Deckard's System Scanner v20071014.68 Run by Crisp Beatz on 2008-03-31 02:43:12 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 82: 2008-03-31 10:43:16 UTC - RP82 - Deckard's System Scanner Restore Point 81: 2008-03-31 05:28:21 UTC - RP81 - System Checkpoint 80: 2008-03-30 05:24:59 UTC - RP80 - System Checkpoint 79: 2008-03-29 02:57:05 UTC - RP79 - System Checkpoint 78: 2008-03-28 01:58:10 UTC - RP78 - System Checkpoint -- First Restore Point -- 1: 2008-03-02 14:22:57 UTC - RP1 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Crisp Beatz.exe) ----------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:44:17 AM, on 3/31/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Comodo\Firewall\cmdagent.exe E:\WINDOWS\system32\CTsvcCDA.exe E:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\MsPMSPSv.exe E:\WINDOWS\system32\RUNDLL32.EXE E:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe E:\WINDOWS\system32\wscntfy.exe E:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE E:\WINDOWS\system32\CTHELPER.EXE E:\Program Files\SyncroSoft\Pos\H2O\cledx.exe E:\Program Files\Eset\nod32kui.exe E:\Program Files\Comodo\Firewall\CPF.exe E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe E:\Documents and Settings\Crisp Beatz\Desktop\dss.exe E:\PROGRA~1\TRENDM~1\HIJACK~1\Crisp Beatz.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {32132F48-C291-44D1-8645-9BC1C2A721A9} - E:\WINDOWS\system32\gebyx.dll O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CTSysVol] "E:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" O4 - HKLM\..\Run: [CTDVDDet] "E:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTStartup] "E:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run O4 - HKLM\..\Run: [H2O] "E:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] "E:\Program Files\Creative\SBAudigy2\Program\Startup Menu\Audigy.EXE" /L:ENG O4 - HKCU\..\Run: [BitTorrent DNA] "E:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] E:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: MagicDisc.lnk = E:\Program Files\MagicDisc\MagicDisc.exe O4 - Global Startup: hp psc 2000 Series.lnk = E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - E:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - E:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: M-Audio CMIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - E:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe O23 - Service: NMIndexingService - Unknown owner - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe -- End of file - 4800 bytes -- File Associations ----------------------------------------------------------- [COLOR=red].reg - regfile - shell\open\command - "regedit.exe" "%1"[/COLOR] -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 CLEDX (Team H2O CLEDX service) - e:\windows\system32\drivers\cledx.sys R3 emupia (E-mu Plug-in Architecture Driver) - e:\windows\system32\drivers\emupia2k.sys R3 MA_CMIDI (%EVOL_USB.SvcDesc%) - e:\windows\system32\drivers\ma_cmidi.sys R3 mcdbus (Driver for MagicISO SCSI Host Controller) - e:\windows\system32\drivers\mcdbus.sys R3 pfc (Padus ASPI Shell) - e:\windows\system32\drivers\pfc.sys S3 GMSIPCI - f:\install\gmsipci.sys (file missing) S3 NTACCESS - f:\ntaccess.sys (file missing) S3 SetupNTGLM7X - f:\ntglm7x.