Won't run anti-virus, spyware programs, roboots
My computer appears to be working just fine, but when I try to run a spyware program, it reboots about 3/4 of the way through. I first noticed it with Spybot, which is up to date. I then noticed that my AVG free anti-virus had a corrupt database. Removing them completely and reinstalling did not work. Windows Defender also reboots.
I tried to run Trendmicro's housecall scan, but it rebooted, too. I tried to do the 5 steps on this site, but the Panda site also reboots. The only thing I could get to run was the DSS file, and here's that report.
Thanks in advance,
John
Deckard's System Scanner v20071014.68
Run by Juan on 2008-05-30 18:51:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-05-30 22:51:58 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-30 18:54:16
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\tbctray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Jetico\BestCrypt\BCResident.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\Program Files\Creative Professional\Digital Audio System\E-MU PatchMix DSP\EmuPatchMixDSP.exe
C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
C:\Program Files\McAfee\VirusScan\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\McAfee\VirusScan\mcsysmon.exe
D:\Download\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bellsouth.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [BCWipeTM Startup] "C:\Program Files\Jetico\BestCrypt\BCWipeTM.exe" startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MaxBlastMonitor.exe] C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: HotSync Manager.lnk = ?
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BestCrypt Auto Open.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126138574859
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160700993890
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O20 - AppInit_DLLs: hplun.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 12957 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 BC_BFish - c:\windows\system32\drivers\bc_bfish.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R1 BC_DES - c:\windows\system32\drivers\bc_des.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R1 BC_Gost - c:\windows\system32\drivers\bc_gost.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R1 BC_RIJN - c:\windows\system32\drivers\bc_rijn.sys <Not Verified; Jetico, Inc.; BestCrypt Rijndael Algorithm driver for Windows NT/2000(TM)>
R1 BC_TFISH - c:\windows\system32\drivers\bc_tfish.sys <Not Verified; Jetico, Inc.; BestCrypt Twofish Algorithm driver for Windows NT(TM)>
R1 bcbus (BestCrypt bus driver) - c:\windows\system32\drivers\bcbus.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows 2000/XP(TM)>
R1 fsh - c:\windows\system32\drivers\fsh.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R2 BrPar - c:\windows\system32\drivers\brpar.sys <Not Verified; Brother Industries Ltd.; Brother Parallel Class Driver>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>
R3 mhk - c:\windows\system32\drivers\mhk.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Encryption System for Windows(TM) 95/98/ME/NT/2000/XP>
R3 moh - c:\windows\system32\drivers\moh.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security system for Windows NT(TM)>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SMBios (Intel (R) System Management BIOS Service) - c:\windows\system32\drivers\smbios.sys <Not Verified; Intel Corporation; Intel (R) System Management BIOS Driver>
S2 CX23880 (Video Advantage PCI) - c:\windows\system32\drivers\cx88vid.sys <Not Verified; Conexant Systems, Inc.; cx88vid.sys>
S2 CX88XBAR (Video Advantage PCI Crossbar) - c:\windows\system32\drivers\cx88xbar.sys <Not Verified; Conexant Systems, Inc.; cx88xbar.sys>
S2 Nbf (NetBEUI Protocol) - c:\windows\system32\drivers\nbf.sys (file missing)
S3 FETNDIS (VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver) - c:\windows\system32\drivers\fetnd5.sys (file missing)
