sorry not sure why all did not copy last time =)
Deckard's System Scanner v20071014.68
Run by srm on 2008-03-06 11:30:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as srm.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:04, on 06/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\srm\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\srm.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {D79559E8-9991-41C5-AA2B-A96EC766F43F} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone:
http://*.rapidshare.comO20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8449 bytes
-- Files created between 2008-02-06 and 2008-03-06 -----------------------------
2008-03-04 21:08:40 0 d-------- C:\Program Files\TVAnts
2008-03-04 20:56:35 0 d-------- C:\ppmaterecord
2008-03-04 20:51:35 0 d-------- C:\Program Files\Common Files\Synacast
2008-03-04 20:35:29 0 d-------- C:\Users\srm\Program Files
2008-03-04 19:15:12 0 d-------- C:\Program Files\DNA
2008-03-02 22:06:37 0 d-------- C:\Users\All Users\Lavasoft
2008-03-02 22:05:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-02 21:35:24 0 d-------- C:\Program Files\Adware Away
2008-03-02 20:39:21 0 d-------- C:\Program Files\Spyware Doctor
2008-02-29 15:48:39 0 d-------- C:\Users\All Users\ParetoLogic
2008-02-29 15:48:39 0 d-------- C:\Program Files\ParetoLogic
2008-02-29 15:48:39 0 d-------- C:\Program Files\Common Files\ParetoLogic
2008-02-29 15:46:38 0 d-------- C:\Users\All Users\Downloaded Installations
2008-02-29 15:31:52 0 d-------- C:\Users\srm\LimeWire Store Purchased
2008-02-29 15:30:23 0 d-------- C:\Program Files\LimeWire
2008-02-28 16:25:54 10752 --a------ C:\Windows\system32\md5.dll <Not Verified; ; MD5 Maker>
2008-02-28 16:25:48 0 d-------- C:\Program Files\MalwareSweeper.com
2008-02-28 16:17:17 0 d-------- C:\Program Files\Trend Micro
2008-02-27 13:22:25 0 d-------- C:\Users\srm\Music groups
2008-02-23 14:12:42 0 d-------- C:\NVIDIA
2008-02-22 13:21:52 0 d-------- C:\Windows\system32\URTTEMP
2008-02-22 13:14:55 18704 --a------ C:\Windows\system32\drivers\sea1nd5.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB Ethernet Emulation>
2008-02-22 13:06:25 90800 --a------ C:\Windows\system32\drivers\sea1unic.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB Ethernet Emulation>
2008-02-22 13:06:25 4128 --a------ C:\Windows\system32\drivers\sea1cr.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB Ethernet Emulation>
2008-02-22 13:03:41 88624 --a------ C:\Windows\system32\drivers\sea1mgmt.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB WMC Device Management>
2008-02-22 12:57:19 86432 --a------ C:\Windows\system32\drivers\sea1obex.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB WMC OBEX Interface>
2008-02-22 12:54:21 97088 --a------ C:\Windows\system32\drivers\sea1mdm.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB WMC Data Modem>
2008-02-22 12:54:21 9360 --a------ C:\Windows\system32\drivers\sea1mdfl.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB WMC Modem Filter Driver>
2008-02-22 12:54:21 6240 --a------ C:\Windows\system32\drivers\sea1cmnt.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB WMC OBEX Interface>
2008-02-22 12:54:21 6240 --a------ C:\Windows\system32\drivers\sea1cm.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 USB WMC OBEX Interface>
2008-02-22 12:42:57 5872 --a------ C:\Windows\system32\drivers\sea1whnt.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 Driver>
2008-02-22 12:42:57 5872 --a------ C:\Windows\system32\drivers\sea1wh.sys <Not Verified; MCCI; Sony Ericsson Device 0A1 Driver>
2008-02-22 12:42:57 61536 --a------ C:\Windows\system32\drivers\sea1bus.sys <Not Verified; MCCI; Sony Ericsson Device 0A1>
2008-02-21 14:42:45 0 d-------- C:\Windows\Speeditup Free
2008-02-21 14:42:45 0 d-------- C:\Program Files\Speeditup Free
2008-02-20 13:33:16 81920 --a------ C:\Windows\system32\viscomwave.dll <Not Verified; Viscom Software; >
2008-02-20 13:33:16 98304 --a------ C:\Windows\system32\viscomtran.dll <Not Verified; Viscom Software