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 MA_CMIDI_InstallerService (M-Audio CMIDI Installer) - e:\program files\m-audio ma_cmidi\ma_cmidi_inst.exe S3 NMIndexingService - "e:\program files\common files\ahead\lib\nmindexingservice.exe" (file missing) -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\91053D9823C00 Manufacturer: Microsoft Name: 1394 Net Adapter PNP Device ID: V1394\NIC1394\91053D9823C00 Service: NIC1394 -- Scheduled Tasks ------------------------------------------------------------- 2008-03-02 13:12:42 460 --a------ E:\WINDOWS\Tasks\WebReg 20080302131240.job 2008-03-02 13:12:37 402 --a------ E:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1204492288.job -- Files created between 2008-02-29 and 2008-03-31 ----------------------------- 2008-03-30 06:09:35 0 d-------- E:\Program Files\Trend Micro 2008-03-27 07:30:53 1181022 --a------ E:\WINDOWS\system32\TmpA11162781 2008-03-27 05:27:31 0 d---s---- E:\Documents and Settings\Crisp Beatz\UserData 2008-03-25 12:59:26 0 d-------- E:\Documents and Settings\All Users\Application Data\WildTangent 2008-03-25 12:59:12 0 d-------- E:\Program Files\WildGames 2008-03-25 12:18:01 0 d-------- E:\Program Files\Coupons 2008-03-24 05:31:01 0 d-------- E:\Program Files\Nero 2008-03-24 03:26:20 0 d-------- E:\VundoFix Backups 2008-03-17 17:34:29 0 d-------- E:\Program Files\WinAVIVideoConverter 2008-03-17 07:18:39 0 d-------- E:\WINDOWS\Cache 2008-03-15 15:03:49 0 d-------- E:\Program Files\Flux 2008-03-15 14:45:22 0 d-------- E:\Documents and Settings\All Users\Application Data\Yahoo! 2008-03-15 14:44:47 0 d-------- E:\Program Files\Yahoo! 2008-03-14 17:58:40 0 d-------- E:\Program Files\Image-Line 2008-03-14 11:16:30 0 d-------- E:\Program Files\Outsim 2008-03-13 06:35:15 0 d-------- E:\Documents and Settings\All Users\Application Data\LightScribe 2008-03-13 06:29:36 0 d-------- E:\Program Files\Common Files\LightScribe 2008-03-13 06:24:08 0 d-------- E:\Documents and Settings\All Users\Application Data\Ahead 2008-03-10 17:43:56 86016 --a------ E:\WINDOWS\unvise32qt.exe 2008-03-10 17:42:01 0 d-------- E:\Program Files\The Rosetta Stone 2008-03-10 17:41:10 0 d--h----- E:\WINDOWS\PIF 2008-03-10 06:01:41 0 d-------- E:\Documents and Settings\All Users\Application Data\Apple Computer 2008-03-09 19:25:39 0 d-------- E:\Program Files\Voyetra 2008-03-09 12:09:08 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Apple Computer 2008-03-09 12:03:53 0 d------c- E:\WINDOWS\system32\DRVSTORE 2008-03-09 11:38:07 0 d-------- E:\Documents and Settings\All Users\Application Data\QuickTime 2008-03-09 11:16:24 0 d-------- E:\Documents and Settings\All Users\Application Data\NCH Swift Sound 2008-03-05 22:22:16 0 d-------- E:\Program Files\Recycle 2008-03-05 22:22:02 331263 --a------ E:\WINDOWS\LOOP.exe 2008-03-05 11:14:35 0 d-------- E:\WINDOWS\system32\appmgmt 2008-03-05 11:03:56 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Macromedia 2008-03-04 15:37:24 0 d-------- E:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-03-03 05:32:28 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Media Player Classic 2008-03-03 05:30:49 164352 --a------ E:\WINDOWS\system32\unrar.dll 2008-03-03 05:30:47 217088 --a------ E:\WINDOWS\system32\yv12vfw.dll 2008-03-03 05:30:47 159839 --a------ E:\WINDOWS\system32\xvidvfw.dll 2008-03-03 05:30:47 755027 --a------ E:\WINDOWS\system32\xvidcore.dll 2008-03-03 05:30:46 3596288 --a------ E:\WINDOWS\system32\qt-dx331.dll 2008-03-03 05:30:46 81920 --a------ E:\WINDOWS\system32\dpl100.dll 2008-03-03 05:30:46 682496 --a------ E:\WINDOWS\system32\divx.dll 2008-03-03 05:30:45 7680 --a------ E:\WINDOWS\system32\ff_vfw.dll 2008-03-03 05:30:43 0 d-------- E:\Program Files\K-Lite Codec Pack 2008-03-02 13:12:28 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Hewlett-Packard 2008-03-02 12:46:46 0 