S3 PalmUSBD - c:\windows\system32\drivers\palmusbd.sys (file missing)
S3 scsiscan (SCSI Scanner Driver) - c:\windows\system32\drivers\scsiscan.sys (file missing)
S3 tbcspud (Santa Cruz Driver) - c:\windows\system32\drivers\tbcspud.sys <Not Verified; Voyetra Turtle Beach; Turtle Beach WDM Driver>
S3 tbcwdm (Santa Cruz WDM Driver) - c:\windows\system32\drivers\tbcwdm.sys <Not Verified; Voyetra Turtle Beach; Turtle Beach WDM Driver>
S4 BCSWAP - c:\windows\system32\drivers\bcswap.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT/2000/XP(TM)>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
R2 EPSONStatusAgent2 (EPSON Printer Status Agent2) - c:\program files\common files\epson\ebapi\sagent2.exe <Not Verified; SEIKO EPSON CORPORATION; EPSON Bidirectional Printer>
S2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Video Advantage PCI
Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_00000000&REV_05\4&5C14166&0&6840
Manufacturer: Turtle Beach
Name: Video Advantage PCI
PNP Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_00000000&REV_05\4&5C14166&0&6840
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-05-30 18:51:03 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-05-29 20:48:57 338 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-05-29 20:48:56 330 --a------ C:\WINDOWS\Tasks\McQcTask.job
2008-05-16 11:40:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-04-30 and 2008-05-30 -----------------------------
2008-05-30 17:44:59 0 d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor
2008-05-30 16:33:47 0 d-------- C:\Program Files\Windows Defender
2008-05-29 21:20:53 0 d-------- C:\Documents and Settings\NetworkService\Desktop
2008-05-29 21:20:53 0 d-------- C:\Documents and Settings\NetworkService\Application Data\SiteAdvisor
2008-05-29 20:50:49 0 d-------- C:\Documents and Settings\LocalService\Desktop
2008-05-29 20:50:49 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-05-29 20:50:45 0 d-------- C:\Program Files\SiteAdvisor
2008-05-29 20:50:45 0 d-------- C:\Documents and Settings\Juan\Application Data\SiteAdvisor
2008-05-29 20:50:45 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-05-29 20:48:43 0 d-------- C:\Program Files\McAfee.com
2008-05-29 20:48:37 0 d-------- C:\Program Files\Common Files\McAfee
2008-05-29 20:48:31 0 d-------- C:\Program Files\McAfee
2008-05-29 20:43:02 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-29 19:31:19 0 d-------- C:\Program Files\Panda Security
2008-05-28 20:22:12 0 d-------- C:\Documents and Settings\Administrator\Pavark
2008-05-28 20:20:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2008-05-28 20:20:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Thunderbird
2008-05-28 18:15:31 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Acronis
2008-05-28 18:12:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2008-05-28 18:12:01 0 d-------- C:\Program Files\Common Files\Acronis
2008-05-28 18:12:01 0 d-------- C:\Program Files\Acronis
2008-05-25 19:18:32 0 d-------- C:\Documents and Settings\Juan\Application Data\OfficeUpdate12
2008-05-25 13:07:00 0 d-------- C:\Documents and Settings\Juan\.housecall6.6
2008-05-25 10:39:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-05-25 10:38:59 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-05-25 10:38:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-05-25 09:53:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-05-24 21:18:11 0 d-------- C:\Program Files\palmOne
2008-05-16 15:29:01 0 d-------- C:\Documents and Settings\Juan\Application Data\Google
2008-05-16 15:27:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-16 15:27:08 0 d-------- C:\Program Files\Google
2008-05-15 16:33:33 0 d-------- C:\Documents and Settings\Juan\Application Data\Sony
2008-05-15 16:29:27 0 d-------- C:\Program Files\Sony Setup
2008-05-15 15:00:45 0 d-------- C:\WINDOWS\Prefetch
2008-05-15 14:47:22 0 d-------- C:\WINDOWS\system32\scripting
2008-05-15 14:47:20 0 d-------- C:\WINDOWS\l2schemas
