Deckard's System Scanner v20071014.68 Run by brightstar on 2008-06-14 13:20:42 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 25: 2008-06-14 18:22:52 UTC - RP32 - Device Driver Package Install: COMODO Network Service 24: 2008-06-14 07:19:29 UTC - RP31 - Scheduled Checkpoint 23: 2008-06-13 08:42:32 UTC - RP30 - Windows Update 22: 2008-06-13 07:00:00 UTC - RP29 - Scheduled Checkpoint 21: 2008-06-11 19:58:34 UTC - RP28 - Installed SUPERAntiSpyware Free Edition -- First Restore Point -- 1: 2008-06-02 20:21:35 UTC - RP8 - Installed Java(TM) 6 Update 6 Backed up registry hives. Performed disk cleanup. -- HijackThis (run as brightstar.exe) ------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:23:33 PM, on 6/14/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\hp\support\hpsysdrv.exe C:\hp\KBD\kbd.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\COMODO\SafeSurf\cssurf.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\System32\rundll32.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Users\brightstar\Desktop\dss(2).exe C:\Windows\system32\SearchFilterHost.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\brightstar.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Live Search Club Toolbar - {719D74AB-1AF9-43a1-8C62-D8750628D93E} - C:\Program Files\Live Search Club Toolbar\Toolbar.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7260 bytes -- File Associations ----------------------------------------------------------- [COLOR=red].reg - regfile - shell\open\command - regedit.exe "%1" %*[/COLOR] [COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR] -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 SASDIFSV - \??\c:\program files\superantispyware\sasdifsv.sys R1 SASKUTIL - \??\c:\program files\superantispyware\saskutil.sys R3 SASENUM - \??\c:\program files\superantispyware\sasenum.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing) -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-06-01 22:19:40 264 --a------ C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job -- Files created between 2008-05-14 and 2008-06-14 ----------------------------- 2008-06-14 11:23:20 0 d-------- C:\Program Files\AskSBar 2008-06-14 11:22:13 0 d-------- C:\Users\All Users\comodo 2008-06-14 11:22:12 0 d-------- C:\Program Files\COMODO 2008-06-11 18:24:08 0 d-------- C:\Program Files\Travel Agency 2008-06-11 17:36:16 0 d-------- C:\Program Files\Trend Micro 2008-06-11 14:50:26 0 d-------- C:\Program Files\Panda Security 2008-06-11 12:59:21 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com 2008-06-11 12:58:49 0 d-------- C:\Program Files\SUPERAntiSpyware 2008-06-11 12:57:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-06-11 12:52:04 0 d-------- C:\Users\All Users\Malwarebytes 2008-06-11 12:52:03 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-10 18:04:24 0 d-------- C:\Users\All Users\VirtualFarm 2008-06-10 18:04:13 0 d-------- C:\Program Files\Virtual Farm 2008-06-09 17:31:58 0 d-------- C:\Program Files\Mystery Stories - Island of Hope 2008-06-08 20:20:43 0 d-------- C:\Program Files\The Secret of Margrave Manor 2008-06-07 12:21:41 0 d-------- C:\Program Files\First Class Flurry 2008-06-06 21:38:54 0 d-------- C:\Users\All Users\Ludia 2008-06-06 18:38:02 0 d-------- C:\Program Files\Hells Kitchen 2008-06-06 18:31:04 0 d-------- C:\Program Files\Hoyle Enchanted Puzzles 2008-06-06 18:27:01 0 d-------- C:\Users\All Users\Escape From Paradise 2008-06-06 18:26:31 0 d-------- C:\Program Files\Escape From Paradise 2008-06-06 17:10:06 0 d-------- C:\Users\All Users\Flood Light Games 2008-06-06 12:32:35 0 d-------- C:\Program Files\Jumpin Jack 2008-06-05 19:24:31 0 d-------- C:\Users\All Users\SpinTop Games 2008-06-05 18:12:53 0 d-------- C:\Users\All Users\DigitalChocolate 2008-06-05 13:16:46 0 d-------- C:\Program Files\Tower Bloxx Deluxe 2008-06-05 13:13:07 0 d-------- C:\Program Files\Camp Funshine - Carrie the Caregiver 3 2008-06-05 13:12:32 0 d-------- C:\Users\All Users\PlayFirst 2008-06-05 13:12:23 0 d-a------ C:\Users\All Users\TEMP 2008-06-05 13:12:16 0 d-------- C:\Program Files\Dairy Dash 2008-06-05 13:09:21 0 d-------- C:\Program Files\bfgclient 2008-06-05 13:08:46 0 d-------- C:\BigFishGamesCache 2008-06-04 10:39:15 0 d-------- C:\PerfLogs 2008-06-03 15:13:04 0 d-------- C:\Program Files\Live Search Club Toolbar 2008-06-02 22:10:11 98304 --a------ C:\Windows\RTKAUDIOSERVICE.EXE 2008-06-02 22:09:34 315392 --a------ C:\Windows\HideWin.exe 2008-06-02 20:47:08 0 d-------- C:\Users\All