d-------- E:\Program Files\Common Files\Hewlett-Packard 2008-03-02 12:44:15 0 d-------- E:\Program Files\Hewlett-Packard 2008-03-02 12:42:12 16606 -----n--- E:\WINDOWS\hpomdl01.dat 2008-03-02 12:42:12 19558 --a------ E:\WINDOWS\hpoins01.dat 2008-03-02 12:41:52 0 d-------- E:\temp 2008-03-02 12:05:04 0 d-------- E:\Documents and Settings\All Users\Application Data\Trymedia 2008-03-02 10:37:47 0 d-------- E:\Program Files\BFG 2008-03-02 06:43:29 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Comodo 2008-03-02 06:43:25 0 d-------- E:\Documents and Settings\All Users\Application Data\Comodo 2008-03-02 06:40:54 0 d-------- E:\Program Files\Comodo 2008-03-02 06:22:47 16724 --ahs---- E:\WINDOWS\system32\xybeg.ini2 2008-03-02 06:22:44 291328 -----n--- E:\WINDOWS\system32\gebyx.dll 2008-03-01 20:57:04 0 d-------- E:\Program Files\Kjaerhus Audio 2008-03-01 20:56:26 0 d-------- E:\Program Files\VAZ Modular 2008-03-01 20:51:33 0 d-------- E:\Program Files\URS Plugins 2008-03-01 20:11:39 36864 --a------ E:\WINDOWS\system32\opnmnlk.dll 2008-03-01 19:59:42 298104 --a------ E:\WINDOWS\system32\imon.dll 2008-03-01 15:07:03 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Steinberg 2008-03-01 15:06:57 467 --a------ E:\WINDOWS\system32\Datei9 2008-03-01 15:06:57 467 --a------ E:\WINDOWS\system32\Datei8 2008-03-01 15:06:57 469 --a------ E:\WINDOWS\system32\Datei7 2008-03-01 15:06:57 465 --a------ E:\WINDOWS\system32\Datei6 2008-03-01 15:06:57 469 --a------ E:\WINDOWS\system32\Datei5 2008-03-01 15:06:57 471 --a------ E:\WINDOWS\system32\Datei4 2008-03-01 15:06:57 470 --a------ E:\WINDOWS\system32\Datei3 2008-03-01 15:06:57 471 --a------ E:\WINDOWS\system32\Datei2 2008-03-01 15:06:57 467 --a------ E:\WINDOWS\system32\Datei10 2008-03-01 15:06:57 470 --a------ E:\WINDOWS\system32\Datei1 2008-03-01 15:06:57 468 --a------ E:\WINDOWS\system32\Datei0 2008-03-01 14:47:11 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Nero 2008-03-01 14:28:14 368912 --a------ E:\WINDOWS\system32\vbar332.dll 2008-03-01 14:28:14 0 d-------- E:\Program Files\KLC 2008-03-01 14:11:37 368640 -----n--- E:\WINDOWS\system32\TwnLib4.dll 2008-03-01 14:11:37 802816 -----n--- E:\WINDOWS\system32\imagXRA7.dll 2008-03-01 14:11:37 258048 -----n--- E:\WINDOWS\system32\imagXR7.dll 2008-03-01 14:11:36 1757184 -----n--- E:\WINDOWS\system32\imagX7.dll 2008-03-01 14:11:35 0 d-------- E:\Documents and Settings\All Users\Application Data\Nero 2008-03-01 14:04:49 0 d-------- E:\Program Files\Common Files\Nero 2008-03-01 13:39:29 288 --a------ E:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-00000007-00001102-00000004-10021102}.dat 2008-03-01 13:39:29 288 --a------ E:\WINDOWS\system32\DVCState-{00000000-00000000-00000007-00001102-00000004-10021102}.dat 2008-03-01 13:32:50 0 --a------ E:\WINDOWS\nsreg.dat 2008-03-01 13:32:47 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Mozilla 2008-03-01 13:28:44 85504 --a------ E:\WINDOWS\system32\ma_cmidn.dll 2008-03-01 13:28:44 17920 --a------ E:\WINDOWS\system32\MA_CMIDI.DLL 2008-03-01 13:28:44 0 d-------- E:\WINDOWS\system32\INF 2008-03-01 13:28:44 21888 --a------ E:\WINDOWS\system32\drivers\ma_cmidi.sys 2008-03-01 13:28:39 0 d-------- E:\Program Files\Native Instruments 2008-03-01 13:28:28 0 d-------- E:\Program Files\M-Audio MA_CMIDI 2008-03-01 13:12:58 0 d-------- E:\Documents and Settings\All Users\Application Data\Propellerhead Software 2008-03-01 13:12:57 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Propellerhead Software 2008-03-01 13:11:41 0 d-------- E:\Program Files\Propellerhead 