Thread: help please
View Single Post
Old 05-01-2007, 10:40 AM   #3 (permalink)
ck101
Registered User
 
Join Date: Feb 2007
Posts: 23
OS: xp pro


Re: help please
contents of main:

Deckard's System Scanner v20070426.43
Run by Kejriwal on 2007-05-01 at 12:23:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
40: 2007-05-01 16:23:39 UTC - RP40 - Deckard's System Scanner Restore Point
39: 2007-05-01 04:03:46 UTC - RP39 - Installed Samsung PC Studio
38: 2007-05-01 04:02:46 UTC - RP38 - Installed Adobe Acrobat 8 Professional - English, Français, Deutsch
37: 2007-04-30 23:29:33 UTC - RP37 - Installed Adobe® Photoshop® Album Starter Edition 3.0
36: 2007-04-30 12:58:48 UTC - RP36 - Software Distribution Service 2.0


-- First Restore Point --
1: 2007-04-28 22:59:29 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as kejriwal.exe) --------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 12:36:24 PM, on 5/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Kejriwal\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Kejriwal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 NaiAvTdi1 - c:\windows\system32\drivers\mvstdi5x.sys <Not Verified; Network Associates, Inc.; VirusScan (Enterprise, ASaP & Retail.)>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R3 EntDrv51 - c:\windows\system32\drivers\entdrv51.sys <Not Verified; Network Associates, Inc; Virus Scan Enterprise, Entercept>
R3 NaiAvFilter1 - c:\windows\system32\drivers\naiavf5x.sys <Not Verified; Network Associates, Inc.; VirusScan (Enterprise, ASaP & Retail.)>

S3 GMSIPCI - e:\install\gmsipci.sys (file missing)
S3 NTACCESS - f:\ntaccess.sys (file missing)
S3 SetupNTGLM7X - f:\ntglm7x.sys (file missing)
S3 ssm_bus (Samsung Mobile USB Device II 1.0 driver (WDM)) - c:\windows\system32\drivers\ssm_bus.sys <Not Verified; MCCI; Samsung Mobile USB Device II 1.0>
S3 ssm_mdfl (Samsung Mobile USB Modem II 1.0 Filter) - c:\windows\system32\drivers\ssm_mdfl.sys <Not Verified; MCCI; Samsung Mobile USB Modem II 1.0 Filter Driver>
S3 ssm_mdm (Samsung Mobile USB Modem II 1.0 Drivers) - c:\windows\system32\drivers\ssm_mdm.sys <Not Verified; MCCI; Samsung Mobile USB Modem II 1.0>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 McAfeeFramework (McAfee Framework Service) - c:\program files\network associates\common framework\frameworkservice.exe /servicestart <Not Verified; Network Associates, Inc.; McAfee Common Framework>
R2 McTaskManager (Network Associates Task Manager) - "c:\program files\network associates\virusscan\vstskmgr.exe" <Not Verified; Network Associates, Inc.; VirusScan Enterprise>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Files created between 2007-04-01 and 2007-05-01 -----------------------------

2007-05-01 00:22:16 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\TransRender
2007-05-01 00:22:16 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Temporary
2007-05-01 00:22:16 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\ConvertTemp
2007-05-01 00:22:15 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Samsung
2007-05-01 00:04:30 174592 --a------ C:\WINDOWS\system32\framedyn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-01 00:04:12 0 d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2007-05-01 00:03:46 0 d-------- C:\Program Files\Samsung
2007-04-30 23:58:07 5632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2007-04-30 23:58:05 6096 -ra------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys <Not Verified; MCCI; Samsung Mobile USB Modem II 1.0 Filter Driver>
2007-04-30 23:57:49 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-04-30 23:57:41 0 d-------- C:\Program Files\Webroot
2007-04-30 23:57:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2007-04-30 23:51:30 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-04-30 23:51:24 6112 -ra------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys <Not Verified; MCCI; Samsung Mobile USB Modem II 1.0>
2007-04-30 23:51:24 6112 -ra------ C:\WINDOWS\system32\drivers\ssm_cm.sys <Not Verified; MCCI; Samsung Mobile USB Modem II 1.0>
2007-04-30 23:51:24 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-04-30 23:51:23 84512 -ra------ C:\WINDOWS\system32\drivers\ssm_mdm.sys <Not Verified; MCCI; Samsung Mobile USB Modem II 1.0>
2007-04-30 23:49:36 5776 -ra------ C:\WINDOWS\system32\drivers\ssm_whnt.sys <Not Verified; MCCI; Samsung Mobile USB Device II 1.0>
2007-04-30 23:49:36 5776 -ra------ C:\WINDOWS\system32\drivers\ssm_wh.sys <Not Verified; MCCI; Samsung Mobile USB Device II 1.0>
2007-04-30 23:49:35 52416 -ra------ C:\WINDOWS\system32\drivers\ssm_bus.sys <Not Verified; MCCI; Samsung Mobile USB Device II 1.0>
