Deckard's System Scanner v20071014.68 Run by Bill Gates on 2008-05-28 15:39:37 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 57: 2008-05-28 22:39:41 UTC - RP57 - Deckard's System Scanner Restore Point 56: 2008-05-28 20:41:18 UTC - RP56 - Installed SUPERAntiSpyware Free Edition 55: 2008-05-28 20:23:05 UTC - RP55 - Installed Safari 54: 2008-05-27 22:04:35 UTC - RP54 - Last known good configuration 53: 2008-05-27 22:04:30 UTC - RP53 - Installed NTI CD & DVD-Maker -- First Restore Point -- 1: 2008-05-27 22:04:27 UTC - RP1 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Bill Gates.exe) ------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:40:52 PM, on 5/28/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\UltraMon\UltraMon.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\SEC\Natural Color Pro\NCProTray.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\UltraMon\UltraMonTaskbar.exe C:\Program Files\Raxco\PerfectDisk2008\PerfectDisk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Scanner.exe C:\Documents and Settings\Bill Gates\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Bill Gates.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: {3b44e8c1-ed86-04cb-de34-516ac5b8068c} - {c8608b5c-a615-43ed-bc40-68de1c8e44b3} - C:\WINDOWS\system32\nvvxmtgq.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: NCProTray.lnk = ? O4 - Global Startup: PerfectDisk 2008.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209764494405 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209764960858 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 8261 bytes -- File Associations ----------------------------------------------------------- [COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR] [COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR] [COLOR=red].js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2[/COLOR] [COLOR=red].reg - regfile - shell\open\command - regedit.exe "%1" %*[/COLOR] [COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR] -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 UBHelper - c:\windows\system32\drivers\ubhelper.sys R1 NCPro - c:\windows\system32\drivers\mtictwl.sys R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.5.0) - c:\windows\system32\drivers\aegisp.sys R2 UltraMonUtility (UltraMon Utility Driver) - c:\program files\common files\realtime soft\ultramonmirrordrv\x32\ultramonutility.sys R3 BDSelfPr - c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys R3 UltraMonMirror - c:\windows\system32\drivers\ultramonmirror.sys S3 MagicTune - c:\windows\system32\drivers\mtictwl.sys S3 PciCon - d:\pcicon.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" S3 wampapache - "c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" -k runservice S3 wampmysqld - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe wampmysqld -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter Device ID: USB\VID_0BDA&PID_8187\0015AF22F281 Manufacturer: Realtek Semiconductor Corp. Name: Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter PNP Device ID: USB\VID_0BDA&PID_8187\0015AF22F281 Service: RTLWUSB Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318} Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard Device ID: ACPI\PNP0303\4&B6AFFD&0 Manufacturer: (Standard keyboards) Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard PNP Device ID: ACPI\PNP0303\4&B6AFFD&0 Service: i8042prt -- Scheduled Tasks ------------------------------------------------------------- 2008-05-27 17:43:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2008-04-28 and 2008-05-28 ----------------------------- 2008-05-28 15:40:41 0 d-------- C:\Program Files\Trend Micro 2008-05-28 13:41:26 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-05-28 13:41:19 0 d-------- C:\Program Files\SUPERAntiSpyware 2008-05-28 13:41:19 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\SUPERAntiSpyware.com 2008-05-28 13:33:12 619774 --ahs---- C:\WINDOWS\system32\TsDKknnn.ini2 2008-05-28 13:28:34 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Malwarebytes 2008-05-28 13:28:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-05-28 13:28:22 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-05-28 13:23:12 0 d-------- C:\Program Files\Safari 2008-05-28 03:06:07 2560 --a------ C:\WINDOWS\system32\jjjjhfym.exe 2008-05-27 16:09:09 0 