Hello,
ok, below is the avenger text and a new DSS log. By the way your description of how the avenger program would work didn't quite match up, possible they have updated it. However I just followed my nose.
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Mon Apr 07 15:23:57 2008
15:23:57: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Mon Apr 07 15:24:37 2008
15:24:37: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Mon Apr 07 15:25:48 2008
15:25:48: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.comPlatform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\Documents and Settings\All Users\Application Data\ryhkncpq.dll" deleted successfully.
File "C:\WINDOWS\system32\slwslbpz.dll" deleted successfully.
File "C:\Documents and Settings\All Users\Application Data\zopajkti.dll" deleted successfully.
File "C:\WINDOWS\system32\mvgnbhyx.dll" deleted successfully.
File "C:\Documents and Settings\All Users\Application Data\opongjel.dll" deleted successfully.
File "C:\WINDOWS\system32\fomefhfr.dll" deleted successfully.
File "C:\WINDOWS\system32\xmecaqxv.dll" deleted successfully.
File "C:\Documents and Settings\All Users\Application Data\adgjofcr.dll" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Deckard's System Scanner v20071014.68
Run by cfgeca on 2008-04-07 15:30:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Percentage of Memory in Use: 81% (more than 75%).Total Physical Memory: 504 MiB (512 MiB recommended).-- HijackThis (run as cfgeca.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:30, on 2008-04-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\WINDOWS\TEMP\KBE86D.EXE
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Documents and Settings\cfgeca\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\cfgeca.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.dell.com/O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: ZyWALL VPN Client.lnk = C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://companyweb
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.t...ivex/hcImpl.cabO16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) -
https://cfgmsbserver...emote/msrdp.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = GMCF.local
O17 - HKLM\Software\..\Telephony: DomainName = GMCF.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = GMCF.local
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 9476 bytes
-- Files created between 2008-03-07 and 2008-04-07 -----------------------------
2008-04-07 09:41:38 0 d-------- C:\Documents and Settings\cfgeca\Application Data\Malwarebytes
2008-04-07 09:41:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-07 09:41:26 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-04 16:46:57 53248 --a------ C:\WINDOWS\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-04-04 09:46:56 68096 --a------ C:\WINDOWS\system32\zip.exe
2008-04-04 09:46:56 98816 --a------ C:\WINDOWS\system32\sed.exe
2008-04-04 09:46:56 80412 --a------ C:\WINDOWS\system32\grep.exe
2008-04-04 09:46:56 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-04-03 11:50:08 0 d-------- C:\WINDOWS\ERUNT
2008-04-02 14:33:24 3860 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-02 14:32:23 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-02 14:32:23 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-04-02 14:32:23 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-04-02 14:32:23 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-04-02 14:32:23 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-04-02 14:32:23 82432 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-02 14:21:55 0 d--h----- C:\Documents and Settings\administrator.GMCF\Templates
2008-04-02 14:21:55 0 dr------- C:\Documents and Settings\administrator.GMCF\Start Menu
2008-04-02 14:21:55 0 dr-h----- C:\Documents and Settings\administrator.GMCF\SendTo
2008-04-02 14:21:55 0 dr-h----- C:\Documents and Settings\administrator.GMCF\Recent
2008-04-02 14:21:55 0 d--h----- C:\Documents and Settings\administrator.GMCF\PrintHood
2008-04-02 14:21:55 0 d--h----- C:\Documents and Settings\administrator.GMCF\NetHood
2008-04-02 14:21:55 0 dr------- C:\Documents and Settings\administrator.GMCF\My Documents
2008-04-02 14:21:55 0 d--h----- C:\Documents and Settings\administrator.GMCF\Local Settings
2008-04-02 14:21:55 0 dr------- C:\Documents and Settings\administrator.GMCF\Favorites
2008-04-02 14:21:55 0 d-------- C:\Documents and Settings\administrator.GMCF\Desktop
2008-04-02 14:21:55 0 d---s---- C:\Documents and Settings\administrator.GMCF\Cookies
2008-04-02 14:21:55 0 dr-h----- C:\Documents and Settings\administrator.GMCF\Application Data
2008-04-02 14:21:55 0 d-------- C:\Documents and Settings\administrator.GMCF\Application Data\Sun
2008-04-02 14:21:55 0 d-------- C:\Documents and Settings\administrator.GMCF\Application Data\Sonic
