Thread: slimsay's thread
View Single Post
Old 10-03-2007, 10:07 PM   #1 (permalink)
slimsay
Registered User
 
Join Date: Oct 2007
Posts: 53
OS: xp


slimsay's thread
Deckard's System Scanner v20070905.67
Run by randy on 2007-10-03 22:36:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
48: 2007-10-04 06:36:17 UTC - RP201 - Deckard's System Scanner Restore Point
47: 2007-10-04 02:37:08 UTC - RP200 - Eliminado Adobe Photoshop
46: 2007-10-04 02:23:10 UTC - RP199 - Instalado Adobe Photoshop
45: 2007-10-03 21:23:33 UTC - RP198 - Removed BitDefender Internet Security 2008
44: 2007-10-02 19:47:14 UTC - RP197 - Installed BitDefender Internet Security 2008


-- First Restore Point --
1: 2007-09-25 00:41:19 UTC - RP154 - BricoPack Automatic Restore Point


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 447 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-10-03 22:38:25
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16512)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTTrayp.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
C:\Program Files\Multimedia Mouse Driver\MouseDrv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\randy\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F0 - system.ini: Shell=Explorer.exe C:\WINDOWS\Config\lsass.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\lsass.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKEY_LOCAL_MACHINE\..\Run: [VTTimer] VTTimer.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKEY_LOCAL_MACHINE\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKEY_LOCAL_MACHINE\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [WireLessMouse] C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKEY_LOCAL_MACHINE\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKEY_LOCAL_MACHINE\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKEY_LOCAL_MACHINE\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKEY_LOCAL_MACHINE\..\RunServices: [Microsoft Updates] svshost.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r
O4 - HKCU\..\Run: [Total Uninstall Agent] "C:\Program Files\Total Uninstall 4\TuAgent.exe"
O4 - HKCU\..\Run: [Real Desktop] "C:\Program Files\Real Desktop\Real Desktop.exe"
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get...irector/sw.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get.../ultrashim.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
O23 - Service: Apple Mobile Device - Apple, Inc. - "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
O23 - Service: ProtexisLicensing - Unknown owner - "C:\Program Files\Common Files\Protexis\License Service\PSIService.exe"


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 BIOS - c:\windows\system32\drivers\bios.sys <Not Verified; BIOSTAR Group; BIOSTAR I/O driver fle>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>

S3 Profos - c:\program files\common files\bitdefender\bitdefender threat scanner\profos.sys (file missing)
S3 SABProcEnum - c:\progra~1\mozill~1\sabprocenum.sys (file missing)
S3 SymIM (Symantec Network Security Intermediate Filter Service) - c:\windows\system32\drivers\symim.sys (file missing)
S3 SymIMMP - c:\windows\system32\drivers\symim.sys (file missing)
S3 Trufos - c:\program files\common files\bitdefender\bitdefender threat scanner\trufos.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 ProtexisLicensing - "c:\program files\common files\protexis\license service\psiservice.exe" <Not Verified; ; PSIService>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-09-14 13:08:39 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-08-27 23:37:11 386 --a------ C:\WINDOWS\Tasks\rpc.job


