Sorry i didn't reply earlier, I've been busy all day trying to uninstall and reinstall my antivirus and registry cleaners, which starting today will no longer load (all except AVG). They all say something like the program is "no longer working" or "is not working". Also, this showed up in my task manager ... HPKBDAPP.EXE ... along with this new startup up in WinPatrol ... "Startup Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs" which I read might be a virus that is blocking all the antivirus attempts. sorry to kinda change subjects on you but I've been rather stressed out all day trying to find out what's wrong. Oh, and I disabled them (as per your question about how I only use the anti's to scan individual files manually) via "services" under "Administrative Tools", but have since changed them to automatic. Well, I won't keep ramblin on so here is the first log main.txt
Deckard's System Scanner v20071014.68
Run by Wes & Amanda on 2008-03-11 02:22:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
12: 2008-03-11 01:53:21 UTC - RP99 - Restore Operation
11: 2008-03-11 01:51:53 UTC - RP98 - Windows Update
10: 2008-03-11 00:39:51 UTC - RP96 - Restore Operation
9: 2008-03-10 23:20:21 UTC - RP95 - Restore Operation
8: 2008-03-10 19:35:54 UTC - RP94 - Made by Registry Mechanic
-- First Restore Point --
1: 2008-03-06 23:16:17 UTC - RP84 - Installed Windows Media Player Firefox Plugin
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Wes & Amanda.exe) ----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:24:42 AM, on 3/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Users\Wes & Amanda\Desktop\dss.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Wes & Amanda.exe
C:\Windows\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPStart] "C:\Program Files\Synaptics\SynTP\SynTPStart.exe"
O4 - HKLM\..\Run: [OnScreenDisplay] "C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
O4 - HKLM\..\Run: [WinPatrol] "C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" -expressboot
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [TivoTransfer] "C:\PROGRAM FILES\COMMON FILES\TIVO SHARED\Transfer\TIVOTRANSFER.EXE" /service /registry /auto:TivoTransfer
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10303 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080227-190132-558 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
-- File Associations -----------------------------------------------------------
.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 ElRawDisk - \??\c:\windows\system32\drivers\elrawdsk.sys
S3 RegGuard - \??\c:\windows\system32\drivers\regguard.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 HP Health Check Service - "c:\program files\hewlett-packard\hp health check\hphc_service.exe" <Not Verified; Hewlett-Packard; HP Health Check Service>
S3 Com4Qlb - "c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe" <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
S3 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
S3 Vongo Service - "c:\program files\vongo\vongoservice.exe" <Not Verified; Starz Entertainment Group LLC; Vongo>
S4 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S4 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-10 12:23:31 432 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{C6ED93B1-991F-4EF5-8EC1-09C5B3AE5EC0}.job
-- Files created between 2008-02-11 and 2008-03-11 -----------------------------
2008-03-10 23:55:55 0 d-------- C:\Program Files\MySetups
2008-03-10 23:12:38 0 d-------- C:\Program Files\Enigma Software Group
2008-03-10 18:34:02 0 d-------- C:\Program Files\Spyware Doctor
2008-03-10 18:34:02 0 d-------- C:\Program Files\Spyware Doctor(21)
2008-03-09 17:34:46 0 d-------- C:\Users\All Users\comodo
2008-03-09 17:34:43 0 d-------- C:\Program Files\COMODO
2008-03-09 17:24:38 12800 --a------ C:\Windows\system32\drivers\elrawdsk.sys <Not Verified; EldoS Corporation; RawDisk>
2008-03-08 16:43:16 39424 --a------ C:\Windows\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2008-03-08 16:43:15 0 d-------- C:\Program Files\IPNetInfo
2008-03-04 17:08:51 0 d-------- C:\Users\All Users\PC Tools
2008-03-04 17:07:08 0 d-------- C:\Program Files\Common Files\PC Tools
2008-03-03 01:41:21 0 d-------- C:\Program Files\Windows Media Components
2008-03-02 21:08:02 0 d-------- C:\Users\All Users\AOL
2008-03-02 05:05:53 0 d-------- C:\Program Files\GSpot Codec Test
2008-03-02 05:03:52 765952 --a------ C:\Windows\system32\xvidcore.dll
2008-03-02 05:03:51 180224 --a------ C:\Windows\system32\xvidvfw.dll
2008-03-02 03:53:07 0 d-------- C:\Windows\RegisteredPackages
2008-03-02 03:53:07 0 d--h----- C:\Windows\msdownld.tmp
2008-03-02 02:50:54 0 d-------- C:\Program Files\WinAVI Video Converter
2008-03-01 23:27:49 0 d-------- C:\Program Files\Xvid
2008-02-28 22:27:33 0 d-------- C:\Program Files\Alwil Software
2008-02-28 20:41:23 0 d-a------ C:\Users\All Users\TEMP
