Deckard's System Scanner v20070318.32
Run by Garry on 2007-03-28 at 01:37:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2007-03-28 00:37:06 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Garry.exe) -----------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 01:38:53, on 28/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mwinlodv.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Garry\Desktop\dss.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\HIJACK~1\Garry.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.virginmedia.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {17E61077-7431-47DA-A165-CE1AA4EB4464} - C:\WINDOWS\system32\scvwfxxu.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B5AD515B-D043-487B-95C7-22B9232807De} - C:\WINDOWS\system32\yupottre.dll (file missing)
O2 - BHO: (no name) - {C2334977-B955-44CC-8114-717A9F455095} - C:\WINDOWS\system32\awvts.dll
O2 - BHO: (no name) - {C38AC86C-0192-46D9-9830-85D02A5A98F2} - C:\WINDOWS\system32\opnlklm.dll
O2 - BHO: (no name) - {FB32879C-BE8D-4015-A450-E465441EBDD1} - C:\WINDOWS\system32\jkkli.dll (file missing)
O4 - HKLM\..\Run: [PRONoMgr.exe] -C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] -rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [REGSHAVE] -C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NVRTCLK] -C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NeroFilterCheck] -C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AudioHQ] -C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [Creative Launcher] -C:\Program Files\Creative\Launcher\CTLauncher.exe
O4 - HKLM\..\Run: [Logitech Utility] -Logi_MwX.Exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] -C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [TkBellExe] -"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] -SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] -C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [DataLayer] -C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] -C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] -nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] -"C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{69-99-90-01-ZN}] -c:\windows\system32\nkdsregr.exe OLI001
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\mwinlodv.exe OLI001
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\bkeudpet.dll",setvm
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] -C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Live Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\msnmsgr.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\msnmsgr.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) -
http://download.zonelabs.com/bin/promot ... WebAAS.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awvts - C:\WINDOWS\system32\awvts.dll
O20 - Winlogon Notify: fccbxww - C:\WINDOWS\SYSTEM32\fccbxww.dll
O20 - Winlogon Notify: jkkli - C:\WINDOWS\system32\jkkli.dll (file missing)
O20 - Winlogon Notify: opnlklm - C:\WINDOWS\SYSTEM32\opnlklm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - -C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Unknown owner - -"C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: MSCSPTISRV - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - -C:\Program Files\Intel\NCS\Sync\NetSvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
O23 - Service: svchost - Unknown owner - -C:\Program Files\Common Files\Microsoft Shared\MSINFO\rejoice2007.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 imagedrv - c:\windows\system32\drivers\imagedrv.sys
R0 imagesrv - c:\windows\system32\drivers\imagesrv.sys
R1 CTSYN (Creative S/W Synth) - c:\windows\system32\drivers\ctsyn.sys
R2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys
R2 BTSLBCSP (Bluetooth Port Client Driver) - c:\windows\system32\drivers\btslbcsp.sys
R2 STEC3 - c:\windows\system32\stec3.sys
R2 WIBUKEY (WIBU-KEY Kernel Driver) - c:\windows\system32\drivers\wibukey.sys
R3 LCcfltr (Logitech USB Filter Driver) - c:\windows\system32\drivers\lccfltr.sys
R3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys
R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys
R3 USR1806V (U.S. Robotics Voice Modem Driver 1806) - c:\windows\system32\drivers\usr1806v.sys
S0 MFX - c:\windows\system32\drivers\mfx.sys
S0 XMS1563K - c:\windows\system32\drivers\xms1563k.sys
S2 Ca533av (Icatch(IV) Video Camera Device) - c:\windows\system32\drivers\ca533av.sys
S3 61883 (61883 Unit Device) - c:\windows\system32\drivers\61883.sys
S3 ALCXSENS (Service for WDM 3D Audio Driver) - c:\windows\system32\drivers\alcxsens.sys
S3 Avc (AVC Device) - c:\windows\system32\drivers\avc.sys
S3 BthEnum (Bluetooth Request Block Driver) - c:\windows\system32\drivers\bthenum.sys
S3 BthPan (Bluetooth Device (Personal Area Network)) - c:\windows\system32\drivers\bthpan.sys