2008-05-15 14:47:19 0 d-------- C:\WINDOWS\system32\en
2008-05-15 12:01:11 0 d-------- C:\Documents and Settings\NetworkService\Start Menu
2008-05-15 10:49:02 0 d-------- C:\WINDOWS\RegisteredPackages
2008-05-15 10:47:20 265066 -ra------ C:\WINDOWS\system32\ctsbas2w.dat
2008-05-15 10:47:20 140643 -ra------ C:\WINDOWS\system32\ctbas2w.dat
2008-05-15 10:47:14 313207 -ra------ C:\WINDOWS\system32\ctstatic.dat
2008-05-15 10:47:14 53932 -ra------ C:\WINDOWS\system32\ctdaught.dat
2008-05-15 10:47:14 34304 -ra------ C:\WINDOWS\system32\a3d.dll <Not Verified; ; a3dx5>
2008-05-15 10:46:06 503296 -ra------ C:\WINDOWS\system32\drivers\ctac32k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-15 09:42:07 0 d-------- C:\Documents and Settings\Default User\Application Data\EmuPatchMixDSP
2008-05-15 09:41:48 0 d-------- C:\Documents and Settings\Default User\Application Data\Creative
2008-05-15 05:07:23 0 d-------- C:\WINDOWS\msapps
2008-05-14 13:57:29 0 d-------- C:\Documents and Settings\Juan\Application Data\AVGTOOLBAR
2008-05-14 13:57:16 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-11 19:41:41 36484 --a------ C:\WINDOWS\system32\drivers\SMBios.sys <Not Verified; Intel Corporation; Intel (R) System Management BIOS Driver>
2008-05-11 10:37:38 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-05-01 19:35:19 0 d-------- C:\Documents and Settings\Juan\Application Data\NCH Software
-- Find3M Report ---------------------------------------------------------------
2008-05-30 18:47:57 0 d-------- C:\Documents and Settings\Juan\Application Data\OpenOffice.org2
2008-05-30 17:52:06 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-05-29 20:48:37 0 d-------- C:\Program Files\Common Files
2008-05-26 09:12:11 0 d-------- C:\Documents and Settings\Juan\Application Data\U3
2008-05-26 06:05:09 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-26 06:04:18 0 d-------- C:\Documents and Settings\Juan\Application Data\AdobeUM
2008-05-15 16:30:11 0 d-------- C:\Program Files\Sony
2008-05-15 14:59:42 0 d-------- C:\Program Files\Messenger
2008-05-15 14:47:19 0 d-------- C:\Program Files\Movie Maker
2008-05-15 14:43:14 0 d-------- C:\Program Files\Windows NT
2008-05-15 10:47:27 233472 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-05-15 10:32:59 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-15 10:12:13 23348 --a----c- C:\WINDOWS\system32\emptyregdb.dat
2008-05-11 10:37:09 0 d-------- C:\Program Files\OpenOffice.org 2.3
2008-05-11 10:35:00 0 d-------- C:\Program Files\Java
2008-05-07 21:04:32 0 d-------- C:\Program Files\DietPower 4.4
2008-05-06 19:02:44 0 d-------- C:\Program Files\BOINC
2008-05-01 19:35:20 0 d-------- C:\Program Files\NCH Software
2008-04-23 20:53:39 0 d-------- C:\Program Files\Safari
2008-04-23 20:51:49 0 d-------- C:\Program Files\Apple Software Update
2008-04-17 20:51:03 0 d-------- C:\Program Files\Lavasoft
2008-04-17 20:50:40 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-16 19:56:46 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>
2008-04-13 20:12:03 102400 --a------ C:\WINDOWS\system32\rcbdyctl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 20:11:52 23552 --a------ C:\WINDOWS\system32\dmserver.dll
2008-04-13 20:11:51 111104 --a------ C:\WINDOWS\system32\dgnet.dll <Not Verified; Microsoft; Dgnet Module>
2008-04-11 22:04:21 0 d-------- C:\Program Files\MSBuild
2008-04-11 21:59:01 0 d-------- C:\Program Files\Reference Assemblies
2008-04-11 19:44:19 0 d-------- C:\Program Files\OpenOffice.org 2.0
2008-04-09 17:47:11 0 d-------- C:\Program Files\iTunes
2008-04-09 17:46:42 0 d-------- C:\Program Files\iPod
2008-04-09 17:43:56 0 d-------- C:\Program Files\QuickTime
2008-04-06 06:35:42 0 d-------- C:\Program Files\Common Files\Maxtor
2008-04-06 06:34:42 0 d-------- C:\Program Files\Maxtor
2008-04-06 05:57:15 0 d-------- C:\Program Files\Seagate
2008-04-06 05:47:07 0 d-------- C:\Program Files\FreeSoft
2008-04-05 16:29:58 0 d-------- C:\Program Files\Lycos Phone
2008-04-05 16:28:29 0 d-------- C:\Program Files\Finale NotePad 2007