2008-02-28 16:41:17 0 d-------- C:\Program Files\Uniblue
2008-02-28 16:05:24 0 d-------- C:\Users\All Users\SecTaskMan
2008-02-28 16:05:05 0 d-------- C:\Program Files\Security Task Manager
2008-02-28 15:26:00 0 d-------- C:\Program Files\Microsoft Silverlight
2008-02-27 20:03:56 0 d-------- C:\Users\All Users\Yahoo! Companion
2008-02-27 19:53:32 0 d-------- C:\Program Files\Trend Micro
2008-02-27 03:36:08 0 d-------- C:\Program Files\Winamp
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Templates
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Start Menu
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\SendTo
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Recent
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\PrintHood
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Local Settings
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Videos
2008-02-26 15:03:53 0 d-------- C:\Users\Mcx1\Saved Games
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Pictures
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\NetHood
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\My Documents
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Music
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Links
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Favorites
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Downloads
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Documents
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Desktop
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\Cookies
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\Application Data
2008-02-26 15:03:53 0 d--h----- C:\Users\Mcx1\AppData
2008-02-26 15:03:52 524288 --a------ C:\Users\Mcx1\ntuser.dat
2008-02-25 00:09:18 0 d-------- C:\Windows\WinAVI Video Converter 9.0
2008-02-24 16:47:38 7882 --a------ C:\Windows\system32\GTKCMOS.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 5120 --a------ C:\Windows\system32\GTKCMO64.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 7626 --a------ C:\Windows\system32\GPCIEnum.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 5632 --a------ C:\Windows\system32\GPCIEn64.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 1900681 --a------ C:\Windows\system32\gdql_ls.dll <Not Verified; Gteko Ltd.; QDiagLib Module>
2008-02-24 16:47:38 7168 --a------ C:\Windows\system32\DLPT64.sys <Not Verified; Gteko Ltd.; QDiag>
2008-02-24 16:47:38 6656 --a------ C:\Windows\system32\DLPT2.sys <Not Verified; GTek Technologies Ltd.; QDiag>
2008-02-24 16:47:38 4608 --a------ C:\Windows\system32\DDMI64.sys <Not Verified; Gteko Ltd.; DDMI>
2008-02-24 16:47:38 6977 --a------ C:\Windows\system32\DDMI2.sys <Not Verified; Gteko Ltd.; DDMI>
2008-02-24 05:03:10 506368 --a------ C:\Windows\system32\msxml.dll <Not Verified; Microsoft Corporation; Microsoft XML Core Services>
2008-02-24 03:31:04 25773 --a------ C:\Windows\system32\drivers\regguard.sys <Not Verified; Greatis Software; RegRun Security Suite>
2008-02-24 03:23:30 0 d-------- C:\Program Files\RegRunSuite
2008-02-24 03:08:06 0 d-------- C:\Program Files\Lavasoft
2008-02-24 03:02:32 0 d-------- C:\Users\All Users\Lavasoft
2008-02-24 02:24:08 0 d-------- C:\Users\All Users\vsosdk
2008-02-24 01:58:00 74703 --a------ C:\Windows\system32\mfc45.dll
2008-02-24 01:56:02 0 d-------- C:\Users\All Users\iolo
2008-02-24 00:51:14 352 --ah----- C:\Windows\nod32fixtemdono.reg
2008-02-24 00:43:01 0 d-------- C:\Users\All Users\ESET
2008-02-24 00:35:00 217127 --a------ C:\Windows\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)>
2008-02-24 00:35:00 208935 --a------ C:\Windows\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)>
2008-02-24 00:35:00 176165 --a------ C:\Windows\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)>
2008-02-24 00:34:59 0 d-------- C:\Program Files\VSO
2008-02-23 15:59:33 0 d-------- C:\Program Files\BillP Studios
2008-02-23 15:31:18 0 dr-h----- C:\$VAULT$.AVG
2008-02-23 00:34:32 0 d-------- C:\Program Files\MagicISO
2008-02-22 22:57:37 0 d-------- C:\Windows\Caps
2008-02-22 21:59:33 0 d-------- C:\Program Files\uTorrent
2008-02-22 00:09:42 0 d-------- C:\Users\All Users\WinZip
2008-02-21 22:38:46 0 d-------- C:\Users\All Users\Nero
2008-02-21 22:38:46 0 d-------- C:\Program Files\Nero
2008-02-21 22:38:46 0 d-------- C:\Program Files\Common Files\Nero
2008-02-21 21:43:20 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-02-20 22:01:01 0 d-------- C:\Users\All Users\Macromedia
2008-02-20 21:59:55 0 d-------- C:\Program Files\Macromedia
2008-02-20 21:59:55 0 d-------- C:\Program Files\Common Files\Macromedia
2008-02-20 20:04:19 0 d-------- C:\Program Files\MediaMonkey
2008-02-20 19:53:59 0 d-------- C:\Program Files\Burn and Delete
2008-02-20 18:33:08 0 d-------- C:\Users\All Users\InstallShield
