Ill be watching a video or playing a game and for about 30sec it will get all jerky slow:
When I run Deckard's it only gives me the Main.txt log:
Deckard's System Scanner v20071014.68
Run by Jay on 2008-06-03 20:23:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 1023 MiB (1024 MiB recommended).
-- HijackThis (run as Jay.exe) -------------------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-03 20:23:20
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\Users\Jay\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {54202673-BD70-423C-AE57-5B2354567629} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
--
End of file - 4234 bytes
-- Files created between 2008-05-03 and 2008-06-03 -----------------------------
2008-05-29 21:38:51 0 d-------- C:\Program Files\GoldWave
2008-05-22 08:21:08 0 d-------- C:\Fraps
2008-05-22 08:17:59 0 d-------- C:\Users\All Users\FLEXnet
2008-05-21 21:39:36 0 d-------- C:\Users\All Users\Adobe
2008-05-21 21:38:24 0 d-------- C:\Program Files\Bonjour
2008-05-21 21:23:29 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-21 21:11:54 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-21 20:38:09 0 d-------- C:\Program Files\VSO
2008-05-21 20:35:29 0 d-------- C:\Windows\Downloaded Installations
2008-05-21 20:23:18 0 d-------- C:\Program Files\StitchMaps
2008-05-21 19:23:02 0 d-------- C:\ExpertGPS
2008-05-20 22:30:34 0 d-------- C:\Program Files\Panorama Tools (PTGui edition)
2008-05-20 21:45:42 0 d-------- C:\Program Files\PTGui
2008-05-19 16:29:10 0 d-------- C:\Program Files\Return to Castle Wolfenstein
2008-05-08 21:09:16 0 d-------- C:\Program Files\Moyea
2008-05-08 21:01:16 0 d-------- C:\Program Files\VideoLAN
2008-05-07 10:54:55 0 d-------- C:\Program Files\QuickTime
2008-05-07 10:54:54 0 d-------- C:\Users\All Users\Apple Computer
2008-05-07 10:53:47 0 d-------- C:\Users\All Users\Apple
2008-05-07 10:53:47 0 d-------- C:\Program Files\Apple Software Update
2008-05-06 17:44:46 0 d-------- C:\Users\All Users\WholeSecurity
2008-05-06 17:44:01 0 d-------- C:\Program Files\PayPal
2008-05-05 23:01:59 0 d-------- C:\Program Files\CCleaner
-- Find3M Report ---------------------------------------------------------------
2008-06-02 22:50:18 0 d-------- C:\Users\Jay\AppData\Roaming\uTorrent
2008-05-28 19:02:02 0 d-------- C:\Users\Jay\AppData\Roaming\Vso
2008-05-26 12:21:55 0 d-------- C:\Users\Jay\AppData\Roaming\OpenOffice.org2
2008-05-22 08:17:14 0 d-------- C:\Users\Jay\AppData\Roaming\Adobe
2008-05-21 21:23:29 0 d-------- C:\Program Files\Common Files
2008-05-20 21:45:46 0 d-------- C:\Users\Jay\AppData\Roaming\PTGui Pro
2008-05-20 21:18:54 0 d-------- C:\Program Files\ExpertGPS
2008-05-18 18:49:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-14 20:01:13 0 d-------- C:\Program Files\Windows Mail
2008-05-08 21:09:35 0 d-------- C:\Users\Jay\AppData\Roaming\Moyea
2008-05-08 21:02:23 0 d-------- C:\Users\Jay\AppData\Roaming\vlc
2008-05-06 17:43:16 0 d-------- C:\Users\Jay\AppData\Roaming\InstallShield
2008-05-01 17:29:17 0 d-------- C:\Program Files\eRightSoft
2008-05-01 16:53:09 12518 --ahs---- C:\Windows\system32\KGyGaAvL.sys
2008-05-01 16:51:49 0 d-------- C:\Users\Jay\AppData\Roaming\River Past G5
2008-05-01 16:47:06 163599 --a------ C:\Windows\Crazi Video Pro Uninstaller.exe
2008-05-01 16:47:02 0 d-------- C:\Program Files\Common Files\River Past
