Hi!
thanks for the help!
Here are the files you asked for:
Main TextDeckard's System Scanner v20071014.68
Run by Debs on 2008-06-15 12:15:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Debs.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:16:38 PM, on 6/15/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Windows\System32\CTHELPER.EXE
C:\Windows\System32\CTXFIHLP.EXE
C:\Program Files\Dvd & Film\Nero 7\InCD\NBHGui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dvd & Film\Nero 7\InCD\InCD.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Users\Debs\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Debs.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Dvd & Film\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Dvd & Film\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Dvd & Film\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Dvd & Film\Photoshop Elements 6\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Image Mounting\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O4 - Startup: Registration Assassin's Creed.LNK = C:\Program Files\Games\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cabO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://dl8-cdn-01.su...ows-i586-jc.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{8E31A9F3-63C7-448C-BB08-2A37B111ED69}: NameServer = 195.170.0.1 195.170.2.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Dvd & Film\Photoshop Elements 6\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Unknown owner - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Dvd & Film\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Dvd & Film\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 14182 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R1 SASDIFSV - \??\c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - \??\c:\program files\superantispyware\saskutil.sys
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys <Not Verified; SlySoft, Inc.; AnyDVD>
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
R3 SASENUM - \??\c:\program files\superantispyware\sasenum.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
S2 CTAudSvcService (Creative Audio Service) - c:\program files\creative\shared files\ctaudsvc.exe (file missing)
S3 Creative ALchemy AL1 Licensing Service - "c:\program files\common files\creative labs shared\service\al1licensing.exe" <Not Verified; Creative Labs; Creative ALchemy AL1 Licensing Service>
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NBService - c:\program files\dvd & film\nero 7\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standard PS/2 Keyboard
Device ID: ACPI\PNP0303\4&23F9C1E3&0
Manufacturer: (Standard keyboards)
Name: Standard PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&23F9C1E3&0
Service: i8042prt
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_82771043&REV_02\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_82771043&REV_02\3&11583659&0&FB
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-06-15 12:15:00 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{007E08AA-3C5E-4BD1-BC27-4AEE2A44E3A9}.job
2008-06-09 20:00:08 544 --a------ C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Debs.job
-- Files created between 2008-05-15 and 2008-06-15 -----------------------------
2008-06-14 17:57:14 0 d-------- C:\Program Files\CyberLink
2008-06-14 12:16:25 0 d-------- C:\Program Files\Java
2008-06-14 12:02:34 0 d-------- C:\Program Files\Common Files\Java
2008-06-14 01:39:08 0 d-------- C:\Program Files\Panda Security
2008-06-14 01:06:50 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-14 01:06:19 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-13 23:42:27 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-13 23:05:28 0 d-------- C:\Program Files\Trend Micro
2008-06-13 18:06:40 0 --a------ C:\Windows\nsreg.dat
2008-06-13 17:16:13 0 d-------- C:\Program Files\Uniblue
2008-06-11 13:24:37 442368 -ra------ C:\Windows\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2008-06-10 13:40:11 0 d-------- C:\Program Files\MSXML 4.0