2007-04-30 23:46:29 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Webroot
2007-04-30 23:25:15 0 d-------- C:\Program Files\PowerISO
2007-04-30 19:29:49 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Adobe
2007-04-30 19:29:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-04-30 19:26:51 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-30 08:59:41 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2007-04-30 08:57:03 0 d---s---- C:\Documents and Settings\Kejriwal\UserData
2007-04-29 19:52:42 0 dr-h----- C:\Documents and Settings\Kejriwal\Recent
2007-04-29 19:31:48 0 d-------- C:\Documents and Settings\Kejriwal\Contacts
2007-04-29 19:31:21 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-04-29 19:31:15 0 d-------- C:\Program Files\MSN Messenger
2007-04-29 18:41:43 0 d--h----- C:\WINDOWS\msdownld.tmp
2007-04-29 17:25:12 0 d-------- C:\Start Menu
2007-04-29 17:25:10 0 d-------- C:\Program Files\MTV Networks
2007-04-29 17:24:24 0 d-------- C:\WINDOWS\Downloaded Installations
2007-04-29 13:57:20 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\vlc
2007-04-29 13:35:26 0 d-------- C:\Program Files\MSXML 4.0
2007-04-29 13:27:52 0 d-------- C:\Program Files\Common Files\L&H
2007-04-29 13:25:33 0 d-------- C:\Program Files\Microsoft.NET
2007-04-29 13:25:09 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-04-29 13:21:00 0 d-------- C:\Program Files\Microsoft Works
2007-04-29 13:17:35 0 d-------- C:\WINDOWS\SHELLNEW
2007-04-29 13:13:28 0 dr-h----- C:\MSOCache
2007-04-29 10:10:46 178176 -ra------ C:\WINDOWS\system32\LXAUSUI.DLL <Not Verified; Lexmark; Lexmark Z53 Color Jetprinter>
2007-04-29 09:24:43 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Macromedia
2007-04-28 23:14:41 0 d-------- C:\Program Files\MW
2007-04-28 23:07:51 0 d-------- C:\Documents and Settings\Kejriwal\.housecall6.6
2007-04-28 2236 0 d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-04-28 22:04:15 0 d-------- C:\WINDOWS\pss
2007-04-28 22:04:08 0 d-------- C:\Documents and Settings\Administrator\Application Data\AVG7
2007-04-28 22:02:27 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-04-28 22:02:27 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-04-28 22:02:27 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-04-28 22:02:27 0 d--h----- C:\Documents and Settings\Administrator\Recent
2007-04-28 22:02:27 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-04-28 22:02:27 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-04-28 22:02:27 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-04-28 22:02:27 0 d-------- C:\Documents and Settings\Administrator\My Documents
2007-04-28 22:02:27 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-04-28 22:02:27 0 d-------- C:\Documents and Settings\Administrator\Favorites
2007-04-28 22:02:27 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-04-28 22:02:27 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-04-28 22:02:27 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-04-28 22:02:27 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-04-28 21:44:24 0 d-------- C:\Program Files\Common Files\Cisco Systems
2007-04-28 21:44:09 58016 --a------ C:\WINDOWS\system32\drivers\mvstdi5x.sys <Not Verified; Network Associates, Inc.; VirusScan (Enterprise, ASaP & Retail.)>
2007-04-28 21:44:08 108256 --a------ C:\WINDOWS\system32\drivers\naiavf5x.sys <Not Verified; Network Associates, Inc.; VirusScan (Enterprise, ASaP & Retail.)>
2007-04-28 21:43:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Network Associates
2007-04-28 21:43:44 0 d-------- C:\Program Files\Network Associates
2007-04-28 21:43:44 0 d-------- C:\Program Files\Common Files\Network Associates
2007-04-28 21:43:32 0 d-------- C:\VirusScan8_Installer
2007-04-28 21:42:20 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\DivX
2007-04-28 21:05:02 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\TrojanHunter
2007-04-28 20:55:10 0 dr-h----- C:\$VAULT$.AVG
2007-04-28 20:49:47 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\AVG7
2007-04-28 20:49:38 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-04-28 20:49:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-04-28 20:49:14 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-04-28 20:48:01 0 d-------- C:\Program Files\TrojanHunter 4.6
2007-04-28 20:25:03 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Lavasoft
2007-04-28 20:21:50 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-04-28 20:21:44 0 d-------- C:\Program Files\SpywareLocked 3.5
2007-04-28 20:09:39 0 d-------- C:\WINDOWS\Sun
2007-04-28 20:09:39 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Sun
