I have attempted to dowload all three links of combofix, transfer to the computer giving problems and run. All three times I get a blank screen with no prompts and no text, only a blank blue screen. I have posted an updated Hijackthis log and a DSS log, (I only used DSS because through reading the other forums others have requested it).
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:45:43 PM, on 3/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Acer\Empowering Technology\admtray.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\svehost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\M?crosoft.NET\w?wexec.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\RABCO\X_RABCOse.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: (no name) - {3387950B-B076-4E90-AD86-EE270088AD2C} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {C5EB3BB3-D7D1-4E1D-B317-0D103C4D442A} - (no file)
O2 - BHO: (no name) - {DFA9E846-6C5B-43F6-BCAF-558C6F1DBEA3} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Jvktir] C:\WINDOWS\system32\M?crosoft.NET\w?wexec.exe
O4 - Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe
O4 - Startup: Webshots.lnk.disabled
O4 - Startup: Product Registration.lnk = C:\Program Files\Common Files\LogiShared\eReg\SetPoint\eReg.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Register Mask Pro 3.0.lnk = ?
O4 - Global Startup: TV Remote Control.lnk.disabled
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symant...ex/symdlmgr.cabO23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\Apache2\bin\Apache.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
--
End of file - 12047 bytes
Deckard's System Scanner v20071014.68
Run by Mike on 2008-03-24 00:46:38
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
8: 2008-03-24 04:46:43 UTC - RP220 - Deckard's System Scanner Restore Point
7: 2008-03-23 18:29:31 UTC - RP219 - Installed Battlefield 2
6: 2008-03-23 18:22:53 UTC - RP218 - Installed Battlefield 2
5: 2008-03-23 12:58:24 UTC - RP217 - Logitech SetPoint Mouse and Keyboard Device Drivers
4: 2008-03-23 12:44:47 UTC - RP216 - System Checkpoint
-- First Restore Point --
1: 2008-03-19 13:28:30 UTC - RP213 - Newest restore point
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Mike.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:57 AM, on 3/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Acer\Empowering Technology\admtray.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\svehost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\M?crosoft.NET\w?wexec.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\RABCO\X_RABCOse.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Documents and Settings\Mike\Desktop\Dsystemscanner.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Mike.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: (no name) - {3387950B-B076-4E90-AD86-EE270088AD2C} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {C5EB3BB3-D7D1-4E1D-B317-0D103C4D442A} - (no file)
O2 - BHO: (no name) - {DFA9E846-6C5B-43F6-BCAF-558C6F1DBEA3} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Jvktir] C:\WINDOWS\system32\M?crosoft.NET\w?wexec.exe
O4 - Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe
O4 - Startup: Webshots.lnk.disabled
O4 - Startup: Product Registration.lnk = C:\Program Files\Common Files\LogiShared\eReg\SetPoint\eReg.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Register Mask Pro 3.0.lnk = ?