http://www.viscomsoft.com; Viscom Transform Filter>
2008-02-20 13:33:16 147456 --a------ C:\Windows\system32\viscomqtenc.dll <Not Verified; Viscom Software
http://www.viscomsoft.com; >
2008-02-20 13:33:16 598016 --a------ C:\Windows\system32\viscomqtde.dll <Not Verified; ; QuickTime Decoder>
2008-02-20 13:33:16 90112 --a------ C:\Windows\system32\viscomframe.dll <Not Verified; L544? Technology; CustomFrameGrabber Filter>
2008-02-20 13:33:16 110592 --a------ C:\Windows\system32\viscomaudioencoder.dll <Not Verified; Viscom Software; DirectX 9.0 Sample>
2008-02-20 13:33:16 262144 --a------ C:\Windows\system32\lame_enc.dll
2008-02-20 13:33:15 94208 --a------ C:\Windows\system32\viscomaudiodata.dll <Not Verified; Viscom Software; >
2008-02-20 13:33:14 40960 --a------ C:\Windows\system32\SSubTmr6.dll <Not Verified; vbAccelerator; SSubTmr6>
2008-02-20 13:33:14 1703936 --a------ C:\Windows\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-20 13:33:09 0 d-------- C:\Program Files\Kate's Video Joiner
2008-02-19 18:27:37 0 d-------- C:\Users\All Users\Test Drive Unlimited
2008-02-19 18:04:00 0 d-------- C:\Program Files\7-Zip
2008-02-19 17:54:54 0 d-------- C:\Program Files\MagicISO
2008-02-19 17:39:09 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-02-19 17:32:13 716272 --a------ C:\Windows\system32\drivers\sptd.sys
2008-02-17 17:56:49 0 d-------- C:\Program Files\ProxyWay
2008-02-16 16:29:46 506368 --a------ C:\Windows\system32\msxml.dll <Not Verified; Microsoft Corporation; Microsoft XML Core Services>
2008-02-13 14:48:08 0 d-------- C:\Users\All Users\NVIDIA
2008-02-13 14:13:44 262144 --a------ C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-02-13 14:13:44 86016 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2008-02-13 14:13:07 0 d-------- C:\Program Files\OpenLibraries
2008-02-12 20:39:28 14604 --a------ C:\Windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
2008-02-12 19:38:56 0 d-------- C:\Program Files\VirtualDJ
2008-02-12 18:09:37 450 --a------ C:\sccfg.sys
2008-02-12 18:09:32 110592 --a------ C:\Windows\system32\suppdll.dll
2008-02-12 18:09:32 77824 --a------ C:\Windows\system32\FLKill.exe <Not Verified; USPTO; Project1>
2008-02-12 18:09:30 0 d-------- C:\Program Files\Folder Lock
2008-02-11 20:28:50 737280 --a------ C:\Windows\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-02-10 15:31:25 68662 --a------ C:\Windows\matrix.scr
-- Find3M Report ---------------------------------------------------------------
2008-03-06 11:24:38 27649 --a------ C:\Users\srm\AppData\Roaming\nvModes.001
2008-03-04 21:45:44 0 d-------- C:\Users\srm\AppData\Roaming\DNA
2008-03-04 21:21:39 0 d-------- C:\Users\srm\AppData\Roaming\AVG7
2008-03-04 21:07:53 0 d-------- C:\Users\srm\AppData\Roaming\LimeWire
2008-03-04 20:59:24 0 d-------- C:\Program Files\MSN Messenger
2008-03-04 20:57:00 0 d-------- C:\Users\srm\AppData\Roaming\ppStream
2008-03-04 20:51:37 0 d-------- C:\Users\srm\AppData\Roaming\PPMate
2008-03-04 20:51:35 0 d-------- C:\Program Files\Common Files
2008-03-04 19:45:24 27649 --a------ C:\Users\srm\AppData\Roaming\nvModes.dat
2008-03-04 19:20:09 0 d-------- C:\Users\srm\AppData\Roaming\BitTorrent
2008-03-02 16:18:09 0 d-------- C:\Program Files\PKR
2008-02-29 15:49:17 0 d-------- C:\Users\srm\AppData\Roaming\ParetoLogic
2008-02-23 15:32:19 0 d-------- C:\Program Files\Atari
2008-02-23 13:29:34 0 d-------- C:\Users\srm\AppData\Roaming\SystemRequirementsLab
2008-02-19 18:45:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-19 18:45:29 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-19 17:31:53 0 d-------- C:\Users\srm\AppData\Roaming\DAEMON Tools
2008-02-16 16:38:29 0 d-------- C:\Program Files\Hewlett-Packard
2008-02-13 21:20:00 0 d-------- C:\Users\srm\AppData\Roaming\Roxio
2008-02-13 14:25:16 0 d-------- C:\Program Files\CONEXANT
2008-02-11 20:29:44 0 d-------- C:\Users\srm\AppData\Roaming\WinRAR
2008-02-07 20:24:02 0 d-------- C:\Users\srm\AppData\Roaming\dvdcss
2008-02-05 18:15:06 0 d-------- C:\Program Files\QuickTime