2008-05-01 16:46:57 0 d-------- C:\Program Files\River Past
2008-05-01 16:39:40 0 d-------- C:\Program Files\ImTOO
2008-05-01 16:33:45 0 d-------- C:\Program Files\Xilisoft
2008-05-01 16:08:00 0 d-------- C:\Program Files\DVDFab 5
2008-04-21 19:09:25 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-21 19:06:59 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-04-21 18:03:56 0 d-------- C:\Users\Jay\AppData\Roaming\DAEMON Tools
2008-04-20 09:15:59 0 d-------- C:\Users\Jay\AppData\Roaming\GrabIt
2008-04-20 07:54:47 0 d-------- C:\Program Files\GrabIt
2008-04-20 07:28:47 0 d-------- C:\Users\Jay\AppData\Roaming\UseNeXT
2008-04-11 17:23:54 38400 --a------ C:\Windows\system32\SoundSchemes.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-06 08:25:30 0 d-------- C:\Program Files\Foxit Software
2008-04-05 04:30:41 0 d-------- C:\Program Files\Alwil Software
2008-04-01 08:05:21 35363 --a------ C:\Windows\system32\windrvNT.sys
2008-04-01 08:05:21 53248 --a------ C:\Windows\system32\suppdll.dll
2008-03-31 21:19:30 55 --a------ C:\smp.bat
2008-03-28 07:25:44 0 --a------ C:\Windows\ativpsrm.bin
2008-03-27 20:50:39 174 --ahs---- C:\Program Files\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54202673-BD70-423C-AE57-5B2354567629}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [07/11/2007 09:26 AM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [08/31/2007 12:01 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 05:19 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [04/01/2008 03:39 AM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 06:33 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration
-- End of Deckard's System Scanner: finished at 2008-06-03 20:24:08 ------------
Thank you!!!
-Jay
When I run Deckard's it only gives me the Main.txt log:
Deckard's System Scanner v20071014.68
Run by Jay on 2008-06-03 20:23:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 1023 MiB (1024 MiB recommended).
-- HijackThis (run as Jay.exe) -------------------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-03 20:23:20
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\Users\Jay\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {54202673-BD70-423C-AE57-5B2354567629} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
--
End of file - 4234 bytes
-- Files created between 2008-05-03 and 2008-06-03 -----------------------------
2008-05-29 21:38:51 0 d-------- C:\Program Files\GoldWave
2008-05-22 08:21:08 0 d-------- C:\Fraps
2008-05-22 08:17:59 0 d-------- C:\Users\All Users\FLEXnet
2008-05-21 21:39:36 0 d-------- C:\Users\All Users\Adobe
2008-05-21 21:38:24 0 d-------- C:\Program Files\Bonjour
2008-05-21 21:23:29 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-21 21:11:54 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-21 20:38:09 0 d-------- C:\Program Files\VSO
2008-05-21 20:35:29 0 d-------- C:\Windows\Downloaded Installations
2008-05-21 20:23:18 0 d-------- C:\Program Files\StitchMaps
2008-05-21 19:23:02 0 d-------- C:\ExpertGPS
2008-05-20 22:30:34 0 d-------- C:\Program Files\Panorama Tools (PTGui edition)
2008-05-20 21:45:42 0 d-------- C:\Program Files\PTGui
2008-05-19 16:29:10 0 d-------- C:\Program Files\Return to Castle Wolfenstein
2008-05-08 21:09:16 0 d-------- C:\Program Files\Moyea
2008-05-08 21:01:16 0 d-------- C:\Program Files\VideoLAN
2008-05-07 10:54:55 0 d-------- C:\Program Files\QuickTime