O4 - Global Startup: TV Remote Control.lnk.disabled
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symant...ex/symdlmgr.cabO23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\Apache2\bin\Apache.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
--
End of file - 11942 bytes
-- File Associations -----------------------------------------------------------
.js - jsfile - DefaultIcon - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe",7.js - jsfile - shell\open\command - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 UBHelper - c:\windows\system32\drivers\ubhelper.sys
R1 OsaFsLoc - c:\windows\system32\drivers\osafsloc.sys <Not Verified; OSA Technologies; >
R1 udfss - c:\windows\system32\drivers\udfss.sys
R2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 5.0.1.1200>
R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R2 EpmPsd (Acer EPM Power Scheme Driver) - c:\windows\system32\drivers\epm-psd.sys <Not Verified; Acer Value Labs, USA; Acer EPM Power Scheme Driver>
R2 EpmShd (Acer EPM System Hardware Driver) - c:\windows\system32\drivers\epm-shd.sys <Not Verified; Acer Value Labs, USA; Acer EPM System Hardware Driver>
R2 int15.sys - c:\acer\empowering technology\erecovery\int15.sys
R2 osaio - c:\windows\system32\drivers\osaio.sys <Not Verified; OSA Technologies, An Avocent Company; Windows ® 2000 DDK driver>
R2 osanbm - c:\windows\system32\drivers\osanbm.sys <Not Verified; Windows ® 2000 DDK provider; OSA int15 Driver>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 ElbyCDFL - c:\windows\system32\drivers\elbycdfl.sys <Not Verified; SlySoft, Inc.; CloneCD>
R3 LVPrcMon (Logitech LVPrcMon Driver) - c:\windows\system32\drivers\lvprcmon.sys
R3 NdisFilt (OSA NdisFilter Protocol) - c:\windows\system32\drivers\ndisfilt.sys <Not Verified; OSA Technologies; >
R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; >
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 DCamUSBEMPIA (USB 2820 Video) - c:\windows\system32\drivers\emdevice.sys <Not Verified; eMPIA Technology, Inc.; USB 28xx Video>
S3 FiltUSBEMPIA (USB Device Lower Filter) - c:\windows\system32\drivers\emfilter.sys <Not Verified; Windows ® Server 2003 DDK provider; Windows ® Server 2003 DDK driver>
S3 NETMNT (Acer NetMonitor Protocol) - c:\windows\system32\drivers\netmnt.sys
S3 NPF (NetGroup Packet Filter Driver) - c:\windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
S3 RT73 (Hawking Wireless-G USB Adapter with Removable Antenna Driver) - c:\windows\system32\drivers\rt73.sys (file missing)
S3 ScanUSBEMPIA (USB Still Image Capture Device) - c:\windows\system32\drivers\emscan.sys <Not Verified; eMPIA Technology, Inc.; USB 28xx Video>
S3 USBAAPL (Apple Mobile USB Driver) - c:\windows\system32\drivers\usbaapl.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AWService (AdminWorks Agent X6) - "c:\acer\empowering technology\admserv.exe" <Not Verified; Avocent Inc.; Acer Empowering framework>
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>
R2 wampmysqld - c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 wampapache - "c:\wamp\apache2\bin\apache.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom NetLink Gigabit Ethernet
Device ID: PCI\VEN_14E4&DEV_169D&SUBSYS_00941025&REV_21\4&2803E7C1&0&00E2
Manufacturer: Broadcom
Name: Broadcom NetLink Gigabit Ethernet
PNP Device ID: PCI\VEN_14E4&DEV_169D&SUBSYS_00941025&REV_21\4&2803E7C1&0&00E2
Service: b57w2k
-- Scheduled Tasks -------------------------------------------------------------
2008-03-03 21:04:14 554 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Mike.job
-- Files created between 2008-02-24 and 2008-03-24 -----------------------------
2008-03-23 14:29:32 0 d-------- C:\Program Files\EA GAMES
2008-03-23 09:20:45 0 d-------- C:\Documents and Settings\Mike\Application Data\Logitech
2008-03-23 09:11:01 0 d-------- C:\Documents and Settings\Mike\Application Data\Leadertech
2008-03-23 09:10:58 0 d-------- C:\Program Files\Common Files\LogiShared
2008-03-23 08:57:54 69632 --a------ C:\WINDOWS\system32\KemXML.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-03-23 08:57:54 110592 --a------ C:\WINDOWS\system32\KemWnd.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-03-23 08:57:54 135168 --a------ C:\WINDOWS\system32\KemUtil.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-03-23 08:57:54 163840 --a------ C:\WINDOWS\system32\kemutb.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-03-23 08:57:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-03-23 08:57:24 0 d-------- C:\Program Files\Logitech
