Strange performance

I cleared off a trojan from my PC earlier today, yet I'm still getting weird performace, such as programs not loading up on startup...

I ran CCleaner earlier, I'm worried this could be the problem, but I thought I'd post a log just incase

Logfile of HijackThis v1.99.1
Scan saved at 03:48:17, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] -nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C6501Sound] -RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Windows Update x86] firefox.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Update x86] firefox.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Fraps] -C:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Start WingMan Profiler] - "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [WMPNSCFG] -C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.co.uk
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: Autodesk Licensing Service - Unknown owner - - "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (file missing)
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - -C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe (file missing)
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - -C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - -C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - -C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: StyleXPService - Unknown owner - - "C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - - "C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)

 

Hi Dom,

I see a couple of items that appear suspicious, but I'd like for you to run another tool that will show us a bit more.

Note: You must be logged onto an account with administrator privileges to complete the following.

Download Deckard's System Scanner (dss.exe) to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post the contents of main.txt only for now.

 

Deckard's System Scanner v20070807.62
Run by Administrator on 2007-08-09 at 04:08:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
93: 2007-08-09 03:08:41 UTC - RP93 - Deckard's System Scanner Restore Point
92: 2007-08-09 03:00:03 UTC - RP92 - Restore Operation
91: 2007-08-08 16:13:57 UTC - RP91 - Installed AVG 7.5
90: 2007-08-08 16:13:44 UTC - RP90 - Removed AVG 7.5
89: 2007-08-08 16:10:32 UTC - RP89 - Installed AVG 7.5


-- First Restore Point --
1: 2007-05-22 17:21:11 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 04:09:05, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.co.uk
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe


-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------

backup-20070527-123014-206 O2 - BHO: (no name) - {7A454725-1F51-4B91-ACD4-9F9F63A37E31} - C:\WINDOWS\system32\awtqr.dll (file missing)
backup-20070527-123014-915 O2 - BHO: (no name) - {4B646AFB-9341-4330-8FD1-C32485AEE619} - C:\WINDOWS\system32\ppwsfnwe.dll (file missing)
backup-20070527-123014-986 O2 - BHO: (no name) - {8071E65A-3F56-4426-8372-8667CD213057} - C:\WINDOWS\system32\ljjheec.dll (file missing)
backup-20070808-170053-636 O1 - Hosts: 66.98.148.65 auto.search.msn.es

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 StyleXPHelper - c:\program files\tgtsoft\stylexp\stylexphelper.exe <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R3 RT73 (Belkin USB Network Adapter) - c:\windows\system32\drivers\rt73.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>

S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
S3 RTCore32 - c:\program files\rightmark memory analyzer\rtcore32.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Autodesk Licensing Service - "c:\program files\common files\autodesk shared\service\adskscsrv.exe "
R2 StyleXPService - "c:\program files\tgtsoft\stylexp\stylexpservice.exe" <Not Verified; ; StyleXPService Module>

S2 Belkin Wireless USB Network Adapter Service (Belkin Wireless USB Network Adapter) - c:\program files\belkin\belkin wireless network utility\wlservice.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV00DF\4&3771CCD&1&01
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV00DF\4&3771CCD&1&01
Service: NVENETFD


-- Scheduled Tasks -------------------------------------------------------------

2007-08-02 15:54:00 286 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2007-07-28 19:33:40 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-05-24 15:54:06 408 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job


-- Files created between 2007-07-09 and 2007-08-09 -----------------------------

2007-08-09 04:01:45 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-08-09 04:00:22 0 d-------- C:\Program Files\Viewpoint
2007-08-08 16:51:01 0 d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2007-08-07 00:11:12 3788800 --a------ C:\Documents and Settings\Administrator\ntuser.dat
2007-08-04 22:57:13 0 d-------- C:\Documents and Settings\Administrator\Application Data\Locktime
2007-08-04 22:57:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Locktime
2007-08-02 22:20:54 0 d-------- C:\Program Files\Codebox
2007-07-31 16:23:00 0 d-------- C:\Program Files\GTR2
2007-07-28 22:07:52 0 d-------- C:\Program Files\NCH Swift Sound
2007-07-28 19:39:16 0 d-------- C:\Program Files\Motherboard Monitor 5
2007-07-28 19:33:51 0 d-------- C:\Program Files\QuickTime
2007-07-28 19:33:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-07-28 19:33:37 0 d-------- C:\Program Files\Apple Software Update
2007-07-28 19:33:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-07-26 03:04:11 0 d-------- C:\Program Files\Windows Journal Viewer
2007-07-11 00:47:25 0 d-------- C:\Program Files\Logitech
2007-07-11 00:47:14 0 d-------- C:\Program Files\Common Files\Logitech


