I've been making a lot of tweaks to my system lately, and think I picked up a bug somewhere. None of the virus or spyware scans that I've run have picked up anything, though.
The only virus detection that has picked anything up was AVAST about 2 weeks ago, but I believed it to be a false positive since it was identified only as a generic trojan that I couldn't find any info on. I quarantined the file anyway, and didn't complete any actions, so I thought I was in OK shape. But now everything is just slow as hell, even just copying files from one folder to another. Computer isn't responsive, even just clicking on desktop icons.
One of the tipoffs for me was that the clock in my taskbar is constantly wrong. Can't seem to get it of "24 hour" time.
Here's my logfile:
Deckard's System Scanner v20071014.68
Run by Corey on 2007-12-30 11:35:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Corey.exe) -----------------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-12-30 11:39:29
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Documents and Settings\Corey\Desktop\dss.exe
C:\Program Files\Trend Micro\HijackThis\Corey.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...soft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1187235028390
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: sockspy.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 11442 bytes
-- Files created between 2007-11-30 and 2007-12-30 -----------------------------
2007-12-30 03:19:28 0 d-------- C:\Program Files\Trend Micro
2007-12-30 00:51:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-12-29 23:22:03 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-12-29 23:22:03 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\Recent
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-12-29 23:22:03 0 d-------- C:\Documents and Settings\Administrator\My Documents
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-12-29 23:22:03 0 d-------- C:\Documents and Settings\Administrator\Favorites
2007-12-29 23:22:03 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-12-29 23:22:03 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2007-12-29 23:22:03 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-12-29 23:22:03 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-12-29 23:22:02 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-12-29 23:17:41 0 d-------- C:\WINDOWS\pss
2007-12-29 15:37:35 4 --a------ C:\WINDOWS\system32\83F448
2007-12-29 15:37:32 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-12-29 15:36:59 8413 --a------ C:\WINDOWS\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
2007-12-29 15:22:29 0 dr-h----- C:\Documents and Settings\Corey\Recent
2007-12-26 14:19:35 0 d-------- C:\Program Files\GameSpy Arcade
2007-12-25 23:41:14 0 d-------- C:\Program Files\Netflix
2007-12-25 19:09:27 0 d-------- C:\Program Files\SyncToy 2.0 Beta
2007-12-25 19:09:09 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-17 20:18:31 0 d-------- C:\ProgramData
2007-12-17 20:17:29 0 d-------- C:\Program Files\Electronic Arts
2007-12-17 20:16:49 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2007-12-17 20:16:49 118832 --a------ C:\WINDOWS\system32\SHW32.DLL <Not Verified; MicroQuill Software Publishing, Inc.; SmartHeap>
2007-12-17 19:58:19 0 d-------- C:\Program Files\Common Files\Logitech
2007-12-17 19:58:03 0 d-------- C:\Program Files\Logitech
2007-12-10 19:50:07 0 d-------- C:\Program Files\MP3Gain
2007-12-09 18:27:21 0 d-------- C:\Program Files\Karen's Power Tools
2007-12-09 18:27:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Karen's Power Tools
2007-12-09 18:25:22 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-12-09 17:35:57 0 d-------- C:\Program Files\TagRename
2007-12-09 17:28:53 0 d-------- C:\Program Files\EasyTAG
2007-12-09 13:58:10 0 d-------- C:\Documents and Settings\Corey\Application Data\RTPlayer
2007-12-09 13:51:24 0 d-------- C:\Program Files\lame3.98b6
2007-12-09 13:37:59 0 d-------- C:\Documents and Settings\Corey\Application Data\tunebite
2007-12-09 13:37:57 0 d-------- C:\WINDOWS\system32\Logs
2007-12-09 13:36:44 19200 --a------ C:\WINDOWS\system32\drivers\tbhsd.sys <Not Verified; RapidSolution Software AG; Tunebite High-Speed Dubbing>
2007-12-09 13:36:44 0 d-------- C:\Program Files\Tunebite