2008-06-10 10:33:42 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-10 10:10:00 0 d-------- C:\Program Files\Common Files\Ahead
2008-06-08 22:44:08 0 d-------- C:\Program Files\Games
2008-06-08 22:42:22 0 d-------- C:\Program Files\ReflexiveArcade
2008-06-08 10:45:00 715248 --a------ C:\Windows\system32\drivers\sptd.sys
2008-06-08 10:39:06 0 d-------- C:\Program Files\Common Files\InterVideo
2008-06-08 10:38:33 0 d-------- C:\Program Files\Windows Media Components
2008-06-08 10:37:38 0 d-------- C:\Program Files\Common Files\Ulead Systems
2008-06-07 22:03:51 0 d-------- C:\Program Files\iPod
2008-06-07 22:03:50 0 d-------- C:\Program Files\iTunes
2008-06-07 22:02:40 0 d-------- C:\Program Files\Bonjour
2008-06-07 22:01:55 0 d-------- C:\Program Files\QuickTime
2008-06-07 22:01:35 0 d-------- C:\Program Files\Apple Software Update
2008-06-07 22:00:57 0 d-------- C:\Program Files\Common Files\Apple
2008-06-07 18:52:58 0 d-------- C:\Program Files\Dvd & Film
2008-06-06 11:51:54 0 d-------- C:\PerfLogs
2008-06-06 09:28:35 0 d-------- C:\Windows\pss
2008-06-05 23:11:15 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-05 18:41:34 53248 -----n--- C:\Windows\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative Product Registration>
2008-06-05 18:41:28 0 d-------- C:\Program Files\Common Files\Creative Labs Shared
2008-06-05 17:48:10 0 d-------- C:\Program Files\Common Files\Creative
2008-06-05 17:48:06 0 d--h----- C:\Program Files\Creative Installation Information
2008-06-05 14:32:27 0 d-------- C:\Program Files\uTorrent
2008-06-05 13:13:35 413696 --a------ C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-06-05 13:13:35 110592 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions © Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL Library>
2008-06-05 13:13:35 0 d-------- C:\Program Files\OpenAL
2008-06-05 13:11:09 0 d-------- C:\Program Files\Creative
2008-06-05 12:39:17 3072 --a------ C:\Windows\CTXFIRES.DLL <Not Verified; ; CTxfiRes Dynamic Link Library>
2008-06-05 11:30:00 0 d-------- C:\Program Files\Driver Cleaner PE
2008-06-05 11:11:41 250032 -rahs---- C:\ntldr
2008-06-05 11:06:34 0 d-------- C:\Program Files\PROnetworks
2008-06-05 10:18:22 552464 --a------ C:\Windows\system32\perfh008.dat
2008-06-05 10:18:22 88292 --a------ C:\Windows\system32\perfc008.dat
2008-06-05 10:17:41 0 d-------- C:\Windows\el-GR
2008-06-05 10:17:37 0 d-------- C:\Windows\system32\el
2008-06-05 10:17:37 0 d-------- C:\Windows\system32\drivers\el-GR
2008-06-05 10:17:37 0 d-------- C:\Windows\system32\0408
2008-06-05 10:07:20 0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-05 03:22:27 0 d-------- C:\Windows\Panther
2008-06-05 03:22:14 0 d--hs---- C:\Boot
2008-06-05 02:25:46 0 d-------- C:\Windows\SoftwareDistribution
2008-06-05 02:24:23 0 d-------- C:\Windows\Debug
2008-06-05 02:24:23 0 d-------- C:\Windows\CSC
2008-06-05 02:23:35 0 d-------- C:\Windows\Prefetch
2008-06-05 02:23:25 0 d--hs---- C:\System Volume Information
2008-06-05 01:44:50 0 d-------- C:\Program Files\Siber Systems
2008-06-05 01:17:15 0 d-------- C:\Program Files\Microsoft Works
2008-06-05 01:15:50 0 d-------- C:\Program Files\Microsoft.NET
2008-06-05 01:14:18 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-06-05 01:12:51 0 dr-h----- C:\MSOCache
2008-06-04 23:50:40 0 d-------- C:\Program Files\Norton Internet Security
2008-06-04 23:49:45 0 d-------- C:\Program Files\Symantec
2008-06-04 23:49:28 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-04 23:46:27 96256 --a------ C:\Windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
2008-06-04 23:23:52 0 d-------- C:\Program Files\Image Mounting
2008-06-04 23:18:37 0 d-------- C:\Windows\system32\Macromed
2008-06-04 23:07:05 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2008-06-04 23:05:33 0 d-------- C:\Program Files\Microsoft IntelliPoint
2008-06-04 23:05:30 0 d-------- C:\Windows\PCHEALTH
2008-06-04 23:01:00 127456 --a------ C:\Windows\system32\IPDETECT.EXE <Not Verified; ; IPDETECT>