2008-05-07 10:54:54 0 d-------- C:\Users\All Users\Apple Computer
2008-05-07 10:53:47 0 d-------- C:\Users\All Users\Apple
2008-05-07 10:53:47 0 d-------- C:\Program Files\Apple Software Update
2008-05-06 17:44:46 0 d-------- C:\Users\All Users\WholeSecurity
2008-05-06 17:44:01 0 d-------- C:\Program Files\PayPal
2008-05-05 23:01:59 0 d-------- C:\Program Files\CCleaner
-- Find3M Report ---------------------------------------------------------------
2008-06-02 22:50:18 0 d-------- C:\Users\Jay\AppData\Roaming\uTorrent
2008-05-28 19:02:02 0 d-------- C:\Users\Jay\AppData\Roaming\Vso
2008-05-26 12:21:55 0 d-------- C:\Users\Jay\AppData\Roaming\OpenOffice.org2
2008-05-22 08:17:14 0 d-------- C:\Users\Jay\AppData\Roaming\Adobe
2008-05-21 21:23:29 0 d-------- C:\Program Files\Common Files
2008-05-20 21:45:46 0 d-------- C:\Users\Jay\AppData\Roaming\PTGui Pro
2008-05-20 21:18:54 0 d-------- C:\Program Files\ExpertGPS
2008-05-18 18:49:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-14 20:01:13 0 d-------- C:\Program Files\Windows Mail
2008-05-08 21:09:35 0 d-------- C:\Users\Jay\AppData\Roaming\Moyea
2008-05-08 21:02:23 0 d-------- C:\Users\Jay\AppData\Roaming\vlc
2008-05-06 17:43:16 0 d-------- C:\Users\Jay\AppData\Roaming\InstallShield
2008-05-01 17:29:17 0 d-------- C:\Program Files\eRightSoft
2008-05-01 16:53:09 12518 --ahs---- C:\Windows\system32\KGyGaAvL.sys
2008-05-01 16:51:49 0 d-------- C:\Users\Jay\AppData\Roaming\River Past G5
2008-05-01 16:47:06 163599 --a------ C:\Windows\Crazi Video Pro Uninstaller.exe
2008-05-01 16:47:02 0 d-------- C:\Program Files\Common Files\River Past
2008-05-01 16:46:57 0 d-------- C:\Program Files\River Past
2008-05-01 16:39:40 0 d-------- C:\Program Files\ImTOO
2008-05-01 16:33:45 0 d-------- C:\Program Files\Xilisoft
2008-05-01 16:08:00 0 d-------- C:\Program Files\DVDFab 5
2008-04-21 19:09:25 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-21 19:06:59 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-04-21 18:03:56 0 d-------- C:\Users\Jay\AppData\Roaming\DAEMON Tools
2008-04-20 09:15:59 0 d-------- C:\Users\Jay\AppData\Roaming\GrabIt
2008-04-20 07:54:47 0 d-------- C:\Program Files\GrabIt
2008-04-20 07:28:47 0 d-------- C:\Users\Jay\AppData\Roaming\UseNeXT
2008-04-11 17:23:54 38400 --a------ C:\Windows\system32\SoundSchemes.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-06 08:25:30 0 d-------- C:\Program Files\Foxit Software
2008-04-05 04:30:41 0 d-------- C:\Program Files\Alwil Software
2008-04-01 08:05:21 35363 --a------ C:\Windows\system32\windrvNT.sys
2008-04-01 08:05:21 53248 --a------ C:\Windows\system32\suppdll.dll
2008-03-31 21:19:30 55 --a------ C:\smp.bat
2008-03-28 07:25:44 0 --a------ C:\Windows\ativpsrm.bin
2008-03-27 20:50:39 174 --ahs---- C:\Program Files\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54202673-BD70-423C-AE57-5B2354567629}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [07/11/2007 09:26 AM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [08/31/2007 12:01 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 05:19 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [04/01/2008 03:39 AM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 06:33 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration
-- End of Deckard's System Scanner: finished at 2008-06-03 20:24:08 ------------
Thank you!!!
-Jay