2008-02-20 18:32:18 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-02-20 18:31:58 0 d-------- C:\Users\All Users\Sonic
2008-02-20 18:30:47 0 d-------- C:\Users\All Users\Roxio
2008-02-20 18:29:24 0 d-------- C:\Program Files\Roxio
2008-02-20 18:29:24 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-02-20 16:40:13 0 d-------- C:\Users\All Users\SlySoft
2008-02-20 16:39:53 0 d-------- C:\Program Files\SlySoft
2008-02-20 02:34:54 0 d-------- C:\Program Files\Music Rescue
2008-02-17 03:41:59 0 d-------- C:\Program Files\LightScribeTemplateLabeler
2008-02-17 03:28:04 0 d-------- C:\Users\All Users\Grisoft
2008-02-17 03:28:04 0 d-------- C:\Users\All Users\avg7
2008-02-17 03:26:53 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-02-16 04:05:27 0 d-------- C:\Program Files\MSXML 4.0
2008-02-16 02:02:25 0 d-------- C:\Program Files\iPod
2008-02-16 02:02:13 0 d-------- C:\Program Files\iTunes
2008-02-16 02:01:46 0 d-------- C:\Program Files\Bonjour
2008-02-16 02:01:06 0 d-------- C:\Program Files\QuickTime
2008-02-16 02:01:03 0 d-------- C:\Users\All Users\Apple Computer
2008-02-16 02:00:32 0 d-------- C:\Program Files\Apple Software Update
2008-02-16 01:59:49 0 d-------- C:\Program Files\Common Files\Apple
2008-02-16 01:59:48 0 d-------- C:\Users\All Users\Apple
2008-02-16 01:33:18 0 d-------- C:\Program Files\CoreFTP
2008-02-15 23:35:36 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-15 22:19:56 0 d-------- C:\Program Files\LimeWire
2008-02-15 13:01:31 0 d--hs---- C:\System Volume Information
2008-02-15 04:14:03 0 d-------- C:\Users\All Users\TiVo
2008-02-15 04:14:03 0 d-------- C:\Program Files\TiVo
2008-02-15 04:14:03 0 d-------- C:\Program Files\Common Files\TiVo Shared
2008-02-15 04:11:14 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-15 04:09:10 0 d-------- C:\Users\All Users\LightScribe
2008-02-15 01:39:12 0 d-------- C:\Windows\Sun
2008-02-15 01:11:59 0 --a------ C:\Windows\nsreg.dat
2008-02-14 23:51:26 0 d-------- C:\Users\All Users\Gtek
2008-02-14 21:29:15 0 dr------- C:\Users\Wes & Amanda\Searches
2008-02-14 21:29:03 0 dr------- C:\Users\Wes & Amanda\Contacts
2008-02-14 21:28:53 81 --a------ C:\Windows\system32\LOG
2008-02-14 21:28:50 44 --a------ C:\Windows\system\hpsysdrv.dat
2008-02-14 21:24:04 0 d-------- C:\Program Files\Yahoo!
2008-02-14 21:22:40 0 d-------- C:\Users\All Users\Electronic Arts
2008-02-14 21:17:55 0 d-------- C:\Program Files\Electronic Arts
2008-02-14 21:15:32 0 d-------- C:\Program Files\Common Files\LightScribe
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Templates
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Start Menu
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\SendTo
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Recent
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\PrintHood
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\NetHood
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\My Documents
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Local Settings
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Cookies
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Application Data
2008-02-14 21:13:51 0 d-------- C:\Users\Wes & Amanda\Videos
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Saved Games
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Pictures
2008-02-14 21:13:51 2883584 --a------ C:\Users\Wes & Amanda\ntuser.dat
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Music
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Links
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Favorites
2008-02-14 21:13:51 0 d-------- C:\Users\Wes & Amanda\Downloads
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Documents
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Desktop
2008-02-14 21:13:51 0 d--h----- C:\Users\Wes & Amanda\AppData
-- Find3M Report ---------------------------------------------------------------
2008-03-11 01:07:03 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Roxio
2008-03-10 22:22:52 28504 --a------ C:\Users\Wes & Amanda\AppData\Roaming\nvModes.001
2008-03-10 21:56:18 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Winamp
2008-03-10 21:56:17 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\AVG7
2008-03-10 20:45:01 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\uTorrent
2008-03-10 18:34:02 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\PC Tools
2008-03-09 22:59:22 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\LimeWire
2008-03-09 17:34:47 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Comodo
2008-03-04 17:07:08 0 d-------- C:\Program Files\Common Files
2008-02-28 18:14:15 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Help
2008-02-28 16:59:23 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Uniblue
2008-02-28 14:35:31 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Vso
2008-02-27 20:03:56 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Yahoo!
