Hello Sage5 and thanks. The system is working a little faster but I still have the same ugly background warning and I left the Norton Symantec up because I dont know of any better antivirus systems plus I just spend $40 bucks on it yesterday. I did complete everything else. Thanks.
Find AWF report by noahdfear ©2006
Version 1.40
The current date is: Sun 06/15/2008
The current time is: 22:37:48.20
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\DELLPH~1\BAK
10/21/2005 10:40 AM 430,080 dlccmon.exe
1 File(s) 430,080 bytes
Directory of C:\PROGRA~1\DELLSU~1\BAK
07/16/2006 09:29 PM 389,120 DSAgnt.exe
1 File(s) 389,120 bytes
Directory of C:\PROGRA~1\MESSEN~1\BAK
10/13/2004 11:24 AM 1,694,208 msmsgs.exe
1 File(s) 1,694,208 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/17/2006 10:04 AM 98,304 qttask.exe
1 File(s) 98,304 bytes
Directory of C:\WINDOWS\EHOME\BAK
09/29/2005 02:01 PM 67,584 ehtray.exe
1 File(s) 67,584 bytes
Directory of C:\WINDOWS\SYSTEM32\BAK
08/10/2004 05:00 AM 15,360 ctfmon.exe
1 File(s) 15,360 bytes
Directory of C:\PROGRA~1\BROADJ~1\CLIENT~1\BAK
09/10/2002 09:26 PM 368,706 CFD.exe
1 File(s) 368,706 bytes
Directory of C:\PROGRA~1\DELL\MEDIAE~1\BAK
10/05/2005 03:12 AM 94,208 DMXLauncher.exe
1 File(s) 94,208 bytes
Directory of C:\PROGRA~1\GOOGLE\GOOGLE~1\BAK
08/14/2007 06:41 PM 1,838,592 GoogleDesktop.exe
1 File(s) 1,838,592 bytes
Directory of C:\PROGRA~1\MUSICM~1\MUSICM~3\BAK
09/18/2006 01:46 PM 8,192 mimboot.exe
09/18/2006 01:46 PM 110,592 mm_tray.exe
2 File(s) 118,784 bytes
Directory of C:\PROGRA~1\SBCSEL~1\SMARTB~1\BAK
08/24/2005 07:51 AM 442,455 MotiveSB.exe
1 File(s) 442,455 bytes
Directory of C:\PROGRA~1\YAHOO!\BROWSER\BAK
07/21/2006 04:19 PM 129,536 ybrwicon.exe
1 File(s) 129,536 bytes
Directory of C:\PROGRA~1\YAHOO!\MESSEN~1\BAK
03/01/2007 06:11 PM 4,670,968 YAHOOM~1.EXE
1 File(s) 4,670,968 bytes
Directory of C:\PROGRA~1\YAHOO!\SEARCH~1\BAK
06/08/2007 09:59 AM 224,248 SearchProtection.exe
1 File(s) 224,248 bytes
Directory of C:\WINDOWS\SYSTEM32\DLA\BAK
09/08/2005 05:20 AM 122,940 DLACTRLW.EXE
1 File(s) 122,940 bytes
Directory of C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\BAK
06/10/2005 10:44 AM 81,920 issch.exe
1 File(s) 81,920 bytes
Directory of C:\PROGRA~1\COMMON~1\REAL\UPDATE~1\BAK
07/29/2007 10:36 PM 185,896 realsched.exe
1 File(s) 185,896 bytes
Directory of C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\BAK
04/04/2007 06:11 PM 24,676 m3SrchMn.exe
1 File(s) 24,676 bytes
Directory of C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\BAK\BAK
06/10/2005 10:44 AM 249,856 isuspm.exe
1 File(s) 249,856 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
430080 Oct 21 2005 "C:\Program Files\Dell Photo AIO Printer 924\bak\dlccmon.exe"
389120 Jul 16 2006 "C:\Program Files\Dell Support\bak\DSAgnt.exe"
0 Jun 14 2008 "C:\Program Files\Messenger\MSMSGS.EXE"
1694208 Oct 13 2004 "C:\Program Files\Messenger\bak\msmsgs.exe"
1694208 Oct 13 2004 "C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe"
98304 Oct 17 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\$NtUninstallKB908246$\ehtray.exe"
67584 Sep 29 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
15360 Aug 10 2004 "C:\WINDOWS\system32\ctfmon.exe"
15360 Aug 10 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
0 Jun 14 2008 "C:\Program Files\BroadJump\Client Foundation\CFD.EXE"
368706 Sep 10 2002 "C:\Program Files\BroadJump\Client Foundation\bak\CFD.exe"
94208 Oct 5 2005 "C:\Program Files\Dell\Media Experience\bak\DMXLauncher.exe"
98304 Aug 1 2007 "C:\My Games\Mah Jong Quest II\googlestubinst.exe"
98304 Aug 1 2007 "C:\My Games\The Rise of Atlantis\googlestubinst.exe"
1831472 Aug 13 2007 "C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe"
