OK here is the dss report
Deckard's System Scanner v20071014.68
Run by admin on 2008-06-06 10:57:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as admin.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:29 AM, on 6/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\admin\Desktop\dss.exe
E:\Down\HIJACK~1\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://203.99.52.139/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1:80
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DFDFEBF-F1FA-4101-A702-8D4A29FAFF26}: NameServer = 117.18.240.6,117.18.240.5,202.147.165.40,202.147.165.41
O17 - HKLM\System\CS1\Services\Tcpip\..\{4DFDFEBF-F1FA-4101-A702-8D4A29FAFF26}: NameServer = 117.18.240.6,117.18.240.5,202.147.165.40,202.147.165.41
O17 - HKLM\System\CS2\Services\Tcpip\..\{4DFDFEBF-F1FA-4101-A702-8D4A29FAFF26}: NameServer = 117.18.240.6,117.18.240.5,202.147.165.40,202.147.165.41
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
--
End of file - 6193 bytes
-- Files created between 2008-05-06 and 2008-06-06 -----------------------------
2008-06-05 12:38:42 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2008-06-05 12:23:45 0 d-------- C:\Program Files\Sophos
2008-06-05 12:11:31 0 d-------- C:\Program Files\Avira GmbH
2008-06-05 11:12:53 0 d-------- C:\Documents and Settings\admin\Application Data\Malwarebytes
2008-06-05 11:12:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-05 11:12:50 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-04 14:22:57 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-06-04 14:22:47 0 d-------- C:\Program Files\Webroot
2008-06-04 14:22:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-06-04 14:22:47 0 d-------- C:\Documents and Settings\admin\Application Data\Webroot
2008-06-03 18:46:34 0 d-------- C:\Documents and Settings\admin\DoctorWeb
2008-06-03 14:57:30 68096 --a------ C:\WINDOWS\zip.exe
2008-06-03 14:57:30 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-03 14:57:30 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-03 14:57:30 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-03 14:57:30 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-03 14:57:30 80412 --a------ C:\WINDOWS\grep.exe
2008-06-03 14:57:30 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-03 14:29:29 0 d-------- C:\Documents and Settings\admin\Application Data\Avira
2008-06-03 11:53:17 0 d-------- C:\Program Files\Avira
2008-06-03 11:18:12 0 d-------- C:\WINDOWS\WinRescue
2008-06-02 17:37:28 2 --a------ C:\WINDOWS\system32\LOGFILES
2008-06-02 17:05:17 0 d-------- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Premium
2008-06-02 16:51:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-06-02 13:59:16 0 d-------- C:\vdefs
2008-06-02 13:46:28 0 d-------- C:\Documents and Settings\admin.ADIEL\Application Data\SUPERAntiSpyware.com
2008-06-02 13:44:58 0 d-------- C:\Documents and Settings\admin.ADIEL\Application Data\Webroot
2008-06-02 13:42:50 0 d-------- C:\Documents and Settings\admin.ADIEL\Application Data\AVGTOOLBAR
2008-06-02 13:41:02 0 d-------- C:\Documents and Settings\admin.ADIEL\Application Data\Identities
2008-06-02 13:40:32 0 dr------- C:\Documents and Settings\admin.ADIEL\Favorites
2008-06-02 13:40:32 0 d-------- C:\Documents and Settings\admin.ADIEL\Desktop
2008-06-02 13:40:32 0 d---s---- C:\Documents and Settings\admin.ADIEL\Cookies
2008-06-02 13:40:32 0 dr-h----- C:\Documents and Settings\admin.ADIEL\Application Data
2008-06-02 13:40:32 0 d---s---- C:\Documents and Settings\admin.ADIEL\Application Data\Microsoft
2008-06-02 13:40:31 0 d--h----- C:\Documents and Settings\admin.ADIEL\Templates
2008-06-02 13:40:31 0 dr------- C:\Documents and Settings\admin.ADIEL\Start Menu
2008-06-02 13:40:31 0 dr-h----- C:\Documents and Settings\admin.ADIEL\SendTo
