Deckard's System Scanner v20071014.68
Run by Delo on 2008-05-07 22:22:20
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-07 22:26:51
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\csrss.exe
C:\WINDOWS\System32\csrss.exe
C:\WINDOWS\System32\wininit.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\System32\services.exe
C:\WINDOWS\System32\lsass.exe
C:\WINDOWS\System32\lsm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\SLsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\taskeng.exe
C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\SearchIndexer.exe
C:\WINDOWS\System32\drivers\XAudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\System32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\System32\wbem\WmiPrvSE.exe
C:\WINDOWS\System32\mobsync.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\System32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Delo\Desktop\New Folder\FXVUNDOB.EXE
C:\Users\Delo\Desktop\New Folder\DSS.EXE
C:\WINDOWS\System32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...P&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...P&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...P&pf=laptop
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\iifDsrOF.dll,#1
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Delo\AppData\Local\Temp\qoMgfCuU.dll,#1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Delo\AppData\Local\Temp\iifgHbAr.dll,c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BMf3d14f5c] Rundll32.exe "C:\Users\Delo\AppData\Local\Temp\rrqkkukw.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-GB\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\System32\drivers\XAudio.exe
--
End of file - 13567 bytes
-- Files created between 2008-04-07 and 2008-05-07 -----------------------------
2008-05-06 21:20:55 0 d-------- C:\Program Files\VirtualDJ
2008-05-05 21:18:58 0 d-------- C:\Program Files\Lavasoft
2008-05-05 21:18:49 0 d-------- C:\Users\All Users\Lavasoft
2008-05-05 21:08:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-05 20:19:18 0 d-a------ C:\Users\All Users\TEMP
2008-05-05 20:16:39 0 d-------- C:\Program Files\Spyware Doctor
2008-05-05 20:15:49 43520 --a------ C:\Windows\system32\iifDsrOF.dll
2008-05-05 11:08:06 0 d--hs---- C:\Users\Delo\Phone Browser
2008-05-05 09:31:45 0 d-------- C:\Program Files\CCleaner
2008-05-05 09:31:16 0 d-------- C:\!KillBox
2008-05-04 22:53:16 0 d-------- C:\Users\All Users\Google
2008-05-04 22:52:46 0 d-------- C:\Program Files\Google
2008-05-03 22:07:57 0 d-------- C:\VundoFix Backups
2008-05-02 18:55:12 0 d-------- C:\Program Files\Opera
2008-04-30 21:41:27 0 d-------- C:\Program Files\DVD Decrypter
2008-04-30 21:18:51 0 d-------- C:\Program Files\ASIO4ALL v2
2008-04-30 21:18:01 225280 --a------ C:\Windows\system32\rewire.dll <Not Verified; Propellerhead Software AB; ReWire>
2008-04-30 21:18:01 0 d-------- C:\Program Files\VstPlugins
2008-04-30 21:14:52 0 d-------- C:\Program Files\Outsim
2008-04-30 21:10:11 0 d-------- C:\Program Files\Image-Line
2008-04-30 07:20:50 0 d-------- C:\Program Files\Common Files\PX Storage Engine
2008-04-28 20:49:47 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-27 11:07:56 0 d-------- C:\Users\All Users\Media Center Programs
2008-04-27 11:06:36 0 d-------- C:\Program Files\Eidos
2008-04-27 11:03:08 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-04-27 10:37:46 0 d-------- C:\Windows\WinRAR
2008-04-27 10:29:41 717296 --a------ C:\Windows\system32\drivers\sptd.sys
2008-04-27 10:14:17 0 d-------- C:\Users\All Users\PC Suite
2008-04-27 10:12:47 0 d-------- C:\Program Files\Common Files\PCSuite
2008-04-27 10:12:46 0 d-------- C:\Program Files\Common Files\Nokia
2008-04-27 10:12:26 0 d-------- C:\Program Files\Participatory Culture Foundation
2008-04-27 10:12:24 0 d-------- C:\Program Files\DIFX
2008-04-27 10:10:42 0 d------c- C:\Windows\system32\DRVSTORE
2008-04-27 10:10:21 0 d-------- C:\Program Files\PC Connectivity Solution
2008-04-27 10:06:12 0 d-------- C:\Program Files\Nokia
2008-04-27 00:13:16 0 d-------- C:\Users\All Users\Installations