1355776 Aug 1 2007 "C:\Program Files\Real\RealArcade\GoogleInstApp.exe"
1838592 Aug 14 2007 "C:\Program Files\Google\Google Desktop Search\bak\GoogleDesktop.exe"
1838592 Aug 13 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp1\GoogleDesktopSetupHelper.exe"
1838592 Aug 14 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp2\GoogleDesktopSetupHelper.exe"
8192 Apr 5 2007 "C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mimboot.exe"
8192 Sep 18 2006 "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\bak\mimboot.exe"
110592 Apr 5 2007 "C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mm_tray.exe"
110592 Sep 18 2006 "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\bak\mm_tray.exe"
442455 Aug 24 2005 "C:\Program Files\SBC Self Support Tool\SmartBridge\bak\MotiveSB.exe"
129536 Jul 21 2006 "C:\Program Files\Yahoo!\browser\bak\ybrwicon.exe"
4670704 Aug 30 2007 "C:\Program Files\Yahoo!\Messenger\YAHOOM~1.EXE1191363306"
6190320 Feb 5 2008 "C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe"
4670968 Mar 1 2007 "C:\Program Files\Yahoo!\Messenger\bak\YAHOOM~1.EXE"
224248 Jun 8 2007 "C:\Program Files\Yahoo!\Search Protection\bak\SearchProtection.exe"
122940 Sep 8 2005 "C:\Program Files\Roxio\DLA\install\dlactrlw.exe"
122940 Sep 8 2005 "C:\WINDOWS\system32\DLA\bak\DLACTRLW.EXE"
81920 Jun 10 2005 "C:\Program Files\Common Files\InstallShield\UpdateService\bak\issch.exe"
249856 Jun 10 2005 "C:\Program Files\Common Files\InstallShield\UpdateService\bak\bak\isuspm.exe"
185896 Jul 29 2007 "C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe"
24676 Apr 4 2007 "C:\Program Files\MyWebSearch\bar\1.bin\bak\m3SrchMn.exe"
249856 Jun 10 2005 "C:\Program Files\Common Files\InstallShield\UpdateService\bak\bak\isuspm.exe"
end of report
from Deckers System Scanner:
Deckard's System Scanner v20071014.68
Run by robilyn key on 2008-06-15 22:44:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
12: 2008-06-16 03:44:45 UTC - RP13 - Deckard's System Scanner Restore Point
11: 2008-06-16 03:28:43 UTC - RP12 - Removed LiveUpdate (Symantec Corporation)
10: 2008-06-16 03:27:41 UTC - RP11 - Removed TMASOLDL
9: 2008-06-16 03:27:26 UTC - RP10 - Removed TMASOEDL
8: 2008-06-16 03:25:53 UTC - RP9 - Removed Trend Micro PC-cillin Internet Security 12
-- First Restore Point --
1: 2008-06-14 03:33:29 UTC - RP2 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-15 22:47:30
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Yahoo!\YOP\yop.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Yahoo!\browser\ycommon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Program Files\Yahoo!\YOP\SSDK02.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\robilyn key\Desktop\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://my.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://home.microsof...search.asp?p=%sR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061017
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\bak\bak\isuspm.exe" -startup
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [QuickPhrase] "C:\Program Files\TypingMaster\quickphrase\quickphrase.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Search -
http://edits.mywebse...?p=ZUxdm265LYUSO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.liv...m/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O15 - Trusted Zone:
https://online.musicmatch.com (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () -
http://ak.exe.imgfar...p1.0.0.15-3.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail....es/MSNPUpld.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cabO16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
