Mdelk, Wintems, Can't run services?! HELP! [Archive]

View Full Version : Mdelk, Wintems, Can't run services?! HELP!

Sunshine666

2008-02-01, 05:36

Hallo, I really need some help here :(

I KNOW i have something bad going on - cause i have "mdelk.exe" in my sys32 dir :(

Also, after trying to install multiple antivirus - i figured out i can't start services...

I also can't run HiJackThis! or IceSword !!!

Does anyone have any ideas??

Sunshine666

2008-02-01, 05:42

AH HA

DSS works, kinda

Here's all that stuff:

--------
Deckard's System Scanner v20071014.68
Run by Admin on 2008-01-31 20:40:30
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-31 20:40:32
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\EverNote\EverNote\EverNote.exe
C:\Program Files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PCI Latency Tool 3\LtcyCfgSvc.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Autodesk\3ds Max 9\plugins\Brazil\sfmgr\sfmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Admin\Desktop\Misc\~Downloads~\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GPPrinterNotify] "C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: EverNote.lnk = C:\Program Files\EverNote\EverNote\EverNote.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to EverNote - res://C:\Program Files\EverNote\EverNote\enbar.dll/2000
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll
O9 - Extra 'Tools' menuitem: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll
O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198442503234
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{4D085610-53E2-4A37-B32F-97564D99A4BD}: NameServer = 68.87.76.178,68.87.78.130
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: PCI Latency Tool Service (LtcyCfgSvc) - Unknown owner - C:\Program Files\PCI Latency Tool 3\LtcyCfgSvc.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA-OMEGA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: CaReTaKeR-CT NetMgr 1.2.1 (sfmgr) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\plugins\Brazil\sfmgr\sfmgr.exe

--
End of file - 10373 bytes

-- Files created between 2007-12-31 and 2008-01-31 -----------------------------

2008-01-31 20:36:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-31 20:09:44 0 d-------- C:\Program Files\XoftSpySE
2008-01-31 20:05:50 0 d-------- C:\Documents and Settings\Admin\.housecall6.6
2008-01-31 19:55:22 0 d-------- C:\Autoruns
2008-01-31 19:50:06 0 d-------- C:\Program Files\The Cleaner Free
2008-01-31 17:09:07 0 d-------- C:\Program Files\DashCommand
2008-01-31 17:07:11 71172 --a------ C:\WINDOWS\system32\mdelk.exe
2008-01-31 17:05:16 115004 --a------ C:\WINDOWS\system32\drivers\srosa.sys
2008-01-31 17:01:33 0 d-------- C:\WINDOWS\system32\drivers\down
2008-01-31 13:20:46 0 d-------- C:\Documents and Settings\Admin\Application Data\Nero
2008-01-31 13:20:13 368640 --a------ C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corporation; TwnLib4 - TwainPRO v4.0 - Utility Library>
2008-01-31 13:20:13 802816 --a------ C:\WINDOWS\system32\imagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-01-31 13:20:13 258048 --a------ C:\WINDOWS\system32\imagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-01-31 13:20:13 1757184 --a------ C:\WINDOWS\system32\imagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-01-31 13:20:12 0 d-------- C:\Program Files\Nero
2008-01-31 13:20:12 0 d-------- C:\Program Files\Common Files\Nero
2008-01-31 13:20:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-01-30 03:37:08 12288 --a------ C:\WINDOWS\system32\GPPDF.dll <Not Verified; GreenPrint Inc.; GreenPrint GP PDF>
2008-01-30 03:37:08 10240 --a------ C:\WINDOWS\system32\GPMailPDF.dll <Not Verified; GreenPrint Inc.; GreenPrint GP PDF>
2008-01-30 03:37:07 11264 --a------ C:\WINDOWS\system32\gpmon.dll
2008-01-30 03:37:04 0 d-------- C:\Program Files\GreenPrint Technologies
2008-01-28 14:51:37 0 d-------- C:\Documents and Settings\Guest\Application Data\Launchy
2008-01-28 14:51:36 0 d-------- C:\Documents and Settings\Guest\Application Data\Logitech
2008-01-28 14:51:31 0 d-------- C:\Documents and Settings\Guest\Application Data\Identities
2008-01-28 14:51:20 0 d--h----- C:\Documents and Settings\Guest\Templates
2008-01-28 14:51:20 0 dr------- C:\Documents and Settings\Guest\Start Menu
2008-01-28 14:51:20 0 dr-h----- C:\Documents and Settings\Guest\SendTo
2008-01-28 14:51:20 0 dr-h----- C:\Documents and Settings\Guest\Recent
2008-01-28 14:51:20 0 d--h----- C:\Documents and Settings\Guest\PrintHood
2008-01-28 14:51:20 786432 --ah----- C:\Documents and Settings\Guest\NTUSER.DAT
2008-01-28 14:51:20 0 d--h----- C:\Documents and Settings\Guest\NetHood
2008-01-28 14:51:20 0 dr------- C:\Documents and Settings\Guest\My Documents
2008-01-28 14:51:20 0 d--h----- C:\Documents and Settings\Guest\Local Settings
2008-01-28 14:51:20 0 dr------- C:\Documents and Settings\Guest\Favorites
2008-01-28 14:51:20 0 d-------- C:\Documents and Settings\Guest\Desktop
2008-01-28 14:51:20 0 d---s---- C:\Documents and Settings\Guest\Cookies
2008-01-28 14:51:20 0 dr-h----- C:\Documents and Settings\Guest\Application Data
2008-01-28 14:51:20 0 d---s---- C:\Documents and Settings\Guest\Application Data\Microsoft
2008-01-28 14:37:52 0 d-------- C:\Temp
2008-01-28 14:18:46 0 d-------- C:\Program Files\EverNote
2008-01-28 02:37:37 0 d-------- C:\Documents and Settings\All Users\Application Data\WildTangent
2008-01-28 02:03:40 0 d-------- C:\Program Files\DivX
2008-01-26 22:16:13 0 d-------- C:\Documents and Settings\Admin\Application Data\ImgBurn
2008-01-26 22:15:59 0 d-------- C:\Program Files\ImgBurn
2008-01-25 14:54:36 0 -rahs---- C:\WINDOWS\syslasp.dll
2008-01-22 23:20:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-22 23:18:01 0 d-------- C:\Program Files\Nvidia Omega Drivers
2008-01-22 16:48:08 0 d-------- C:\Program Files\Messenger Plus! Live
2008-01-22 16:32:11 0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-01-22 16:32:10 0 d-------- C:\Documents and Settings\Admin\Application Data\Logitech
2008-01-22 16:31:23 0 d-------- C:\Program Files\Common Files\LogiShrd
2008-01-22 16:31:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-01-22 16:31:18 0 d-------- C:\Program Files\Logitech
2008-01-22 16:25:28 0 d-------- C:\Program Files\StuffPlug3
2008-01-22 13:42:10

