Deckard's System Scanner v20071014.68
Run by Chris Seagrave on 2008-07-23 16:04:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
9: 2008-07-23 15:04:26 UTC - RP71 - Deckard's System Scanner Restore Point
8: 2008-07-23 13:12:51 UTC - RP70 - Removed Java(TM) SE Runtime Environment 6
7: 2008-07-23 13:12:05 UTC - RP69 - Removed Java(TM) 6 Update 3
6: 2008-07-23 13:09:57 UTC - RP68 - Installed Java(TM) 6 Update 7
5: 2008-07-23 13:08:25 UTC - RP67 - Installed Java(TM) SE Development Kit 6 Update 7


-- First Restore Point -- 
1: 2008-07-16 16:09:56 UTC - RP63 - Deckard's System Scanner Restore Point


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Chris Seagrave.exe) --------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:36, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Kontiki\KHost.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Last.fm\LastFM.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Chris Seagrave\desktop\dss.exe
C:\PROGRA~1\HIJACK~1\CHRISS~1.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKLM\..\Policies\Explorer\Run: [sys] C:\WINDOWS\Fonts\Fonts.exe
O4 - HKUS\S-1-5-18\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8538 bytes

-- File Associations -----------------------------------------------------------

[COLOR=red].reg - regfile - shell\open\command - regedit.exe "%1" %*[/COLOR]
[COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 d344bus - c:\windows\system32\drivers\d344bus.sys
R0 d344prt - c:\windows\system32\drivers\d344prt.sys
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.6.0.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.6.0.0>
R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>

S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
R2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
R2 TAPPSRV (TOSHIBA Application Service) - "c:\program files\toshiba\toshiba applet\tappsrv.exe" <Not Verified; TOSHIBA Corp.; TOSHIBA TAPPSRV>
R2 TODDSrv (TOSHIBA Optical Disc Drive Service) - c:\windows\system32\toddsrv.exe <Not Verified; TOSHIBA Corporation; TDCSrv Application>

S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\system32\winlogon.exe (pid 956)
2007-02-27 11:39:26    282624 --a------ C:\Program Files\SUPERAntiSpyware\SASWINLO.dll <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware WinLogon Processor>

C:\WINDOWS\system32\svchost.exe (pid 1336)
2006-02-28 12:42:30     94208 --a------ C:\Program Files\Bonjour\mdnsNSP.dll <Not Verified; Apple Computer, Inc.; Bonjour>

C:\WINDOWS\explorer.exe (pid 3012)
2005-05-31 10:59:56     53248 --a------ C:\WINDOWS\system32\TPwrCfg.dll <Not Verified; TOSHIBA Corporation; TOSHIBA Power Saver>
2005-05-31 10:59:40     81920 --a------ C:\WINDOWS\system32\TPwrReg.dll <Not Verified; TOSHIBA Corporation; TOSHIBA Power Saver>
2005-05-31 10:59:46     53248 --a------ C:\WINDOWS\system32\TPSTrace.dll <Not Verified; TOSHIBA Corporation; TOSHIBA Powre Saver>


-- Scheduled Tasks -------------------------------------------------------------

2008-06-19 19:51:02       284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-23 and 2008-07-23 -----------------------------

2008-07-23 14:10:27         0 d-------- C:\Program Files\Sun
2008-07-22 21:35:11         0 d-------- C:\Program Files\Kontiki
2008-07-22 21:35:11         0 d-------- C:\logs3
2008-07-22 21:35:11         0 d-------- C:\Documents and Settings\All Users\Application Data\Kontiki
2008-07-16 17:52:49         0 d-------- C:\My Music
2008-07-16 17:21:37         0 d-------- C:\Program Files\WinampProForBurningMP3
2008-07-16 17:21:37         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\WinampProForBurningMP3
2008-07-15 16:51:29         0 d-------- C:\Program Files\Panda Security
2008-07-15 14:30:52         0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-15 14:29:39         0 d-------- C:\Program Files\SUPERAntiSpyware
2008-07-15 14:29:39         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\SUPERAntiSpyware.com
2008-07-15 14:29:18         0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-15 14:11:35         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\Malwarebytes
2008-07-15 14:11:34         0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-15 14:11:33         0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-15 14:10:01         0 d-------- C:\Program Files\Common Files\Download Manager
2008-07-05 00:32:18         0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-07-05 00:28:17         0 d-------- C:\Program Files\Bonjour
2008-07-05 00:22:11         0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-28 17:08:23         0 d-------- C:\Documents and Settings\Chris Seagrave\dwhelper
2008-06-26 23:08:53         0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-24 14:52:01         0 d-------- C:\Documents and Settings\All Users\Application Data\Last.fm
2008-06-24 14:51:09         0 d-------- C:\Program Files\Last.fm
2008-06-23 15:43:01         0 d-------- C:\Program Files\Microsoft Office Outlook Connector
2008-06-23 15:42:16         0 d-------- C:\Program Files\MSECache