2008-02-05 18:12:43 0 d-------- C:\Program Files\Apple Software Update
2008-02-05 11:44:07 0 d-------- C:\Program Files\TVUPlayer
2008-02-03 13:39:40 0 d-------- C:\Users\srm\AppData\Roaming\TVU networks
2008-01-28 21:00:54 0 d-------- C:\Users\srm\AppData\Roaming\Hewlett-Packard
2008-01-25 21:06:24 0 d-------- C:\Program Files\CyberLink
2008-01-22 21:45:52 0 d-------- C:\Users\srm\AppData\Roaming\Leadertech
2008-01-16 21:29:28 0 d-------- C:\Program Files\Sitecube Builder
2008-01-16 13:28:03 0 d-------- C:\Users\srm\AppData\Roaming\Google
2008-01-16 13:28:03 0 d-------- C:\Program Files\Google
2008-01-16 13:16:29 0 d-------- C:\Program Files\DVDVideoSoft
2008-01-16 13:07:56 0 d-------- C:\Users\srm\AppData\Roaming\DivX
2008-01-15 16:56:44 0 d-------- C:\Program Files\DivX
2008-01-14 15:26:21 14 --a------ C:\Windows\system32\systeminfo.dll
2008-01-14 15:25:15 0 d-------- C:\Program Files\Java
2008-01-09 17:14:49 0 d-------- C:\Program Files\Windows Mail
2008-01-09 17:14:47 0 d-------- C:\Program Files\Windows Sidebar
2008-01-08 17:03:50 0 d-------- C:\Users\srm\AppData\Roaming\InstallShield
2008-01-08 14:47:40 0 d-------- C:\Program Files\Online TV Player 4
2008-01-08 14:06:23 0 d-------- C:\Program Files\Lavasoft
2008-01-07 13:45:21 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-05 21:05:38 286720 -----n--- C:\Windows\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>
2008-01-05 21:05:37 73216 --a------ C:\Windows\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-01-04 21:58:50 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2008-01-04 21:57:22 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-01-04 21:57:22 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-01-04 21:57:12 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 21:57:10 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-01-04 21:57:10 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 21:57:10 682496 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 21:56:24 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll
2008-01-04 02:28:41 2560 --a------ C:\Windows\_MSRSTRT.EXE
2008-01-03 19:09:10 0 -rahs---- C:\MSDOS.SYS
2008-01-03 19:09:10 0 -rahs---- C:\IO.SYS
2008-01-01 12:21:16 174 --ahs---- C:\Program Files\desktop.ini
2007-12-31 17:48:16 0 --a------ C:\Windows\nsreg.dat
2007-12-31 13:56:17 81 --a------ C:\Windows\system32\LOG
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [18/08/2007 17:31]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [15/09/2007 02:50]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [13/02/2007 18:38]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" []
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [01/03/2007 20:18]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [10/01/2007 23:12]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [17/02/2005 06:11]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 13:00]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [01/01/2008 15:45]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [15/09/2007 02:29]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [07/11/2007 08:05]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [07/11/2007 08:05]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [07/11/2007 08:05]
"MSConfig"="C:\Windows\system32\msconfig.exe" [02/11/2006 09:45]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [09/01/2008 12:38]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 12:35]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"Launcher"=%WINDIR%\SMINST\launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 01/01/2008 15:45 9216 C:\Windows\System32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=C:\Windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
"C:\Users\srm\Program Files\DNA\btdna.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
"C:\Program Files\HP\QuickPlay\QPService.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Defender]
"C:\Program Files\Speeditup Free\SearchDefender.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-03-06 11:32:05 ------------