Deckard's System Scanner v20071014.68
Run by mike nordine on 2008-04-12 22:23:41
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as mike nordine.exe) ----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:01 PM, on 04/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\Program Files\WinBar\WinBar.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mike nordine\Desktop\downloads\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\mike nordine.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - Startup: WinBar.lnk = C:\Program Files\WinBar\WinBar.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....031/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1005.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1191690223296
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15034/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
--
End of file - 10279 bytes
-- Files created between 2008-03-12 and 2008-04-12 -----------------------------
2008-04-12 16:02:59 0 d-------- C:\Program Files\Common Files\Borland Shared
2008-04-12 16:02:56 0 d-------- C:\Program Files\Gemstar
2008-04-12 16:01:31 0 d-------- C:\WINDOWS\system32\IOSUBSYS
2008-04-12 15:57:16 0 d-------- C:\Program Files\Common Files\ATI
2008-04-12 15:55:42 114688 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-04-12 15:55:13 0 d-------- C:\Program Files\ATI Technologies
2008-04-12 15:16:37 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-12 15:15:33 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI MMC
2008-04-12 15:01:32 0 d-------- C:\Program Files\ATI Multimedia
2008-04-12 14:59:38 0 d-------- C:\WINDOWS\system32\windows media
2008-04-12 14:59:29 0 d--h----- C:\WINDOWS\msdownld.tmp
2008-04-12 14:59:24 0 d-------- C:\Program Files\Windows Media Components
2008-04-12 14:58:00 0 d-------- C:\Program Files\Common Files\CyberLink
2008-04-12 05:57:22 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Malwarebytes
2008-04-12 05:57:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-12 05:57:12 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-12 05:56:12 0 d-------- C:\Program Files\Common Files\Download Manager
2008-04-11 01:43:48 0 d-------- C:\GF
2008-04-11 00:34:20 0 d-------- C:\Documents and Settings\mike nordine\Application Data\ATI
2008-04-11 00:22:52 0 d-------- C:\ATI
2008-04-10 13:50:49 0 d-------- C:\Program Files\Rockstar Games
2008-04-10 01:51:35 0 d-------- C:\Program Files\Common Files\EasyInfo
2008-04-10 01:32:12 0 d-------- C:\Program Files\Electronic Arts
2008-04-10 00:55:25 438272 -ra------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; EA.com/On2.com; EAOn2_VP6>
2008-04-10 00:30:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-10 00:30:17 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-09 01:15:48 0 d-------- C:\WINDOWS\ERUNT
2008-04-08 13:12:59 0 d-------- C:\Program Files\Trend Micro
2008-04-08 01:42:14 2188 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-08 01:39:29 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-04-08 01:39:29 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-04-08 01:39:29 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-04-08 01:39:29 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-04-08 01:39:29 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-04-08 01:39:29 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-04-08 01:39:29 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-04-08 01:39:29 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-04-08 01:39:29 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-04-08 01:39:29 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-04-08 01:39:29 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-04-08 01:39:29 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-04-08 01:39:29 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-04-08 01:39:29 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-04-08 00:34:05 0 d-------- C:\Program Files\TouchCopy
2008-03-18 01:47:57 0 d-------- C:\Program Files\Windows Sidebar
2008-03-18 01:44:54 0 d-------- C:\Program Files\Symantec
2008-03-18 01:44:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-18 01:23:37 0 d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-03-12 01:26:10 0 d-------- C:\Program Files\MagicISO
-- Find3M Report ---------------------------------------------------------------
2008-04-12 16:31:55 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-12 16:04:08 288 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000009-00001102-00000002-80661102}.dat
2008-04-12 16:04:08 288 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-00000009-00001102-00000002-80661102}.dat
2008-04-12 16:03:38 0 d-------- C:\Program Files\WinBar
2008-04-12 16:02:59 0 d-------- C:\Program Files\Common Files