2008-03-01 13:08:26 41984 -----n--- E:\WINDOWS\Ctregrun.exe 2008-03-01 13:04:05 53552 -----n--- E:\WINDOWS\CTCCW.DLL 2008-03-01 13:04:04 1048576 -----n--- E:\WINDOWS\system32\SFMAN.DAT 2008-03-01 13:04:04 54784 -----n--- E:\WINDOWS\system32\INETWH32.DLL 2008-03-01 13:04:04 26768 -----n--- E:\WINDOWS\system32\CTL3D.DLL 2008-03-01 13:04:03 0 d-------- E:\WINDOWS\system32\Defaults 2008-03-01 13:03:05 0 d-------- E:\WINDOWS\system32\Data 2008-03-01 13:03:00 135824 --a------ E:\WINDOWS\system32\drivers\HAP16V2K.SYS 2008-03-01 13:03:00 115216 --a------ E:\WINDOWS\system32\drivers\EMUPIA2K.SYS 2008-03-01 13:02:59 133280 --a------ E:\WINDOWS\system32\drivers\CTSFM2K.SYS 2008-03-01 13:02:59 6144 --a------ E:\WINDOWS\system32\drivers\CTPRXY2K.SYS 2008-03-01 13:02:59 186068 --a------ E:\WINDOWS\system32\drivers\CTAC32K.SYS 2008-03-01 13:02:53 49152 --a------ E:\WINDOWS\CTDCRES.DLL 2008-03-01 13:02:52 270336 --a------ E:\WINDOWS\system32\SFMS32.DLL 2008-03-01 13:02:52 36864 --a------ E:\WINDOWS\system32\REGPLIB.EXE 2008-03-01 13:02:52 110592 --a------ E:\WINDOWS\system32\PIAPROXY.DLL 2008-03-01 13:02:52 159744 --a------ E:\WINDOWS\system32\OPENAL32.DLL 2008-03-01 13:02:52 49152 --a------ E:\WINDOWS\system32\KILLAPPS.EXE 2008-03-01 13:02:52 20480 --a------ E:\WINDOWS\system32\ENSDEF.EXE 2008-03-01 13:02:52 77824 --a------ E:\WINDOWS\system32\EAXAC3.DLL 2008-03-01 13:02:52 184320 --a------ E:\WINDOWS\PSCONV.EXE 2008-03-01 13:02:52 61440 --a------ E:\WINDOWS\MIDIDEF.EXE 2008-03-01 13:02:52 94208 --a------ E:\WINDOWS\DEVREG.DLL 2008-03-01 13:02:51 45056 --a------ E:\WINDOWS\system32\CTSPKHLP.DLL 2008-03-01 13:02:51 110592 --a------ E:\WINDOWS\system32\CTSCAL.DLL 2008-03-01 13:02:51 655360 --a------ E:\WINDOWS\system32\CTSBLFX.DLL 2008-03-01 13:02:51 155648 --a------ E:\WINDOWS\system32\CTOSUSER.DLL 2008-03-01 13:02:51 24576 --a------ E:\WINDOWS\system32\CTHELPER.EXE 2008-03-01 13:02:51 36864 --a------ E:\WINDOWS\system32\CTEMUPIA.DLL 2008-03-01 13:02:48 110592 --a------ E:\WINDOWS\system32\CTDPROXY.DLL 2008-03-01 13:02:48 139264 --a------ E:\WINDOWS\system32\CTDCIFCE.DLL 2008-03-01 13:02:48 372736 --a------ E:\WINDOWS\system32\CTDC0001.DLL 2008-03-01 13:02:47 319488 --a------ E:\WINDOWS\system32\CTDC0000.DLL 2008-03-01 13:02:47 495616 --a------ E:\WINDOWS\system32\CTAUDFX.DLL 2008-03-01 13:02:47 106496 --a------ E:\WINDOWS\system32\CTASIO.DLL 2008-03-01 13:02:47 57344 --a------ E:\WINDOWS\system32\CTAGENT.DLL 2008-03-01 13:02:46 126976 --a------ E:\WINDOWS\system32\COMMONFX.DLL 2008-03-01 13:02:46 53248 --a------ E:\WINDOWS\system32\AC3API.DLL 2008-03-01 13:02:39 184 --a------ E:\WINDOWS\system32\e000001.dat 2008-03-01 13:02:25 292304 --a------ E:\WINDOWS\system32\drivers\ctdvda2k.sys 2008-03-01 13:02:25 77824 --a------ E:\WINDOWS\system32\ctdvda32.dll 2008-03-01 13:02:25 277200 --a------ E:\WINDOWS\system32\Ctaa1.dat 2008-03-01 13:00:37 25088 --a------ E:\WINDOWS\system32\CTSVCCTL.EXE 2008-03-01 13:00:37 44032 --a------ E:\WINDOWS\system32\CTSVCCDA.EXE 2008-03-01 13:00:27 0 d--h----- E:\Program Files\InstallShield Installation Information 2008-03-01 12:59:26 0 d-------- E:\Program Files\Creative 2008-03-01 12:52:43 0 d-------- E:\Program Files\Common Files\Adobe 2008-03-01 12:52:43 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Adobe 2008-03-01 12:50:24 306688 --a------ E:\WINDOWS\IsUninst.exe 2008-03-01 12:50:16 0 d-------- E:\Documents and Settings\Crisp Beatz\WINDOWS 2008-03-01 12:47:08 0 d-------- E:\WINDOWS\nview 2008-03-01 12:46:59 0 d-------- E:\WINDOWS\system32\ReinstallBackups 2008-03-01 12:46:47 0 