2007-04-28 2015 0 d-------- C:\Documents and Settings\Kejriwal\Shared
2007-04-28 2014 0 d-------- C:\Documents and Settings\Kejriwal\Incomplete
2007-04-28 20:05:45 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\LimeWire
2007-04-28 19:56:38 0 d-------- C:\Program Files\World of Warcraft
2007-04-28 19:56:38 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2007-04-28 19:50:12 0 d--hs---- C:\WINDOWS\ftpcache
2007-04-28 19:49:21 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Logitech
2007-04-28 19:48:04 0 d-------- C:\Program Files\Common Files\Logitech
2007-04-28 19:47:59 0 d-------- C:\Program Files\Logitech
2007-04-28 19:44:23 0 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-04-28 19:39:19 0 d-------- C:\WINDOWS\system32\PreInstall
2007-04-28 19:39:17 0 d--h----- C:\WINDOWS\$hf_mig$
2007-04-28 19:29:29 41984 -----n--- C:\WINDOWS\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative On-line Registration System>
2007-04-28 19:27:12 0 d-------- C:\Program Files\Creative
2007-04-28 19:23:50 0 d-------- C:\Program Files\Windows Media Connect 2
2007-04-28 19:23:01 0 d-------- C:\303020ef23ea965ff6
2007-04-28 19:22:52 0 d-------- C:\WINDOWS\system32\LogFiles
2007-04-28 19:22:52 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-28 19:21:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-04-28 19:19:51 0 d-------- C:\Program Files\Common Files\xing shared
2007-04-28 19:19:42 0 d-------- C:\Program Files\Real
2007-04-28 19:19:42 0 d-------- C:\Program Files\Common Files\Real
2007-04-28 19:18:57 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Real
2007-04-28 19:18:13 0 d-------- C:\Program Files\VideoLAN
2007-04-28 19:17:34 0 d-------- C:\Program Files\DivX
2007-04-28 19:15:56 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2007-04-28 19:15:54 364544 -----n--- C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4>
2007-04-28 19:15:54 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-04-28 19:15:54 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-04-28 19:15:54 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-04-28 19:15:53 38912 -----n--- C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2007-04-28 19:15:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2007-04-28 19:15:50 0 d-------- C:\Program Files\Common Files\Ahead
2007-04-28 19:15:46 0 d-------- C:\Program Files\Ahead
2007-04-28 19:13:40 0 d-------- C:\Program Files\Java
2007-04-28 19:13:25 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\acccore
2007-04-28 19:13:13 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2007-04-28 19:13:10 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2007-04-28 19:13:09 0 d-------- C:\Program Files\Viewpoint
2007-04-28 19:13:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-04-28 19:13:08 0 d-------- C:\Program Files\Common Files\Java
2007-04-28 19:13:04 0 d-------- C:\Program Files\Common Files\Nullsoft
2007-04-28 19:13:03 0 d-------- C:\Program Files\LimeWire
2007-04-28 19:12:55 0 d-------- C:\Program Files\Common Files\AOL
2007-04-28 19:12:52 0 d-------- C:\Program Files\AIM6
2007-04-28 19:11:31 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-04-28 19:10:39 0 d-------- C:\Program Files\Lavasoft
2007-04-28 19:10:22 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-28 19:10:14 0 d-------- C:\Program Files\BitLord
2007-04-28 19:08:36 0 d-------- C:\WINDOWS\OPTIONS
2007-04-28 19:04:28 335 --a------ C:\WINDOWS\nsreg.dat
2007-04-28 19:04:26 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Mozilla
2007-04-28 19:04:03 516096 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2007-04-28 19:03:53 294912 -ra------ C:\WINDOWS\system32\atiiiexx.dll <Not Verified; ATI Technologies Inc.; ATI Display Driver Utilities>
2007-04-28 19:03:51 72105 -ra------ C:\WINDOWS\system32\atiicdxx.dat
2007-04-28 19:03:34 0 d-------- C:\Program Files\ATI Technologies
2007-04-28 19:03:25 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 19:03:18 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-04-28 19:03:12 0 d-------- C:\Program Files\Realtek Sound Manager
2007-04-28 19:03:10 0 d-------- C:\Program Files\AvRack
2007-04-28 19:03:06 208896 -----n--- C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Update Application for Realtek AC'97>
2007-04-28 19:03:06 135168 -----n--- C:\WINDOWS\alcrmv.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Removing Tool>
2007-04-28 19:02:33 0 d-------- C:\Program Files\Intel
2007-04-28 19:01:57 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-28 19:01:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-04-28 19:01:38 0 d-------- C:\Program Files\Common Files\InstallShield
