Deckard's System Scanner v20071014.68
Run by Sjef on 2008-07-10 20:43:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
5: 2008-07-10 18:43:55 UTC - RP5 - Deckard's System Scanner Restore Point
4: 2008-07-10 01:02:05 UTC - RP4 - Software Distribution Service 3.0
3: 2008-07-09 12:48:59 UTC - RP3 - System Checkpoint
2: 2008-07-08 12:35:07 UTC - RP2 - Installed TuneUp Utilities 2008
1: 2008-07-08 09:58:30 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Sjef.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:44:27 PM, on 7/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Documents and Settings\Sjef\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Sjef.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209812350046
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.100.53.122/activex/AxisCamControl.cab
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 7035 bytes

-- File Associations -----------------------------------------------------------

[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]
[COLOR=red].reg - regfile - shell\open\command - regedit.exe "%1" %*[/COLOR]
[COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S3 catchme - c:\combofix\catchme.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>

S3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Memory Controller
Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_10111695&REV_A3\3&2411E6FE&0&00
Manufacturer: 
Name: PCI Memory Controller
PNP Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_10111695&REV_A3\3&2411E6FE&0&00
Service: 

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_10111695&REV_A2\3&2411E6FE&0&09
Manufacturer: 
Name: SM Bus Controller
PNP Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_10111695&REV_A2\3&2411E6FE&0&09
Service: 

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Other PCI Bridge Device
Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_10111695&REV_A3\3&2411E6FE&0&50
Manufacturer: 
Name: Other PCI Bridge Device
PNP Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_10111695&REV_A3\3&2411E6FE&0&50
Service: 

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 6300
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 6300
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd


-- Scheduled Tasks -------------------------------------------------------------

2008-07-08 14:35:29       374 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job


-- Files created between 2008-06-10 and 2008-07-10 -----------------------------

2008-07-08 14:35:27         0 d-------- C:\Documents and Settings\Sjef\Application Data\TuneUp Software
2008-07-08 14:35:16         0 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-07-08 14:35:08         0 d-------- C:\Program Files\TuneUp Utilities 2008
2008-07-08 14:34:44         0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-06 12:29:34         0 d-------- C:\Documents and Settings\Sjef\Application Data\Malwarebytes
2008-07-06 12:29:31         0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-06 12:29:29         0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-03 00:19:48    261936 -r-hs---- C:\cmldr
2008-07-03 00:19:48      4952 -ra------ C:\Bootfont.bin
2008-07-03 00:19:30         0 dr-hs---- C:\cmdcons
2008-07-03 00:19:28         0 d-------- C:\WINDOWS\setup.pss
2008-07-03 00:19:11         0 d-------- C:\WINDOWS\setupupd
2008-07-02 00:44:21         0 d-------- C:\Program Files\Trend Micro
2008-06-30 16:38:32         0 dr-h----- C:\Documents and Settings\Sjef\Recent
2008-06-30 16:36:32         0 d-------- C:\Program Files\CCleaner
2008-06-30 00:49:49         0 d-------- C:\WINDOWS\system32\appmgmt
2008-06-28 20:36:58         0 d-------- C:\WINDOWS\pss
2008-06-27 19:35:03         0 d-------- C:\Documents and Settings\Sjef\Application Data\Lavasoft
2008-06-27 19:09:50         0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-27 19:07:41         0 d-------- C:\Program Files\Spyware Doctor
2008-06-27 19:07:41         0 d-------- C:\Documents and Settings\Sjef\Application Data\PC Tools
2008-06-27 19:07:01         0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-06-27 19:05:22       164 --a------ C:\install.dat
2008-06-27 19:03:58         0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-27 19:02:34         0 d-------- C:\Program Files\Lavasoft
2008-06-27 19:00:13         0 d-------- C:\Documents and Settings\All Users\Application Data\Prevx
2008-06-27 18:59:49         0 d-------- C:\Temp
2008-06-27 18:44:40         0 d-------- C:\WINDOWS\system32\GroupPolicy
2008-06-27 18:44:16         0 d-------- C:\Program Files\Hitman Pro
2008-06-27 14:50:10   3354656 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-27 14:47:30         0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-06-27 14:47:24      4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-06-27 14:47:16     11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-06-27 14:46:54         0 d-------- C:\WINDOWS\system32\ZoneLabs
2008-06-27 14:46:10         0 d-------- C:\WINDOWS\Internet Logs
2008-06-20 16:56:03         0 d-------- C:\Program Files\G-Mailto
2008-06-17 23:14:41         0 d-------- C:\Documents and Settings\Sjef\Downloads
2008-06-17 23:14:38         0 d-------- C:\Documents and Settings\Sjef\Application Data\NewsLeecher
2008-06-17 23:11:57         0 d-------- C:\Program Files\NewsLeecher
2008-06-17 00:44:28         0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-06-17 00:44:21         0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-06-17 00:44:21         0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-06-17 00:44:08         0 d-------- C:\Program Files\Common Files\AOL
2008-06-17 00:42:03         0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-17 00:41:35         0 d-------- C:\Program Files\Yahoo!
2008-06-15 16:51:16         0 d-------- C:\Program Files\WinAVI MP4 Converter