d-------- E:\Program Files\Common Files\InstallShield 2008-03-01 12:30:16 33792 --a------ E:\WINDOWS\system32\drivers\cledx.sys 2008-03-01 12:30:11 16896 --a------ E:\WINDOWS\system32\drivers\synasUSB.sys 2008-03-01 12:30:09 45056 --a------ E:\WINDOWS\system32\Synsopos.exe 2008-03-01 12:30:09 147456 --a------ E:\WINDOWS\system32\SynsoLChk.dll 2008-03-01 12:30:08 708608 --a------ E:\WINDOWS\system32\SYNSOACC.dll 2008-03-01 12:30:08 0 d-------- E:\Program Files\Syncrosoft 2008-03-01 12:29:14 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Identities 2008-03-01 12:29:07 0 d--h----- E:\Documents and Settings\Crisp Beatz\Templates 2008-03-01 12:29:07 0 dr------- E:\Documents and Settings\Crisp Beatz\Start Menu 2008-03-01 12:29:07 0 dr-h----- E:\Documents and Settings\Crisp Beatz\SendTo 2008-03-01 12:29:07 0 dr-h----- E:\Documents and Settings\Crisp Beatz\Recent 2008-03-01 12:29:07 0 d--h----- E:\Documents and Settings\Crisp Beatz\PrintHood 2008-03-01 12:29:07 2883584 --ah----- E:\Documents and Settings\Crisp Beatz\NTUSER.DAT 2008-03-01 12:29:07 0 d--h----- E:\Documents and Settings\Crisp Beatz\NetHood 2008-03-01 12:29:07 0 dr------- E:\Documents and Settings\Crisp Beatz\My Documents 2008-03-01 12:29:07 0 d--h----- E:\Documents and Settings\Crisp Beatz\Local Settings 2008-03-01 12:29:07 0 dr------- E:\Documents and Settings\Crisp Beatz\Favorites 2008-03-01 12:29:07 0 d-------- E:\Documents and Settings\Crisp Beatz\Desktop 2008-03-01 12:29:07 0 d---s---- E:\Documents and Settings\Crisp Beatz\Cookies 2008-03-01 12:29:07 0 dr-h----- E:\Documents and Settings\Crisp Beatz\Application Data 2008-03-01 12:25:57 0 d-------- E:\WINDOWS\SoftwareDistribution 2008-03-01 12:25:56 0 d-------- E:\WINDOWS\Prefetch 2008-03-01 12:25:55 0 d---s---- E:\WINDOWS\system32\Microsoft 2008-03-01 12:25:54 262144 --ah----- E:\Documents and Settings\LocalService\NTUSER.DAT 2008-03-01 12:25:54 0 d--h----- E:\Documents and Settings\LocalService\Local Settings 2008-03-01 12:25:54 0 d---s---- E:\Documents and Settings\LocalService\Cookies 2008-03-01 12:25:54 0 d-------- E:\Documents and Settings\LocalService\Application Data 2008-03-01 12:25:54 0 d---s---- E:\Documents and Settings\LocalService\Application Data\Microsoft 2008-03-01 12:25:47 225280 --ah----- E:\Documents and Settings\NetworkService\NTUSER.DAT 2008-03-01 12:25:47 0 d--h----- E:\Documents and Settings\NetworkService\Local Settings 2008-03-01 12:25:47 0 d---s---- E:\Documents and Settings\NetworkService\Cookies 2008-03-01 12:25:47 0 d-------- E:\Documents and Settings\NetworkService\Application Data 2008-03-01 12:25:47 0 d---s---- E:\Documents and Settings\NetworkService\Application Data\Microsoft 2008-03-01 12:24:27 0 d-------- E:\Program Files\MagicISO 2008-03-01 12:21:57 0 d-------- E:\WINDOWS\system32\xircom 2008-03-01 12:21:57 0 d-------- E:\Program Files\microsoft frontpage 2008-03-01 12:21:38 262144 --ah----- E:\Documents and Settings\Default User\NTUSER.DAT 2008-03-01 12:20:20 0 d--hs---- E:\Documents and Settings\All Users\DRM 2008-03-01 12:20:08 0 dr------- E:\WINDOWS\Offline Web Pages 2008-03-01 12:20:08 0 d---s---- E:\WINDOWS\Downloaded Program Files 2008-03-01 12:19:54 0 d--h----- E:\Program Files\WindowsUpdate 2008-03-01 12:19:34 0 d-------- E:\WINDOWS\system32\DirectX 2008-03-01 12:19:07 0 d---s---- E:\WINDOWS\Tasks 2008-03-01 12:19:06 0 d-------- E:\Program Files\Common Files\MSSoap 2008-03-01 12:19:04 0 d-------- E:\WINDOWS\srchasst 2008-03-01 12:19:03 0 d-------- E:\WINDOWS\system32\Macromed 2008-03-01 12:18:57 0 d-------- E:\Program Files\Movie Maker 