I will ost the scanner results when they are finished.
Deckard's System Scanner v20071014.68
Run by Viden on 2008-06-22 16:22:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Viden.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:22:39 PM, on 6/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\Comodo\Firewall\cmdagent.exe
E:\Program Files\LogMeIn\x86\RaMaint.exe
E:\Program Files\LogMeIn\x86\LogMeIn.exe
E:\Program Files\LogMeIn\x86\LMIGuardian.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
E:\WINDOWS\system32\nvsvc32.exe
D:\Programs\PrfldSvc.exe
E:\Program Files\Spyware Doctor\pctsAuxs.exe
E:\Program Files\Spyware Doctor\pctsSvc.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\Program Files\Spyware Doctor\pctsTray.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\ThreatFire\TFService.exe
E:\WINDOWS\system32\wdfmgr.exe
E:\Program Files\Viewpoint\Common\ViewpointService.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\System32\alg.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\Windows Defender\MSASCui.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\Microsoft IntelliPoint\ipoint.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
E:\Program Files\Comodo\Firewall\CPF.exe
E:\WINDOWS\system32\BtUsrBdg.exe
E:\WINDOWS\system32\BTSetBootKey.exe
e:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
E:\Program Files\Ideazon\ZEngine\Zboard.exe
E:\Program Files\ThreatFire\TFTray.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Viden\Desktop\dss.exe
E:\PROGRA~1\TRENDM~1\HIJACK~1\Viden.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://go.microsoft....k/?LinkId=54843R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - E:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IntelliPoint] "e:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [EPSON Stylus C88 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P23 "EPSON Stylus C88 Series" /O5 "LPT1:" /M "Stylus C88"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISTray] "E:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [NBKeyScan] "E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Zboard] E:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [ThreatFire] E:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [EPSON Stylus C88 Series (Copy 1)] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P32 "EPSON Stylus C88 Series (Copy 1)" /O6 "USB001" /M "Stylus C88"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "e:\progra~1\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Uniblue SpyEraser] "E:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://game1.pogo.comO16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcaf...01/mcinsctl.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1206990587437O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) -
http://www.blizzard....des/cabs/si.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcaf...,26/mcgdmgr.cabO16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) -
http://gameadvisor.f...bal/msc3121.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{FCCC5573-1720-4710-BE2C-FE210F2EE059}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - E:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - E:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - E:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - D:\Programs\PrfldSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - E:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - E:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: ThreatFire - PC Tools - E:\Program Files\ThreatFire\TFService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - E:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 11293 bytes
-- Files created between 2008-05-22 and 2008-06-22 -----------------------------
2008-06-21 13:06:52 0 d-------- E:\Program Files\World of Warcraft Trial
2008-06-21 12:59:47 0 dr-h----- E:\Documents and Settings\Viden\Recent