2007-12-09 11:49:57 0 d-------- C:\Program Files\Common Files\Real
2007-12-09 11:49:22 0 d-------- C:\Program Files\Real
2007-12-09 11:48:59 0 d-------- C:\Program Files\Rhapsody
2007-12-08 23:26:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2007-12-08 23:26:35 0 d-------- C:\Documents and Settings\Corey\Application Data\Azureus
2007-12-08 23:26:15 0 d-------- C:\Program Files\Azureus
2007-12-08 23:25:44 0 d-------- C:\WINDOWS\Sun
2007-12-08 23:25:44 0 d-------- C:\Documents and Settings\Corey\Application Data\Sun
2007-12-08 23:24:32 0 d-------- C:\Program Files\Java
2007-12-08 23:24:15 0 d-------- C:\Program Files\Common Files\Java
2007-12-08 23:24:05 671 --a------ C:\WINDOWS\mozver.dat
2007-11-30 02:42:17 0 d-------- C:\Documents and Settings\Corey\Application Data\dvdcss
-- Find3M Report ---------------------------------------------------------------
2007-12-30 11:34:34 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-12-30 02:08:54 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-12-26 14:04:51 0 d-------- C:\Program Files\EA Sports
2007-12-26 03:06:02 0 d-------- C:\Program Files\Trader's Little Helper
2007-12-25 23:31:13 0 d-------- C:\Documents and Settings\Corey\Application Data\Real
2007-12-17 20:18:44 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-17 20:10:07 0 d-------- C:\Program Files\Common Files\EasyInfo
2007-12-17 19:58:19 0 d-------- C:\Program Files\Common Files
2007-12-09 16:41:48 0 d-------- C:\Documents and Settings\Corey\Application Data\.easytag
2007-12-09 11:28:19 0 d-------- C:\Program Files\PeerGuardian2
2007-12-09 03:16:41 0 d-------- C:\Program Files\MediaCoder
2007-12-09 02:29:46 0 d-------- C:\Documents and Settings\Corey\Application Data\Vso
2007-11-29 23:09:00 0 d-------- C:\Program Files\Elaborate Bytes
2007-11-28 01:22:43 0 d-------- C:\Documents and Settings\Corey\Application Data\Adobe
2007-11-28 00:31:53 0 d-------- C:\Program Files\Common Files\Control Panels
2007-11-28 00:31:50 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-27 19:47:56 0 d-------- C:\Documents and Settings\Corey\Application Data\Download Manager
2007-11-26 22:10:17 0 d-------- C:\Program Files\Rockstar Games
2007-11-26 21:16:30 0 d-------- C:\Program Files\Aspyr Media, Inc
2007-11-26 21:10:12 0 d-------- C:\Program Files\Pure Pinball 2.0 REDUX
2007-11-26 20:56:00 0 dr-h----- C:\Documents and Settings\Corey\Application Data\SecuROM
2007-11-26 02:26:37 0 d-------- C:\Documents and Settings\Corey\Application Data\Apple Computer
2007-11-26 02:23:29 0 d-------- C:\Documents and Settings\Corey\Application Data\SorensonMedia
2007-11-26 02:19:45 0 d-------- C:\Program Files\Sorenson Media
2007-11-26 02:17:49 0 d-------- C:\Program Files\iTunes
2007-11-26 02:17:43 0 d-------- C:\Program Files\iPod
2007-11-26 02:17:34 0 d-------- C:\Program Files\QuickTime
2007-11-26 02:17:13 0 d-------- C:\Program Files\Apple Software Update
2007-11-26 02:16:59 0 d-------- C:\Program Files\Common Files\Apple
2007-11-26 02:02:55 0 d-------- C:\Program Files\Lavasoft
2007-11-26 02:01:41 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-26 01:26:45 0 d-------- C:\Documents and Settings\Corey\Application Data\Nero
2007-11-26 01:26:24 0 d-------- C:\Program Files\Common Files\Ahead
2007-11-26 01:26:22 0 d-------- C:\Program Files\Nero
2007-11-26 00:37:46 0 d-------- C:\Documents and Settings\Corey\Application Data\Media Player Classic
2007-11-26 00:35:07 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-11-26 00:21:07 0 d-------- C:\Program Files\FileZilla
2007-11-26 00:19:06 81135 --a------ C:\WINDOWS\HPHins08.dat
2007-11-26 00:17:45 0 d-------- C:\Documents and Settings\Corey\Application Data\HP
2007-11-26 00:10:33 0 d-------- C:\Documents and Settings\Corey\Application Data\Printer Info Cache
2007-11-26 00:10:33 0 d-------- C:\Documents and Settings\Corey\Application Data\Image Zone Express
2007-11-26 00:10:25 0 d-------- C:\Program Files\Common Files\HP
2007-11-26 00:10:24 0 d-------- C:\Program Files\HP
2007-11-26 00:07:33 46675 --a------ C:\Documents and Settings\Corey\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
2007-11-26 00:02:30 56633 --a------ C:\Documents and Settings\Corey\Application Data\Update_HP_RedboxHprblog_HPSU.log
2007-11-26 00:00:27 0 d-------- C:\Program Files\Hewlett-Packard