2008-03-01 12:18:51 0 d-------- E:\WINDOWS\system32\Restore 2008-03-01 12:18:03 21640 --a------ E:\WINDOWS\system32\emptyregdb.dat 2008-03-01 12:17:48 0 d-------- E:\WINDOWS\Registration 2008-03-01 12:17:40 0 d-------- E:\Program Files\Online Services 2008-03-01 12:17:33 0 d-------- E:\Program Files\Messenger 2008-03-01 12:17:30 0 d-------- E:\Program Files\MSN Gaming Zone 2008-03-01 12:16:59 0 d-------- E:\Program Files\Windows NT 2008-03-01 12:16:57 0 d-------- E:\WINDOWS\system32\MsDtc 2008-03-01 12:16:55 0 d-------- E:\WINDOWS\system32\Com 2008-03-01 12:13:54 92544 --a------ E:\WINDOWS\system32\drivers\mcdbus.sys 2008-03-01 12:13:53 0 d-------- E:\Program Files\MagicDisc 2008-03-01 12:03:17 0 d-------- E:\Program Files\Ableton 2008-03-01 12:03:17 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Ableton 2008-03-01 11:29:12 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Applied Acoustics Systems 2008-03-01 11:29:09 0 d-------- E:\Program Files\AAS 2008-03-01 11:28:34 0 d-------- E:\Program Files\MU Technologies 2008-03-01 11:28:18 1777664 --a------ E:\WINDOWS\system32\gdiplus.dll 2008-03-01 11:11:51 2240 --a------ E:\WINDOWS\LENDIG.sys 2008-03-01 11:08:59 16 --a------ E:\WINDOWS\system32\msvcsv60.dll 2008-03-01 11:08:59 16 --a------ E:\WINDOWS\msocreg32.dat 2008-03-01 11:08:39 0 d-------- E:\Program Files\Common Files\DigiDesign 2008-03-01 11:08:38 0 d-------- E:\Program Files\Steinberg 2008-03-01 11:08:29 0 d-------- E:\Documents and Settings\All Users\Application Data\IK Multimedia 2008-03-01 11:08:28 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\InstallShield 2008-03-01 11:08:11 0 d-------- E:\Program Files\IK Multimedia 2008-03-01 10:54:08 0 d-------- E:\WINDOWS\RegisteredPackages 2008-03-01 10:54:02 0 d-------- E:\Program Files\Common Files\Adobe Systems Shared 2008-03-01 10:53:06 0 d-------- E:\Documents and Settings\All Users\Application Data\Adobe 2008-03-01 10:47:03 233472 -----n--- E:\WINDOWS\system32\REX Shared Library.dll 2008-03-01 10:47:03 368640 -----n--- E:\WINDOWS\system32\ReWire.dll 2008-03-01 10:43:44 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\WinRAR 2008-03-01 10:41:14 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\BitTorrent 2008-03-01 10:39:04 0 d-------- E:\Program Files\DNA 2008-03-01 10:39:04 0 d-------- E:\Program Files\BitTorrent 2008-03-01 10:39:04 0 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\DNA 2008-03-01 04:02:26 0 d--hs---- E:\WINDOWS\Installer 2008-03-01 04:02:25 0 d-------- E:\Program Files\Common Files\ODBC 2008-03-01 04:02:22 0 dr------- E:\Program Files 2008-03-01 04:02:22 0 d-------- E:\Program Files\Common Files 2008-03-01 04:02:22 0 d-------- E:\Program Files\Common Files\SpeechEngines 2008-03-01 04:01:59 0 d--h----- E:\Documents and Settings\Default User\Templates 2008-03-01 04:01:59 0 dr------- E:\Documents and Settings\Default User\Start Menu 2008-03-01 04:01:59 0 dr-h----- E:\Documents and Settings\Default User\SendTo 2008-03-01 04:01:59 0 d--h----- E:\Documents and Settings\Default User\Recent 2008-03-01 04:01:59 0 d--h----- E:\Documents and Settings\Default User\PrintHood 2008-03-01 04:01:59 0 d--h----- E:\Documents and Settings\Default User\NetHood 2008-03-01 04:01:59 0 d-------- E:\Documents and Settings\Default User\My Documents 2008-03-01 04:01:59 0 dr-h----- E:\Documents and Settings\Default User\Local Settings 2008-03-01 04:01:59 0 d-------- E:\Documents and Settings\Default User\Favorites 2008-03-01 04:01:59 0 d-------- E:\Documents and Settings\Default User\Desktop 2008-03-01 04:01:59 0 d---s---- E:\Documents