d-------- C:\Program Files\MKVtoolnix 2008-05-27 16:07:08 0 d-------- C:\Program Files\Haali 2008-05-27 10:26:56 0 d-------- C:\WINDOWS\Sun 2008-05-27 10:26:56 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Sun 2008-05-27 00:09:57 1024 -r-h----- C:\WINDOWS\system32\NTIBUN4.dll 2008-05-27 00:09:28 13952 -----n--- C:\WINDOWS\system32\drivers\UBHelper.sys 2008-05-27 00:09:14 0 d-------- C:\Program Files\Common Files\muvee Technologies 2008-05-27 00:09:03 0 d-------- C:\Program Files\Common Files\NewTech Infosystems 2008-05-27 00:09:02 0 d-------- C:\Program Files\NewTech Infosystems 2008-05-27 00:09:00 0 d-------- C:\Documents and Settings\NetworkService\SendTo 2008-05-27 00:09:00 0 d-------- C:\Documents and Settings\LocalService\SendTo 2008-05-27 00:09:00 0 d-------- C:\Documents and Settings\All Users\SendTo 2008-05-27 00:08:54 1024 -r-h----- C:\WINDOWS\system32\NTICDMK7.dll 2008-05-27 00:08:41 1024 -r-h----- C:\WINDOWS\system32\NTIMPEG2.dll 2008-05-27 00:08:41 1024 -r-h----- C:\WINDOWS\system32\NTIMP3.dll 2008-05-27 00:08:41 1024 -r-h----- C:\WINDOWS\system32\NTIFCD3.dll 2008-05-27 00:08:36 6144 --a------ C:\WINDOWS\system32\drivers\NTIDrvr.sys 2008-05-26 20:20:55 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2008-05-26 20:20:55 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Vso 2008-05-26 20:20:55 47360 --a------ C:\Documents and Settings\Bill Gates\Application Data\pcouffin.sys 2008-05-26 20:20:51 626688 --a------ C:\WINDOWS\system32\vp7vfw.dll 2008-05-26 20:20:51 217127 --a------ C:\WINDOWS\system32\drv43260.dll 2008-05-26 20:20:51 208935 --a------ C:\WINDOWS\system32\drv33260.dll 2008-05-26 20:20:51 176165 --a------ C:\WINDOWS\system32\drv23260.dll 2008-05-26 20:20:51 65602 --a------ C:\WINDOWS\system32\cook3260.dll 2008-05-26 20:20:50 0 d-------- C:\Program Files\VSO 2008-05-26 19:35:35 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-05-26 19:35:14 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP 2008-05-26 19:35:10 0 d-------- C:\Program Files\Active Data Recovery Software 2008-05-26 18:52:05 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Media Player Classic 2008-05-26 18:50:54 0 d-------- C:\Program Files\Combined Community Codec Pack 2008-05-26 18:49:51 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\vlc 2008-05-26 18:49:19 0 d-------- C:\Program Files\VideoLAN 2008-05-26 17:34:55 0 d-------- C:\Program Files\Apple Software Update 2008-05-26 07:06:48 341 --a------ C:\WINDOWS\system32\(null)id 2008-05-19 23:04:08 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\MySQL 2008-05-19 23:03:36 0 d-------- C:\Program Files\Java 2008-05-19 23:03:16 0 d-------- C:\Program Files\Common Files\Java 2008-05-19 23:00:12 0 d-------- C:\Program Files\MySQL 2008-05-15 23:42:50 0 d-------- C:\Program Files\Runtime Software 2008-05-14 13:40:14 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Help 2008-05-13 14:24:03 0 d-------- C:\DVDVideoSoft 2008-05-13 14:23:38 0 d-------- C:\Program Files\Common Files\DVDVideoSoft 2008-05-13 14:23:35 0 d-------- C:\Program Files\YouTube to Mp3 Converter 2008-05-11 13:32:53 773120 --a------ C:\WINDOWS\bubbles.scr 2008-05-11 13:32:53 1263616 --a------ C:\WINDOWS\aurora.scr 2008-05-11 12:59:36 0 d-------- C:\Program Files\Dream Aquarium 2008-05-11 12:58:17 0 d-------- C:\Program Files\VitalDesktop 2008-05-11 12:17:52 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Realtime Soft 2008-05-11 12:17:43 0 d-------- C:\Program Files\UltraMon 2008-05-11 12:17:43 0 d-------- C:\Program Files\Common Files\Realtime Soft 2008-05-11 12:17:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Realtime Soft 2008-05-11 11:51:09 48456 --a------ C:\WINDOWS\system32\UninstallElectricSheep.exe 2008-05-11 11:51:09 0 d-------- C:\WINDOWS\system32\electricsheep-cache 2008-05-10 16:55:28 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Apple Computer 2008-05-10 16:55:19 0 d-------- C:\Program Files\iPod 2008-05-10 16:55:15 0 d-------- C:\Program Files\iTunes 2008-05-10 16:54:36 0 d-------- C:\Program Files\QuickTime 2008-05-10 16:54:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-10 16:54:13 0 d-------- C:\Program Files\Common Files\Apple 2008-05-10 16:54:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-05-10 14:47:52 0 d-------- C:\wamp 2008-05-09 15:09:34 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\GlobalSCAPE 