http://www.nick.com/.../GrooveAX27.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinn...ed/wwlaunch.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPcservice.exe
--
End of file - 11751 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MCSTRM - c:\windows\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 DSproct - c:\program files\dell support\gtaction\triggers\dsproct.sys <Not Verified; GTek Technologies Ltd.; processt>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 CTDevice_Srv (CT Device Query service) - c:\program files\creative\shared files\ctdevsrv.exe <Not Verified; Creative Technology Ltd; CTDevSrv Application>
S3 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-06-15 22:11:20 266 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-06-13 20:19:57 568 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - robilyn key.job
2008-06-13 18:00:00 420 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
-- Files created between 2008-05-15 and 2008-06-15 -----------------------------
2008-06-14 22:54:39 0 d-------- C:\Documents and Settings\Druw Ashon\Application Data\shcrloj0e18j
2008-06-14 21:05:58 0 --a------ C:\WINDOWS\system32\drivers\USB
2008-06-14 21:05:47 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2008-06-14 20:59:35 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-14 19:34:56 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-06-14 19:34:22 0 d-------- C:\WINDOWS\system32\ZoneLabs
2008-06-14 19:32:50 0 d-------- C:\WINDOWS\Internet Logs
2008-06-14 03:24:31 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-14 03:24:17 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-14 03:24:17 0 d-------- C:\Documents and Settings\robilyn key\Application Data\SUPERAntiSpyware.com
2008-06-14 02:32:41 86016 --a------ C:\WINDOWS\system32\YPcservice.exe <Not Verified; Yahoo! Inc.; YPCService Module>
2008-06-14 02:32:41 131072 --a------ C:\WINDOWS\system32\ypclsp.dll <Not Verified; Yahoo! Inc.; Yahoo! YPCLSP>
2008-06-13 22:09:29 0 d-------- C:\Program Files\Common Files\Scanner
2008-06-13 20:14:55 0 d-------- C:\Program Files\Windows Sidebar
2008-06-13 20:14:55 0 d-------- C:\Program Files\Norton AntiVirus
2008-06-13 20:14:11 0 d-------- C:\Program Files\Symantec
2008-06-13 20:14:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-06-13 17:45:59 0 d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-06-13 17:39:32 0 d-------- C:\Documents and Settings\Bryndon J\Application Data\shcrloj0e18j
2008-06-12 23:45:36 0 d-------- C:\Documents and Settings\robilyn key\Application Data\shcrloj0e18j
2008-06-12 23:44:48 60928 --a------ C:\WINDOWS\system32\blphctloj0e18j.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-06-08 13:37:01 0 d-------- C:\Program Files\Disney
2008-06-07 17:56:05 0 d-------- C:\Documents and Settings\robilyn key\Saved Games <SAVEDG~1>
2008-06-07 17:56:05 0 d-------- C:\Documents and Settings\robilyn key\Application Data\Flood Light Games
2008-06-07 17:56:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Flood Light Games
2008-06-04 21:17:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-05-29 21:37:07 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-05-29 21:37:07 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-05-29 21:37:07 0 d-------- C:\Program Files\Xvid
2008-05-24 12:33:36 0 d-------- C:\Documents and Settings\Druw Ashon\Application Data\TypingMaster7
2008-05-23 19:58:17 0 d-------- C:\Documents and Settings\robilyn key\Application Data\TypingMaster7
2008-05-18 11:02:02 118784 --a------ C:\WINDOWS\ShowBmp.exe <Not Verified; ; ShowBmp Application>
2008-05-18 11:02:02 0 d-------- C:\WINDOWS\Setup2K