2008-06-04 23:00:58 212992 --a------ C:\Windows\system32\unaddrv.exe <Not Verified; Analog Devices.; UnADdrv>
2008-06-04 23:00:58 152126 --a------ C:\Windows\system32\drivers\L1E9P2.BIN
2008-06-04 23:00:58 152146 --a------ C:\Windows\system32\drivers\L1E4P2.BIN
2008-06-04 23:00:58 152145 --a------ C:\Windows\system32\drivers\L1E4P1.BIN
2008-06-04 23:00:58 152145 --a------ C:\Windows\system32\drivers\L1E4P0.BIN
2008-06-04 23:00:58 152308 --a------ C:\Windows\system32\drivers\L1E4I2.BIN
2008-06-04 23:00:58 152306 --a------ C:\Windows\system32\drivers\L1E4I1.BIN
2008-06-04 23:00:58 152306 --a------ C:\Windows\system32\drivers\L1E4I0.BIN
2008-06-04 23:00:58 46892 --a------ C:\Windows\system32\ADADIX16.DLL
2008-06-04 23:00:58 24576 --a------ C:\Windows\enddisk32.exe
2008-06-04 23:00:57 152126 --a------ C:\Windows\system32\drivers\L1E9P1.BIN
2008-06-04 23:00:57 152126 --a------ C:\Windows\system32\drivers\L1E9P0.BIN
2008-06-04 23:00:57 152126 --a------ C:\Windows\system32\drivers\L1E9I2.BIN
2008-06-04 23:00:57 152126 --a------ C:\Windows\system32\drivers\L1E9I1.BIN
2008-06-04 23:00:57 152126 --a------ C:\Windows\system32\drivers\L1E9I0.BIN
2008-06-04 23:00:50 0 d-------- C:\Program Files\SAGEM
2008-06-04 20:30:33 0 d-------- C:\Windows\system32\Data
2008-06-04 20:30:31 230 --a------ C:\Windows\ctrunonce.reg
2008-06-04 20:29:57 69120 --a------ C:\Windows\system32\CmdRtr.DLL
2008-06-04 20:29:57 108544 --a------ C:\Windows\system32\APOMngr.DLL
2008-06-04 20:03:09 0 d-------- C:\ATI
2008-06-04 19:53:43 0 --a------ C:\Windows\ativpsrm.bin
2008-06-04 19:51:21 0 d-------- C:\Program Files\Common Files\ATI Technologies
2008-06-04 19:50:20 0 d-------- C:\Program Files\ATI
2008-06-04 19:48:55 0 d-------- C:\Program Files\ATI Technologies
2008-06-04 19:02:40 171136 -rahs---- C:\grldr
2008-06-04 19:02:27 0 d-------- C:\Windows\ASUS
2008-06-04 18:54:27 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-04 18:53:52 0 d-------- C:\Program Files\Multimedia Card Reader
2008-06-04 18:53:33 0 d-------- C:\Windows\Downloaded Installations
2008-06-04 18:53:33 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-04 18:53:31 0 d--hs---- C:\Windows\Installer
2008-06-04 16:45:55 0 dr------- C:\Users\Debs\Searches
2008-06-04 16:45:48 0 dr------- C:\Users\Debs\Contacts
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Videos
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\Templates
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\Start Menu
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\SendTo
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Saved Games
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\Recent
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\PrintHood
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Pictures
2008-06-04 16:45:45 1835008 --ahs---- C:\Users\Debs\NTUSER.DAT
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\NetHood
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\My Documents
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Music
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\Local Settings
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Links
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Favorites
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Downloads
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Documents
2008-06-04 16:45:45 0 dr------- C:\Users\Debs\Desktop
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\Cookies
2008-06-04 16:45:45 0 d--hs---- C:\Users\Debs\Application Data
2008-06-04 16:45:45 0 d--h----- C:\Users\Debs\AppData
-- Find3M Report ---------------------------------------------------------------
2008-06-14 16:10:55 0 d-------- C:\Program Files\Common Files
2008-06-14 01:06:50 0 d-------- C:\Users\Debs\AppData\Roaming\SUPERAntiSpyware.com
2008-06-13 23:42:29 0 d-------- C:\Users\Debs\AppData\Roaming\Malwarebytes
2008-06-13 23:42:09 0 d-------- C:\Users\Debs\AppData\Roaming\Download Manager
2008-06-13 18:37:24 0 d-------- C:\Users\Debs\AppData\Roaming\uTorrent