Users\Hot Lava Games 2008-06-02 13:23:24 0 d-------- C:\Program Files\Java 2008-06-02 13:22:08 0 d-------- C:\Program Files\Common Files\Java 2008-06-02 08:38:21 0 d-------- C:\Users\All Users\NVIDIA 2008-06-02 03:18:26 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-06-02 03:04:58 0 d-------- C:\Program Files\MSXML 4.0 2008-06-02 00:14:31 0 d-------- C:\Users\All Users\Yahoo! Companion 2008-06-01 22:19:16 0 d-------- C:\Program Files\Windows Live Toolbar 2008-06-01 22:19:15 0 d-------- C:\Program Files\Windows Live Favorites 2008-06-01 22:11:47 0 d-------- C:\Windows\PCHEALTH 2008-06-01 22:06:36 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2008-06-01 22:06:24 0 d-------- C:\Program Files\Windows Live 2008-06-01 22:05:53 0 d-------- C:\Users\All Users\WLInstaller 2008-06-01 22:04:16 0 --a------ C:\Windows\nsreg.dat 2008-06-01 21:29:07 0 d-------- C:\Program Files\Alwil Software 2008-06-01 20:54:05 0 dr------- C:\Users\brightstar\Searches 2008-06-01 20:53:55 0 dr------- C:\Users\brightstar\Contacts 2008-06-01 20:52:41 44 --a------ C:\Windows\system\hpsysdrv.dat 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Videos 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\Templates 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\Start Menu 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\SendTo 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Saved Games 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\Recent 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\PrintHood 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Pictures 2008-06-01 20:48:45 1310720 --ahs---- C:\Users\brightstar\NTUSER.DAT 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\NetHood 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\My Documents 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Music 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\Local Settings 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Links 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Favorites 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Downloads 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Documents 2008-06-01 20:48:45 0 dr------- C:\Users\brightstar\Desktop 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\Cookies 2008-06-01 20:48:45 0 d--hs---- C:\Users\brightstar\Application Data 2008-06-01 20:48:45 0 d--h----- C:\Users\brightstar\AppData 2008-06-01 19:10:08 0 d--h----- C:\hp 2008-06-01 19:09:46 0 d-------- C:\Windows\Panther 2008-06-01 19:09:30 0 d--hs---- C:\Boot 2008-06-01 18:49:13 0 d-------- C:\Users\All Users\Hewlett-Packard 2008-06-01 18:45:22 0 d-------- C:\Windows\SMINST 2008-06-01 18:40:41 0 d-------- C:\Users\All Users\Symantec 2008-06-01 18:40:29 0 d-------- C:\Program Files\Common Files\Symantec Shared 2008-06-01 18:39:16 0 d-------- C:\Program Files\Yahoo! 2008-06-01 18:37:39 0 d-------- C:\Program Files\Online Services 2008-06-01 18:37:39 0 d-------- C:\Program Files\earthlink totalaccess 2008-06-01 18:36:31 0 d-------- C:\Users\All Users\InstallShield 2008-06-01 18:35:39 0 d-------- C:\Program Files\PC-Doctor 5 for Windows 2008-06-01 18:34:12 0 d-------- C:\Program Files\Hewlett-Packard 2008-06-01 18:33:26 0 d-------- C:\Program Files\Microsoft Works 2008-06-01 18:32:32 0 d-------- C:\Program Files\HP 2008-06-01 18:31:59 0 d-------- C:\Program Files\Common Files\Adobe 2008-06-01 18:31:58 0 d-------- C:\Users\All Users\Adobe 2008-06-01 18:31:24 0 d-------- C:\Program Files\DivX 2008-06-01 18:31:15 0 d-------- C:\Program Files\muvee Technologies 2008-06-01 18:31:15 0 d-------- C:\Program Files\Common Files\muvee Technologies 2008-06-01 18:30:46 0 d-a------ C:\Program Files\Common Files\LS Getting Started 2008-06-01 18:30:46 0 d-a------ C:\Program Files\Common Files\LightScribe 2008-06-01 18:30:27 0 d-------- C:\Program Files\Roxio 2008-06-01 18:30:27 0 d-------- C:\Program Files\Common Files\SureThing Shared 2008-06-01 18:30:16 0 d-------- C:\Users\All Users\Sonic 2008-06-01 18:30:12 0 d-------- C:\Program Files\Common Files\Sonic Shared 2008-06-01 18:30:11 0 d-------- C:\Program Files\Common Files\Roxio Shared 2008-06-01 18:29:39 0 d-------- C:\Users\All Users\WildTangent 2008-06-01 18:26:45 0 d-------- C:\Program Files\HP Games 2008-06-01 18:26:13 0 d-------- C:\Windows\system32\Macromed 2008-06-01 18:25:54 49152 --a------ C:\Windows\system32\ChCfg.exe 2008-06-01 18:25:44 0 d-------- C:\Program Files\Realtek 2008-06-01 18:25:44 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-01 