S3 BTHPORT (Bluetooth Port Driver) - c:\windows\system32\drivers\bthport.sys
S3 BTHUSB (Bluetooth Radio USB Driver) - c:\windows\system32\drivers\bthusb.sys
S3 GVCplDrv - c:\windows\system32\drivers\gvcpldrv.sys
S3 L8042PR2 (Logitech PS/2 Mouse Filter Driver) - c:\windows\system32\drivers\l8042pr2.sys
S3 MSDV (Microsoft DV Camera and VCR) - c:\windows\system32\drivers\msdv.sys
S3 Nokia USB Port - c:\windows\system32\drivers\nmwcdcj.sys
S3 P2k (Motorola USB Device) - c:\windows\system32\drivers\p2k.sys
S3 StillCam (Still Serial Digital Camera Driver) - c:\windows\system32\drivers\serscan.sys
S3 umpusbxp (UPort 1 on Nokia Adapter) - c:\windows\system32\drivers\umpusbxp.sys
S3 usb2vcom (USB Data Cable) - c:\windows\system32\drivers\usb2vcom.sys
S3 USBCamera (Icatch(IV) Still Camera Device) - c:\windows\system32\drivers\bulk533.sys
S3 vsdatant - c:\windows\system32\vsdatant.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 BthServ (Bluetooth Support Service) - c:\windows\system32\svchost.exe -k bthsvcs
S2 btwdins (Bluetooth Service) - -c:\program files\widcomm\bluetooth software\bin\btwdins.exe (file missing)
S2 svchost - -c:\program files\common files\microsoft shared\msinfo\rejoice2007.exe (file missing)
S3 IDriverT (InstallDriver Table Manager) - -"c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe" (file missing)
S3 iPod Service - -"c:\program files\ipod\bin\ipodservice.exe" (file missing)
S3 MSCSPTISRV - -"c:\program files\common files\sony shared\avlib\mscsptisrv.exe" (file missing)
S3 NetSvc (Intel NCS NetService) - -c:\program files\intel\ncs\sync\netsvc.exe (file missing)
S3 PACSPTISVR - -"c:\program files\common files\sony shared\avlib\pacsptisvr.exe" (file missing)
S3 SPTISRV (Sony SPTI Service) - -"c:\program files\common files\sony shared\avlib\sptisrv.exe" (file missing)
S3 SSScsiSV (SonicStage SCSI Service) - -c:\program files\common files\sony shared\avlib\ssscsisv.exe (file missing)
S3 usnsvc (Messenger Sharing USN Journal Reader service) - c:\windows\system32\svchost.exe -k usnsvc
S3 WMPNetworkSvc (Windows Media Player Network Sharing Service) - -"c:\program files\windows media player\wmpnetwk.exe" (file missing)
-- Scheduled Tasks -------------------------------------------------------------
2007-03-25 08:51:11 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>
-- Files created between 2007-02-28 and 2007-03-28 -----------------------------
2007-03-27 19:58:16 26730 --a------ C:\WINDOWS\system32\fccbxww.dll
2007-03-27 14:20:20 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1>
2007-03-27 14:20:18 0 d-------- C:\WINDOWS\LastGood
2007-03-26 16:53:45 88340 --a------ C:\WINDOWS\system32\eafhriyi.exe
2007-03-25 14:00:11 0 d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-03-25 09:30:24 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-03-24 15:27:03 88340 --a------ C:\WINDOWS\system32\thlnnlfh.exe
2007-03-23 15:27:00 88340 --a------ C:\WINDOWS\system32\btqiloju.exe
2007-03-22 12:46:40 88340 --a------ C:\WINDOWS\system32\yospurmw.exe
2007-03-21 23:46:40 1310720 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-03-21 12:46:37 88340 --a------ C:\WINDOWS\system32\xehlmdgg.exe
2007-03-19 20:41:54 719688 ---hs---- C:\WINDOWS\system32\stvwa.bak1<STVWA~1.BAK>
2007-03-19 20:41:54 88340 --a------ C:\WINDOWS\system32\fmxkwfec.exe
2007-03-19 20:41:38 280676 ---hs---- C:\WINDOWS\system32\awvts.dll
2007-03-19 17:59:37 88340 --a------ C:\WINDOWS\system32\gmtquutd.exe
2007-03-18 08:56:06 88340 --a------ C:\WINDOWS\system32\kqcmpfvd.exe
2007-03-18 08:55:34 720166 --ahs---- C:\WINDOWS\system32\ilkkj.bak1<ILKKJ~1.BAK>
2007-03-18 08:55:34 123412 --a------ C:\WINDOWS\system32\bkeudpet.dll
2007-03-18 02:27:20 26552 --a------ C:\WINDOWS\system32\dxdllreg.exe
2007-03-18 02:21:56 183808 --a-s---- C:\WINDOWS\NDNuninstall7_48.exe<NDNUNI~2.EXE>
2007-03-18 02:19:03 45086 --a------ C:\WINDOWS\system32\nkdsregr.exe
2007-03-18 02:16:53 0 d-------- C:\Program Files\SlySoft
2007-03-18 02:15:16 932 --a------ C:\WINDOWS\system32\winpfz32.sys
2007-03-18 02:15:12 8464 --a------ C:\WINDOWS\system32\sporder.dll
2007-03-18 02:15:09 50688 --a-s---- C:\WINDOWS\NDNuninstall6_38.exe<NDNUNI~1.EXE>
2007-03-18 02:15:08 184430 --a------ C:\WINDOWS\system32\mwinlodv.exe
2007-03-18 02:15:07 0 d--hs---- C:\WINDOWS\R2FycnkgU2VsbWFu<R2FYCN~1>
2007-03-18 02:14:56 22626 --ahs---- C:\WINDOWS\system32\opnlklm.dll
2007-03-05 19:01:09 0 d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst<PLAYFI~1>
2007-03-03 21:27:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-03-03 20:29:52 0 d--hs---- C:\WINDOWS\ftpcache
2007-03-03 17:27:35 0 d-------- C:\My Games<MYGAME~1>
2007-03-03 17:27:27 0 d-------- C:\My Download Files<MYDOWN~1>
2007-03-03 17:26:06 774144 --a------ C:\Program Files\RngInterstitial.dll<RNGINT~1.DLL>