2008-06-02 13:40:31 0 dr-h----- C:\Documents and Settings\admin.ADIEL\Recent
2008-06-02 13:40:31 0 d--h----- C:\Documents and Settings\admin.ADIEL\PrintHood
2008-06-02 13:40:31 4018176 --a------ C:\Documents and Settings\admin.ADIEL\NTUSER.DAT
2008-06-02 13:40:31 0 d--h----- C:\Documents and Settings\admin.ADIEL\NetHood
2008-06-02 13:40:31 0 dr------- C:\Documents and Settings\admin.ADIEL\My Documents
2008-06-02 13:40:31 0 d--h----- C:\Documents and Settings\admin.ADIEL\Local Settings
2008-06-02 11:37:01 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-14 10:07:14 0 d-------- C:\Documents and Settings\admin\Application Data\MyPhoneExplorer
2008-05-14 10:07:10 0 d-------- C:\Documents and Settings\admin\Application Data\AD ON Multimedia
2008-05-14 10:07:04 0 d-------- C:\Program Files\MyPhoneExplorer
2008-05-12 13:14:33 0 d-------- C:\Documents and Settings\admin\Application Data\PC Tools
2008-05-12 12:58:06 15872 --a------ C:\WINDOWS\system32\drivers\AVRec.sys <Not Verified; PC Tools Research Pty Ltd; PC Tools AntiVirus>
2008-05-12 12:58:06 22528 --a------ C:\WINDOWS\system32\drivers\AVHook.sys <Not Verified; PC Tools Research Pty Ltd.; PC Tools AntiVirus>
2008-05-12 12:58:06 15872 --a------ C:\WINDOWS\system32\drivers\AVFilter.sys <Not Verified; PC Tools Research Pty Ltd; AVFilter Device Driver>
2008-05-12 12:57:55 0 d-------- C:\Program Files\PC Tools AntiVirus
2008-05-12 12:57:55 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-05-12 12:56:56 0 d-------- C:\Documents and Settings\All Users\Application Data\fssg
2008-05-12 12:17:30 0 d-------- C:\Documents and Settings\admin\Application Data\Smart PC Solutions
2008-05-09 15:58:05 0 d-------- C:\Documents and Settings\admin\Application Data\Conceptworld
2008-05-09 15:56:59 0 d-------- C:\Program Files\Conceptworld
2008-05-09 15:42:16 0 --a------ C:\WINDOWS\system32\suupdate.dat
2008-05-09 15:41:38 11264 --a------ C:\WINDOWS\system32\drivers\supermounter.sys <Not Verified; Superlogix; supermounter>
2008-05-09 15:41:38 44000 --a------ C:\WINDOWS\system32\drivers\AFPUni.sys <Not Verified; Alfa Corporation; AlfaFP 2003 Unicode Build for Windows NT/2K>
2008-05-09 15:41:38 43936 --a------ C:\WINDOWS\system32\drivers\AFPAnsi.sys <Not Verified; Alfa Corporation; AlfaFP 2003 Ansi Build for Windows NT/2K>
2008-05-09 15:41:37 2256896 --a------ C:\WINDOWS\system32\vbsbak.dat <Not Verified; SuperLogix; Super Utilities>
2008-05-09 15:41:36 6144 --a------ C:\WINDOWS\system32\SuperRes.dll
2008-05-09 15:41:36 73728 --a------ C:\WINDOWS\system32\smh.dat <Not Verified; SuperLogix; SuperMenuHook>
2008-05-09 15:41:36 89088 --a------ C:\WINDOWS\system32\Shreder.dll <Not Verified; ; Shreder Dynamic Link Library>
2008-05-09 15:41:35 1519616 --a------ C:\WINDOWS\system32\context.dll <Not Verified; SuperLogix; Enhancement to context menu>
2008-05-09 15:41:34 0 d-------- C:\Program Files\SuperLogix
2008-05-09 11:27:42 0 d-------- C:\Program Files\Best Network Security
2008-05-09 11:26:21 0 d-------- C:\Documents and Settings\All Users\Application Data\NetServerListener
2008-05-09 11:26:20 0 d-------- C:\Program Files\Best Network Security Server
2008-05-09 10:34:34 0 d-------- C:\Documents and Settings\Adiel\Application Data\WinRAR
2008-05-09 10:29:17 0 d-------- C:\Documents and Settings\Adiel\Application Data\AVGTOOLBAR
2008-05-09 10:14:31 0 d-------- C:\Program Files\Common Files\Tray
2008-05-09 10:14:30 0 d-------- C:\Program Files\Common Files\System Shared
2008-05-09 10:14:25 0 d-------- C:\WINDOWS\tray
2008-05-09 10:14:25 0 d-------- C:\WINDOWS\system32\cc32
2008-05-09 10:07:57 0 d-------- C:\Program Files\PortableFirefox
2008-05-08 14:30:52 0 d-------- C:\Program Files\Fortres Grand
2008-05-08 14:00:16 0 d-------- C:\Program Files\Stop Installation Tool