Sunshine666

2008-02-01, 05:42

here's the rest

0 d-------- C:\Program Files\Razer
2008-01-21 20:48:16 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2008-01-21 20:48:16 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-01-21 20:48:16 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-01-21 20:48:16 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-01-21 20:48:16 1474560 --a------ C:\WINDOWS\system32\nview.dll
2008-01-21 20:48:16 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-01-21 20:48:16 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-01-21 20:48:16 425984 --a------ C:\WINDOWS\system32\keystone.exe
2008-01-21 20:48:16 0 d-------- C:\WINDOWS\nview
2008-01-21 20:43:53 90112 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-01-21 20:43:48 0 d-------- C:\Program Files\NGONVOD116369
2008-01-21 14:11:04 0 d-------- C:\Program Files\Guitar Pro 5
2008-01-20 16:09:48 0 d-------- C:\Documents and Settings\Admin\Application Data\vlc
2008-01-20 15:59:09 0 d-------- C:\Program Files\VideoLAN
2008-01-20 15:56:37 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-01-20 15:56:36 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-01-20 15:56:35 282624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-01-20 15:56:35 1559040 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-01-20 15:56:35 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-20 15:56:35 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-01-20 15:56:35 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-01-20 15:56:35 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-20 15:56:34 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-01-20 15:46:34 0 d-------- C:\Program Files\Apple Software Update
2008-01-20 15:46:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-19 09:47:07 0 d-------- C:\Documents and Settings\Admin\Application Data\Launchy
2008-01-19 09:47:00 0 d-------- C:\Program Files\Launchy
2008-01-18 13:02:40 0 d-------- C:\Documents and Settings\Admin\Application Data\PCF-VLC
2008-01-18 12:50:23 0 d-------- C:\Documents and Settings\Admin\Application Data\Participatory Culture Foundation
2008-01-18 12:49:35 0 d-------- C:\Program Files\Participatory Culture Foundation
2008-01-13 22:57:14 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-01-13 21:16:21 0 d-------- C:\Documents and Settings\Admin\Application Data\Thunderbird
2008-01-13 21:16:18 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-01-12 23:03:47 0 d-------- C:\Documents and Settings\Admin\Application Data\InstallShield
2008-01-10 23:16:36 669184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-01-08 15:15:46 0 d-------- C:\Documents and Settings\Admin\Application Data\Magic Set Editor
2008-01-08 15:15:32 0 d-------- C:\Program Files\Magic Set Editor 2
2008-01-07 17:53:57 0 d-------- C:\Documents and Settings\Admin\Application Data\teamspeak2
2008-01-07 17:53:39 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-01-06 20:23:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-01-06 20:22:15 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2008-01-06 20:22:15 0 d-------- C:\Program Files\Autodesk
2008-01-06 15:21:03 0 d-------- C:\Program Files\Google
2008-01-06 15:21:00 0 d-------- C:\Program Files\Picasa2
2008-01-05 16:50:42 0 d-------- C:\Program Files\ImTOO
2008-01-03 01:05:03 0 d-------- C:\Documents and Settings\Admin\Application Data\mIRC
2008-01-03 01:05:02 0 d-------- C:\Program Files\mIRC
2008-01-02 16:57:40 0 d-------- C:\Documents and Settings\Admin\.GalleryRemote
2008-01-02 16:57:36 0 d-------- C:\WINDOWS\Sun
2008-01-02 16:57:36 0 d-------- C:\Documents and Settings\Admin\Application Data\Sun
2008-01-02 16:57:24 0 d-------- C:\Program Files\Java
2008-01-02 16:57:18 0 d-------- C:\Program Files\Common Files\Java
2008-01-02 00:57:04 1362 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2008-01-02 00:56:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-02 00:56:50 0 d-------- C:\Program Files\QuickTime Alternative
2007-12-31 11:33:36 0 d-------- C:\Program Files\Soulseek-Test
2007-12-31 01:18:58 0 d-------- C:\Documents and Settings\Admin\Application Data\Media Player Classic