2008-04-12 16:02:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-12 07:35:52 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Vso
2008-04-12 03:40:12 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Azureus
2008-04-12 03:39:57 34 --a------ C:\Documents and Settings\mike nordine\Application Data\pcouffin.log
2008-04-12 03:39:51 47360 --a------ C:\Documents and Settings\mike nordine\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-04-12 03:39:51 1144 --a------ C:\Documents and Settings\mike nordine\Application Data\pcouffin.inf
2008-04-12 03:39:51 7887 --a------ C:\Documents and Settings\mike nordine\Application Data\pcouffin.cat
2008-04-12 03:39:37 0 d-------- C:\Program Files\DVDFab Platinum 4
2008-04-12 03:34:53 0 d-------- C:\Program Files\DVDFab Platinum 3
2008-04-12 03:25:43 0 d-------- C:\Documents and Settings\mike nordine\Application Data\DVDFab
2008-04-11 00:15:44 0 d-------- C:\Program Files\Creative
2008-04-08 00:28:52 0 d-------- C:\Documents and Settings\mike nordine\Application Data\LimeWire
2008-04-02 00:33:28 0 d-------- C:\Program Files\Java
2008-03-26 00:07:42 0 d-------- C:\Program Files\LimeWire
2008-03-19 14:06:28 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-03-18 02:17:19 0 d-------- C:\Program Files\Norton 360
2008-03-18 01:51:21 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Symantec
2008-03-09 22:07:50 0 d-------- C:\Program Files\dx9c
2008-03-09 19:49:00 0 d-------- C:\Documents and Settings\mike nordine\Application Data\DAEMON Tools
2008-03-09 16:22:55 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Creative
2008-03-08 22:36:10 0 d-------- C:\Program Files\Blaze Media Pro
2008-03-08 02:51:31 0 d-------- C:\Documents and Settings\mike nordine\Application Data\ArcSoft
2008-03-08 02:50:39 0 d-------- C:\Program Files\Common Files\ArcSoft
2008-03-07 21:52:41 0 d-------- C:\Documents and Settings\mike nordine\Application Data\EPSON
2008-03-07 19:19:39 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Leadertech
2008-03-07 19:12:40 0 d-------- C:\Program Files\epson
2008-03-07 19:12:04 0 d-------- C:\Program Files\ArcSoft
2008-03-07 19:05:45 0 d-------- C:\Program Files\Azureus
2008-03-07 03:37:17 0 d-------- C:\Program Files\Essentials Codec Pack
2008-03-07 02:54:14 0 d-------- C:\Program Files\CS Software
2008-03-07 02:36:26 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-03-07 02:36:22 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Real
2008-03-03 14:29:47 1588 --a------ C:\WINDOWS\mozver.dat
2008-03-02 00:14:36 0 d-------- C:\Program Files\Activision
2008-02-27 01:12:40 0 d-------- C:\Documents and Settings\mike nordine\Application Data\uTorrent
2008-02-19 03:38:44 0 d-------- C:\Documents and Settings\mike nordine\Application Data\Moyea
2008-02-12 14:29:52 0 d-------- C:\Documents and Settings\mike nordine\Application Data\MoyeaFLV2Video
2008-02-12 03:31:31 0 d-------- C:\Program Files\Moyea
2008-02-12 02:39:18 0 d-------- C:\Program Files\AliveMedia
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
02/23/2008 09:08 PM 349552 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
03/18/2008 01:48 AM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [02/23/2008 09:08 PM 349552]
[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"="CTHELPER.EXE" [08/28/2003 03:45 AM C:\WINDOWS\system32\CTHELPER.EXE]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [11/29/2001 01:00 AM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01/12/2006 03:40 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [02/07/2007 04:24 PM]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [02/07/2007 04:21 PM]
"Media Codec Update Service"="C:\Program Files\Essentials Codec Pack\update.exe" [04/08/2007 11:44 AM]
"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [12/12/2007 10:11 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/18/2008 02:37 PM]
"osCheck"="C:\Program Files\Norton 360\osCheck.exe" [02/26/2008 09:50 AM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [11/13/2003 09:10 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 06:43 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [12/02/2004 06:23 PM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [11/16/2006 07:04 PM]
"@"="" []
"ATI Launchpad"="C:\Program Files\ATI Multimedia\main\launchpd.exe" [12/03/2003 07:17 AM]
"ATI Remote Control"="C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [12/03/2003 05:13 AM]
C:\Documents and Settings\mike nordine\Start Menu\Programs\Startup\
WinBar.lnk - C:\Program Files\WinBar\WinBar.exe [10/06/2007 3:36:24 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 01/30/2008 03:11 AM 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-- End of Deckard's System Scanner: finished at 2008-04-12 22:24:32 ------------