2008-03-23 08:56:46 0 d-------- C:\Documents and Settings\Mike\Application Data\InstallShield
2008-03-23 08:56:20 0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-03-22 11:46:21 0 dr-h----- C:\Documents and Settings\Mike\Recent
2008-03-22 10:42:13 0 d-------- C:\Documents and Settings\Mike\Application Data\Grisoft
2008-03-22 10:41:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-22 06:58:38 45056 --a------ C:\WINDOWS\system32\WNASPI32.DLL <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-03-22 06:58:38 16512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-03-21 02:06:50 38400 -----n--- C:\WINDOWS\system32\efcddcb.dll
2008-03-19 07:30:11 0 d-------- C:\Program Files\Trend Micro
2008-03-19 06:52:17 0 d-------- C:\Program Files\CCleaner
2008-03-19 03:29:39 0 d-------- C:\Rustbfix
2008-03-19 03:29:16 0 d-------- C:\!KillBox
2008-03-17 13:33:31 0 dr-h----- C:\Documents and Settings\Mike\Application Data\SecuROM
2008-03-17 13:29:53 669184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-03-15 15:20:58 0 d--hs---- C:\FOUND.003
2008-03-10 05:41:17 0 d-------- C:\Program Files\Unreal Tournament 2004
2008-03-01 07:58:45 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-03-01 07:58:44 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-03-01 07:58:44 0 d-------- C:\Program Files\Xvid
2008-02-29 04:50:21 0 d-------- C:\Documents and Settings\Mike\Application Data\DVDFab
2008-02-29 04:28:22 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-02-29 04:28:22 0 d-------- C:\Documents and Settings\Mike\Application Data\Vso
2008-02-29 04:28:22 47360 --a------ C:\Documents and Settings\Mike\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-02-29 04:27:58 0 d-------- C:\Program Files\DVDFab Platinum 4
2008-02-29 04:27:31 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-28 11:48:05 0 d-------- C:\Documents and Settings\Mike\Application Data\DivX
2008-02-28 11:05:21 0 d-------- C:\Documents and Settings\Mike\Application Data\Dr. DivX 2.0 OSS
2008-02-27 11:25:33 0 d-------- C:\WINDOWS\pss
2008-02-26 21:34:44 0 d--hs---- C:\FOUND.002
2008-02-25 12:35:01 0 d-------- C:\WINDOWS\WinAVI Video Converter 9.0
2008-02-24 21:02:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-02-24 00:52:45 289280 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield Deinstaller>
2008-02-24 00:49:48 0 d-------- C:\Documents and Settings\Mike\WINDOWS
-- Find3M Report ---------------------------------------------------------------
2008-03-23 15:04:08 12 --a------ C:\WINDOWS\bthservsdp.dat
2008-03-22 13:20:32 4362 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-29 04:28:36 34 --a------ C:\Documents and Settings\Mike\Application Data\pcouffin.log
2008-02-29 04:28:24 1144 --a------ C:\Documents and Settings\Mike\Application Data\pcouffin.inf
2008-02-29 04:28:24 7887 --a------ C:\Documents and Settings\Mike\Application Data\pcouffin.cat
2008-02-23 13:35:06 0 d-------- C:\Documents and Settings\Mike\Application Data\Filter Forge
2008-02-15 14:20:14 0 d-------- C:\Program Files\onOne Software
2008-02-01 16:07:06 2 ---hs---- C:\WINDOWS\system32\cmd.com
2008-02-01 16:07:04 2 ---hs---- C:\WINDOWS\system32\tracert.com
2008-02-01 16:07:04 2 ---hs---- C:\WINDOWS\system32\tasklist.com
2008-02-01 16:07:02 2 ---hs---- C:\WINDOWS\system32\ping.com
2008-02-01 09:14:10 0 d-------- C:\Program Files\Windows Sidebar
2008-02-01 09:14:10 0 d-------- C:\Program Files\Norton AntiVirus
2008-02-01 09:12:30 0 d-------- C:\Program Files\Symantec
2008-02-01 09:01:20 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-01 08:57:02 0 d-------- C:\Documents and Settings\Mike\Application Data\Symantec
2008-02-01 08:31:42 0 d-------- C:\Program Files\RABCO
2008-02-01 08:31:12 36864 --a------ C:\WINDOWS\mrofinu1000137.exe
2008-01-27 01:46:16 0 d-------- C:\Program Files\DiscWizard for Windows
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3387950B-B076-4E90-AD86-EE270088AD2C}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
02/01/2008 10:13 AM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C5EB3BB3-D7D1-4E1D-B317-0D103C4D442A}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DFA9E846-6C5B-43F6-BCAF-558C6F1DBEA3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"RTHDCPL"="RTHDCPL.EXE" [11/16/2005 08:27 PM C:\WINDOWS\RTHDCPL.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [11/02/2005 12:11 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [11/02/2005 12:11 AM]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [08/12/2005 02:43 PM]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [10/19/2005 09:30 AM]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 05:00 AM C:\WINDOWS\system32\bthprops.cpl]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [01/17/2006 06:28 PM]