2007-04-28 19:01:29 24064 --a------ C:\WINDOWS\autoload.exe
2007-04-28 18:59:09 0 d-------- C:\Documents and Settings\Kejriwal\Application Data\Identities
2007-04-28 18:58:58 0 d--h----- C:\Documents and Settings\Kejriwal\Templates
2007-04-28 18:58:58 0 dr------- C:\Documents and Settings\Kejriwal\Start Menu
2007-04-28 18:58:58 0 dr-h----- C:\Documents and Settings\Kejriwal\SendTo
2007-04-28 18:58:58 0 d--h----- C:\Documents and Settings\Kejriwal\PrintHood
2007-04-28 18:58:58 1835008 --ah----- C:\Documents and Settings\Kejriwal\NTUSER.DAT
2007-04-28 18:58:58 0 d--h----- C:\Documents and Settings\Kejriwal\NetHood
2007-04-28 18:58:58 0 dr------- C:\Documents and Settings\Kejriwal\My Documents
2007-04-28 18:58:58 0 d--h----- C:\Documents and Settings\Kejriwal\Local Settings
2007-04-28 18:58:58 0 dr------- C:\Documents and Settings\Kejriwal\Favorites
2007-04-28 18:58:58 0 d-------- C:\Documents and Settings\Kejriwal\Desktop
2007-04-28 18:58:58 0 d---s---- C:\Documents and Settings\Kejriwal\Cookies
2007-04-28 18:58:58 0 dr-h----- C:\Documents and Settings\Kejriwal\Application Data
2007-04-28 18:58:38 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-04-28 18:57:35 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-04-28 18:57:25 0 d-------- C:\WINDOWS\Prefetch
2007-04-28 18:57:24 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-04-28 18:57:24 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-04-28 18:57:24 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-04-28 18:57:24 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2007-04-28 18:57:24 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-04-28 18:57:24 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-04-28 18:57:17 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-04-28 18:57:17 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-04-28 18:57:17 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-04-28 18:57:17 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-04-28 18:57:17 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-04-28 17:29:26 0 d-------- C:\WINDOWS\system32\xircom
2007-04-28 17:29:26 0 d-------- C:\Program Files\microsoft frontpage
2007-04-28 17:29:17 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-04-28 17:29:06 0 -rahs---- C:\MSDOS.SYS
2007-04-28 17:29:06 0 -rahs---- C:\IO.SYS
2007-04-28 17:29:06 0 --a------ C:\CONFIG.SYS
2007-04-28 17:29:06 0 --a------ C:\AUTOEXEC.BAT
2007-04-28 17:28:01 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-04-28 17:27:52 0 dr------- C:\WINDOWS\Offline Web Pages
2007-04-28 17:27:52 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-28 17:27:42 0 d--h----- C:\Program Files\WindowsUpdate
2007-04-28 17:27:25 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-28 17:26:59 0 d---s---- C:\WINDOWS\Tasks
2007-04-28 17:26:58 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-28 17:26:56 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-28 17:26:56 0 d-------- C:\WINDOWS\srchasst
2007-04-28 17:26:50 0 d-------- C:\Program Files\Movie Maker
2007-04-28 17:26:47 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 17:26:44 0 d-------- C:\WINDOWS\system32\Restore
2007-04-28 17:26:41 105984 --a------ C:\WINDOWS\system32\msoert2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 17:26:12 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-28 17:25:59 0 d-------- C:\WINDOWS\Registration
2007-04-28 17:25:52 0 d-------- C:\Program Files\Online Services
2007-04-28 17:25:47 0 d-------- C:\Program Files\Messenger
2007-04-28 17:25:45 0 d-------- C:\Program Files\MSN Gaming Zone
2007-04-28 17:25:37 44544 --a------ C:\WINDOWS\system32\hticons.dll <Not Verified; Hilgraeve, Inc.; Microsoft® Windows® Operating System>
2007-04-28 17:25:30 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 17:25:16 0 d-------- C:\Program Files\Windows NT
2007-04-28 17:25:14 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 17:25:14 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-28 17:25:13 0 d-------- C:\WINDOWS\system32\Com
2007-04-28 17:25:12 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2007-04-28 13:18:51 928256 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Miniport Driver>
2007-04-28 13:18:51 428320 --a------ C:\WINDOWS\system32\ativvaxx.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon Video Acceleration Universal Driver>
2007-04-28 13:18:51 2169120 --a------ C:\WINDOWS\system32\ati3duag.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon DirectX Universal Driver>
2007-04-28 13:18:50 222208 --a------ C:\WINDOWS\system32\ati2dvag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Display Driver>
