Yes, I have a Wacom Tablet - Intuos 3
I ran your latest Reg Mod and Re-booted. Here is a fresh DSS scan if you need it:
Deckard's System Scanner v20071014.68
Run by Mark ****** on 2008-03-17 22:39:06
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Mark ******.exe) -----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:18 PM, on 3/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
K:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Canon\Memory Card Utility\iP6600D\PDUiP6600DMon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\DOCUME~1\MARKHO~1\LOCALS~1\Temp\clclean.0001
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Mark ******\Desktop\gtg\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\MARKHO~1.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://cgi.verizon.n...a...&bm=ho_homeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by ****** Internet Productions
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IntelMeM] "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PDUiP6600DMon] "C:\Program Files\Canon\Memory Card Utility\iP6600D\PDUiP6600DMon.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Handspring\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.xara.com
O15 - Trusted Zone: *.xaraonline.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} -
http://dlmanager.aka...vex-2.0.4.4.cabO16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) -
http://apps.corel.co...IEGetPlugin.ocxO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1138114010296O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1142794898406O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -
http://launch.gamesp...nch/alaunch.cabO16 - DPF: {819F8533-D935-4183-B692-587F8D56AC3C} (iolo.AV.OnlineVirusScanner) -
http://www.iolo.com/...x/AVCheckUp.ocxO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://www.adobe.com...obat/nos/gp.cabO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - K:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
--
End of file - 14742 bytes
-- Files created between 2008-02-17 and 2008-03-17 -----------------------------
2008-03-16 08:58:04 168 -r-hs---- C:\WINDOWS\system32\E447EDAD8A.sys
2008-03-15 13:17:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-15 13:17:38 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-15 12:39:08 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Malwarebytes
2008-03-15 12:38:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-15 12:38:41 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-13 15:34:41 0 d-------- C:\Program Files\Common Files\Authentium
2008-03-13 15:33:37 0 d-------- C:\Documents and Settings\Mark ******\Application Data\iolo
2008-03-13 15:33:37 0 d-------- C:\Documents and Settings\All Users\Application Data\iolo
2008-03-13 14:54:10 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2008-03-13 10:05:21 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-03-13 10:04:53 0 d-------- C:\Program Files\Webroot
2008-03-13 10:04:53 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Webroot
2008-03-13 10:04:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-03-13 10:02:47 164 --a------ C:\install.dat
2008-03-13 00:52:49 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-03-12 20:55:08 0 d-------- C:\System32
2008-03-12 20:50:25 24576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service>
2008-03-12 19:44:25 0 d-------- C:\VundoFix Backups
2008-03-10 21:07:30 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Symantec
2008-03-10 20:56:31 0 d-------- C:\Program Files\Windows Sidebar
2008-03-10 20:52:03 0 d-------- C:\Program Files\Norton Internet Security
2008-03-10 20:37:53 0 d-------- C:\Program Files\Symantec
2008-03-10 20:37:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-10 19:01:46 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-03-09 22:48:11 0 d-------- C:\WTablet
2008-03-09 22:42:14 0 d-------- C:\WINDOWS\system32\New Folder
2008-03-09 19:03:15 0 d-------- C:\Temp
2008-03-09 04:01:24 0 d-------- C:\Program Files\MSXML 6.0
2008-03-08 10:48:42 2516 --ahs---- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
2008-03-08 10:48:42 88 -r-hs---- C:\Documents and Settings\All Users\Application Data\E447EDAD8A.sys
2008-03-08 10:46:48 0 d-------- C:\Program Files\Common Files\Protexis
2008-03-08 10:39:31 0 d-------- C:\Program Files\Common Files\Corel
2008-02-28 07:16:41 0 d-------- C:\Documents and Settings\LocalService\Application Data\WTablet