-- Find3M Report ---------------------------------------------------------------
2007-03-27 08:00:04 0 d-------- C:\Documents and Settings\Garry\Application Data\AVG7
2007-03-22 02:54:03 0 d-------- C:\Program Files\Common Files\Real
2007-03-19 22:17:36 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-03-19 18:16:16 0 d---s---- C:\Documents and Settings\Garry\Application Data\Microsoft<MICROS~1>
2007-03-07 03:09:06 0 d-------- C:\Program Files\Google
2007-03-03 21:34:29 0 d-------- C:\Program Files\Real
2007-02-23 23:22:55 0 d-------- C:\Documents and Settings\Garry\Application Data\SlySoft
2007-02-23 21:59:43 0 d-------- C:\Program Files\YAMP
2007-02-22 01:23:59 0 d-------- C:\Program Files\Winamp
2007-02-11 13:35:29 0 d-------- C:\Program Files\CloneDVD
2007-02-06 23:37:05 0 d-------- C:\Program Files\DivX
2007-02-04 23:22:37 0 d-------- C:\Program Files\PC Doc Pro<PCDOCP~1>
2007-02-04 10:27:07 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-02-01 05:56:06 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll<DIVX_X~2.DLL>
2007-02-01 05:56:05 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll<DIVX_X~3.DLL>
2007-02-01 05:56:05 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll<DIVX_X~1.DLL>
2007-02-01 05:56:04 639066 --a------ C:\WINDOWS\system32\DivX.dll
2007-01-31 22:27:01 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-01-31 00:15:10 118784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE>
2007-01-30 06:03:40 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-01-30 06:03:34 118520 --a------ C:\WINDOWS\system32\pxinsi64.exe
2007-01-30 06:03:34 116472 --a------ C:\WINDOWS\system32\pxcpyi64.exe
2007-01-30 06:03:34 129784 --a------ C:\WINDOWS\system32\pxafs.dll
2007-01-30 06:03:26 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-01-30 06:03:26 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-01-30 05:56:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-01-30 05:56:56 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-01-30 05:56:54 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-01-30 05:56:52 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-01-30 05:56:52 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-01-30 05:56:52 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-01-30 05:56:52 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-01-30 05:56:52 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-01-08 20:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"PcSync"="-C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"PRONoMgr.exe"="-C:\\Program Files\\Intel\\NCS\\PROSet\\PRONoMgr.exe"
"BluetoothAuthenticationAgent"="-rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"REGSHAVE"="-C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
"NVRTCLK"="-C:\\WINDOWS\\system32\\NVRTCLK\\NVRTClk.exe"
"NeroFilterCheck"="-C:\\WINDOWS\\system32\\NeroCheck.exe"
"AudioHQ"="-C:\\Program Files\\Creative\\SBLive\\AudioHQ\\AHQTB.EXE"
"Creative Launcher"="-C:\\Program Files\\Creative\\Launcher\\CTLauncher.exe"
"Logitech Utility"="-Logi_MwX.Exe"
"Share-to-Web Namespace Daemon"="-C:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnd.exe"
"TkBellExe"="-\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"SoundMan"="-SOUNDMAN.EXE"
"SunJavaUpdateSched"="-\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"SsAAD.exe"="-C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
"DataLayer"="-C:\\Program Files\\Common Files\\PCSuite\\DataLayer\\DataLayer.exe"
"PCSuiteTrayApplication"="-C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"NvCplDaemon"="-RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="-nwiz.exe /install"
"NvMediaCenter"="-RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"iTunesHelper"="-\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"{69-99-90-01-ZN}"="-c:\\windows\\system32\\nkdsregr.exe OLI001"
"ExploreUpdSched"="C:\\WINDOWS\\system32\\mwinlodv.exe OLI001"
"2chkdsk"="rundll32.exe \"C:\\WINDOWS\\system32\\bkeudpet.dll\",setvm"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=""
"{C38AC86C-0192-46D9-9830-85D02A5A98F2}"=""
"{182B90A3-F372-438A-800C-6814B4DE417B}"=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000
"DisableRegistryTools"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRun"=dword:00000000
"NoClose"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source REG_SZ
http://www.hornby.com/img/lvestm/pic_instr.jpg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awvts
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccbxww
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkli
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnlklm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
-- End of Deckard's System Scanner: finished at 2007-03-28 at 01:39:46 ---------