2008-04-05 16:27:14 0 d-------- C:\Program Files\Common Files\AnswerWorks 5.0
2008-04-05 16:26:40 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-05 12:10:16 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-04-05 11:44:10 0 d-------- C:\Documents and Settings\Juan\Application Data\Adobe
2008-03-31 05:48:15 0 d-------- C:\Documents and Settings\Juan\Application Data\GlarySoft
2008-03-31 05:44:39 0 d-------- C:\Program Files\Registry Repair
2008-03-30 07:57:09 0 d-------- C:\Documents and Settings\Juan\Application Data\RegistrySmart
2008-03-18 20:07:38 16 --a----c- C:\WINDOWS\system32\msvcsv60.dll
2008-03-18 20:07:38 16 --a----c- C:\WINDOWS\msocreg32.dat
2008-03-16 11:20:21 34 --a----c- C:\WINDOWS\system32\BD2040.DAT
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [10/30/2007 08:11 PM]
"BCWipeTM Startup"="C:\Program Files\Jetico\BestCrypt\BCWipeTM.exe" [02/17/2006 02:43 AM]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/13/2008 08:12 PM C:\WINDOWS\system32\bthprops.cpl]
"CTHelper"="CTHELPER.EXE" [05/24/2005 04:28 AM C:\WINDOWS\CTHELPER.EXE]
"HelpCenter4.1"="C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe" [06/28/2007 07:02 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [06/16/2004 07:03 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/16/2004 07:03 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"MaxBlastMonitor.exe"="C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe" [08/08/2007 05:26 PM]
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [10/08/2002 06:03 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/15/2007 10:02 PM]
"SoundMan"="SOUNDMAN.EXE" [11/16/2006 05:42 PM C:\WINDOWS\SOUNDMAN.EXE]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [09/27/2005 02:59 AM]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]
"VTTimer"="VTTimer.exe" [03/07/2005 03:33 PM C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [10/31/2005 04:15 PM C:\WINDOWS\system32\VTTrayp.exe]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [10/30/2007 08:06 PM]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [10/30/2007 08:07 PM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [11/01/2007 07:12 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [08/24/2007 05:57 PM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
"TraySantaCruz"="C:\WINDOWS\system32\tbctray.exe" [06/23/2003 01:08 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [05/07/2007 12:40 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 08:12 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 08:12 PM]
"SetDefaultMIDI"="MIDIDef.exe" [05/24/2005 04:17 AM C:\WINDOWS\MIDIDEF.EXE]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]
C:\Documents and Settings\Juan\Start Menu\Programs\Startup\
HotSync Manager.lnk - C:\Program Files\palmOne\HOTSYNC.EXE [4/13/2004 5:03:10 PM]
Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [11/16/1996 7:00:00 PM]
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [11/16/1996 7:00:00 PM]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [1/21/2008 3:41:28 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [9/9/2005 5:39:58 PM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 3:38:16 AM]
BestCrypt Auto Open.lnk - C:\Program Files\Jetico\BestCrypt\BestCrypt.exe [2/3/2006 5:45:39 AM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [5/16/2008 3:27:12 PM]
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\palmOne\Hotsync.exe [4/13/2004 5:03:10 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 4:15:54 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=hplun.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\AutoPlay.exe -c
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
-- End of Deckard's System Scanner: finished at 2008-05-30 18:56:50 ------------
I tried to run Trendmicro's housecall scan, but it rebooted, too. I tried to do the 5 steps on this site, but the Panda site also reboots. The only thing I could get to run was the DSS file, and here's that report.