-- Find3M Report ---------------------------------------------------------------

2008-01-31 18:22:51 0 d-------- C:\Documents and Settings\Admin\Application Data\uTorrent
2008-01-31 17:39:50 0 d-------- C:\Program Files\eMule
2008-01-31 13:20:12 0 d-------- C:\Program Files\Common Files
2008-01-30 15:39:41 0 d-------- C:\Documents and Settings\Admin\Application Data\FileZilla
2008-01-30 03:37:03 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-28 02:03:44 1937 --a------ C:\WINDOWS\mozver.dat
2008-01-22 14:37:36 0 d-------- C:\Documents and Settings\Admin\Application Data\Adobe
2008-01-22 13:44:53 0 d-------- C:\Program Files\FileZilla Client
2008-01-20 20:15:17 0 d-------- C:\Program Files\Winamp
2008-01-18 16:38:13 0 d-------- C:\Program Files\The All-Seeing Eye
2008-01-13 21:16:22 0 d-------- C:\Documents and Settings\Admin\Application Data\Mozilla
2008-01-10 23:09:38 0 d-------- C:\Documents and Settings\Admin\Application Data\DAEMON Tools
2008-01-05 16:51:50 0 d-------- C:\Program Files\uTorrent
2008-01-03 21:21:48 0 d-------- C:\Program Files\Common Files\Adobe
2007-12-30 21:14:04 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-30 01:41:15 0 d-------- C:\Program Files\FreeMeter
2007-12-29 20:44:28 0 d-------- C:\Program Files\PeerGuardian2
2007-12-28 10:45:18 0 d-------- C:\Program Files\Windows Media Connect 2
2007-12-26 16:38:56 0 d-------- C:\Program Files\Microsoft Works
2007-12-26 16:38:39 0 d-------- C:\Program Files\Microsoft.NET
2007-12-26 15:29:57 0 d-------- C:\Documents and Settings\Admin\Application Data\Publish Providers
2007-12-26 15:29:43 0 d-------- C:\Documents and Settings\Admin\Application Data\Sony
2007-12-26 15:28:33 0 d-------- C:\Program Files\Vstplugins
2007-12-26 15:28:29 0 d-------- C:\Program Files\Sony
2007-12-26 15:27:50 0 d-------- C:\Program Files\Sony Setup
2007-12-26 14:58:18 0 d-------- C:\Program Files\Stardock
2007-12-26 14:58:18 0 d-------- C:\Program Files\Common Files\Stardock
2007-12-24 10:54:58 122783 --a------ C:\WINDOWS\hpoins14.dat
2007-12-24 10:54:50 0 d-------- C:\Program Files\Hewlett-Packard
2007-12-24 10:54:48 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-12-24 10:54:01 0 d-------- C:\Program Files\HP
2007-12-24 00:51:07 0 d-------- C:\Documents and Settings\Admin\Application Data\Ventrilo
2007-12-24 00:50:35 0 d-------- C:\Program Files\Ventrilo
2007-12-23 18:12:50 0 d-------- C:\Program Files\OO Software
2007-12-23 15:41:52 0 d-------- C:\Program Files\QuickTime
2007-12-23 15:26:53 0 d-------- C:\Program Files\Bonjour
2007-12-23 15:23:49 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-12-23 14:51:42 0 d-------- C:\Program Files\PCI Latency Tool 3
2007-12-23 14:45:38 0 d-------- C:\Program Files\Maxtor
2007-12-23 14:45:14 0 d-------- C:\Program Files\MSXML 6.0
2007-12-23 13:27:26 0 d-------- C:\Program Files\Joost
2007-12-23 13:27:23 0 d-------- C:\Documents and Settings\Admin\Application Data\Joost
2007-12-23 13:25:51 0 d-------- C:\Documents and Settings\Admin\Application Data\CandyLabs
2007-12-23 13:25:46 0 d-------- C:\Program Files\CandyLabs
2007-12-23 13:02:35 0 d-------- C:\Program Files\Windows Live
2007-12-23 13:02:21 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-23 12:35:21 0 d-------- C:\Documents and Settings\Admin\Application Data\FastStone
2007-12-23 12:35:20 0 d-------- C:\Program Files\FastStone Image Viewer
2007-12-23 12:35:01 0 d-------- C:\Program Files\DAEMON Tools Lite
2007-12-23 12:33:02 0 d-------- C:\Documents and Settings\Admin\Application Data\Winamp
2007-12-23 12:13:54 0 d-------- C:\Program Files\MSBuild
2007-12-23 12:11:18 0 d-------- C:\Program Files\Reference Assemblies
2007-12-23 11:59:59 0 d-------- C:\Program Files\Messenger