2008-06-05 15:24:17 0 d-------- E:\Program Files\PlayOnline
2008-06-03 01:44:04 0 d-------- E:\Program Files\Rockstar Games
2008-05-31 22:42:34 0 d-------- E:\Documents and Settings\All Users\Application Data\Uniblue
2008-05-31 20:21:58 0 d-------- E:\Program Files\Max Payne
2008-05-30 04:51:00 0 d-------- E:\Program Files\Black Isle
2008-05-30 03:13:33 0 d-------- E:\Program Files\ThreatFire
2008-05-30 03:13:33 0 d-------- E:\Documents and Settings\All Users\Application Data\PC Tools
2008-05-25 23:36:06 98304 --a------ E:\WINDOWS\system32CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-05-25 03:23:41 0 d-------- E:\Program Files\Thief - Deadly Shadows
2008-05-24 00:42:45 0 d-------- E:\Program Files\Uniblue
2008-05-24 00:00:20 0 d-------- E:\Documents and Settings\Viden\Application Data\Uniblue
-- Find3M Report ---------------------------------------------------------------
2008-06-22 13:36:43 0 d-------- E:\Program Files\LogMeIn
2008-06-21 13:06:54 0 d-------- E:\Program Files\Common Files\Blizzard Entertainment
2008-06-20 23:13:27 0 d-------- E:\Program Files\Malwarebytes' Anti-Malware
2008-06-20 12:28:24 0 d-------- E:\Program Files\Spyware Doctor
2008-06-18 19:54:44 0 d-------- E:\Documents and Settings\Viden\Application Data\Auslogics
2008-06-08 18:41:31 0 d-------- E:\Program Files\SpeedFan
2008-06-05 15:56:19 0 d--h----- E:\Program Files\InstallShield Installation Information
2008-05-29 15:10:03 0 d-------- E:\Documents and Settings\Viden\Application Data\Mozilla
2008-05-29 00:10:11 0 d-------- E:\Documents and Settings\Viden\Application Data\Ideazon
2008-05-29 00:09:38 0 d-------- E:\Program Files\Ideazon
2008-05-24 01:21:42 0 d-------- E:\Program Files\Common Files\Totem Shared
2008-05-21 18:54:29 0 d-------- E:\Documents and Settings\Viden\Application Data\Vso
2008-05-21 18:54:28 668 --a------ E:\Documents and Settings\Viden\Application Data\vso_ts_preview.xml
2008-05-21 01:08:35 0 d-------- E:\Program Files\EA GAMES
2008-05-21 01:04:43 0 d-------- E:\Program Files\Firaxis Games
2008-05-21 01:02:03 0 d-------- E:\Program Files\Panda Security
2008-05-21 01:00:19 0 d-------- E:\Program Files\Ubisoft
2008-05-21 00:24:10 0 d-------- E:\Documents and Settings\Viden\Application Data\My Games
2008-05-19 23:12:21 0 d-------- E:\Documents and Settings\Viden\Application Data\Adobe
2008-05-19 11:37:44 0 d-------- E:\Program Files\The Weather Channel FW
2008-05-17 03:45:35 0 d-------- E:\Documents and Settings\Viden\Application Data\Nero
2008-05-17 03:43:47 0 d-------- E:\Program Files\Common Files\Nero
2008-05-17 03:42:15 0 d-------- E:\Program Files\Nero
2008-05-17 03:42:15 0 d-------- E:\Program Files\Common Files
2008-05-16 15:40:20 409600 --a------ E:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-05-16 15:40:20 114688 --a------ E:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions © Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL Library>
2008-05-16 15:40:20 0 d-------- E:\Program Files\OpenAL
2008-05-16 01:17:49 0 d-------- E:\Program Files\Rock Tour
2008-05-15 02:05:14 0 d-------- E:\Program Files\Bonjour
2008-05-15 02:05:10 0 d-------- E:\Program Files\Common Files\Adobe
2008-05-15 01:53:53 0 d-------- E:\Program Files\Common Files\Macrovision Shared
2008-05-12 22:54:26 0 d-------- E:\Program Files\Activision
2008-05-12 22:53:30 0 d-------- E:\Program Files\BC-Mod Packager
2008-05-12 22:52:19 0 d-------- E:\Program Files\Lavasoft
2008-05-12 22:52:17 0 d-------- E:\Documents and Settings\Viden\Application Data\Lavasoft
2008-05-09 16:40:18 0 d-------- E:\Program Files\Common Files\Bcgsoft
2008-05-09 16:40:16 0 d-------- E:\Documents and Settings\Viden\Application Data\Awasu
2008-05-08 17:12:23 0 d-------- E:\Program Files\Messenger
2008-05-08 17:12:13 0 d-------- E:\Program Files\Movie Maker
2008-05-08 17:10:02 0 d-------- E:\Program Files\Windows NT