Thanks in advance,
John
Deckard's System Scanner v20071014.68
Run by Juan on 2008-05-30 18:51:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-05-30 22:51:58 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-30 18:54:16
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\tbctray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Jetico\BestCrypt\BCResident.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\Program Files\Creative Professional\Digital Audio System\E-MU PatchMix DSP\EmuPatchMixDSP.exe
C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
C:\Program Files\McAfee\VirusScan\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\McAfee\VirusScan\mcsysmon.exe
D:\Download\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bellsouth.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [BCWipeTM Startup] "C:\Program Files\Jetico\BestCrypt\BCWipeTM.exe" startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MaxBlastMonitor.exe] C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: HotSync Manager.lnk = ?
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BestCrypt Auto Open.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126138574859
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160700993890
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O20 - AppInit_DLLs: hplun.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 12957 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 BC_BFish - c:\windows\system32\drivers\bc_bfish.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R1 BC_DES - c:\windows\system32\drivers\bc_des.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R1 BC_Gost - c:\windows\system32\drivers\bc_gost.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R1 BC_RIJN - c:\windows\system32\drivers\bc_rijn.sys <Not Verified; Jetico, Inc.; BestCrypt Rijndael Algorithm driver for Windows NT/2000(TM)>
R1 BC_TFISH - c:\windows\system32\drivers\bc_tfish.sys <Not Verified; Jetico, Inc.; BestCrypt Twofish Algorithm driver for Windows NT(TM)>
R1 bcbus (BestCrypt bus driver) - c:\windows\system32\drivers\bcbus.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows 2000/XP(TM)>
R1 fsh - c:\windows\system32\drivers\fsh.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT(TM)>
R2 BrPar - c:\windows\system32\drivers\brpar.sys <Not Verified; Brother Industries Ltd.; Brother Parallel Class Driver>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>
R3 mhk - c:\windows\system32\drivers\mhk.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Encryption System for Windows(TM) 95/98/ME/NT/2000/XP>
R3 moh - c:\windows\system32\drivers\moh.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security system for Windows NT(TM)>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SMBios (Intel (R) System Management BIOS Service) - c:\windows\system32\drivers\smbios.sys <Not Verified; Intel Corporation; Intel (R) System Management BIOS Driver>
S2 CX23880 (Video Advantage PCI) - c:\windows\system32\drivers\cx88vid.sys <Not Verified; Conexant Systems, Inc.; cx88vid.sys>
S2 CX88XBAR (Video Advantage PCI Crossbar) - c:\windows\system32\drivers\cx88xbar.sys <Not Verified; Conexant Systems, Inc.; cx88xbar.sys>
S2 Nbf (NetBEUI Protocol) - c:\windows\system32\drivers\nbf.sys (file missing)
S3 FETNDIS (VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver) - c:\windows\system32\drivers\fetnd5.sys (file missing)
S3 PalmUSBD - c:\windows\system32\drivers\palmusbd.sys (file missing)
S3 scsiscan (SCSI Scanner Driver) - c:\windows\system32\drivers\scsiscan.sys (file missing)
S3 tbcspud (Santa Cruz Driver) - c:\windows\system32\drivers\tbcspud.sys <Not Verified; Voyetra Turtle Beach; Turtle Beach WDM Driver>
S3 tbcwdm (Santa Cruz WDM Driver) - c:\windows\system32\drivers\tbcwdm.sys <Not Verified; Voyetra Turtle Beach; Turtle Beach WDM Driver>