2008-05-09 15:09:19 0 d-------- C:\Program Files\GlobalSCAPE 2008-05-09 12:35:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Macromedia 2008-05-09 12:35:29 0 d-------- C:\Program Files\Macromedia 2008-05-09 12:35:29 0 d-------- C:\Program Files\Common Files\Macromedia 2008-05-09 00:41:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Google 2008-05-08 18:01:52 667914 --a------ C:\WINDOWS\unins000.exe 2008-05-08 18:01:52 1416 --a------ C:\WINDOWS\unins000.dat 2008-05-08 18:01:52 7460558 --a------ C:\WINDOWS\cuteftppro.exe 2008-05-08 17:37:08 0 d-------- C:\Program Files\Analog Devices 2008-05-08 14:08:28 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ 2008-05-08 14:08:20 0 d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information 2008-05-08 14:08:14 0 d--h----- C:\Program Files\CanonBJ 2008-05-08 13:11:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Raxco 2008-05-08 13:11:25 0 d-------- C:\Program Files\Raxco 2008-05-08 12:51:55 0 d-------- C:\Documents and Settings\All Users\Application Data\ConeXware 2008-05-08 12:51:42 0 d-------- C:\Program Files\PowerArchiver 2008-05-08 12:37:51 0 d-------- C:\WINDOWS\system32\appmgmt 2008-05-08 10:39:44 81984 --a------ C:\WINDOWS\system32\bdod.bin 2008-05-08 10:39:14 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Bitdefender 2008-05-08 10:38:47 0 d-------- C:\Program Files\BitDefender 2008-05-08 10:38:47 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender 2008-05-08 10:36:54 0 d-------- C:\Program Files\Common Files\BitDefender 2008-05-08 10:26:18 0 d-------- C:\Program Files\Diskeeper Corporation 2008-05-08 10:21:06 0 d-------- C:\Program Files\Pro Imaging Powertoys 2008-05-08 10:20:06 0 d-------- C:\WINDOWS\Downloaded Installations 2008-05-07 19:24:03 0 d-------- C:\WINDOWS\system32\URTTemp 2008-05-07 19:09:54 0 d-------- C:\Documents and Settings\Bill Gates\Contacts 2008-05-07 19:00:10 0 d------c- C:\WINDOWS\system32\DRVSTORE 2008-05-07 18:58:13 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2008-05-07 18:58:10 0 d-------- C:\Program Files\Windows Live 2008-05-07 18:58:03 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-05-07 18:03:04 0 d-------- C:\Program Files\Microsoft Works 2008-05-07 18:03:01 0 d-------- C:\Program Files\MSBuild 2008-05-07 17:59:15 0 d-------- C:\WINDOWS\SHELLNEW 2008-05-07 17:58:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-05-07 17:58:17 0 dr-h----- C:\MSOCache 2008-05-07 13:07:18 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-05-07 13:02:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2008-05-07 13:02:20 0 d-------- C:\Program Files\Bonjour 2008-05-07 12:55:15 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2008-05-07 12:54:15 0 d-------- C:\Program Files\Common Files\Adobe 2008-05-07 12:35:33 0 d-------- C:\Program Files\PowerISO 2008-05-03 09:59:27 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Macromedia 2008-05-03 09:59:27 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Adobe 2008-05-03 09:55:34 0 d--h----- C:\WINDOWS\$hf_mig$ 2008-05-02 16:56:48 0 d-------- C:\Program Files\File Scavenger 3.2 2008-05-02 16:36:33 0 d-------- C:\Program Files\Symantec 2008-05-02 16:25:45 0 d-------- C:\Program Files\Google 2008-05-02 16:05:06 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Talkback 2008-05-02 16:04:44 0 --a------ C:\WINDOWS\nsreg.dat 2008-05-02 16:04:40 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Mozilla 2008-05-02 15:52:16 0 d-------- C:\Program Files\uTorrent 2008-05-02 15:52:08 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\uTorrent 2008-05-02 15:50:48 0 d-------- C:\WINDOWS\Prefetch 2008-05-02 15:41:32 0 d-------- C:\WINDOWS\network diagnostic 2008-05-02 15:36:18 0 d-------- C:\Documents and Settings\LocalService\Start Menu 2008-05-02 15:30:25 0 d-------- C:\WINDOWS\provisioning 2008-05-02 15:30:25 0 d-------- C:\WINDOWS\peernet 2008-05-02 15:20:11 0 d-------- C:\WINDOWS\ServicePackFiles 2008-05-02 15:20:11 0 d-------- C:\WINDOWS\ehome 2008-05-02 14:50:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-05-02 14:43:42 0 d-------- C:\WINDOWS\system32\bits 2008-05-02 14:41:40 0 d-------- C:\WINDOWS\SoftwareDistribution 2008-05-02 14:41:33 0 d--hs---- C:\Documents and Settings\Bill Gates\UserData 2008-05-02 14:33:02 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Logitech 2008-05-02 