2008-04-26 18:00:32 0 d-------- C:\Program Files\LimeWire
2008-04-26 16:31:15 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-26 14:03:34 0 d-------- C:\Program Files\MSXML 4.0
2008-04-26 09:50:31 0 d-------- C:\Users\All Users\Kontiki
2008-04-26 09:50:31 0 d-------- C:\Program Files\Channel4
2008-04-26 09:43:03 0 d-------- C:\Program Files\Kontiki
2008-04-26 09:42:11 0 d-------- C:\Users\All Users\Channel4
2008-04-26 00:43:23 0 d-------- C:\Program Files\BitTornado
2008-04-25 20:16:10 0 dr------- C:\Users\Delo\Searches
2008-04-25 20:15:55 0 dr------- C:\Users\Delo\Contacts
2008-04-25 20:15:47 81 --a------ C:\Windows\system32\LOG
2008-04-25 20:15:44 44 --a------ C:\Windows\system\hpsysdrv.dat
2008-04-25 20:12:47 0 d-------- C:\Users\All Users\Electronic Arts
2008-04-25 20:08:05 0 d-------- C:\Program Files\Electronic Arts
2008-04-25 20:05:46 0 d-------- C:\Program Files\Common Files\LightScribe
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Videos
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\Templates
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\Start Menu
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\SendTo
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Saved Games
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\Recent
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\PrintHood
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Pictures
2008-04-25 20:04:03 1310720 --a------ C:\Users\Delo\NTUSER.DAT
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\NetHood
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\My Documents
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Music
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\Local Settings
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Links
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Favorites
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Downloads
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Documents
2008-04-25 20:04:03 0 dr------- C:\Users\Delo\Desktop
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\Cookies
2008-04-25 20:04:03 0 d--hs---- C:\Users\Delo\Application Data
2008-04-25 20:04:03 0 d--h----- C:\Users\Delo\AppData
2008-04-25 19:55:49 0 d--hs---- C:\Users\Default\Local Settings
2008-04-25 19:55:49 0 d--hs---- C:\Users\All Users\Templates
2008-04-25 19:55:49 0 d--hs---- C:\Users\All Users\Start Menu
2008-04-25 19:55:49 0 d--hs---- C:\Users\All Users\Favorites
2008-04-25 19:55:49 0 d--hs---- C:\Users\All Users\Documents
2008-04-25 19:55:49 0 d--hs---- C:\Users\All Users\Desktop
2008-04-25 19:55:49 0 d--hs---- C:\Users\All Users\Application Data
2008-04-25 19:55:49 0 d--hs---- C:\Documents and Settings
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\Templates
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\Start Menu
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\SendTo
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\Recent
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\PrintHood
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\NetHood
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\My Documents
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\Cookies
2008-04-25 19:55:48 0 d--hs---- C:\Users\Default\Application Data
2008-04-25 19:55:17 0 d--hs---- C:\System Volume Information
-- Find3M Report ---------------------------------------------------------------
2008-05-07 21:14:36 27240 --a------ C:\Users\Delo\AppData\Roaming\nvModes.001
2008-05-07 20:59:30 27240 --a------ C:\Users\Delo\AppData\Roaming\nvModes.dat
2008-05-06 21:58:06 0 d-------- C:\Users\Delo\AppData\Roaming\CyberLink
2008-05-06 20:36:03 0 d-------- C:\Users\Delo\AppData\Roaming\LimeWire
2008-05-05 21:08:06 0 d-------- C:\Program Files\Common Files
2008-05-05 20:16:40 0 d-------- C:\Users\Delo\AppData\Roaming\PC Tools
2008-05-05 16:01:55 0 d-------- C:\Users\Delo\AppData\Roaming\Google
2008-05-05 11:33:26 0 d-------- C:\Users\Delo\AppData\Roaming\PC Suite
2008-05-05 10:55:24 0 d-------- C:\Users\Delo\AppData\Roaming\Nokia
2008-05-04 22:49:24 0 d-------- C:\Program Files\Java