S4 BCSWAP - c:\windows\system32\drivers\bcswap.sys <Not Verified; Jetico, Inc.; Jetico(R) BestCrypt(TM) Security System for Windows NT/2000/XP(TM)>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
R2 EPSONStatusAgent2 (EPSON Printer Status Agent2) - c:\program files\common files\epson\ebapi\sagent2.exe <Not Verified; SEIKO EPSON CORPORATION; EPSON Bidirectional Printer>
S2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Video Advantage PCI
Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_00000000&REV_05\4&5C14166&0&6840
Manufacturer: Turtle Beach
Name: Video Advantage PCI
PNP Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_00000000&REV_05\4&5C14166&0&6840
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-05-30 18:51:03 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-05-29 20:48:57 338 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-05-29 20:48:56 330 --a------ C:\WINDOWS\Tasks\McQcTask.job
2008-05-16 11:40:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-04-30 and 2008-05-30 -----------------------------
2008-05-30 17:44:59 0 d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor
2008-05-30 16:33:47 0 d-------- C:\Program Files\Windows Defender
2008-05-29 21:20:53 0 d-------- C:\Documents and Settings\NetworkService\Desktop
2008-05-29 21:20:53 0 d-------- C:\Documents and Settings\NetworkService\Application Data\SiteAdvisor
2008-05-29 20:50:49 0 d-------- C:\Documents and Settings\LocalService\Desktop
2008-05-29 20:50:49 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-05-29 20:50:45 0 d-------- C:\Program Files\SiteAdvisor
2008-05-29 20:50:45 0 d-------- C:\Documents and Settings\Juan\Application Data\SiteAdvisor
2008-05-29 20:50:45 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-05-29 20:48:43 0 d-------- C:\Program Files\McAfee.com
2008-05-29 20:48:37 0 d-------- C:\Program Files\Common Files\McAfee
2008-05-29 20:48:31 0 d-------- C:\Program Files\McAfee
2008-05-29 20:43:02 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-29 19:31:19 0 d-------- C:\Program Files\Panda Security
2008-05-28 20:22:12 0 d-------- C:\Documents and Settings\Administrator\Pavark
2008-05-28 20:20:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2008-05-28 20:20:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Thunderbird
2008-05-28 18:15:31 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Acronis
2008-05-28 18:12:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2008-05-28 18:12:01 0 d-------- C:\Program Files\Common Files\Acronis
2008-05-28 18:12:01 0 d-------- C:\Program Files\Acronis
2008-05-25 19:18:32 0 d-------- C:\Documents and Settings\Juan\Application Data\OfficeUpdate12
2008-05-25 13:07:00 0 d-------- C:\Documents and Settings\Juan\.housecall6.6
2008-05-25 10:39:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-05-25 10:38:59 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-05-25 10:38:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-05-25 09:53:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-05-24 21:18:11 0 d-------- C:\Program Files\palmOne
2008-05-16 15:29:01 0 d-------- C:\Documents and Settings\Juan\Application Data\Google
2008-05-16 15:27:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-16 15:27:08 0 d-------- C:\Program Files\Google
2008-05-15 16:33:33 0 d-------- C:\Documents and Settings\Juan\Application Data\Sony
2008-05-15 16:29:27 0 d-------- C:\Program Files\Sony Setup
2008-05-15 15:00:45 0 d-------- C:\WINDOWS\Prefetch
2008-05-15 14:47:22 0 d-------- C:\WINDOWS\system32\scripting
2008-05-15 14:47:20 0 d-------- C:\WINDOWS\l2schemas
2008-05-15 14:47:19 0 d-------- C:\WINDOWS\system32\en
2008-05-15 12:01:11 0 d-------- C:\Documents and Settings\NetworkService\Start Menu
2008-05-15 10:49:02 0 d-------- C:\WINDOWS\RegisteredPackages
2008-05-15 10:47:20 265066 -ra------ C:\WINDOWS\system32\ctsbas2w.dat