14:31:45 0 d---s---- C:\WINDOWS\system32\Microsoft 2008-05-02 14:31:03 0 d-------- C:\WINDOWS\system32\ReinstallBackups 2008-05-02 14:30:50 65536 --a------ C:\WINDOWS\system32\KemXML.dll 2008-05-02 14:30:50 86016 --a------ C:\WINDOWS\system32\KemWnd.dll 2008-05-02 14:30:50 90112 --a------ C:\WINDOWS\system32\KemUtil.dll 2008-05-02 14:30:50 143360 --a------ C:\WINDOWS\system32\kemutb.dll 2008-05-02 14:30:35 0 d-------- C:\Program Files\Common Files\Logitech 2008-05-02 14:30:33 0 d-------- C:\Program Files\Logitech 2008-05-02 14:24:50 21035 --a------ C:\WINDOWS\system32\drivers\AegisP.sys 2008-05-02 14:24:24 13532 --a------ C:\WINDOWS\system32\drivers\SjyPkt.sys 2008-05-02 14:24:23 0 d-------- C:\WINDOWS\OPTIONS 2008-05-02 14:24:23 0 d-------- C:\Program Files\ASUS WiFi-AP Solo 2008-05-02 14:22:36 0 d-------- C:\Program Files\Marvell 2008-05-02 14:12:01 0 d-------- C:\WINDOWS\ASUSInstAll 2008-05-02 14:01:11 10288 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2008-05-02 13:59:19 0 d-------- C:\WINDOWS\pss 2008-05-02 13:48:18 13396 --a------ C:\WINDOWS\system32\drivers\MTictwl.sys 2008-05-02 13:48:05 0 d-------- C:\Program Files\SEC 2008-05-02 13:48:05 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-05-02 13:42:10 0 d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA 2008-05-02 13:41:04 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-05-02 13:36:29 0 d-------- C:\WINDOWS\nview 2008-05-02 13:35:52 0 d-------- C:\Program Files\Common Files\InstallShield 2008-05-02 13:31:42 0 d-------- C:\WINDOWS\RegisteredPackages 2008-05-02 12:56:06 0 d--hs---- C:\WINDOWS\Installer 2008-05-02 12:56:05 0 d-------- C:\Documents and Settings\Bill Gates\Application Data\Identities 2008-05-02 12:55:59 0 d--h----- C:\Documents and Settings\Bill Gates\Templates 2008-05-02 12:55:59 0 dr------- C:\Documents and Settings\Bill Gates\Start Menu 2008-05-02 12:55:59 0 dr-h----- C:\Documents and Settings\Bill Gates\SendTo 2008-05-02 12:55:59 0 dr-h----- C:\Documents and Settings\Bill Gates\Recent 2008-05-02 12:55:59 0 d--h----- C:\Documents and Settings\Bill Gates\PrintHood 2008-05-02 12:55:59 3145728 --ah----- C:\Documents and Settings\Bill Gates\NTUSER.DAT 2008-05-02 12:55:59 0 d--h----- C:\Documents and Settings\Bill Gates\NetHood 2008-05-02 12:55:59 0 dr------- C:\Documents and Settings\Bill Gates\My Documents 2008-05-02 12:55:59 0 d--h----- C:\Documents and Settings\Bill Gates\Local Settings 2008-05-02 12:55:59 0 dr------- C:\Documents and Settings\Bill Gates\Favorites 2008-05-02 12:55:59 0 d-------- C:\Documents and Settings\Bill Gates\Desktop 2008-05-02 12:55:59 0 d--hs---- C:\Documents and Settings\Bill Gates\Cookies 2008-05-02 12:55:59 0 dr-h----- C:\Documents and Settings\Bill Gates\Application Data 2008-05-02 12:54:54 0 d--hs---- C:\System Volume Information 2008-05-02 12:54:53 233472 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT 2008-05-02 12:54:53 0 d--h----- C:\Documents and Settings\LocalService\Local Settings 2008-05-02 12:54:53 0 d--hs---- C:\Documents and Settings\LocalService\Cookies 2008-05-02 12:54:53 0 d-------- C:\Documents and Settings\LocalService\Application Data 2008-05-02 12:54:53 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft 2008-05-02 12:54:52 233472 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT 2008-05-02 12:54:52 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings 2008-05-02 12:54:52 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies 2008-05-02 12:54:52 0 d-------- C:\Documents and Settings\NetworkService\Application Data 2008-05-02 12:54:52 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft 2008-05-02 12:51:36 0 d-------- C:\WINDOWS\system32\xircom 2008-05-02 12:51:36 0 d-------- C:\Program Files\microsoft frontpage 2008-05-02 12:51:30 233472 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT 2008-05-02 12:51:28 0 -rahs---- C:\MSDOS.SYS 2008-05-02 12:51:28 0 -rahs---- C:\IO.SYS 2008-05-02 12:51:28 0 --a------ C:\CONFIG.SYS 2008-05-02 12:51:28 50 --a------ C:\AUTOEXEC.BAT 2008-05-02 12:51:01 0 d--hs---- C:\Documents and Settings\All Users\DRM 2008-05-02 12:50:57 0 dr------- C:\WINDOWS\Offline Web Pages 2008-05-02 12:50:57 0 d---s---- C:\WINDOWS\Downloaded Program Files 2008-05-02 12:50:35 0 d-------- C:\WINDOWS\srchasst 2008-05-02 12:50:23 0 d-------- C:\WINDOWS\system32\Macromed 2008-05-02 12:50:23 0 