2007-11-25 23:48:19 0 d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2007-11-25 23:47:37 0 d-------- C:\Documents and Settings\Corey\Application Data\EPSON
2007-11-25 23:43:36 0 d-------- C:\Documents and Settings\Corey\Application Data\Leadertech
2007-11-25 23:42:57 0 d-------- C:\Program Files\epson
2007-11-25 23:31:15 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-25 22:53:05 0 d-------- C:\Program Files\Zune
2007-11-25 22:34:05 0 d-------- C:\Program Files\Bonjour
2007-11-25 22:30:20 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-11-25 22:08:55 0 d-------- C:\Program Files\TechSmith
2007-11-25 21:48:43 34 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.log
2007-11-25 21:48:40 47360 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-11-25 21:48:40 1144 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.inf
2007-11-25 21:48:40 7887 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.cat
2007-11-25 21:48:34 0 d-------- C:\Program Files\VSO
2007-11-25 21:32:42 0 d-------- C:\Documents and Settings\Corey\Application Data\LEAPS
2007-11-25 21:30:48 0 d-------- C:\Documents and Settings\Corey\Application Data\Pegasys Inc
2007-11-25 21:30:35 0 d-------- C:\Program Files\Pegasys Inc
2007-11-25 21:07:53 0 d-------- C:\Program Files\SlySoft
2007-11-25 20:48:29 0 d-------- C:\Documents and Settings\Corey\Application Data\Macromedia
2007-11-25 20:41:11 0 d-------- C:\Documents and Settings\Corey\Application Data\Astroburn
2007-11-25 20:25:23 0 d-------- C:\Program Files\OO Software
2007-11-25 20:15:21 1079808 --a------ C:\WINDOWS\system32\AutoPartNt.exe <Not Verified; Acronis; Acronis Autopart>
2007-11-25 19:34:26 0 d-------- C:\Documents and Settings\Corey\Application Data\Bitdefender
2007-11-25 19:32:21 0 d-------- C:\Program Files\TightVNC
2007-11-25 19:23:10 0 d-------- C:\Program Files\Pidgin
2007-11-25 19:23:09 0 d-------- C:\Program Files\Aspell
2007-11-25 19:08:17 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-25 19:08:16 0 d-------- C:\Documents and Settings\Corey\Application Data\Mozilla
2007-11-25 19:04:30 0 d-------- C:\Program Files\DAEMON Tools
2007-11-25 19:00:38 0 d-------- C:\Program Files\ImTOO
2007-11-25 18:58:30 0 d-------- C:\Program Files\Common Files\GTK
2007-11-25 18:57:56 0 d-------- C:\Program Files\7-Zip
2007-11-25 18:35:21 0 d-------- C:\Program Files\Alwil Software
2007-11-25 18:28:13 0 d-------- C:\Program Files\Common Files\Acronis
2007-11-25 18:28:09 0 d-------- C:\Program Files\Acronis
2007-11-25 18:25:01 0 d-------- C:\Program Files\NeoSmart Technologies
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2007-03-20 01:36]
"36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [2007-03-21 03:23]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 23:43]
"nwiz"="nwiz.exe" [2006-08-11 23:43 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 23:43]
"OSSelectorReinstall"="C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2005-12-27 17:01]
"CTHelper"="CTHELPER.EXE" [2006-08-11 13:56 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 13:56 C:\WINDOWS\system32\CTXFIHLP.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 08:00]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49]
"Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" [2007-11-15 21:51]
"EEventManager"="C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2005-04-08 14:09]
"HPHUPD08"="C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 11:35]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 09:16]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
ASUS WiFi-AP Solo.lnk - C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe [2007-08-14 19:08:23]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66b25bfb-4a9a-11dc-81e7-806d6172696f}]
AutoRun\command- F:\.\Bin\Assetup.exe
*Newly Created Service* - SJYPKT
-- End of Deckard's System Scanner: finished at 2007-12-30 11:39:50 ------------
The only virus detection that has picked anything up was AVAST about 2 weeks ago, but I believed it to be a false positive since it was identified only as a generic trojan that I couldn't find any info on. I quarantined the file anyway, and didn't complete any actions, so I thought I was in OK shape. But now everything is just slow as hell, even just copying files from one folder to another. Computer isn't responsive, even just clicking on desktop icons.
