quickbooks.fcs.exe" <Not Verified; Intuit Inc.; QuickBooks 2007>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-01-18 17:20:07 376 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
-- Files created between 2007-12-19 and 2008-01-19 -----------------------------
2008-01-19 09:59:24 0 dr-h----- C:\Documents and Settings\Jonie\Recent
2008-01-13 16:26:28 2277376 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-01-13 12:38:23 0 d-------- C:\Documents and Settings\Jonie\Application Data\TuneUp Software
2008-01-13 12:37:39 0 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-01-13 12:37:22 0 d-------- C:\Program Files\TuneUp Utilities 2008
2008-01-11 18:30:57 0 d-------- C:\Program Files\Common Files\supportsoft
2008-01-11 18:25:11 0 d-------- C:\Program Files\Intuit
2008-01-11 18:22:25 0 d-------- C:\Documents and Settings\All Users\Application Data\COMMON FILES
2008-01-09 20:08:31 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-09 19:34:04 0 d-------- C:\WINDOWS\ERUNT
2008-01-09 00:07:51 0 d-------- C:\Documents and Settings\Jonie\.housecall6.6
2008-01-07 06:27:15 4316 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-06 12:02:10 0 d-------- C:\Documents and Settings\Jonie\Application Data\DivX
2008-01-06 12:01:00 0 d-------- C:\Program Files\DivX
2008-01-05 16:23:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
2008-01-05 16:12:36 0 d-------- C:\Program Files\Elaborate Bytes
2008-01-05 16:06:02 0 d-------- C:\Documents and Settings\All Users\Application Data\SlySoft
2008-01-05 16:00:13 0 d-------- C:\Program Files\SlySoft
2007-12-31 14:41:53 0 d-------- C:\Documents and Settings\Jonie\Application Data\Apple Computer
2007-12-31 14:41:48 2917 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2007-12-31 14:29:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-31 14:28:39 0 d-------- C:\Program Files\Apple Software Update
2007-12-31 14:28:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-12-30 12:54:14 16 --a------ C:\WINDOWS\popcinfo.dat
2007-12-30 12:48:55 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-19 09:35:27 0 d-------- C:\Documents and Settings\Jonie\Application Data\Ulead Systems
-- Find3M Report ---------------------------------------------------------------
2008-01-18 18:09:57 0 d-------- C:\Documents and Settings\Jonie\Application Data\uTorrent
2008-01-18 18:04:41 0 d-------- C:\Program Files\Spyware Doctor
2008-01-17 22:13:04 0 d-------- C:\Documents and Settings\Jonie\Application Data\dvdcss
2008-01-17 19:27:02 0 d-------- C:\Documents and Settings\Jonie\Application Data\AVG7
2008-01-11 18:30:57 0 d-------- C:\Program Files\Common Files
2008-01-11 18:27:02 0 d-------- C:\Program Files\Common Files\Intuit
2008-01-10 06:48:59 0 d-------- C:\Program Files\Quicken
2008-01-09 20:17:26 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-31 14:30:39 0 d-------- C:\Program Files\QuickTime
2007-12-24 17:05:52 0 d-------- C:\Program Files\Common Files\AnswerWorks 5.0
2007-12-19 21:29:54 0 d-------- C:\Program Files\Common Files\Logishrd
2007-12-15 21:34:27 0 d-------- C:\Program Files\Common Files\Logitech
2007-12-15 20:06:39 0 d-------- C:\Program Files\SigmaTel
2007-12-15 20:00:01 0 d-------- C:\Program Files\Creative
2007-12-15 19:57:42 0 d-------- C:\Documents and Settings\Jonie\Application Data\Media Player Classic
2007-12-15 19:23:49 0 d-------- C:\Program Files\PCPitstop
2007-12-13 06:35:44 0 d-------- C:\Program Files\Common Files\Ulead Systems
2007-12-13 06:35:27 0 d-------- C:\Program Files\Ulead Systems
2007-12-09 15:45:08 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-12-09 15:44:12 0 d-------- C:\Program Files\Microsoft.NET
2007-12-09 00:52:31 0 d-------- C:\Program Files\Yahoo!