2008-06-13 18:06:38 0 d-------- C:\Users\Debs\AppData\Roaming\Mozilla
2008-06-13 17:16:45 0 d-------- C:\Users\Debs\AppData\Roaming\Uniblue
2008-06-13 11:37:38 0 d-------- C:\Users\Debs\AppData\Roaming\CyberLink
2008-06-13 00:28:10 0 d-------- C:\Users\Debs\AppData\Roaming\Ubisoft
2008-06-12 15:09:01 0 d-------- C:\Users\Debs\AppData\Roaming\Ahead
2008-06-12 13:09:44 0 d-------- C:\Users\Debs\AppData\Roaming\Adobe
2008-06-11 10:34:43 0 d-------- C:\Program Files\Windows Mail
2008-06-10 12:20:01 0 d-------- C:\Users\Debs\AppData\Roaming\Ulead Systems
2008-06-09 00:27:44 0 d-------- C:\Users\Debs\AppData\Roaming\ITTNord
2008-06-08 23:59:07 0 d-------- C:\Users\Debs\AppData\Roaming\CaribbeanHideaway
2008-06-07 22:04:02 0 d-------- C:\Users\Debs\AppData\Roaming\Apple Computer
2008-06-06 12:01:55 174 --ahs---- C:\Program Files\desktop.ini
2008-06-06 11:53:15 0 d-------- C:\Program Files\Windows Calendar
2008-06-06 11:53:15 0 d-------- C:\Program Files\Movie Maker
2008-06-06 11:53:13 0 d-------- C:\Program Files\Windows Sidebar
2008-06-06 11:53:13 0 d-------- C:\Program Files\Windows Collaboration
2008-06-06 11:53:12 0 d-------- C:\Program Files\Windows Photo Gallery
2008-06-06 11:53:12 0 d-------- C:\Program Files\Windows Journal
2008-06-06 11:53:09 0 d-------- C:\Program Files\Windows Defender
2008-06-05 17:56:06 0 d-------- C:\Users\Debs\AppData\Roaming\Creative
2008-06-05 01:16:54 0 d-------- C:\Program Files\MSBuild
2008-06-04 23:18:40 0 d-------- C:\Users\Debs\AppData\Roaming\Macromedia
2008-06-04 23:00:49 0 d-------- C:\Users\Debs\AppData\Roaming\InstallShield
2008-06-04 19:57:34 0 d-------- C:\Users\Debs\AppData\Roaming\ATI
2008-06-04 18:53:17 0 d-------- C:\Users\Debs\AppData\Roaming\WinRAR
2008-06-04 16:45:48 0 d-------- C:\Users\Debs\AppData\Roaming\Identities
2008-04-11 17:23:54 38400 --a------ C:\Windows\system32\SoundSchemes.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-15 01:24:12 93128 -----n--- C:\Windows\system32\ElbyCDIO.dll <Not Verified; Elaborate Bytes AG; Elaborate Bytes CDRTools>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [01/19/2008 10:38 AM]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [01/21/2008 12:17 PM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [08/31/2007 12:01 PM]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [11/21/2006 05:08 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/10/2007 08:59 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [01/29/2008 05:38 PM]
"CTXFIREG"="CTxfiReg.exe" [02/20/2008 08:55 PM C:\Windows\System32\CTXFIREG.EXE]
"RCSystem"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [11/22/2006 05:55 PM]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [11/22/2006 05:55 PM]
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [12/06/2006 06:10 PM]
"CTHelper"="CTHELPER.EXE" [02/20/2008 08:58 PM C:\Windows\System32\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [02/20/2008 08:58 PM C:\Windows\System32\CTXFIHLP.EXE]
"UVS11 Preload"="C:\Program Files\Dvd & Film\Ulead VideoStudio 11\uvPL.exe" [07/23/2007 01:55 PM]
"UpdReg"="C:\Windows\UpdReg.EXE" [05/11/2000 01:00 AM]
"SecurDisc"="C:\Program Files\Dvd & Film\Nero 7\InCD\NBHGui.exe" [05/15/2007 03:55 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"InCD"="C:\Program Files\Dvd & Film\Nero 7\InCD\InCD.exe" [05/15/2007 03:55 PM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"Adobe Photo Downloader"="C:\Program Files\Dvd & Film\Photoshop Elements 6\apdproxy.exe" [09/11/2007 12:43 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/23/2006 03:10 PM]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [12/05/2006 10:55 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/19/2008 10:33 AM]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [06/05/2008 01:44 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [01/19/2008 10:33 AM]
"Creative MediaSource Go"="C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" [11/09/2006 10:19 AM]