-- Files created between 2007-09-03 and 2007-10-03 -----------------------------

2007-10-03 22:08:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2007-10-03 22:07:12 0 --a------ C:\WINDOWS\nsreg.dat
2007-10-03 22:07:05 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2007-10-03 14:37:16 0 d-------- C:\Program Files\Clock Tray Skins
2007-10-01 14:23:21 4912 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-10-01 11:54:02 0 d-------- C:\Program Files\Windows Live
2007-09-30 14:35:21 0 d-------- C:\Program Files\ViStart_www.softarchive.net
2007-09-30 13:57:33 0 d-------- C:\Program Files\Real Desktop
2007-09-30 13:14:16 0 d-------- C:\Documents and Settings\randy\Application Data\FogelSoft
2007-09-29 1803 0 d-------- C:\Program Files\XP Repair Pro 2007
2007-09-29 17:57:29 0 d-------- C:\Program Files\XPRepairPro2006
2007-09-28 14:01:29 0 d-------- C:\Documents and Settings\randy\Application Data\Leadertech
2007-09-28 12:24:47 0 d-------- C:\Program Files\Kaspersky Lab
2007-09-28 01:35:25 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-09-28 01:31:53 0 d-------- C:\Program Files\Common Files\BitDefender
2007-09-27 02:39:01 0 d-------- C:\Documents and Settings\LocalService\Desktop
2007-09-27 02:38:23 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2007-09-27 00:52:21 0 d-------- C:\Program Files\Common Files\McAfee
2007-09-27 00:50:06 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2007-09-26 23:49:10 0 d-------- C:\Documents and Settings\randy\Application Data\Opera
2007-09-26 18:54:50 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Identities
2007-09-26 18:53:26 0 d-------- C:\Program Files\Windows Desktop Search
2007-09-26 18:49:06 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-09-26 18:46:44 0 d-------- C:\Program Files\Windows Live Toolbar
2007-09-26 10:49:17 0 d-------- C:\Documents and Settings\randy\Application Data\???????sAppData
2007-09-26 07:11:05 131072 --a------ C:\WINDOWS\SNVerifyDLL.dll
2007-09-26 07:11:05 1032192 --a------ C:\WINDOWS\AquaReal.scr
2007-09-26 07:11:03 0 d-------- C:\Program Files\Formosoft
2007-09-26 06:54:35 118784 --a------ C:\WINDOWS\dx7ogl32.dll
2007-09-26 06:54:34 4770816 --a------ C:\WINDOWS\3D Fish School 3.scr
2007-09-26 06:54:34 0 d-------- C:\Program Files\3D Fish School 3
2007-09-24 21:15:11 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-09-24 14:46:48 0 d-------- C:\Program Files\AIMP2
2007-09-19 19:21:27 0 d-------- C:\Program Files\Microsoft Encarta
2007-09-18 19:52:56 0 d-------- C:\Documents and Settings\randy\Application Data\Symantec
2007-09-14 22:59:58 0 d-------- C:\Program Files\Microsoft Works
2007-09-14 22:59:25 0 d-------- C:\Program Files\MSBuild
2007-09-14 22:56:29 0 d-------- C:\Program Files\Microsoft.NET
2007-09-14 22:43:31 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2007-09-14 22:39:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-09-14 22:27:20 0 d-------- C:\Program Files\PowerISO
2007-09-14 13:07:59 0 d-------- C:\Program Files\Apple Software Update
2007-09-14 09:51:12 0 d-------- C:\Program Files\Microsoft Silverlight
2007-09-07 20:15:35 0 d-------- C:\Documents and Settings\randy\Application Data\MSN6
2007-09-07 20:15:35 0 d-------- C:\Documents and Settings\All Users\Application Data\MSN6