One of the tipoffs for me was that the clock in my taskbar is constantly wrong. Can't seem to get it of "24 hour" time.
Here's my logfile:
Deckard's System Scanner v20071014.68
Run by Corey on 2007-12-30 11:35:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Corey.exe) -----------------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-12-30 11:39:29
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Documents and Settings\Corey\Desktop\dss.exe
C:\Program Files\Trend Micro\HijackThis\Corey.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...soft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1187235028390
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: sockspy.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 11442 bytes
-- Files created between 2007-11-30 and 2007-12-30 -----------------------------
2007-12-30 03:19:28 0 d-------- C:\Program Files\Trend Micro
2007-12-30 00:51:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-12-29 23:22:03 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-12-29 23:22:03 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\Recent
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-12-29 23:22:03 0 d-------- C:\Documents and Settings\Administrator\My Documents
2007-12-29 23:22:03 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-12-29 23:22:03 0 d-------- C:\Documents and Settings\Administrator\Favorites
2007-12-29 23:22:03 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-12-29 23:22:03 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2007-12-29 23:22:03 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-12-29 23:22:03 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-12-29 23:22:02 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-12-29 23:17:41 0 d-------- C:\WINDOWS\pss
2007-12-29 15:37:35 4 --a------ C:\WINDOWS\system32\83F448
2007-12-29 15:37:32 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-12-29 15:36:59 8413 --a------ C:\WINDOWS\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
2007-12-29 15:22:29 0 dr-h----- C:\Documents and Settings\Corey\Recent
2007-12-26 14:19:35 0 d-------- C:\Program Files\GameSpy Arcade
2007-12-25 23:41:14 0 d-------- C:\Program Files\Netflix
2007-12-25 19:09:27 0 d-------- C:\Program Files\SyncToy 2.0 Beta
2007-12-25 19:09:09 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-17 20:18:31 0 d-------- C:\ProgramData
2007-12-17 20:17:29 0 d-------- C:\Program Files\Electronic Arts
2007-12-17 20:16:49 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2007-12-17 20:16:49 118832 --a------ C:\WINDOWS\system32\SHW32.DLL <Not Verified; MicroQuill Software Publishing, Inc.; SmartHeap>
2007-12-17 19:58:19 0 d-------- C:\Program Files\Common Files\Logitech
2007-12-17 19:58:03 0 d-------- C:\Program Files\Logitech
2007-12-10 19:50:07 0 d-------- C:\Program Files\MP3Gain
2007-12-09 18:27:21 0 d-------- C:\Program Files\Karen's Power Tools
2007-12-09 18:27:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Karen's Power Tools
2007-12-09 18:25:22 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-12-09 17:35:57 0 d-------- C:\Program Files\TagRename
2007-12-09 17:28:53 0 d-------- C:\Program Files\EasyTAG
2007-12-09 13:58:10 0 d-------- C:\Documents and Settings\Corey\Application Data\RTPlayer
2007-12-09 13:51:24 0 d-------- C:\Program Files\lame3.98b6
2007-12-09 13:37:59 0 d-------- C:\Documents and Settings\Corey\Application Data\tunebite
2007-12-09 13:37:57 0 d-------- C:\WINDOWS\system32\Logs
2007-12-09 13:36:44 19200 --a------ C:\WINDOWS\system32\drivers\tbhsd.sys <Not Verified; RapidSolution Software AG; Tunebite High-Speed Dubbing>
2007-12-09 13:36:44 0 d-------- C:\Program Files\Tunebite
2007-12-09 11:49:57 0 d-------- C:\Program Files\Common Files\Real
2007-12-09 11:49:22 0 d-------- C:\Program Files\Real
2007-12-09 11:48:59 0 d-------- C:\Program Files\Rhapsody
2007-12-08 23:26:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2007-12-08 23:26:35 0 d-------- C:\Documents and Settings\Corey\Application Data\Azureus