2008-05-04 22:14:46 0 d-------- E:\Program Files\Trend Micro
2008-05-04 17:32:10 2457 --a------ E:\WINDOWS\mozver.dat
2008-05-04 17:19:57 0 d-------- E:\Documents and Settings\Viden\Application Data\Malwarebytes
2008-05-04 17:19:32 0 d-------- E:\Program Files\Common Files\Download Manager
2008-05-04 17:16:40 0 d-------- E:\Program Files\RegCure
2008-05-03 14:24:56 0 d-------- E:\Program Files\eggtimer
2008-04-30 16:02:29 98304 --a------ E:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-04-28 16:34:13 0 d-------- E:\Documents and Settings\Viden\Application Data\PC Tools
2008-04-25 14:37:22 0 d-------- E:\Program Files\CCP
2008-04-15 18:20:21 75845 --a------ E:\WINDOWS\War3Unin.dat
2008-04-15 18:18:11 2829 --a------ E:\WINDOWS\War3Unin.pif
2008-04-15 18:18:11 139264 --a------ E:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>
2008-04-11 16:30:15 33 --a------ E:\Documents and Settings\Viden\Application Data\pcouffin.log
2008-04-11 16:30:14 47360 --a------ E:\Documents and Settings\Viden\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-04-11 16:30:14 1144 --a------ E:\Documents and Settings\Viden\Application Data\pcouffin.inf
2008-04-11 16:30:14 7887 --a------ E:\Documents and Settings\Viden\Application Data\pcouffin.cat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 07:19 PM]
"Windows Defender"="E:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
"RTHDCPL"="RTHDCPL.EXE" [09/11/2007 05:54 PM E:\WINDOWS\RTHDCPL.exe]
"PHIME2002ASync"="E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 AM]
"PHIME2002A"="E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 AM]
"IntelliPoint"="e:\Program Files\Microsoft IntelliPoint\ipoint.exe" [08/31/2007 12:01 PM]
"IMJPMIG8.1"="E:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/04/2004 08:00 AM]
"EPSON Stylus C88 Series"="E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.exe" [01/27/2005 05:00 AM]
"COMODO Firewall Pro"="E:\Program Files\Comodo\Firewall\CPF.exe" [11/01/2007 04:47 PM]
"BTUSRBDG"="BtUsrBdg.exe" [11/05/2003 11:21 PM E:\WINDOWS\system32\BtUsrBdg.exe]
"BTSETBOOTKEY"="BTSetBootKey.exe" [04/15/2003 11:48 AM E:\WINDOWS\system32\BTSetBootKey.exe]
"NvCplDaemon"="E:\WINDOWS\system32\NvCpl.dll" [10/28/2007 05:52 PM]
"ISTray"="E:\Program Files\Spyware Doctor\pctsTray.exe" [06/19/2008 02:01 AM]
"NBKeyScan"="E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [12/03/2007 02:21 PM]
"Zboard"="E:\Program Files\Ideazon\ZEngine\Zboard.exe" [05/21/2008 02:59 PM]
"ThreatFire"="E:\Program Files\ThreatFire\TFTray.exe" [04/24/2008 04:52 PM]
"EPSON Stylus C88 Series (Copy 1)"="E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.exe" [01/27/2005 05:00 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="E:\WINDOWS\system32\ctfmon.exe" [04/14/2008 05:42 AM]
"Steam"="e:\progra~1\valve\steam\steam.exe" [03/27/2008 08:54 PM]
"Uniblue SpyEraser"="E:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [04/02/2008 09:50 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"=0 (0x0)
"NoStrCmpLogical"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"=0 (0x0)
"NoStrCmpLogical"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
E:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 04/30/2008 06:08 PM 87352 E:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli scecli scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XCOMM"=2 (0x2)
"MPS9"=2 (0x2)
"MpfService"=2 (0x2)
"McSysmon"=2 (0x2)
"McShield"=2 (0x2)
"McRedirector"=2 (0x2)
"McProxy"=2 (0x2)
"mcpromgr"=2 (0x2)
"McODS"=2 (0x2)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"mcmispupdmgr"=3 (0x3)
"McAfee HackerWatch Service"=2 (0x2)
"LIVESRV"=2 (0x2)
"Emproxy"=3 (0x3)
"Adobe LM Service"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Usnsvc usnsvc
bdx scan
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a8b6ae5-f80f-11db-b2d9-001921747f61}]
-- End of Deckard's System Scanner: finished at 2008-06-22 16:25:39 ------------