2007-04-28 13:18:50 245760 --a------ C:\WINDOWS\system32\ati2cqag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon Family>
2007-04-28 13:18:28 5504 --a------ C:\WINDOWS\system32\drivers\intelide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 13:18:21 74240 --a------ C:\WINDOWS\system32\usbui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 13:16:44 0 d--hs---- C:\WINDOWS\Installer
2007-04-28 13:16:43 0 d-------- C:\Program Files\Common Files\ODBC
2007-04-28 13:16:39 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-28 13:16:37 0 d-a------ C:\Program Files
2007-04-28 13:16:30 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 13:16:28 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 13:16:25 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-28 13:16:03 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-04-28 13:16:03 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-04-28 13:16:03 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-04-28 13:16:03 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-04-28 13:16:03 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-04-28 13:16:03 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-04-28 13:16:03 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-04-28 13:16:03 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-04-28 13:16:03 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-04-28 13:16:03 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-04-28 13:16:03 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-04-28 13:16:03 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-04-28 13:16:03 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-04-28 13:16:03 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-04-28 13:16:03 0 dr------- C:\Documents and Settings\All Users\Documents
2007-04-28 13:16:03 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-04-28 13:14:09 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-04-28 13:14:09 0 d-------- C:\WINDOWS\system32\CatRoot
2007-04-28 13:14:03 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-04-28 13:14:03 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-04-28 13:14:03 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-04-28 13:14:03 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-04-28 13:12:11 0 d--hs---- C:\System Volume Information
2007-04-28 13:12:11 0 d-------- C:\Documents and Settings
2007-04-28 13:03:37 0 d-------- C:\WINDOWS
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\WinSxS
2007-04-28 13:03:37 0 dr------- C:\WINDOWS\Web
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\twain_32
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\wins
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\wbem
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\usmt
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\spool
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\ShellExt
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\Setup
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\ras
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\oobe
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\npp
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\mui
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\inetsrv
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\IME
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\icsxml
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\ias
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\export
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\drivers
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-28 13:03:37 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\dhcp
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\config
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\3076
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\2052
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1054
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1042
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1041
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1037
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1033
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1031
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1028
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system32\1025
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\system
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\security
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Resources
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\repair
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Provisioning
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\PeerNet