2007-12-08 16:25:22 0 d-------- C:\Documents and Settings\Jonie\Application Data\WinRAR
2007-12-08 13:26:55 180226 --a------ C:\WINDOWS\system32\ijl11.dll <Not Verified; Intel Corporation; Intel® JPEG Library>
2007-12-05 20:52:53 0 d-------- C:\Program Files\RegistryFix
2007-12-03 19:33:18 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-12-03 19:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 19:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 19:33:16 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-02 22:15:46 0 d-------- C:\Documents and Settings\Jonie\Application Data\DellFaxCtr
2007-12-02 09:12:10 5018 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-12-01 22:10:45 0 d-------- C:\Documents and Settings\Jonie\Application Data\Corel Photo Album
2007-11-30 19:03:39 0 d-------- C:\Program Files\Dell Photo AIO Printer 966
2007-11-30 19:01:49 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-30 19:01:26 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-11-30 19:00:51 0 d-------- C:\Program Files\Dell
2007-11-30 19:00:03 0 d-------- C:\Program Files\Dell PC Fax
2007-11-29 16:30:28 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 16:28:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-11-29 16:28:24 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-11-29 00:02:43 0 d-------- C:\Documents and Settings\Jonie\Application Data\vlc
2007-11-28 23:49:08 0 d-------- C:\Program Files\VideoLAN
2007-11-28 22:55:26 0 d-------- C:\Program Files\Citrix
2007-11-28 18:29:48 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-28 15:52:32 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-25 17:09:39 0 d-------- C:\Documents and Settings\Jonie\Application Data\Adobe
2007-11-25 16:41:48 0 d-------- C:\Documents and Settings\Jonie\Application Data\Intuit
2007-11-25 16:41:39 0 d-------- C:\Program Files\Common Files\Palo Alto Software
2007-11-25 15:12:21 0 d-------- C:\Program Files\MSBuild
2007-11-25 15:08:50 0 d-------- C:\Program Files\Reference Assemblies
2007-11-25 15:07:30 0 d-------- C:\Program Files\MSXML 6.0
2007-11-25 15:06:31 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-25 10:03:57 0 d-------- C:\Documents and Settings\Jonie\Application Data\PC Tools
2007-11-25 09:56:48 0 d-------- C:\Program Files\MSXML 4.0
2007-11-24 19:19:20 0 d-------- C:\Program Files\Common Files\Nero
2007-11-24 19:18:31 0 d-------- C:\Program Files\Nero
2007-11-24 18:42:25 0 d-------- C:\Documents and Settings\Jonie\Application Data\Nero
2007-11-24 18:21:09 0 d-------- C:\Program Files\PowerISO
2007-11-24 17:01:55 0 d-------- C:\Program Files\7-Zip
2007-11-23 20:00:33 0 d-------- C:\Documents and Settings\Jonie\Application Data\CyberLink
2007-11-23 19:15:02 0 d-------- C:\Program Files\uTorrent
2007-11-23 19:07:25 0 d-------- C:\Program Files\ShortKeys2
2007-11-23 19:07:20 0 d-------- C:\Program Files\Common Files\Insight Software Solutions
2007-11-22 23:46:02 0 d-------- C:\Program Files\Windows Live
2007-11-22 23:45:47 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-22 23:28:12 118786 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2007-11-22 22:44:21 0 d-------- C:\Program Files\Ashampoo
2007-11-22 22:15:44 0 d-------- C:\Program Files\Messenger
2007-11-22 22:09:11 0 d-------- C:\Documents and Settings\Jonie\Application Data\Sun
2007-11-22 22:08:58 0 d-------- C:\Program Files\Java
2007-11-22 22:08:10 0 d-------- C:\Program Files\Common Files\Java
2007-11-22 21:58:28 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-22 21:45:53 0 d-------- C:\Program Files\Bonjour
2007-11-22 21:40:56 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-11-22 20:48:03 0 d-------- C:\Program Files\CCleaner
2007-11-22 20:46:34 0 d-------- C:\Documents and Settings\Jonie\Application Data\Macromedia
2007-11-22 20:42:52 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-22 20:42:50 0 d-------- C:\Documents and Settings\Jonie\Application Data\Mozilla
2007-11-22 20:38:05 0 d-------- C:\Documents and Settings\Jonie\Application Data\Help
2007-11-22 20:19:43 0 d-------- C:\Program Files\CONEXANT
2007-11-22 20:17:53 0 d-------- C:\Program Files\ATI Technologies
2007-11-22 20:16:07 0 d-------- C:\Program Files\Intel
2007-11-22 20:05:31 0 d-------- C:\Documents and Settings\Jonie\Application Data\Identities
2007-11-22 20:00:47 0 d-------- C:\Program Files\microsoft frontpage
2007-11-22 20:00:13 0 -rahs---- C:\MSDOS.SYS
2007-11-22 20:00:13 0 -rahs---- C:\IO.SYS
2007-11-22 20:00:13 0 --a------ C:\CONFIG.SYS
2007-11-22 20:00:13 0 --a------ C:\AUTOEXEC.BAT
2007-11-22 19:59:02 0 d--h----- C:\Program Files\WindowsUpdate
2007-11-22 19:58:05 0 d-------- C:\Program Files\Common Files\MSSoap
2007-11-22 19:57:56 0 d-------- C:\Program Files\Movie Maker
2007-11-22 19:57:05 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-11-22 19:56:28 0 d-------- C:\Program Files\MSN Gaming Zone
2007-11-22 19:56:18 0 d-------- C:\Program Files\Windows NT
2007-11-22 13:50:38 0 d-------- C:\Program Files\Common Files\ODBC
2007-11-22 13:50:35 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-11-22 13:50:05 62 --ahs---- C:\Documents and Settings\Jonie\Application Data\desktop.ini
2007-11-01 21:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"SigmatelSysTrayApp"="stsystra.exe" [03/22/2005 05:20 PM C:\WINDOWS\stsystra.exe]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/10/2005 10:44 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [12/21/2007 06:06 PM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [02/09/2006 09:05 PM]
"Ashampoo FireWall"="C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" [04/05/2007 02:57 PM]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [11/25/2007 10:05 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 04:00 AM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"WUAppSetup"=C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c9 -f video -m logitech -d 11.5.0.1145
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [11/12/2007 11:41:42 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"=4 (0x4)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 11/28/2007 10:55 PM 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"dlcqmon.exe"="C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
"MemoryCardManager"="C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"DLCQCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"FaxCenterServer"="C:\Program Files\Dell PC Fax\fm3032.exe" /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - IDSVC
-- End of Deckard's System Scanner: finished at 2008-01-19 15:42:23 ------------