-- Find3M Report ---------------------------------------------------------------

2008-07-23 14:12:55         0 d-------- C:\Program Files\Java
2008-07-15 14:29:18         0 d-------- C:\Program Files\Common Files
2008-07-15 14:02:55         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\uTorrent
2008-07-11 15:15:02         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\Adobe
2008-07-05 00:29:28         0 d-------- C:\Program Files\Common Files\Adobe
2008-07-05 00:07:19         0 d-------- C:\Program Files\D-Tools
2008-06-27 12:55:07         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\Mozilla
2008-06-27 12:39:57         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\Real
2008-06-17 13:12:12         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\Ahead
2008-06-15 23:38:36         0 d-------- C:\Program Files\K-Lite Codec Pack
2008-06-12 02:32:30         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\vlc
2008-06-10 20:00:45         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\Opera
2008-06-08 21:27:26         0 d-------- C:\Program Files\VideoLAN
2008-06-08 20:54:12         0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-08 20:54:10         0 d-------- C:\Program Files\AvantGo Connect
2008-06-06 15:25:10         0 d-------- C:\Documents and Settings\Chris Seagrave\Application Data\Lavasoft
2008-06-06 15:24:03         0 d-------- C:\Program Files\Lavasoft
2008-06-05 13:56:54         0 d-------- C:\Program Files\AVG
2008-06-04 20:01:42         0 d-------- C:\Program Files\GIMP-2.0
2008-06-04 19:58:48         0 d-------- C:\Program Files\Microsoft Works
2008-06-04 19:58:39         0 d-------- C:\Program Files\MSBuild
2008-06-04 19:57:59         0 d-------- C:\Program Files\Microsoft.NET
2008-06-04 19:56:25         0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-06-04 19:22:27         0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-06-04 19:11:34         0 d-------- C:\Program Files\Common Files\Ahead
2008-06-04 19:11:16         0 d-------- C:\Program Files\Nero


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [07/06/2007 06:05]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [07/06/2007 06:04]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [07/06/2007 06:05]
"RTHDCPL"="RTHDCPL.EXE" [05/07/2007 09:08 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [03/05/2005 11:43 C:\WINDOWS\Alcmtr.exe]
"DDWMon"="C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe" [14/04/2007 02:16]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [10/04/2007 02:07]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [11/07/2007 18:09]
"TFncKy"="TFncKy.exe" []
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [06/03/2007 06:47]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [06/03/2007 06:44]
"TPSMain"="TPSMain.exe" [31/05/2005 11:00 C:\WINDOWS\system32\TPSMain.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [29/06/2007 12:28]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [11/12/2007 00:56]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [27/10/2006 00:47]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04/07/2008 20:09]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 13:00]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [03/02/2004 06:42]
"kdx"="C:\Program Files\Kontiki\KHost.exe" [27/02/2008 17:56]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe

C:\Documents and Settings\Chris Seagrave\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 10:16:50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"sys"=C:\WINDOWS\Fonts\Fonts.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFolderOptions"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 27/02/2007 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\boot.exe]
Debugger=C:\WINDOWS\Fonts\fonts.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
Debugger=C:\WINDOWS\Fonts\tskmgr.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders	msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5547df04-ee63-11dc-92e9-0013e8756d81}]
Auto\command- E:\rejoice101.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL rejoice101.exe




-- End of Deckard's System Scanner: finished at 2008-07-23 16:06:25 ------------