"Uniblue RegistryBooster 2"="c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe" [12/05/2007 04:06 PM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [05/16/2007 09:27 AM]
"AlcoholAutomount"="C:\Program Files\Image Mounting\Alcohol 120\axcmd.exe" [12/22/2007 10:23 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/27/2007 11:39 AM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [01/19/2008 10:33 AM]
"Power2GoExpress"="" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DevconDefaultDB"=C:\Windows\system32\READREG /SILENT /FAIL=1
"CtxfiReg"=CTXFIREG.exe /FAIL1
C:\Users\Debs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Registration Assassin's Creed.LNK - C:\Program Files\Games\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe [6/11/2008 7:04:08 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Debs^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
GPSvcGroup GPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
AutoRun\command- K:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15bc6de9-352f-11dd-a171-000000000000}]
AutoRun\command- I:\Autorun.exe
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration
-- End of Deckard's System Scanner: finished at 2008-06-15 12:18:18 ------------
Extra TextDeckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Ultimate (build 6001) SP 1.0
Architecture: X86; Language: English
CPU 0: Intel® Core2 CPU 6600 @ 2.40GHz
Percentage of Memory in Use: 34%
Physical Memory (total/avail): 3070.37 MiB / 2014.32 MiB
Pagefile Memory (total/avail): 6355.9 MiB / 5264.93 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1894.02 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 298.09 GiB total, 254.64 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 232.88 GiB total, 227.95 GiB free.
F: is Fixed (NTFS) - 298.09 GiB total, 288.79 GiB free.
G: is Fixed (NTFS) - 596.17 GiB total, 392.43 GiB free.
H: is Fixed (NTFS) - 298.09 GiB total, 251.57 GiB free.
I: is CDROM (CDFS)
J: is CDROM (No Media)
L: is Removable (No Media)
M: is Removable (No Media)
N: is Removable (No Media)
O: is Removable (No Media)
\\.\PHYSICALDRIVE3 - ST3250620AS ATA Device - 232.88 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 232.88 GiB - E:
\\.\PHYSICALDRIVE0 - ST3320620AS ATA Device - 298.09 GiB - 1 partition
\PARTITION0 - Installable File System - 298.09 GiB - F:
\\.\PHYSICALDRIVE1 - WDC WD3200AAKS-00SBA0 ATA Device - 298.09 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 298.09 GiB - C:
\\.\PHYSICALDRIVE2 - WDC WD6400AAKS-00A7B0 ATA Device - 596.17 GiB - 1 partition
\PARTITION0 - Installable File System - 596.17 GiB - G:
\\.\PHYSICALDRIVE5 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE7 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE6 - Generic USB SM Reader USB Device
\\.\PHYSICALDRIVE8 - WD 3200AAV External USB Device - 298.09 GiB - 1 partition
\PARTITION0 - Installable File System - 298.09 GiB - H:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: Norton Internet Security v2007 (Symantec Corporation)
AV: Norton Internet Security v2007 (Symantec Corporation)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
DisabledAS: Norton Internet Security v2007 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Debs\AppData\Roaming
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DEBS-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Debs
LOCALAPPDATA=C:\Users\Debs\AppData\Local
LOGONSERVER=\\DEBS-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Ulead Systems\MPEG
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Debs\AppData\Local\Temp
TMP=C:\Users\Debs\AppData\Local\Temp
USERDOMAIN=Debs-PC
USERNAME=Debs
USERPROFILE=C:\Users\Debs
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Debs
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W
--> "C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
--> C:\Program Files\Dvd & Film\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\NuNInst.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A68AACBA-C3AF-467B-978C-E05C31650CF6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086