2007-12-08 23:26:15 0 d-------- C:\Program Files\Azureus
2007-12-08 23:25:44 0 d-------- C:\WINDOWS\Sun
2007-12-08 23:25:44 0 d-------- C:\Documents and Settings\Corey\Application Data\Sun
2007-12-08 23:24:32 0 d-------- C:\Program Files\Java
2007-12-08 23:24:15 0 d-------- C:\Program Files\Common Files\Java
2007-12-08 23:24:05 671 --a------ C:\WINDOWS\mozver.dat
2007-11-30 02:42:17 0 d-------- C:\Documents and Settings\Corey\Application Data\dvdcss
-- Find3M Report ---------------------------------------------------------------
2007-12-30 11:34:34 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-12-30 02:08:54 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-12-26 14:04:51 0 d-------- C:\Program Files\EA Sports
2007-12-26 03:06:02 0 d-------- C:\Program Files\Trader's Little Helper
2007-12-25 23:31:13 0 d-------- C:\Documents and Settings\Corey\Application Data\Real
2007-12-17 20:18:44 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-17 20:10:07 0 d-------- C:\Program Files\Common Files\EasyInfo
2007-12-17 19:58:19 0 d-------- C:\Program Files\Common Files
2007-12-09 16:41:48 0 d-------- C:\Documents and Settings\Corey\Application Data\.easytag
2007-12-09 11:28:19 0 d-------- C:\Program Files\PeerGuardian2
2007-12-09 03:16:41 0 d-------- C:\Program Files\MediaCoder
2007-12-09 02:29:46 0 d-------- C:\Documents and Settings\Corey\Application Data\Vso
2007-11-29 23:09:00 0 d-------- C:\Program Files\Elaborate Bytes
2007-11-28 01:22:43 0 d-------- C:\Documents and Settings\Corey\Application Data\Adobe
2007-11-28 00:31:53 0 d-------- C:\Program Files\Common Files\Control Panels
2007-11-28 00:31:50 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-27 19:47:56 0 d-------- C:\Documents and Settings\Corey\Application Data\Download Manager
2007-11-26 22:10:17 0 d-------- C:\Program Files\Rockstar Games
2007-11-26 21:16:30 0 d-------- C:\Program Files\Aspyr Media, Inc
2007-11-26 21:10:12 0 d-------- C:\Program Files\Pure Pinball 2.0 REDUX
2007-11-26 20:56:00 0 dr-h----- C:\Documents and Settings\Corey\Application Data\SecuROM
2007-11-26 02:26:37 0 d-------- C:\Documents and Settings\Corey\Application Data\Apple Computer
2007-11-26 02:23:29 0 d-------- C:\Documents and Settings\Corey\Application Data\SorensonMedia
2007-11-26 02:19:45 0 d-------- C:\Program Files\Sorenson Media
2007-11-26 02:17:49 0 d-------- C:\Program Files\iTunes
2007-11-26 02:17:43 0 d-------- C:\Program Files\iPod
2007-11-26 02:17:34 0 d-------- C:\Program Files\QuickTime
2007-11-26 02:17:13 0 d-------- C:\Program Files\Apple Software Update
2007-11-26 02:16:59 0 d-------- C:\Program Files\Common Files\Apple
2007-11-26 02:02:55 0 d-------- C:\Program Files\Lavasoft
2007-11-26 02:01:41 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-26 01:26:45 0 d-------- C:\Documents and Settings\Corey\Application Data\Nero
2007-11-26 01:26:24 0 d-------- C:\Program Files\Common Files\Ahead
2007-11-26 01:26:22 0 d-------- C:\Program Files\Nero
2007-11-26 00:37:46 0 d-------- C:\Documents and Settings\Corey\Application Data\Media Player Classic
2007-11-26 00:35:07 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-11-26 00:21:07 0 d-------- C:\Program Files\FileZilla
2007-11-26 00:19:06 81135 --a------ C:\WINDOWS\HPHins08.dat
2007-11-26 00:17:45 0 d-------- C:\Documents and Settings\Corey\Application Data\HP
2007-11-26 00:10:33 0 d-------- C:\Documents and Settings\Corey\Application Data\Printer Info Cache
2007-11-26 00:10:33 0 d-------- C:\Documents and Settings\Corey\Application Data\Image Zone Express
2007-11-26 00:10:25 0 d-------- C:\Program Files\Common Files\HP
2007-11-26 00:10:24 0 d-------- C:\Program Files\HP
2007-11-26 00:07:33 46675 --a------ C:\Documents and Settings\Corey\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
2007-11-26 00:02:30 56633 --a------ C:\Documents and Settings\Corey\Application Data\Update_HP_RedboxHprblog_HPSU.log