2008-05-18 11:02:02 53248 --a------ C:\WINDOWS\ap561.exe <Not Verified; Sunplus; Sunplus Amcap>
-- Find3M Report ---------------------------------------------------------------
2008-06-15 21:44:20 0 d-------- C:\Program Files\BrowsingSoftware
2008-06-15 21:36:33 0 d-------- C:\Program Files\Dl_cats
2008-06-14 23:40:56 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-14 21:05:57 0 d-------- C:\Program Files\Rhapsody
2008-06-14 21:05:52 0 d-------- C:\Program Files\NetWaiting
2008-06-14 21:05:52 0 d-------- C:\Program Files\Messenger
2008-06-14 20:59:35 0 d-------- C:\Program Files\Common Files
2008-06-14 18:37:38 0 d-------- C:\Program Files\Real
2008-06-14 18:37:37 0 d-------- C:\Program Files\Common Files\Real
2008-06-14 18:37:10 0 d-------- C:\Documents and Settings\robilyn key\Application Data\Real
2008-06-14 18:35:28 0 dr-h----- C:\Documents and Settings\robilyn key\Application Data\yahoo!
2008-06-14 18:34:57 0 d-------- C:\Program Files\Yahoo!
2008-06-13 19:37:24 0 d-------- C:\Program Files\Norton Security Scan
2008-06-10 20:16:41 0 d-------- C:\Documents and Settings\robilyn key\Application Data\ZoomBrowser EX
2008-06-08 18:48:04 0 d-------- C:\Program Files\Dell Games
2008-06-08 18:45:04 24 --a------ C:\Documents and Settings\robilyn key\Application Data\MyPhrases.dta
2008-06-08 18:42:54 0 d-------- C:\Program Files\MySpace
2008-06-08 01:03:54 0 d-------- C:\Program Files\WildGames
2008-05-28 19:24:30 0 d-------- C:\Documents and Settings\robilyn key\Application Data\Adobe
2008-05-18 14:55:55 4242 --a----c- C:\WINDOWS\mozver.dat
2008-05-16 22:20:52 0 d-------- C:\Documents and Settings\robilyn key\Application Data\LimeWire
2008-05-13 17:51:42 0 d-------- C:\Documents and Settings\robilyn key\Application Data\funkitron
2008-05-03 20:42:36 0 d-------- C:\Documents and Settings\robilyn key\Application Data\PlayFirst
2008-04-20 10:32:45 1268 --a------ C:\Documents and Settings\robilyn key\Application Data\wklnhst.dat
2008-04-17 21:52:39 0 d-------- C:\Documents and Settings\robilyn key\Application Data\Ludia
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
06/13/2008 08:17 PM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/16/2006 08:39 AM]
"SigmatelSysTrayApp"="stsystra.exe" [08/15/2006 03:00 AM C:\WINDOWS\stsystra.exe]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\bak\bak\isuspm.exe" [06/10/2005 10:44 AM]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [09/14/2005 08:50 AM]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/25/2008 08:47 PM]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [02/07/2008 01:49 AM]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [10/26/2007 03:42 PM]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [08/29/2005 07:09 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [02/29/2008 10:14 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 05:00 AM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" []
"QuickPhrase"="C:\Program Files\TypingMaster\quickphrase\quickphrase.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/15/2008 09:21 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]
AT&T Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [4/3/2007 6:28:18 PM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [10/17/2006 10:02:19 AM]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2/5/2008 2:29:20 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=1 (0x1)
"NoDispScrSavPage"=1 (0x1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06/15/2008 09:21 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 06/15/2008 09:21 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-06-15 22:48:44 ------------
This topic is locked
Sign In
Create Account