and Settings\Default User\Cookies 2008-03-01 04:01:59 0 d--h----- E:\Documents and Settings\All Users\Templates 2008-03-01 04:01:59 0 dr------- E:\Documents and Settings\All Users\Start Menu 2008-03-01 04:01:59 0 d-------- E:\Documents and Settings\All Users\Favorites 2008-03-01 04:01:59 0 dr------- E:\Documents and Settings\All Users\Documents 2008-03-01 04:01:59 0 d-------- E:\Documents and Settings\All Users\Desktop 2008-03-01 04:01:45 0 d-------- E:\WINDOWS\system32\CatRoot2 2008-03-01 04:01:45 0 d-------- E:\WINDOWS\system32\CatRoot 2008-03-01 04:01:40 0 dr-h----- E:\Documents and Settings\Default User\Application Data 2008-03-01 04:01:40 0 d---s---- E:\Documents and Settings\Default User\Application Data\Microsoft 2008-03-01 04:01:40 0 dr-h----- E:\Documents and Settings\All Users\Application Data 2008-03-01 04:01:40 0 d---s---- E:\Documents and Settings\All Users\Application Data\Microsoft 2008-03-01 04:01:23 0 d--hs---- E:\System Volume Information 2008-03-01 04:01:23 0 d-------- E:\Documents and Settings 2008-03-01 03:53:58 0 d-------- E:\WINDOWS 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\WinSxS 2008-03-01 03:53:58 0 dr------- E:\WINDOWS\Web 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\twain_32 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\wins 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\wbem 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\usmt 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\spool 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\ShellExt 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\Setup 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\ras 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\oobe 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\npp 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\mui 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\inetsrv 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\IME 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\icsxml 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\ias 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\export 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\drivers 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\drivers\etc 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\drivers\disdn 2008-03-01 03:53:58 0 dr-hs--c- E:\WINDOWS\system32\dllcache 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\dhcp 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\config 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\3com_dmi 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\3076 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\2052 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1054 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1042 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1041 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1037 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1033 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1031 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1028 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system32\1025 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\system 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\security 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Resources 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\repair 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Provisioning 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\PeerNet 