-- Find3M Report ---------------------------------------------------------------

2007-08-08 17:00:20 0 d-------- C:\Program Files\Common Files
2007-08-06 03:43:05 0 d-------- C:\Program Files\TrackMania Nations ESWC
2007-07-27 02:05:25 0 d-------- C:\Program Files\BitComet
2007-07-24 13:55:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2007-07-20 13:24:23 0 d-------- C:\Documents and Settings\Administrator\Application Data\Hamachi
2007-07-17 01:09:11 0 d-------- C:\Documents and Settings\Administrator\Application Data\LimeWire
2007-07-13 17:26:00 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-04 01:47:58 0 d-------- C:\Documents and Settings\Administrator\Application Data\uTorrent
2007-07-03 23:52:28 0 d-------- C:\Program Files\Truck Dismount
2007-07-03 02:25:23 0 d-------- C:\Documents and Settings\Administrator\Application Data\Opera
2007-06-29 19:16:45 0 d-------- C:\Program Files\Teamspeak2_RC2
2007-06-29 19:16:45 0 d-------- C:\Documents and Settings\Administrator\Application Data\teamspeak2
2007-06-26 16:16:57 0 d-------- C:\Program Files\Wings Over Europe
2007-06-25 20:18:00 0 d-------- C:\Documents and Settings\Administrator\Application Data\Viewpoint
2007-06-22 19:54:52 0 d-------- C:\Program Files\LimeWire
2007-06-22 19:54:51 0 d-------- C:\Program Files\DivX
2007-06-22 19:54:51 0 d-------- C:\Program Files\AIM
2007-06-22 19:51:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\Aim
2007-06-22 19:50:34 0 d-------- C:\Program Files\Common Files\AOL
2007-06-17 21:42:51 0 d-------- C:\Program Files\BT Engine
2007-06-14 00:56:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\AdobeUM
2007-06-13 16:56:16 0 d-------- C:\Program Files\ModMan
2007-06-13 16:55:17 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-06-13 16:23:33 0 d-------- C:\Program Files\Ubisoft
2007-06-03 23:32:51 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-06-01 14:47:17 2374 --a------ C:\WINDOWS\wmplayer.reg
2007-05-30 00:32:22 1290 --a------ C:\WINDOWS\mozver.dat
2007-05-29 00:44:12 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll <Not Verified; BitComet; BitComet BCTP Helper>
2007-05-23 15:55:17 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-05-22 21:38:48 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2007-05-22 19:43:27 335 --a------ C:\WINDOWS\nsreg.dat
2007-05-22 18:16:20 0 -rahs---- C:\MSDOS.SYS
2007-05-22 18:16:20 0 -rahs---- C:\IO.SYS
2007-05-22 18:16:20 0 --a------ C:\CONFIG.SYS
2007-05-22 18:16:20 0 --a------ C:\AUTOEXEC.BAT
2007-05-22 18:12:59 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [19/04/2007 13:26]
"nwiz "= "nwiz.exe" [19/04/2007 13:26 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [19/04/2007 13:26]
"C6501Sound "= "c6501.cpl" []
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [29/06/2007 06:24]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"STYLEXP "= "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [24/05/2006 19:31]
"Fraps "= "C:\FRAPS\FRAPS.EXE" [19/12/2006 14:02]
"msnmsgr "= "C:\Program Files\MSN Messenger\msnmsgr.exe" [24/01/2006 11:37]
"AIM "= "C:\Program Files\AIM\aim.exe" [01/08/2006 15:35]
"Start WingMan Profiler "= "C:\Program Files\Logitech\Profiler\lwemon.exe" [18/04/2005 11:16]
"WMPNSCFG "= "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [18/10/2006 21:05]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 19:16:50]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 22:05:26]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=0 (0x0)




-- Hosts -----------------------------------------------------------------------

127.0.0.1 localhost #***Inserted By STOPzilla***
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD

221 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2007-08-09 at 04:09:33 ---------




BTW, I just ran system restore which has helped with some of the strange happenings, such as programs not opening.

 

Had me puzzled till I got to the bottom and read that ....... couldn't figure out how the items in question just disappeared from the log

Looks clean, but I'd recommend running an online virus scan to be sure.

eTrust in my signature
or
Panda ActiveScan
or
Kaspersky Online Scanner
or
ESET Online scanner

Post back if you have any questions or need further assistance.

 

Did the ESET one and it came up clean! Thanks for the advice

 

Glad to hear it! You're most welcome.