-- Find3M Report ---------------------------------------------------------------

2007-10-03 22:00:45 0 d-------- C:\Documents and Settings\randy\Application Data\uTorrent
2007-10-03 22:00:44 752 --a------ C:\Documents and Settings\randy\Application Data\ClockTraySkins.ini
2007-10-03 20:08:37 0 d-------- C:\Documents and Settings\randy\Application Data\Adobe
2007-10-03 19:58:02 0 d-------- C:\Program Files\Common Files\Adobe
2007-10-03 18:22:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-01 14:43:23 0 d-------- C:\Program Files\Movie Maker
2007-10-01 14:40:30 72074 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-09-30 17:44:36 0 d-------- C:\Program Files\Windows Live Safety Center
2007-09-28 19:18:41 1791 --a------ C:\WINDOWS\mozver.dat
2007-09-28 19:18:36 0 d-------- C:\Program Files\Common Files
2007-09-28 14:13:48 0 d-------- C:\Documents and Settings\randy\Application Data\dvdcss
2007-09-28 12:41:58 0 d-------- C:\Program Files\OneStepSearch
2007-09-28 12:24:59 0 d-------- C:\Program Files\Windows Media Connect 2
2007-09-27 01:24:31 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-26 10:49:32 0 d-------- C:\Documents and Settings\randy\Application Data\???????sAppData
2007-09-26 07:08:13 0 d-------- C:\Program Files\Common Files\InstallShield
2007-09-19 20:12:43 0 d-------- C:\Program Files\Yahoo!
2007-09-19 20:12:38 0 d-------- C:\Program Files\Common Files\Scanner
2007-09-18 23:37:15 0 d-------- C:\Documents and Settings\randy\Application Data\SUPERAntiSpyware.com
2007-09-18 23:37:08 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-09-17 17:05:52 0 d-------- C:\Documents and Settings\randy\Application Data\Apple Computer
2007-09-03 09:18:34 0 d-------- C:\Program Files\uTorrent
2007-08-29 13:42:37 0 d-------- C:\Program Files\DivX
2007-08-29 13:02:06 0 d-------- C:\Documents and Settings\randy\Application Data\Yahoo!
2007-08-27 23:16:09 0 d-------- C:\Program Files\Common Files\Download Manager
2007-08-26 22:48:20 0 d-------- C:\Program Files\Flash N Burn
2007-08-26 13:36:45 0 d-------- C:\Program Files\MyWebSearch
2007-08-25 21:26:47 0 d-------- C:\Documents and Settings\randy\Application Data\AIMP
2007-08-10 22:20:18 0 d-------- C:\Program Files\Windows Sidebar
2007-08-07 19:03:17 0 d-------- C:\Program Files\Common Files\Motorola Shared
2007-08-04 20:39:47 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2007-07-30 18:19:16 68440 --a------ C:\WINDOWS\system32\wuauclt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-21 22:47:51 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-21 06:14:59 8 -r-hs---- C:\WINDOWS\system32\6DF6599B4E.sys
2007-07-07 12:30:09 877146 --a------ C:\Documents and Settings\randy\Application Data\NAB_Install.log


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [03/08/2005 02:33 AM C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [03/11/2005 04:33 PM C:\WINDOWS\system32\VTTrayp.exe]
"SoundMan"="SOUNDMAN.EXE" [03/01/2006 03:22 PM C:\WINDOWS\soundman.exe]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" []
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" []
"cafwc"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 02:06 AM]
"WireLessMouse"="C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe" [11/30/2005 11:48 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/01/2007 02:57 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [02/16/2005 03:15 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [02/16/2005 03:15 PM]
"SMSERIAL"="sm56hlpr.exe" []
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [11/06/2006 12:27 AM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/26/2006 11:47 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [01/15/2007 09:28 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/29/2007 12:22 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [05/16/2007 08:27 AM]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []
"ViOrb"="C:\Program Files\ViOrb\ViOrb.exe" []
"ViStart"="C:\Program Files\ViStart\ViStart.exe" []
"XPRepairPro2007"="C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe" []
"Total Uninstall Agent"="C:\Program Files\Total Uninstall 4\TuAgent.exe" []
"Real Desktop"="C:\Program Files\Real Desktop\Real Desktop.exe" []
"SkinClock"="C:\Program Files\Clock Tray Skins\ClockTraySkins.exe" [09/13/2007 09:07 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"Microsoft Updates"=svshost.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\randy\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [6/27/2007 6:56:26 PM]
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [10/26/2006 7:24:54 PM]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [5/20/2006 11:43:08 PM]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [5/20/2006 11:43:14 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [6/27/2007 6:56:26 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"NoDispCPL"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=0 (0x0)
"NoPropertiesMyComputer"=0 (0x0)
"NoViewContextMenu"=0 (0x0)
"NoFileAssociate"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogoff"=0 (0x0)
"NoSMHelp"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"HideClock"=0 (0x0)
"NoTrayItemsDisplay"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe C:\WINDOWS\Config\lsass.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
UmxWnp.Dll 01/31/2007 01:00 PM 79368 C:\WINDOWS\system32\UmxWNP.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5a3715da-2427-11dc-a915-806d6172696f}]
AutoRun\command- E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76ee0c80-657a-11dc-be68-00192167bb26}]
Auto\command- sxs.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cc795e4-357f-11dc-bdbb-00192167bb26}]
AutoRun\command- F:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2007-10-03 22:41:11 ------------
slimsay is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here