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\pchealth
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\mui
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\msapps
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\msagent
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Media
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\java
2007-04-28 13:03:37 0 d--h----- C:\WINDOWS\inf
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\ime
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Help
2007-04-28 13:03:37 0 dr--s---- C:\WINDOWS\Fonts
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\ehome
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Driver Cache
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Debug
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Cursors
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Connection Wizard
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\Config
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\AppPatch
2007-04-28 13:03:37 0 d-------- C:\WINDOWS\addins
2007-04-09 08:27:07 31548 --a------ C:\WINDOWS\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>


-- Find3M Report ---------------------------------------------------------------

2007-04-30 19:29:17 6 --a------ C:\Documents and Settings\Kejriwal\Application Data\dm.ini
2007-04-30 19:29:17 1467 --a------ C:\Documents and Settings\Kejriwal\Application Data\AdobeDLM.log
2007-04-28 13:16:03 62 --ahs---- C:\Documents and Settings\Kejriwal\Application Data\desktop.ini
2007-03-27 03:55:57 524288 --a------ C:\WINDOWS\system32\DivXsm.exe <Not Verified; DivX Inc.; DivX Inc. divxsm>
2007-03-27 03:55:48 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-03-27 03:55:23 200704 --a------ C:\WINDOWS\system32\ssldivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit>
2007-03-27 03:55:23 1044480 --a------ C:\WINDOWS\system32\libdivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit>
2007-03-27 03:49:07 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-03-27 03:49:07 73728 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-03-27 03:49:05 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll <Not Verified; DivXNetworks; DivXNetworks dpuGUI10>
2007-03-27 03:49:03 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll <Not Verified; DivXNetworks; DivXNetworks dpuGUI11>
2007-03-27 03:49:02 57344 --a------ C:\WINDOWS\system32\dpv11.dll <Not Verified; DivXNetworks; DivXNetworks dpv11>
2007-03-27 03:49:02 344064 --a------ C:\WINDOWS\system32\dpus11.dll <Not Verified; DivXNetworks; DivXNetworks dpus11>
2007-03-27 03:49:02 294912 --a------ C:\WINDOWS\system32\dpu11.dll <Not Verified; DivXNetworks; DivXNetworks dpu11>
2007-03-27 03:49:02 294912 --a------ C:\WINDOWS\system32\dpu10.dll <Not Verified; DivXNetworks; DivXNetworks dpu11>
2007-03-27 03:48:59 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-03-27 03:48:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-03-27 03:48:58 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-03-27 03:48:58 639066 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe\""
"ShStatEXE"="\"C:\\Program Files\\Network Associates\\VirusScan\\SHSTAT.EXE\" /STANDALONE"
"McAfeeUpdaterUI"="\"C:\\Program Files\\Network Associates\\Common Framework\\UpdaterUI.exe\" /StartedFromRunKey"
"PWRISOVM.EXE"="\"C:\\Program Files\\PowerISO\\PWRISOVM.EXE\""
@=""
"SpySweeper"="C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe /startintray"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"rare"="C:\\Program Files\\Video AX Object\\smmain.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{4233ac08-a2c4-4742-a0b4-83719613d62c}"="grassily"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Acrotray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\Acrotray.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="apdproxy"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgcc"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareLocked 3.5]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SpywareLocked 3"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\SpywareLocked 3.5\\SpywareLocked 3.5.exe\" /h"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="THGuard"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\TrojanHunter 4.6\\THGuard.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_ENTDRV51
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_SCDEMU
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_STAROPEN


-- End of Deckard's System Scanner: finished at 2007-05-01 at 12:37:23 ---------



thanks
Attached Files
File Type: txt extra.txt (11.5 KB, 1 views)
ck101 is offline