2008-02-27 17:05:18 0 d-------- C:\Documents and Settings\Mark ******\Application Data\WTablet
2008-02-27 17:03:10 0 d-------- C:\WINDOWS\system32\WTablet
2008-02-27 17:03:04 0 d-------- C:\Program Files\Tablet
2008-02-24 17:44:59 1682 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-02-24 17:41:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-02-24 09:24:57 0 d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
2008-02-24 09:24:46 24576 --a------ C:\WINDOWS\system32\TTIC32.dll <Not Verified; PoINT Software & Systems GmbH; TTIC32>
2008-02-24 09:24:46 24576 --a------ C:\WINDOWS\system32\TTI32.dll <Not Verified; PoINT Software & Systems GmbH; TTI32>
2008-02-24 09:24:46 32768 --a------ C:\WINDOWS\system32\STRING32.dll <Not Verified; PoINT Software & Systems GmbH; STRING32>
2008-02-24 09:24:46 430080 --a------ C:\WINDOWS\system32\MXRestore.exe <Not Verified; MAGIX AG; MAGIX Restore>
2008-02-24 09:24:46 57344 --a------ C:\WINDOWS\system32\DLLTPO32.dll <Not Verified; PoINT Software & Systems GmbH; DLLTPO32>
2008-02-24 09:24:46 188416 --a------ C:\WINDOWS\system32\DLLRES32.dll <Not Verified; PoINT Software & Systems GmbH; DLLRES32>
2008-02-24 09:24:46 40960 --a------ C:\WINDOWS\system32\DLLRD32.dll <Not Verified; PoINT Software & Systems GmbH; DLLRD32>
2008-02-24 09:24:46 65536 --a------ C:\WINDOWS\system32\DLLPTL32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPTL32>
2008-02-24 09:24:46 53248 --a------ C:\WINDOWS\system32\DLLPRJ32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPRJ32>
2008-02-24 09:24:45 49152 --a------ C:\WINDOWS\system32\DLLPRF32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPRF32>
2008-02-24 09:24:45 36864 --a------ C:\WINDOWS\system32\DLLPNT32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPNT32>
2008-02-24 09:24:45 32768 --a------ C:\WINDOWS\system32\DLLMSC32.dll <Not Verified; PoINT Software & Systems GmbH; DLLMSC32>
2008-02-24 09:24:45 24576 --a------ C:\WINDOWS\system32\DLLIX.dll <Not Verified; PoINT Software & Systems GmbH; DLLIX>
2008-02-24 09:24:45 32768 --a------ C:\WINDOWS\system32\DLLISO32.dll <Not Verified; PoINT Software & Systems GmbH; DLLISO32>
2008-02-24 09:24:45 53248 --a------ C:\WINDOWS\system32\DLLIO32.dll <Not Verified; PoINT Software & Systems GmbH; DLLIO32>
2008-02-24 09:24:45 45056 --a------ C:\WINDOWS\system32\DLLIMG32.dll <Not Verified; PoINT Software & Systems GmbH; DLLIMG32>
2008-02-24 09:24:45 151552 --a------ C:\WINDOWS\system32\DLLDRV32.dll <Not Verified; PoINT Software & Systems GmbH; DLLDRV32>
2008-02-24 09:24:45 32768 --a------ C:\WINDOWS\system32\DLLDIR32.dll <Not Verified; PoINT Software & Systems GmbH; DLLDIR32>
2008-02-24 09:24:45 163840 --a------ C:\WINDOWS\system32\DLLDEV32.dll <Not Verified; PoINT Software & Systems GmbH; DLLDEV32>
2008-02-24 09:24:45 94208 --a------ C:\WINDOWS\system32\DLLCPY32.dll <Not Verified; PoINT Software & Systems GmbH; DLLCPY32>
2008-02-24 09:24:45 61440 --a------ C:\WINDOWS\system32\DLLCDF32.dll <Not Verified; PoINT Software & Systems GmbH; DLLCDF32>
2008-02-24 09:24:45 114688 --a------ C:\WINDOWS\system32\DLLCDA32.dll <Not Verified; PoINT Software & Systems GmbH; PoINT CDarchive for Windows>
2008-02-24 09:24:45 487424 --a------ C:\WINDOWS\system32\DLLAV32.dll <Not Verified; PoINT Software & Systems GmbH; PoINT CD/DVD Audio/Video SDK for Windows>
2008-02-24 09:24:44 0 d-------- C:\Program Files\Common Files\MAGIX Shared
2008-02-24 09:24:05 120200 --a------ C:\WINDOWS\system32\DLLDEV32i.dll <Not Verified; ; DLLDEV32i>
2008-02-24 09:24:05 0 d-------- C:\Program Files\MAGIX
2008-02-24 09:23:09 700416 --a------ C:\WINDOWS\system32\mgxoschk.dll <Not Verified; MAGIX AG; mgxoschk>
2008-02-24 09:23:09 0 d-------- C:\WINDOWS\system32\MAGIX
2008-02-23 12:43:30 0 d-------- C:\Program Files\iPod
-- Find3M Report ---------------------------------------------------------------
2008-03-17 18:29:14 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Newsbin
2008-03-16 15:26:00 0 d-------- C:\Program Files\Employee Scheduling
2008-03-16 09:18:41 22370 --a------ C:\Documents and Settings\Mark ******\Application Data\wklnhst.dat
2008-03-14 20:39:14 0 d-------- C:\Program Files\Trend Micro
2008-03-13 15:34:41 0 d-------- C:\Program Files\Common Files
2008-03-13 09:30:13 0 d-------- C:\Program Files\Creative
2008-03-13 00:06:14 0 d-------- C:\Program Files\Common Files\Real
2008-03-13 00:03:20 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Real
2008-03-08 10:48:44 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Corel