18:25:43 520192 --a------ C:\Windows\RtlExUpd.dll 2008-06-01 18:25:40 0 d-------- C:\Program Files\Common Files\InstallShield 2008-06-01 18:25:30 0 d-------- C:\Windows\system32\RTCOM 2008-06-01 18:22:18 86016 --a------ C:\Windows\system32\cPC_DMIRD.dll 2008-06-01 18:20:03 102400 --a------ C:\Windows\system32\pywintypes24.dll 2008-06-01 18:20:03 327680 --a------ C:\Windows\system32\pythoncom24.dll 2008-06-01 18:19:32 0 d--hs---- C:\Windows\Installer 2008-06-01 18:14:43 0 d-------- C:\Windows\SoftwareDistribution 2008-06-01 18:13:43 0 d-------- C:\Program Files\CONEXANT 2008-06-01 18:12:36 0 d-------- C:\Windows\Debug 2008-06-01 18:11:19 0 d-------- C:\Windows\Prefetch 2008-06-01 18:11:07 0 d--hs---- C:\System Volume Information -- Find3M Report --------------------------------------------------------------- 2008-06-14 11:22:14 0 d-------- C:\Users\brightstar\AppData\Roaming\Comodo 2008-06-14 10:39:39 612 --a------ C:\Users\brightstar\AppData\Roaming\wklnhst.dat 2008-06-11 12:58:49 0 d-------- C:\Users\brightstar\AppData\Roaming\SUPERAntiSpyware.com 2008-06-11 12:57:45 0 d-------- C:\Program Files\Common Files 2008-06-11 12:52:05 0 d-------- C:\Users\brightstar\AppData\Roaming\Malwarebytes 2008-06-11 12:49:21 0 d-------- C:\Users\brightstar\AppData\Roaming\Download Manager 2008-06-11 03:07:45 0 d-------- C:\Program Files\Windows Mail 2008-06-10 15:18:52 0 d-------- C:\Users\brightstar\AppData\Roaming\Template 2008-06-09 17:43:12 0 d-------- C:\Users\brightstar\AppData\Roaming\cerasus.media 2008-06-07 12:23:50 0 d-------- C:\Users\brightstar\AppData\Roaming\ViquaSoft 2008-06-06 21:38:54 0 d-------- C:\Users\brightstar\AppData\Roaming\Ludia 2008-06-06 19:46:10 0 d-------- C:\Users\brightstar\AppData\Roaming\Boomzap 2008-06-06 17:10:06 0 d-------- C:\Users\brightstar\AppData\Roaming\Flood Light Games 2008-06-05 13:12:32 0 d-------- C:\Users\brightstar\AppData\Roaming\PlayFirst 2008-06-04 10:45:51 174 --ahs---- C:\Program Files\desktop.ini 2008-06-04 10:39:49 0 d-------- C:\Program Files\Windows Sidebar 2008-06-04 10:39:49 0 d-------- C:\Program Files\Windows Collaboration 2008-06-04 10:39:49 0 d-------- C:\Program Files\Windows Calendar 2008-06-04 10:39:49 0 d-------- C:\Program Files\Movie Maker 2008-06-04 10:39:46 0 d-------- C:\Program Files\Windows Photo Gallery 2008-06-04 10:39:46 0 d-------- C:\Program Files\Windows Journal 2008-06-04 10:39:45 0 d-------- C:\Program Files\Windows Defender 2008-06-02 22:05:18 0 d-------- C:\Users\brightstar\AppData\Roaming\WinBatch 2008-06-02 19:28:50 0 d-------- C:\Users\brightstar\AppData\Roaming\WildTangent 2008-06-02 00:15:51 0 d-------- C:\Users\brightstar\AppData\Roaming\Macromedia 2008-06-02 00:15:51 0 d-------- C:\Users\brightstar\AppData\Roaming\Adobe 2008-06-01 22:04:13 0 d-------- C:\Users\brightstar\AppData\Roaming\Mozilla 2008-06-01 20:55:17 0 d-------- C:\Users\brightstar\AppData\Roaming\Hewlett-Packard 2008-06-01 20:53:59 0 d-------- C:\Users\brightstar\AppData\Roaming\Identities 2008-06-01 18:31:29 74 --a------ C:\autoexec.bat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}] 06/14/2008 11:23 AM 262144 --a------ C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [01/19/2008 12:38 AM] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [09/28/2006 06:42 AM] "KBD"="C:\HP\KBD\KBD.EXE" [02/02/2005 08:44 AM] "RtHDVCpl"="RtHDVCpl.exe" [01/15/2008 11:26 AM C:\Windows\RtHDVCpl.exe] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/16/2005 11:11 PM] "@"="" [] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 04:19 PM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM] "NvSvc"="C:\Windows\system32\nvsvc.dll" [07/06/2007 08:15 PM] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [07/06/2007 08:15 PM] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [07/06/2007 08:15 PM] "COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [06/14/2008 11:23 AM] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [06/14/2008 11:22 AM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/27/2007 11:39 AM] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "Launcher"=%WINDIR%\SMINST\launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableUIADesktopToggle"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"= C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c576cee7-3040-11dd-998a-806e6f6e6963}] AutoRun\command- E:\Launch.exe *Newly Created Service* - CMDGUARD *Newly Created Service* - CMDHLP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-06-14 13:25:39 ------------