2008-04-02 14:21:55 0 d---s---- C:\Documents and Settings\administrator.GMCF\Application Data\Microsoft
2008-04-02 14:21:55 0 d-------- C:\Documents and Settings\administrator.GMCF\Application Data\Intel
2008-04-02 14:21:55 0 d-------- C:\Documents and Settings\administrator.GMCF\Application Data\Identities
2008-04-02 14:21:54 786432 --ah----- C:\Documents and Settings\administrator.GMCF\NTUSER.DAT
2008-03-27 13:26:46 0 d-------- C:\Program Files\AvantGo Connect
2008-03-27 13:25:58 65613 --a------ C:\WINDOWS\system32\ppvexp.dll <Not Verified; Microsoft Corporation; Microsoft ActiveSync>
2008-03-27 13:25:57 24652 --a------ C:\WINDOWS\system32\uicom.dll <Not Verified; Microsoft Corporation; Microsoft Pocket Office>
2008-03-27 13:25:57 65615 --a------ C:\WINDOWS\system32\pmailext.dll <Not Verified; Microsoft Corporation; Microsoft Pocket Office>
2008-03-27 13:25:57 57423 --a------ C:\WINDOWS\system32\MsgStRPC.dll <Not Verified; Microsoft Corporation; Microsoft Pocket Office>
2008-03-27 13:25:57 114688 --a------ C:\WINDOWS\system32\malslib.dll <Not Verified; AvantGo, Inc.; AvantGo Connect>
2008-03-27 13:25:56 77899 --a------ C:\WINDOWS\system32\rapi.dll <Not Verified; Microsoft Corporation; Microsoft ActiveSync>
2008-03-27 13:25:56 36942 --a------ C:\WINDOWS\system32\ppcload.dll <Not Verified; Microsoft Corporation; Microsoft ActiveSync>
2008-03-27 13:25:56 24653 --a------ C:\WINDOWS\system32\ceutil.dll <Not Verified; Microsoft Corporation; Microsoft ActiveSync>
2008-03-27 12:32:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-27 11:30:36 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-26 15:21:26 0 d-------- C:\Documents and Settings\cfgeca\.housecall6.6
2008-03-19 11:01:32 0 d-------- C:\Documents and Settings\cfgeca\Application Data\Datalayer
2008-03-17 12:57:48 0 d-------- C:\Program Files\Common Files\xing shared
2008-03-17 12:57:17 0 d-------- C:\Program Files\Real
2008-03-17 12:57:12 0 d-------- C:\Program Files\Common Files\Real
2008-03-17 12:57:11 0 d-------- C:\Documents and Settings\cfgeca\Application Data\Real
-- Find3M Report ---------------------------------------------------------------
2008-04-07 15:27:04 12 --a------ C:\WINDOWS\bthservsdp.dat
2008-03-31 12:43:29 0 d-------- C:\Program Files\Trend Micro
2008-03-27 14:21:05 0 d-------- C:\Program Files\Common Files
2008-03-27 14:21:01 0 d-------- C:\Program Files\Lavasoft
2008-03-27 13:26:48 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-03-25 12:30:37 0 d-------- C:\Documents and Settings\cfgeca\Application Data\AdobeUM
2008-03-06 11:56:55 0 d-------- C:\Documents and Settings\cfgeca\Application Data\PC Suite
2008-03-06 11:38:13 0 d-------- C:\Documents and Settings\cfgeca\Application Data\Nokia
2008-03-02 13:00:15 0 d-------- C:\Program Files\Common Files\PCSuite
2008-03-02 13:00:13 0 d-------- C:\Program Files\Nokia
2008-03-02 13:00:13 0 d-------- C:\Program Files\Common Files\Nokia
2008-03-02 12:59:48 0 d-------- C:\Program Files\DIFX
2008-03-02 12:59:30 0 d-------- C:\Program Files\PC Connectivity Solution
2008-03-02 12:58:16 0 d--h----- C:\Program Files\InstallShield Installation Information
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2007-08-23 11:09]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-08-23 10:51]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-08-23 11:16]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2007-08-23 11:09]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 14:59]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2007-08-23 11:09]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-26 08:04]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 01:01]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-04 05:00]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 05:00 C:\WINDOWS\system32\bthprops.cpl]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 18:17]
"WinVNC"="C:\Program Files\UltraVNC\WinVNC.exe" [2005-08-06 19:45]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" [2007-03-29 08:10]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-28 15:12]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 01:19:50]
BTTray.lnk - C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe [2004-08-16 19:52:22]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-08-08 10:55:22]
EPSON Status Monitor 3 Environment Check.lnk - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE [2000-02-03 01:11:00]
ZyWALL VPN Client.lnk - C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe [2006-12-14 15:49:16]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"disableregistrytools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 16:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
-- End of Deckard's System Scanner: finished at 2008-04-07 15:31:07 ------------