2008-05-02 18:58:16 0 d-------- C:\Users\Delo\AppData\Roaming\Opera
2008-04-30 07:23:49 0 d-------- C:\Users\Delo\AppData\Roaming\Adobe
2008-04-28 20:35:02 0 d-------- C:\Users\Delo\AppData\Roaming\PCF-VLC
2008-04-27 11:10:20 0 dr-h----- C:\Users\Delo\AppData\Roaming\SecuROM
2008-04-27 11:06:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-27 10:51:04 0 d-------- C:\Program Files\Hp
2008-04-27 10:39:28 0 d-------- C:\Users\Delo\AppData\Roaming\WinRAR
2008-04-27 10:29:23 0 d-------- C:\Users\Delo\AppData\Roaming\DAEMON Tools
2008-04-27 10:15:54 0 d-------- C:\Users\Delo\AppData\Roaming\Mozilla
2008-04-27 10:15:36 0 d-------- C:\Users\Delo\AppData\Roaming\Participatory Culture Foundation
2008-04-26 16:41:21 0 d-------- C:\Program Files\CONEXANT
2008-04-26 15:02:55 0 d-------- C:\Program Files\Windows Mail
2008-04-26 15:02:54 0 d-------- C:\Program Files\Windows Sidebar
2008-04-26 00:44:25 0 d-------- C:\Users\Delo\AppData\Roaming\.BitTornado
2008-04-26 00:12:32 0 d-------- C:\Program Files\Norton Internet Security
2008-04-26 00:12:31 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-26 00:03:28 0 d-------- C:\Program Files\Symantec
2008-04-25 20:17:30 0 d-------- C:\Users\Delo\AppData\Roaming\Hewlett-Packard
2008-04-25 20:16:51 0 d-------- C:\Users\Delo\AppData\Roaming\Symantec
2008-04-25 20:15:59 0 d-------- C:\Users\Delo\AppData\Roaming\Identities
2008-04-25 20:14:40 0 d-------- C:\Users\Delo\AppData\Roaming\Macromedia
2008-04-25 20:14:16 0 dr------- C:\Program Files\Online Services
2008-04-25 20:05:53 0 d-------- C:\Program Files\HPQ
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
25/08/2007 02:51 316784 --a------ c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
25/04/2008 19:30 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [28/09/2007 09:06]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [28/09/2007 09:06]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [28/09/2007 09:06]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [15/09/2007 09:29]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [03/10/2007 06:00]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [06/09/2007 22:46]
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [17/08/2007 08:13]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [21/10/2007 18:55]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [14/02/2008 11:01]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" []
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [13/09/2007 16:47]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [08/01/2007 23:53]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
"4oD"="C:\Program Files\Kontiki\KHost.exe" [23/04/2007 11:23]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [08/05/2007 16:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe" [01/04/2008 13:21]
"MSServer"="C:\Windows\system32\iifDsrOF.dll" [05/05/2008 20:15]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [01/02/2008 12:55]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [26/04/2008 14:08]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [23/08/2007 17:36]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter " []
"HPAdvisor"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [02/10/2007 00:10]
"kdx"="C:\Program Files\Kontiki\KHost.exe" [23/04/2007 11:23]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [26/03/2008 18:41]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [16/04/2008 12:53]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [01/04/2008 10:39]
"MSServer"="C:\Users\Delo\AppData\Local\Temp\qoMgfCuU.dll,#1" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [05/05/2008 19:50]
"cmds"="C:\Users\Delo\AppData\Local\Temp\iifgHbAr.dll,c" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 13:36]
"BMf3d14f5c"="C:\Users\Delo\AppData\Local\Temp\rrqkkukw.dll,s" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B3102264-D09D-4322-B625-503FBF18DD7E}"= C:\Windows\system32\iifDsrOF.dll [05/05/2008 20:15 43520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-05-07 22:31:37 ------------
Hope I have done this all ok ?