"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [01/16/2006 11:58 AM]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [11/16/2005 05:00 PM]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [11/30/2005 08:39 PM]
"LogitechCameraAssistant"="C:\Program Files\Acer\OrbiCam\CameraAssistant.exe" [11/29/2005 02:45 PM]
"LogitechVideo[inspector]"="C:\Program Files\Acer\OrbiCam\InstallHelper.exe" [11/29/2005 02:51 PM]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [11/01/2004 05:22 PM]
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [10/24/2005 04:45 PM]
"MXOBG"="C:\WINDOWS\MXOALDR.EXE" [10/10/2003 11:23 AM]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [10/22/2006 11:24 PM]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [03/20/2007 04:40 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [08/25/2007 12:07 AM]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [08/24/2007 11:53 PM]
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [12/06/2005 05:11 PM]
"Microsoft Updates"="svehost.exe" [06/13/2007 05:23 AM C:\WINDOWS\system32\svehost.exe]
"NWEReboot"="" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [04/11/2007 03:32 PM C:\WINDOWS\KHALMNPR.Exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [08/30/2006 03:05 PM]
"Jvktir"="C:\WINDOWS\system32\M?crosoft.NET\w?wexec.exe" [01/28/2008 11:29 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"Microsoft Updates"=svehost.exe
C:\Documents and Settings\Mike\Start Menu\Programs\Startup\
RABCO - Auto Update.lnk - C:\Program Files\RABCO\RABCOse.exe [2/1/2008 8:31:31 AM]
Webshots.lnk.disabled [6/1/2007 8:03:32 PM]
Product Registration.lnk - C:\Program Files\Common Files\LogiShared\eReg\SetPoint\eReg.exe [4/9/2007 11:23:34 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [12/2/2005 2:30:42 PM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [10/23/2006 1:48:20 AM]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [10/23/2006 12:01:50 AM]
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [12/31/2007 8:13:43 AM]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [10/23/2006 12:01:50 AM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mljge.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"MP4 Player"="C:\Program Files\MP4 Player\mp4Player.exe" hmw
"Comrade.exe"=C:\Program Files\GameSpy\Comrade\Comrade.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PVR Agent"=C:\Program Files\V-Stream Multimedia\PVR Plus\TVR\Scheduled.exe
"Pinnacle WebUpdater"="C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdatePMC45.xml -url=http://cdn.pinnaclesys.com/SupportFiles
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
"Alcmtr"=ALCMTR.EXE
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"MaxtorOneTouch"=C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
AutoRun\command- G:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
AutoRun\command- H:\Install.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
Auto\command- RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17ee52a2-e605-11db-967b-0014a48be39b}]
Auto\command- RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{304db268-dff0-11db-9672-000000000000}]
Auto\command- RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82055b80-6fc2-11dc-9743-0014a48be39b}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b9c117a-e3cc-11db-9679-0014a48be39b}]
Auto\command- RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcf1a777-dff0-11db-9673-0014a48be39b}]
Auto\command- J:\RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de1a4ca6-1b8e-11dc-96d5-0014a48be39b}]
AutoRun\command- F:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee6a1d25-a458-11dc-978b-0014a48be39b}]
AutoRun\command- "F:\Install FreeAgent Tools.exe" /run
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f65dc646-e6f3-11db-967e-0014a48be39b}]
Auto\command- RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd5b2fe8-01b4-11dc-96ad-0014a48be39b}]
Auto\command- J:\RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{feaf9a26-b7a0-11dc-979c-0014a48be39b}]
AutoRun\command- F:\Autoplay.exe -auto
*Newly Created Service* - INT15.SYS
-- End of Deckard's System Scanner: finished at 2008-03-24 00:48:40 ------------