2007-12-22 21:41:54 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-22 21:37:32 0 d-------- C:\Documents and Settings\Admin\Application Data\Macromedia
2007-12-22 21:35:03 0 --a------ C:\WINDOWS\nsreg.dat
2007-12-22 21:29:06 0 d-------- C:\Program Files\Common Files\InstallShield
2007-12-22 21:28:49 0 d-------- C:\Program Files\VIA
2007-12-22 21:04:12 0 d-------- C:\Documents and Settings\Admin\Application Data\WinRAR
2007-12-22 20:47:17 0 d-------- C:\Documents and Settings\Admin\Application Data\Identities
2007-12-22 20:44:01 0 d-------- C:\Program Files\microsoft frontpage
2007-12-22 20:43:41 0 -rahs---- C:\MSDOS.SYS
2007-12-22 20:43:41 0 -rahs---- C:\IO.SYS
2007-12-22 20:43:41 0 --a------ C:\CONFIG.SYS
2007-12-22 20:43:41 0 --a------ C:\AUTOEXEC.BAT
2007-12-22 20:42:40 0 d--h----- C:\Program Files\WindowsUpdate
2007-12-22 20:41:44 0 d-------- C:\Program Files\Common Files\MSSoap
2007-12-22 20:41:35 0 d-------- C:\Program Files\Movie Maker
2007-12-22 20:40:52 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-12-22 20:40:30 0 d-------- C:\Program Files\Online Services
2007-12-22 20:40:21 0 d-------- C:\Program Files\MSN Gaming Zone
2007-12-22 20:40:09 0 d-------- C:\Program Files\Windows NT
2007-12-22 12:30:20 0 d-------- C:\Program Files\Common Files\ODBC
2007-12-22 12:30:18 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-12-22 12:29:51 62 --ahs---- C:\Documents and Settings\Admin\Application Data\desktop.ini
2007-12-04 21:41:00 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF96BA30-57F6-4700-8065-910EC3BE9E3B}]
01/18/2008 05:24 PM 81920 --a------ C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [01/15/2008 02:54 PM]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [09/06/2007 02:53 PM]
"OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [05/11/2007 02:08 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/04/2007 09:41 PM]
"nwiz"="nwiz.exe" [12/04/2007 09:41 PM C:\WINDOWS\system32\nwiz.exe]
"Diamondback"="C:\Program Files\Razer\Diamondback\razerhid.exe" [08/05/2006 07:01 AM]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [09/21/2007 03:10 AM C:\WINDOWS\KHALMNPR.Exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/04/2007 09:41 PM]
"GPPrinterNotify"="C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe" [01/18/2008 05:27 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [12/19/2007 12:13 PM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 08:24 AM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]

C:\Documents and Settings\Admin\Start Menu\Programs\Startup\
EverNote.lnk - C:\Program Files\EverNote\EverNote\EverNote.exe [1/28/2008 2:18:46 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe [1/19/2008 9:47:00 AM]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [1/22/2008 4:31:24 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll 11/15/2007 10:10 AM 72208 c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dash.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dash.lnk
backup=C:\WINDOWS\pss\Dash.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GreenPrint Printer Notify.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GreenPrint Printer Notify.lnk
backup=C:\WINDOWS\pss\GreenPrint Printer Notify.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GreenPrint TrayIcon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GreenPrint TrayIcon.lnk
backup=C:\WINDOWS\pss\GreenPrint TrayIcon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
"C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spellaroo]
C:\Program Files\Spellaroo\Spellaroo\Spellaroo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08

-- End of Deckard's System Scanner: finished at 2008-01-31 20:40:47 ------------