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\pchealth 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\mui 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\msapps 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\msagent 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Media 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\java 2008-03-01 03:53:58 0 d--h----- E:\WINDOWS\inf 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\ime 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Help 2008-03-01 03:53:58 0 dr--s---- E:\WINDOWS\Fonts 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\ehome 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Driver Cache 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Debug 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Cursors 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Connection Wizard 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\Config 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\AppPatch 2008-03-01 03:53:58 0 d-------- E:\WINDOWS\addins -- Find3M Report --------------------------------------------------------------- 2008-03-01 04:01:59 62 --ahs---- E:\Documents and Settings\Crisp Beatz\Application Data\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{32132F48-C291-44D1-8645-9BC1C2A721A9}] 03/02/2008 06:22 AM 291328 --------- E:\WINDOWS\system32\gebyx.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.exe" [08/04/2004 03:00 AM E:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [12/04/2007 10:41 PM E:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [08/04/2004 03:00 AM E:\WINDOWS\system32\rundll32.exe] "CTSysVol"="E:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [09/11/2002 11:04 AM] "CTDVDDet"="E:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [08/13/2002 01:00 AM] "CTHelper"="CTHELPER.EXE" [09/02/2002 06:55 PM E:\WINDOWS\system32\CTHELPER.EXE] "UpdReg"="E:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM] "CTStartup"="E:\Program Files\Creative\Splash Screen\CTEaxSpl.exe" [09/13/2002 01:04 AM] "H2O"="E:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [12/18/2005 02:18 PM] "nod32kui"="E:\Program Files\Eset\nod32kui.exe" [03/01/2008 07:58 PM] "COMODO Firewall Pro"="E:\Program Files\Comodo\Firewall\CPF.exe" [03/05/2008 09:40 PM] "Adobe Reader Speed Launcher"="E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SB Audigy 2 Startup Menu"="E:\Program Files\Creative\SBAudigy2\Program\Startup Menu\Audigy.exe" [09/23/2002 01:08 AM] "BitTorrent DNA"="E:\Program Files\DNA\btdna.exe" [] "LightScribe Control Panel"="E:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [] "Yahoo! Pager"="E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 05:43 PM] E:\Documents and Settings\Crisp Beatz\Start Menu\Programs\Startup\ Adobe Gamma.lnk - E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 8:16:50 PM] MagicDisc.lnk - E:\Program Files\MagicDisc\MagicDisc.exe [3/1/2008 12:13:53 PM] E:\Documents and Settings\All Users\Start Menu\Programs\Startup\ hp psc 2000 Series.lnk - E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [4/9/2003 5:41:38 PM] hpoddt01.exe.lnk - E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [4/9/2003 6:11:12 PM] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] @= [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 E:\WINDOWS\system32\gebyx.dll [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bb1007a-e77d-11dc-a4d6-806d6172696f}] AutoRun\command- D:\setup.exe -- End of Deckard's System Scanner: finished at 2008-03-31 02:48:14 ------------