2008-05-15 10:47:20 140643 -ra------ C:\WINDOWS\system32\ctbas2w.dat
2008-05-15 10:47:14 313207 -ra------ C:\WINDOWS\system32\ctstatic.dat
2008-05-15 10:47:14 53932 -ra------ C:\WINDOWS\system32\ctdaught.dat
2008-05-15 10:47:14 34304 -ra------ C:\WINDOWS\system32\a3d.dll <Not Verified; ; a3dx5>
2008-05-15 10:46:06 503296 -ra------ C:\WINDOWS\system32\drivers\ctac32k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-15 09:42:07 0 d-------- C:\Documents and Settings\Default User\Application Data\EmuPatchMixDSP
2008-05-15 09:41:48 0 d-------- C:\Documents and Settings\Default User\Application Data\Creative
2008-05-15 05:07:23 0 d-------- C:\WINDOWS\msapps
2008-05-14 13:57:29 0 d-------- C:\Documents and Settings\Juan\Application Data\AVGTOOLBAR
2008-05-14 13:57:16 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-11 19:41:41 36484 --a------ C:\WINDOWS\system32\drivers\SMBios.sys <Not Verified; Intel Corporation; Intel (R) System Management BIOS Driver>
2008-05-11 10:37:38 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-05-01 19:35:19 0 d-------- C:\Documents and Settings\Juan\Application Data\NCH Software
-- Find3M Report ---------------------------------------------------------------
2008-05-30 18:47:57 0 d-------- C:\Documents and Settings\Juan\Application Data\OpenOffice.org2
2008-05-30 17:52:06 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-05-29 20:48:37 0 d-------- C:\Program Files\Common Files
2008-05-26 09:12:11 0 d-------- C:\Documents and Settings\Juan\Application Data\U3
2008-05-26 06:05:09 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-26 06:04:18 0 d-------- C:\Documents and Settings\Juan\Application Data\AdobeUM
2008-05-15 16:30:11 0 d-------- C:\Program Files\Sony
2008-05-15 14:59:42 0 d-------- C:\Program Files\Messenger
2008-05-15 14:47:19 0 d-------- C:\Program Files\Movie Maker
2008-05-15 14:43:14 0 d-------- C:\Program Files\Windows NT
2008-05-15 10:47:27 233472 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-05-15 10:32:59 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-15 10:12:13 23348 --a----c- C:\WINDOWS\system32\emptyregdb.dat
2008-05-11 10:37:09 0 d-------- C:\Program Files\OpenOffice.org 2.3
2008-05-11 10:35:00 0 d-------- C:\Program Files\Java
2008-05-07 21:04:32 0 d-------- C:\Program Files\DietPower 4.4
2008-05-06 19:02:44 0 d-------- C:\Program Files\BOINC
2008-05-01 19:35:20 0 d-------- C:\Program Files\NCH Software
2008-04-23 20:53:39 0 d-------- C:\Program Files\Safari
2008-04-23 20:51:49 0 d-------- C:\Program Files\Apple Software Update
2008-04-17 20:51:03 0 d-------- C:\Program Files\Lavasoft
2008-04-17 20:50:40 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-16 19:56:46 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>
2008-04-13 20:12:03 102400 --a------ C:\WINDOWS\system32\rcbdyctl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 20:11:52 23552 --a------ C:\WINDOWS\system32\dmserver.dll
2008-04-13 20:11:51 111104 --a------ C:\WINDOWS\system32\dgnet.dll <Not Verified; Microsoft; Dgnet Module>
2008-04-11 22:04:21 0 d-------- C:\Program Files\MSBuild
2008-04-11 21:59:01 0 d-------- C:\Program Files\Reference Assemblies
2008-04-11 19:44:19 0 d-------- C:\Program Files\OpenOffice.org 2.0
2008-04-09 17:47:11 0 d-------- C:\Program Files\iTunes
2008-04-09 17:46:42 0 d-------- C:\Program Files\iPod
2008-04-09 17:43:56 0 d-------- C:\Program Files\QuickTime
2008-04-06 06:35:42 0 d-------- C:\Program Files\Common Files\Maxtor
2008-04-06 06:34:42 0 d-------- C:\Program Files\Maxtor
2008-04-06 05:57:15 0 d-------- C:\Program Files\Seagate
2008-04-06 05:47:07 0 d-------- C:\Program Files\FreeSoft
2008-04-05 16:29:58 0 d-------- C:\Program Files\Lycos Phone
2008-04-05 16:28:29 0 d-------- C:\Program Files\Finale NotePad 2007
2008-04-05 16:27:14 0 d-------- C:\Program Files\Common Files\AnswerWorks 5.0
