Deckard's System Scanner v20070826.66
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® M processor 1.73GHz
Percentage of Memory in Use: 33%
Physical Memory (total/avail): 1022.05 MiB / 680.52 MiB
Pagefile Memory (total/avail): 2457.66 MiB / 2262.89 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1951.84 MiB
C: is Fixed (NTFS) - 29.29 GiB total, 19.56 GiB free.
D: is Fixed (NTFS) - 63.86 GiB total, 15.47 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST9100824A - 93.16 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 29.29 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 63.86 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
Unable to create WMI object.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SHASHANK
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\SHASHANK
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=SHASHANK
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY Lingvo 10 First Step (En-Ru-En) --> MsiExec.exe /I{4183F2C2-CD6B-4E77-9EFC-410FE491AC01}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.5 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
Advanced Uninstaller PRO 2004 - version 6 --> "C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO 2004 version 6\unins000.exe"
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
Canon i250 --> C:\WINDOWS\system32\CNMCP50.exe "-PRINTERNAMECanon i250" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i250 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0419.dll"
Delta Force: Xtreme --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{961C4925-5B53-4127-969D-1CACF2426C05}\setup.exe" -l0x9
J2SE Runtime Environment 5.0 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
K-Lite Codec Pack 2.84 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft Office 2003 Russian User Interface Pack --> MsiExec.exe /I{901E0419-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Need for Speed™ Most Wanted --> C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
Opera 9.20 --> MsiExec.exe /X{FC0C72DD-A491-43FF-B377-67273E4D94D7}
S.T.A.L.K.E.R. --> "D:\Program Files\GSC World Publishing\S.T.A.L.K.E.R\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Skype 2.5 --> "C:\Program Files\Skype\Phone\unins000.exe"
Smart Link 56K Modem --> C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10 \Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x19 -removeonly
Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FF6F491D-BC82-4DCC-A72F-1824957C6466} /l1033
TuneUp Utilities 2006 --> MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
WebVideo Support --> C:\WINDOWS\main_uninstaller.exe
Winamp 5.12 --> MsiExec.exe /I{5EF042E2-7F7D-49DA-BFB0-EE2CE566F6DA}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WINRAR Key --> "C:\Program Files\WinRAR\unins000.exe"
-- Application Event Log -------------------------------------------------------
No Errors/Warnings found.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
No Errors/Warnings found.
-- End of Deckard's System Scanner: finished at 2007-09-05 17:39:20 ------------
Deckard's System Scanner v20070826.66
Run by Administrator on 2007-09-05 17:37:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
50: 2007-09-05 16:37:06 UTC - RP50 - Deckard's System Scanner Restore Point
49: 2007-09-05 11:05:50 UTC - RP49 - Installed Kaspersky Anti-Virus 7.0.
48: 2007-09-04 23:57:40 UTC - RP48 - Restore Operation
47: 2007-09-04 23:28:04 UTC - RP47 - Removed Ad-Aware 2007
46: 2007-09-04 20:09:49 UTC - RP46 - Installed Ad-Aware 2007
-- First Restore Point --
1: 2007-06-10 16:58:37 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-09-05 17:38:33
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\WINDOWS\system32\rundll32.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://softwarerefer...=...6Ojg5&lid=2R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Most Wanted Edition Internet Explorer
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\nsduo.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\NPJPI150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\NPJPI150_05.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O21 - SSODL: msmhost - {9478E73D-8BBB-451B-BC4F-A4386106A7B0} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {0D376114-EDF8-4126-93F9-4344A1DBC600} - C:\WINDOWS\msmdev.dll
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - "C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe"
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 UTSCSI (CLCV0) - c:\windows\system32\utscsi.exe <Not Verified; ; UTSCSI Application>
S3 TUWinStylerThemeSvc (TuneUp WinStyler Theme Service) - "c:\program files\tuneup utilities 2006\winstylerthemesvc.exe" <Not Verified; TuneUp Software GmbH; TuneUp Utilities>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4362&SUBSYS_203C161F&REV_19\4&16F6A662&0&00E0
Manufacturer: Marvell
Name: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
PNP Device ID: PCI\VEN_11AB&DEV_4362&SUBSYS_203C161F&REV_19\4&16F6A662&0&00E0
Service: yukonwxp
-- Files created between 2007-08-05 and 2007-09-05 -----------------------------
2007-09-05 17:38:12 0 d-------- C:\WINDOWS\privacy_danger
2007-09-05 17:23:52 1382 --a------ C:\WINDOWS\system32\tmp.reg
2007-09-05 17:22:34 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-09-05 17:22:34 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2007-09-05 17:22:34 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-09-05 16:56:01 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-09-05 12:06:22 81549 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-09-05 12:06:22 82061 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-09-05 12:05:57 0 d-------- C:\Program Files\Kaspersky Lab