2008-02-26 20:47:38 28000 --a------ C:\Users\Wes & Amanda\AppData\Roaming\nvModes.dat
2008-02-24 19:42:14 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\GTek
2008-02-24 03:29:03 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Regrun
2008-02-24 01:56:02 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\iolo
2008-02-24 01:14:03 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\ESET
2008-02-24 00:35:43 34 --a------ C:\Users\Wes & Amanda\AppData\Roaming\pcouffin.log
2008-02-24 00:35:02 7887 --a------ C:\Users\Wes & Amanda\AppData\Roaming\pcouffin.cat
2008-02-23 23:53:04 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-23 23:51:05 0 d-------- C:\Program Files\Symantec
2008-02-23 15:59:46 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\WinPatrol
2008-02-22 00:36:38 648 --a------ C:\Users\Wes & Amanda\AppData\Roaming\com.kennettnet.MusicRescueProfiles.plist
2008-02-22 00:36:38 3253 --a------ C:\Users\Wes & Amanda\AppData\Roaming\com.kennettnet.MusicRescue.plist
2008-02-21 23:29:37 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\NeroDigital™
2008-02-21 23:03:53 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\NeroDCTemplates
2008-02-21 22:41:49 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Nero
2008-02-21 21:47:03 0 d-------- C:\Program Files\MSBuild
2008-02-20 22:09:33 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Macromedia
2008-02-20 18:31:02 0 d-------- C:\Program Files\Common Files\InstallShield
2008-02-20 00:39:11 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\CyberLink
2008-02-17 01:49:14 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\CoreFTP
2008-02-16 23:40:23 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Adobe
2008-02-16 23:33:12 0 d-------- C:\Program Files\Java
2008-02-16 14:40:16 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\WinRAR
2008-02-16 04:23:41 0 d-------- C:\Program Files\Windows Mail
2008-02-16 04:23:39 0 d-------- C:\Program Files\Windows Sidebar
2008-02-16 02:02:42 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Apple Computer
2008-02-15 01:11:55 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Mozilla
2008-02-14 21:52:47 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\HP
2008-02-14 21:49:22 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\WildTangent
2008-02-14 21:30:40 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Hewlett-Packard
2008-02-14 21:29:06 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Identities
2008-02-14 21:24:28 0 dr------- C:\Program Files\Online Services
2008-02-14 21:23:05 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-14 21:15:46 0 d-------- C:\Program Files\HPQ
2008-01-14 14:15:03 0 d-------- C:\Program Files\HP Games
2008-01-14 14:11:37 0 d-------- C:\Program Files\CyberLink
2008-01-14 14:07:58 0 d-------- C:\Program Files\Hewlett-Packard
2008-01-14 14:05:02 0 d-------- C:\Program Files\HP
2008-01-14 14:03:41 0 d-------- C:\Program Files\Sling Media
2008-01-14 14:00:59 0 d-------- C:\Program Files\WinTV
2008-01-14 14:00:36 0 d-------- C:\Program Files\Atheros
2008-01-14 14:00:04 0 d-------- C:\Program Files\CONEXANT
2008-01-14 13:58:27 0 d-------- C:\Program Files\NetWaiting
2008-01-14 13:57:02 0 d-------- C:\Program Files\Synaptics
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]
08/31/2007 03:32 PM 177504 --a------ c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [09/15/2007 04:29 AM]
"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [09/04/2007 05:54 PM]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [09/13/2007 12:47 PM]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [01/08/2007 07:53 PM]
"@"="" []
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [01/27/2008 01:38 AM]
"NvCplDaemon"="RUNDLL32.exe" [11/02/2006 05:45 AM C:\Windows\System32\rundll32.exe]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [03/09/2008 05:34 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [02/17/2008 03:31 AM]
"RegistryMechanic"="" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TivoTransfer"="C:\PROGRAM FILES\COMMON FILES\TIVO SHARED\Transfer\TIVOTRANSFER.exe" [09/25/2007 11:33 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= C:\Windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-03-11 02:26:06 ------------