2008-05-08 12:54:49 76 --a------ C:\WINDOWS\system32\esafedrv.dat
2008-05-08 12:53:16 50 --a------ C:\WINDOWS\pcenid.dat
2008-05-08 12:53:16 50 -----n--- C:\dosldr.bin
2008-05-08 12:53:00 24 -----n--- C:\WINDOWS\enexp.dat
2008-05-08 11:47:42 0 d-------- C:\Program Files\WinRescue XP
2008-05-07 17:28:35 0 d-------- C:\Program Files\PC Chaperone
2008-05-07 17:28:35 0 d-------- C:\Documents and Settings\All Users\Application Data\PCC
2008-05-07 16:41:42 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-05-07 13:46:02 0 d-------- C:\Documents and Settings\All Users\Application Data\System
2008-05-07 13:46:01 5196917 --a------ C:\WINDOWS\system32\httpsurl.dat
-- Find3M Report ---------------------------------------------------------------
2008-06-06 10:57:27 0 d-------- C:\Program Files\FlashGet
2008-06-05 13:41:43 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-05 12:11:31 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-03 11:51:02 0 d-------- C:\Program Files\Common Files
2008-05-09 10:08:10 0 d-------- C:\Program Files\Mozilla Firefox(2)
2008-04-26 10:55:02 0 d-------- C:\Program Files\Total Video Converter
2008-04-23 11:52:03 0 d-------- C:\Program Files\COI_ALL_UI
2008-04-23 11:49:30 294912 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>
2008-04-23 11:49:29 82944 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-04-22 11:28:44 18550784 --a------ C:\WINDOWS\system32\LMS_ALL_DLL.dll <Not Verified; AISL; LMS_ALL_DLL>
2008-04-21 18:28:54 0 d-------- C:\Program Files\ReNamer
2008-04-19 15:07:20 7426048 --a------ C:\WINDOWS\system32\COI_ALL_DLL.dll <Not Verified; AIS; COI_ALL_DLL>
2008-04-19 14:53:08 2236416 --a------ C:\WINDOWS\system32\COL_ALL_DLL.dll <Not Verified; ais; COL_ALL_DLL>
2008-04-19 14:49:18 933888 --a------ C:\WINDOWS\system32\CM_ALL_DLL.dll <Not Verified; ais; CM_ALL_DLL>
2008-04-19 13:58:00 3334144 --a------ C:\WINDOWS\system32\Sys_Services.dll <Not Verified; AIS; Sys_Services>
2008-04-19 13:54:00 405504 --a------ C:\WINDOWS\system32\Attributes.dll <Not Verified; AIS; Attributes>
2008-04-19 11:58:34 0 d-------- C:\Documents and Settings\admin\Application Data\CyberLink
2008-04-18 16:24:02 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-08 12:44:18 0 d-------- C:\Documents and Settings\admin\Application Data\AVGTOOLBAR
2008-04-07 12:45:00 0 d-------- C:\Program Files\AVG
2008-04-07 11:08:26 0 d-------- C:\Documents and Settings\admin\Application Data\SUPERAntiSpyware.com
2008-04-07 11:08:03 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-26 13:31:27 0 --a------ C:\WINDOWS\nsreg.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
04/07/2008 12:45 PM 2041600 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [04/07/2008 12:45 PM 2041600]
[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [07/11/2007 09:07 AM C:\WINDOWS\RTHDCPL.exe]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [07/11/2007 09:07 AM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [07/11/2007 09:07 AM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [07/11/2007 09:07 AM]
"avgnt"="C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" [02/12/2008 10:06 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]
"NoteZilla"="" []
"QNPlus"="" []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 1:01:04 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 12:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
"C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTAVApp]
"C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
SkyTel.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddffa17c-15bf-11dd-9ae1-001cc01b73b8}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
-- End of Deckard's System Scanner: finished at 2008-06-06 10:57:46 ------------