2008-04-05 16:26:40 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-05 12:10:16 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-04-05 11:44:10 0 d-------- C:\Documents and Settings\Juan\Application Data\Adobe
2008-03-31 05:48:15 0 d-------- C:\Documents and Settings\Juan\Application Data\GlarySoft
2008-03-31 05:44:39 0 d-------- C:\Program Files\Registry Repair
2008-03-30 07:57:09 0 d-------- C:\Documents and Settings\Juan\Application Data\RegistrySmart
2008-03-18 20:07:38 16 --a----c- C:\WINDOWS\system32\msvcsv60.dll
2008-03-18 20:07:38 16 --a----c- C:\WINDOWS\msocreg32.dat
2008-03-16 11:20:21 34 --a----c- C:\WINDOWS\system32\BD2040.DAT
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [10/30/2007 08:11 PM]
"BCWipeTM Startup"="C:\Program Files\Jetico\BestCrypt\BCWipeTM.exe" [02/17/2006 02:43 AM]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/13/2008 08:12 PM C:\WINDOWS\system32\bthprops.cpl]
"CTHelper"="CTHELPER.EXE" [05/24/2005 04:28 AM C:\WINDOWS\CTHELPER.EXE]
"HelpCenter4.1"="C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe" [06/28/2007 07:02 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [06/16/2004 07:03 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/16/2004 07:03 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"MaxBlastMonitor.exe"="C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe" [08/08/2007 05:26 PM]
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [10/08/2002 06:03 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/15/2007 10:02 PM]
"SoundMan"="SOUNDMAN.EXE" [11/16/2006 05:42 PM C:\WINDOWS\SOUNDMAN.EXE]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [09/27/2005 02:59 AM]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]
"VTTimer"="VTTimer.exe" [03/07/2005 03:33 PM C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [10/31/2005 04:15 PM C:\WINDOWS\system32\VTTrayp.exe]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [10/30/2007 08:06 PM]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [10/30/2007 08:07 PM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [11/01/2007 07:12 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [08/24/2007 05:57 PM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
"TraySantaCruz"="C:\WINDOWS\system32\tbctray.exe" [06/23/2003 01:08 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [05/07/2007 12:40 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 08:12 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 08:12 PM]
"SetDefaultMIDI"="MIDIDef.exe" [05/24/2005 04:17 AM C:\WINDOWS\MIDIDEF.EXE]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]
C:\Documents and Settings\Juan\Start Menu\Programs\Startup\
HotSync Manager.lnk - C:\Program Files\palmOne\HOTSYNC.EXE [4/13/2004 5:03:10 PM]
Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [11/16/1996 7:00:00 PM]
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [11/16/1996 7:00:00 PM]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [1/21/2008 3:41:28 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [9/9/2005 5:39:58 PM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 3:38:16 AM]
BestCrypt Auto Open.lnk - C:\Program Files\Jetico\BestCrypt\BestCrypt.exe [2/3/2006 5:45:39 AM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [5/16/2008 3:27:12 PM]
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\palmOne\Hotsync.exe [4/13/2004 5:03:10 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 4:15:54 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=hplun.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\AutoPlay.exe -c
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
-- End of Deckard's System Scanner: finished at 2008-05-30 18:56:50 ------------
- Status
- Not open for further replies.
1 - 1 of 1 Posts
1 - 1 of 1 Posts
- Status
- Not open for further replies.
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Recommended Communities