d-------- C:\WINDOWS\system32\DirectX 2008-05-02 12:49:57 0 d-------- C:\Program Files\Movie Maker 2008-05-02 12:49:08 0 d-------- C:\WINDOWS\system32\Restore 2008-05-02 12:48:58 0 d-------- C:\WINDOWS\PCHEALTH 2008-05-02 12:48:46 0 d---s---- C:\WINDOWS\Tasks 2008-05-02 12:48:40 0 d-------- C:\Program Files\Common Files\MSSoap 2008-05-02 12:48:20 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-05-02 12:48:11 0 d-------- C:\WINDOWS\Registration 2008-05-02 12:48:07 0 d--h----- C:\Program Files\WindowsUpdate 2008-05-02 12:48:07 0 d-------- C:\Program Files\Online Services 2008-05-02 12:48:03 0 d-------- C:\Program Files\Messenger 2008-05-02 12:47:44 0 d-------- C:\Program Files\MSN Gaming Zone 2008-05-02 12:47:27 0 d-------- C:\Program Files\Windows NT 2008-05-02 12:47:05 0 d-------- C:\WINDOWS\system32\MsDtc 2008-05-02 12:47:00 0 d-------- C:\WINDOWS\system32\Com 2008-05-02 05:42:59 0 d-------- C:\Program Files\Common Files\ODBC 2008-05-02 05:42:58 0 d-------- C:\Program Files\Common Files\SpeechEngines 2008-05-02 05:42:57 0 dr------- C:\Program Files 2008-05-02 05:42:57 0 d-------- C:\Program Files\Common Files 2008-05-02 05:42:37 0 d--h----- C:\Documents and Settings\Default User\Templates 2008-05-02 05:42:37 0 dr------- C:\Documents and Settings\Default User\Start Menu 2008-05-02 05:42:37 0 dr-h----- C:\Documents and Settings\Default User\SendTo 2008-05-02 05:42:37 0 d--h----- C:\Documents and Settings\Default User\Recent 2008-05-02 05:42:37 0 d--h----- C:\Documents and Settings\Default User\PrintHood 2008-05-02 05:42:37 0 d--h----- C:\Documents and Settings\Default User\NetHood 2008-05-02 05:42:37 0 d-------- C:\Documents and Settings\Default User\My Documents 2008-05-02 05:42:37 0 dr-h----- C:\Documents and Settings\Default User\Local Settings 2008-05-02 05:42:37 0 d-------- C:\Documents and Settings\Default User\Favorites 2008-05-02 05:42:37 0 d-------- C:\Documents and Settings\Default User\Desktop 2008-05-02 05:42:37 0 d---s---- C:\Documents and Settings\Default User\Cookies 2008-05-02 05:42:37 0 d--h----- C:\Documents and Settings\All Users\Templates 2008-05-02 05:42:37 0 dr------- C:\Documents and Settings\All Users\Start Menu 2008-05-02 05:42:37 0 d-------- C:\Documents and Settings\All Users\Favorites 2008-05-02 05:42:37 0 dr------- C:\Documents and Settings\All Users\Documents 2008-05-02 05:42:37 0 d-------- C:\Documents and Settings\All Users\Desktop 2008-05-02 05:42:27 0 d-------- C:\WINDOWS\system32\CatRoot2 2008-05-02 05:42:27 0 d-------- C:\WINDOWS\system32\CatRoot 2008-05-02 05:42:22 0 dr-h----- C:\Documents and Settings\Default User\Application Data 2008-05-02 05:42:22 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft 2008-05-02 05:42:21 0 dr-h----- C:\Documents and Settings\All Users\Application Data 2008-05-02 05:42:21 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-05-02 05:42:05 0 d-------- C:\Documents and Settings 2008-05-02 05:33:20 0 d-------- C:\WINDOWS 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\WinSxS 2008-05-02 05:33:20 0 dr------- C:\WINDOWS\Web 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\twain_32 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\wins 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\wbem 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\usmt 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\spool 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\ShellExt 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\Setup 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\ras 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\oobe 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\npp 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\mui 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\inetsrv 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\IME 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\icsxml 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\ias 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\export 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\drivers 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\drivers\etc 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\drivers\disdn 2008-05-02 05:33:20 0 dr-hs--c- C:\WINDOWS\system32\dllcache 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\dhcp 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\config 