-- Find3M Report ---------------------------------------------------------------

2008-07-10 17:46:33         0 d-------- C:\Documents and Settings\Sjef\Application Data\LimeWire
2008-07-09 11:32:37         0 d-------- C:\Program Files\FlashGet
2008-07-08 14:34:44         0 d-------- C:\Program Files\Common Files
2008-06-30 00:57:05         0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-30 00:56:58         0 d-------- C:\Documents and Settings\Sjef\Application Data\Samsung
2008-06-30 00:54:27         0 d-------- C:\Program Files\Orb Networks
2008-06-27 19:06:23         0 d-------- C:\Program Files\Webroot
2008-06-27 19:05:11         0 d-------- C:\Documents and Settings\Sjef\Application Data\Webroot
2008-06-17 23:45:58         0 d-------- C:\Documents and Settings\Sjef\Application Data\Mozilla
2008-06-13 19:38:20         0 d-------- C:\Documents and Settings\Sjef\Application Data\Real
2008-06-08 12:23:49         0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-05 00:25:23         0 d-------- C:\Documents and Settings\Sjef\Application Data\Nokia Multimedia Player
2008-06-02 21:13:52         0 d-------- C:\Program Files\Gabest
2008-06-02 16:20:05         0 d-------- C:\Documents and Settings\Sjef\Application Data\Nokia
2008-06-02 15:49:24         0 d-------- C:\Program Files\Nokia
2008-06-02 15:49:07         0 d-------- C:\Program Files\Common Files\Nokia
2008-05-25 19:08:53         0 d-------- C:\Documents and Settings\Sjef\Application Data\PC Suite
2008-05-25 19:03:37         0 d-------- C:\Program Files\Common Files\PCSuite
2008-05-25 19:03:29         0 d-------- C:\Program Files\DIFX
2008-05-25 19:03:25         0 d-------- C:\Program Files\PC Connectivity Solution
2008-05-25 18:59:35         0 d-------- C:\Program Files\HooTech
2008-05-24 18:20:34         0 d-------- C:\Documents and Settings\Sjef\Application Data\VanDale
2008-05-21 23:56:38         0 d-------- C:\Documents and Settings\Sjef\Application Data\uTorrent
2008-05-21 15:10:39         0 d-------- C:\Program Files\uTorrent
2008-05-15 15:20:08         0 d-------- C:\Program Files\Samsung
2008-05-12 13:01:13         0 d-------- C:\Program Files\Microsoft Encarta
2008-05-11 15:36:21         0 d-------- C:\Program Files\Extension Changer
2008-05-03 13:33:29       668 --a------ C:\Documents and Settings\Sjef\Application Data\vso_ts_preview.xml
2008-05-03 13:32:43        34 --a------ C:\Documents and Settings\Sjef\Application Data\pcouffin.log
2008-05-03 13:32:38     47360 --a------ C:\Documents and Settings\Sjef\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-05-03 13:32:38      1144 --a------ C:\Documents and Settings\Sjef\Application Data\pcouffin.inf
2008-05-03 13:32:38      7887 --a------ C:\Documents and Settings\Sjef\Application Data\pcouffin.cat
2008-05-03 03:13:24      1160 --a------ C:\WINDOWS\mozver.dat
2008-05-03 01:01:43        62 --ahs---- C:\Documents and Settings\Sjef\Application Data\desktop.ini
2008-05-02 23:22:52         0 --a------ C:\WINDOWS\nsreg.dat
2008-05-02 23:22:44       664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-02 23:22:39       552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-05-02 23:08:49         0 -rahs---- C:\MSDOS.SYS
2008-05-02 23:08:49         0 -rahs---- C:\IO.SYS
2008-05-02 23:08:49         0 --a------ C:\CONFIG.SYS
2008-05-02 23:08:49         0 --a------ C:\AUTOEXEC.BAT
2008-05-02 23:06:15     21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-23 07:26:30     10760 --a------ C:\WINDOWS\inst.reg


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [03/13/2008 04:48 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 02:57 PM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [12/03/2007 02:21 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [07/09/2008 09:05 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [02/22/2008 05:58 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 09:42 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] 
C:\WINDOWS\System32\dimsntfy.dll 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders	msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
"C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
"C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemBoot]
"C:\WINDOWS\conf32.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs	eaphost
dot3svc	dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-07-10 20:46:17 ------------