2008-03-01 01:32:57 0 d-------- C:\Program Files\Online Services
2008-03-01 01:27:50 0 d-------- C:\Program Files\Dell
2008-03-01 01:27:16 0 d-------- C:\Program Files\EA SPORTS
2008-03-01 01:25:18 0 d-------- C:\Program Files\Azureus
2008-02-29 16:02:38 0 d-------- C:\Program Files\Microsoft Works
2008-02-29 15:54:51 0 d-------- C:\Program Files\MasqueGames
2008-02-29 15:54:00 0 d-------- C:\Program Files\America's Army
2008-02-29 15:53:52 0 d-------- C:\Program Files\America's Army Server Manager
2008-02-27 17:26:26 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Apple Computer
2008-02-23 12:46:53 0 d-------- C:\Program Files\iTunes
2008-02-23 12:35:30 0 d-------- C:\Program Files\QuickTime
2008-02-10 08:42:16 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-09 16:21:37 0 d-------- C:\Program Files\D-Link Media Server
2008-02-08 15:55:14 0 d-------- C:\Documents and Settings\Mark ******\Application Data\ZoomBrowser EX
2008-02-08 15:41:37 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-08 15:40:49 0 d-------- C:\Program Files\Canon
2008-02-08 15:35:54 0 d-------- C:\Program Files\Common Files\Canon
2008-02-08 10:13:19 0 d-------- C:\Program Files\Quicken
2008-02-08 10:10:27 0 d-------- C:\Program Files\TurboTax
2008-02-02 11:33:19 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Intuit
2008-02-02 11:25:32 0 d-------- C:\Program Files\Common Files\AnswerWorks 4.0
2008-02-02 08:34:02 0 d-------- C:\Documents and Settings\Mark ******\Application Data\AKVIS LLC
2008-02-02 08:01:30 0 d-------- C:\Program Files\AKVIS
2008-02-01 22:36:49 0 d-------- C:\Documents and Settings\Mark ******\Application Data\Azureus
2008-01-18 23:01:52 763 --a------ C:\WINDOWS\eReg.dat
2008-01-18 20:56:58 0 d-------- C:\Program Files\EA GAMES
2008-01-18 01:07:05 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-01-18 01:03:20 0 d-------- C:\Program Files\ATI Technologies
2008-01-17 22:00:28 0 d-------- C:\Program Files\Game Elements
2007-12-20 22:05:00 593920 --a------ C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
08/24/2007 11:51 PM 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
03/10/2008 09:57 PM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [08/24/2007 11:51 PM 316784]
[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [09/29/2005 04:01 PM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/05/2005 11:05 PM]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [09/03/2003 10:12 PM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 06:19 PM]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [09/15/2005 11:47 AM]
"MBMon"="CTMBHA.DLL" [05/19/2005 10:54 AM C:\WINDOWS\system32\CTMBHA.DLL]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [06/10/2005 12:44 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/10/2005 12:44 PM]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe" [08/30/2005 06:30 PM]
"BuildBU"="c:\dell\bldbubg.exe" [01/18/2006 11:47 AM]
"@"="" []
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [05/31/2005 06:33 AM]
"PDUiP6600DMon"="C:\Program Files\Canon\Memory Card Utility\iP6600D\PDUiP6600DMon.exe" [05/25/2005 10:35 AM]
"nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" [11/01/2006 01:04 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/19/2008 02:10 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/14/2008 11:01 AM]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [08/25/2007 12:53 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [02/01/2008 12:13 AM]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [01/04/2008 08:56 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [12/22/2004 07:40 PM C:\WINDOWS\MIDIDEF.EXE]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [12/02/2004 08:23 PM]
"OE_OEM"="C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe" [04/11/2006 08:39 PM]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe" [12/20/2006 01:38 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 07:00 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/18/2007 05:54 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [1/27/2006 12:54:24 PM]
dlbcserv.lnk - C:\Program Files\Dell Photo Printer 720\dlbcserv.exe [1/24/2006 7:00:06 PM]
HotSync Manager.lnk - C:\Program Files\Handspring\Hotsync.exe [6/9/2004 2:16:08 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
*Newly Created Service* - COMHOST
-- End of Deckard's System Scanner: finished at 2008-03-17 22:39:58 ------------