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\3com_dmi 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\3076 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\2052 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1054 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1042 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1041 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1037 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1033 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1031 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1028 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system32\1025 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\system 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\security 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Resources 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\repair 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\mui 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\msapps 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\msagent 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Media 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\java 2008-05-02 05:33:20 0 d--h----- C:\WINDOWS\inf 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\ime 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Help 2008-05-02 05:33:20 0 dr--s---- C:\WINDOWS\Fonts 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Driver Cache 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Debug 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Cursors 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Connection Wizard 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\Config 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\AppPatch 2008-05-02 05:33:20 0 d-------- C:\WINDOWS\addins -- Find3M Report --------------------------------------------------------------- 2008-05-26 23:38:17 668 --a------ C:\Documents and Settings\Bill Gates\Application Data\vso_ts_preview.xml 2008-05-26 20:21:17 34 --a------ C:\Documents and Settings\Bill Gates\Application Data\pcouffin.log 2008-05-26 20:20:55 1144 --a------ C:\Documents and Settings\Bill Gates\Application Data\pcouffin.inf 2008-05-26 20:20:55 7887 --a------ C:\Documents and Settings\Bill Gates\Application Data\pcouffin.cat 2008-05-08 11:57:43 77824 --a------ C:\WINDOWS\system32\xcomm.dll 2008-05-02 05:42:37 62 --ahs---- C:\Documents and Settings\Bill Gates\Application Data\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c8608b5c-a615-43ed-bc40-68de1c8e44b3}] C:\WINDOWS\system32\nvvxmtgq.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [02/13/2007 10:31 PM] "nwiz"="nwiz.exe" [02/13/2007 10:32 PM C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [02/13/2007 10:31 PM] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [01/20/2006 05:46 PM C:\WINDOWS\KHALMNPR.Exe] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [05/02/2008 04:25 PM] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [05/08/2008 11:03 AM] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [12/18/2006 06:34 AM] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM] "UltraMon"="C:\Program Files\UltraMon\UltraMon.exe" [12/16/2007 02:18 AM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 05:42 AM] "VD"="" [] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [05/13/2008 12:43 PM] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [5/2/2008 2:30:49 PM] NCProTray.lnk - C:\Program Files\SEC\Natural Color Pro\NCProTray.exe [5/2/2008 1:48:12 PM] PerfectDisk 2008.lnk - C:\WINDOWS\Installer\{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}\MenuStartPD9_2B6EC03E6FA04D7C9CCE1B03819AB613.exe [5/8/2008 1:11:51 PM] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ASUS WiFi-AP Solo.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ASUS WiFi-AP Solo.lnk backup=C:\WINDOWS\pss\ASUS WiFi-AP Solo.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Messenger"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] eapsvcs eaphost dot3svc dot3svc bdx scan HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs napagent hkmsvc -- Hosts ----------------------------------------------------------------------- 127.0.0.1 update.bitdefender.com -- End of Deckard's System Scanner: finished at 2008-05-28 15:42:40 ------------