2007-09-05 12:05:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-09-05 12:05:55 10784 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-09-05 12:05:55 1381664 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-09-05 12:03:10 0 d-------- C:\KAV
2007-09-05 01:30:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\PC Tools
2007-09-05 00:49:19 0 d-------- C:\WINDOWS\srchasst
2007-09-05 00:49:19 0 d-------- C:\WINDOWS\system32\xircom
2007-09-05 00:49:19 0 d-------- C:\Program Files\msn gaming zone
2007-09-05 00:49:18 0 d-------- C:\Program Files\microsoft frontpage
2007-09-04 23:48:59 0 d-------- C:\WINDOWS\system32\NtmsData
2007-09-04 14:26:47 253952 --a------ C:\WINDOWS\msmhost.dll <Not Verified; ; msmhost>
2007-09-04 14:26:47 266240 --a------ C:\WINDOWS\msmdev.dll
2007-09-04 14:26:47 50688 --a------ C:\WINDOWS\main_uninstaller.exe
2007-09-04 14:26:46 208896 --a------ C:\WINDOWS\nsduo.dll <Not Verified; ; nsduo>
2007-08-31 21:03:41 0 d-------- C:\Program Files\EA GAMES
2007-08-30 16:52:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\Opera
2007-08-30 16:52:37 0 d-------- C:\Program Files\Opera
2007-08-29 14:02:04 0 d-------- C:\Program Files\ABBYY Lingvo 10 First Step
2007-08-29 12:37:25 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-08-29 02:26:37 0 d-------- C:\Program Files\Innovative Solutions
2007-08-29 00:46:02 0 d-------- C:\WINDOWS\system32\LogFiles
2007-08-27 22:54:14 0 d-------- C:\Program Files\NovaLogic
2007-08-25 16:08:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\uTorrent
2007-08-25 16:05:39 0 d-------- C:\Downloads
2007-08-24 19:40:06 0 d---s---- C:\Documents and Settings\Administrator\UserData
2007-08-24 16:35:19 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-08-24 11:37:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2007-08-24 11:27:51 0 d-------- C:\Program Files\Common Files\Motive
2007-08-24 11:27:21 159744 --a------ C:\WINDOWS\system32\ssleay32_1-1-0_DDR.dll
2007-08-24 11:27:20 532594 --a------ C:\WINDOWS\system32\xerces-c_1_40_0_DDR.dll
2007-08-24 11:27:20 524377 --a------ C:\WINDOWS\system32\stlport_4_0_0_DDR.dll
2007-08-24 11:27:20 663552 --a------ C:\WINDOWS\system32\libeay32_1-1-0_DDR.dll
2007-08-24 11:27:20 307329 --a------ C:\WINDOWS\system32\BJBase_2-2-2_DDR.dll <Not Verified; BroadJump, Inc.; >
2007-08-24 11:27:18 0 d-------- C:\Program Files\BroadJump
2007-08-24 11:27:17 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-08-24 09:06:52 1654784 --a------ C:\WINDOWS\system32\W29MLRES.DLL <Not Verified; Intel Corporation; Intel® PRO/Wireless 2915ABG Network Connection>
-- Find3M Report ---------------------------------------------------------------
2007-09-05 14:25:48 0 d-------- C:\Documents and Settings\Administrator\Application Data\Skype
2007-09-05 02:23:09 0 d-------- C:\Program Files\PowerISO
2007-09-05 00:49:19 0 d-------- C:\Program Files\Windows NT
2007-09-05 00:28:16 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-27 22:54:11 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-24 11:17:15 0 d-------- C:\Program Files\Intel
2007-08-04 12:07:23 0 d-------- C:\Documents and Settings\Administrator\Application Data\Help
2007-07-10 17:17:12 0 d-------- C:\Program Files\Analog Devices
2007-07-10 17:16:54 0 d-------- C:\Program Files\Common Files\InstallShield
2007-06-17 09:49:04 45056 --a------ C:\WINDOWS\system32\UTSCSI.EXE <Not Verified; ; UTSCSI Application>
2007-06-10 23:08:06 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2007-06-10 17:47:53 3030 --a------ C:\WINDOWS\mozver.dat
2007-06-10 17:45:14 0 -rahs---- C:\MSDOS.SYS
2007-06-10 17:45:14 0 -rahs---- C:\IO.SYS
2007-06-10 17:45:14 0 --a------ C:\CONFIG.SYS
2007-06-10 17:45:14 0 --a------ C:\AUTOEXEC.BAT
2007-06-10 17:42:14 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88418AA3-16F5-4FC2-A9D8-90B1266DF841}]
2007.09.04 11:00 208896 --a------ C:\WINDOWS\nsduo.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005.06.30 10:45]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007.06.28 12:51]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006.10.10 11:00]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nlsf"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
"tscuninstall"=%systemroot%\system32\tscupgrd.exe
"nltide3"=cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
"ATnotes.exe"=C:\Program Files\ATnotes\ATnotes.exe
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe -autorun
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"=1 (0x1)
"NoRemoteRecursiveEvents"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoSMHelp"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"LinkResolveIgnoreLinkInfo "=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoResolveSearch"=1 (0x1)
"NoSaveSettings"=0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoSMHelp"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"LinkResolveIgnoreLinkInfo "=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoResolveSearch"=1 (0x1)
"NoSaveSettings"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"msmhost"= {9478E73D-8BBB-451B-BC4F-A4386106A7B0} - C:\WINDOWS\msmhost.dll [2007.09.04 11:00 253952]
"msmdev"= {0D376114-EDF8-4126-93F9-4344A1DBC600} - C:\WINDOWS\msmdev.dll [2007.09.04 11:00 266240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
C:\Program Files\Free Download Manager\fdm.exe -autorun
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WebClient"=2 (0x2)
"TapiSrv"=3 (0x3)
"helpsvc"=2 (0x2)
"Eventlog"=2 (0x2)
"seclogon"=2 (0x2)
"RemoteRegistry"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b359510-1775-11dc-b26d-ff1ad3f3c39e}]
AutoRun\command- I:\USBNB.exe
-- End of Deckard's System Scanner: finished at 2007-09-05 17:39:20 ------------