2007-11-26 00:00:27 0 d-------- C:\Program Files\Hewlett-Packard
2007-11-25 23:48:19 0 d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2007-11-25 23:47:37 0 d-------- C:\Documents and Settings\Corey\Application Data\EPSON
2007-11-25 23:43:36 0 d-------- C:\Documents and Settings\Corey\Application Data\Leadertech
2007-11-25 23:42:57 0 d-------- C:\Program Files\epson
2007-11-25 23:31:15 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-25 22:53:05 0 d-------- C:\Program Files\Zune
2007-11-25 22:34:05 0 d-------- C:\Program Files\Bonjour
2007-11-25 22:30:20 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-11-25 22:08:55 0 d-------- C:\Program Files\TechSmith
2007-11-25 21:48:43 34 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.log
2007-11-25 21:48:40 47360 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-11-25 21:48:40 1144 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.inf
2007-11-25 21:48:40 7887 --a------ C:\Documents and Settings\Corey\Application Data\pcouffin.cat
2007-11-25 21:48:34 0 d-------- C:\Program Files\VSO
2007-11-25 21:32:42 0 d-------- C:\Documents and Settings\Corey\Application Data\LEAPS
2007-11-25 21:30:48 0 d-------- C:\Documents and Settings\Corey\Application Data\Pegasys Inc
2007-11-25 21:30:35 0 d-------- C:\Program Files\Pegasys Inc
2007-11-25 21:07:53 0 d-------- C:\Program Files\SlySoft
2007-11-25 20:48:29 0 d-------- C:\Documents and Settings\Corey\Application Data\Macromedia
2007-11-25 20:41:11 0 d-------- C:\Documents and Settings\Corey\Application Data\Astroburn
2007-11-25 20:25:23 0 d-------- C:\Program Files\OO Software
2007-11-25 20:15:21 1079808 --a------ C:\WINDOWS\system32\AutoPartNt.exe <Not Verified; Acronis; Acronis Autopart>
2007-11-25 19:34:26 0 d-------- C:\Documents and Settings\Corey\Application Data\Bitdefender
2007-11-25 19:32:21 0 d-------- C:\Program Files\TightVNC
2007-11-25 19:23:10 0 d-------- C:\Program Files\Pidgin
2007-11-25 19:23:09 0 d-------- C:\Program Files\Aspell
2007-11-25 19:08:17 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-25 19:08:16 0 d-------- C:\Documents and Settings\Corey\Application Data\Mozilla
2007-11-25 19:04:30 0 d-------- C:\Program Files\DAEMON Tools
2007-11-25 19:00:38 0 d-------- C:\Program Files\ImTOO
2007-11-25 18:58:30 0 d-------- C:\Program Files\Common Files\GTK
2007-11-25 18:57:56 0 d-------- C:\Program Files\7-Zip
2007-11-25 18:35:21 0 d-------- C:\Program Files\Alwil Software
2007-11-25 18:28:13 0 d-------- C:\Program Files\Common Files\Acronis
2007-11-25 18:28:09 0 d-------- C:\Program Files\Acronis
2007-11-25 18:25:01 0 d-------- C:\Program Files\NeoSmart Technologies
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2007-03-20 01:36]
"36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [2007-03-21 03:23]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 23:43]
"nwiz"="nwiz.exe" [2006-08-11 23:43 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 23:43]
"OSSelectorReinstall"="C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2005-12-27 17:01]
"CTHelper"="CTHELPER.EXE" [2006-08-11 13:56 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 13:56 C:\WINDOWS\system32\CTXFIHLP.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 08:00]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49]
"Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" [2007-11-15 21:51]
"EEventManager"="C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2005-04-08 14:09]
"HPHUPD08"="C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 11:35]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 09:16]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
ASUS WiFi-AP Solo.lnk - C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe [2007-08-14 19:08:23]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66b25bfb-4a9a-11dc-81e7-806d6172696f}]
AutoRun\command- F:\.\Bin\Assetup.exe
*Newly Created Service* - SJYPKT
-- End of Deckard's System Scanner: finished at 2007-12-30 11:39:50 ------------
