Thanks so much. If you knew where this computer was when i got it.
Deckard's System Scanner v20071014.68
Run by Owner on 2008-02-10 11:26:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 4 Restore Point(s) --
4: 2008-02-10 16:27:22 UTC - RP306 - Deckard's System Scanner Restore Point
3: 2008-02-09 20:43:59 UTC - RP305 - ComboFix created restore point
2: 2008-02-09 20:37:29 UTC - RP304 - ComboFix created restore point
1: 2008-02-08 04:22:48 UTC - RP303 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 76% (more than 75%).-- HijackThis (run as Owner.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:28:39 AM, on 2/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\windows\system\hpsysdrv.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\DOCUME~1\Owner\Desktop\Owner.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [yttnymw] C:\WINDOWS\system32\yttnymw.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\RunServices: [yttnymw] C:\WINDOWS\system32\yttnymw.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/b...lineScanner.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitd...can8/oscan8.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
--
End of file - 6179 bytes
-- HijackThis Fixed Entries (C:\DOCUME~1\Owner\Desktop\backups\) ---------------
backup-20080209-175629-119 O4 - HKLM\..\Run: [ss] C:\WINDOWS\system32\ss.exe
backup-20080209-175629-169 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
backup-20080209-175629-264 O4 - HKLM\..\Run: [bkxckfgfuf] C:\WINDOWS\system32\bkxckfgfuf.exe
backup-20080209-175629-272 O4 - HKLM\..\RunServices: [rqbaghbw] C:\WINDOWS\system32\rqbaghbw.exe
backup-20080209-175629-426 O23 - Service: AOL Spyware Removal Agent (AOL-SpyBot) - Unknown owner - C:\WINDOWS\Debug\aolspysw.exe (file missing)
backup-20080209-175629-689 O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
backup-20080209-175629-774 O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
backup-20080209-175629-806 O4 - HKLM\..\RunServices: [aw] C:\WINDOWS\system32\aw.exe
backup-20080209-175629-934 O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
backup-20080209-175629-941 O4 - HKLM\..\RunServices: [bkxckfgfuf] C:\WINDOWS\system32\bkxckfgfuf.exe
backup-20080209-175629-949 O23 - Service: Windows Network Service Monitor (nsmss) - Unknown owner - C:\system32\nsmss.exe (file missing)
backup-20080209-175629-984 O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
backup-20080209-185158-735 O23 - Service: Windows Network Service Monitor (nsmss) - Unknown owner - C:\system32\nsmss.exe (file missing)
backup-20080209-185158-955 O23 - Service: AOL Spyware Removal Agent (AOL-SpyBot) - Unknown owner - C:\WINDOWS\Debug\aolspysw.exe (file missing)
backup-20080209-185934-892 O23 - Service: Windows Network Service Monitor (nsmss) - Unknown owner - C:\system32\nsmss.exe (file missing)
backup-20080209-185934-975 O23 - Service: AOL Spyware Removal Agent (AOL-SpyBot) - Unknown owner - C:\WINDOWS\Debug\aolspysw.exe (file missing)
backup-20080209-190119-722 O23 - Service: Windows Network Service Monitor (nsmss) - Unknown owner - C:\system32\nsmss.exe (file missing)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 drvmcdb - c:\windows\system32\drivers\drvmcdb.sys <Not Verified; VERITAS Software, Inc.; >
R0 fasttx2k - c:\windows\system32\drivers\fasttx2k.sys <Not Verified; Promise Technology, Inc.; Promise FastTrak Series Driver>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 catchme - c:\docume~1\owner\locals~1\temp\catchme.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 AOL-SpyBot (AOL Spyware Removal Agent) - "c:\windows\debug\aolspysw.exe" (file missing)
S4 nsmss (Windows Network Service Monitor) - c:\system32\nsmss.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-01-10 and 2008-02-10 -----------------------------
2008-02-09 15:43:34 0 d-------- C:\Combo-Fix
2008-02-09 15:32:56 68096 --a------ C:\WINDOWS\system32\zip.exe
2008-02-09 15:32:56 98816 --a------ C:\WINDOWS\system32\sed.exe
2008-02-09 15:32:56 80412 --a------ C:\WINDOWS\system32\grep.exe
2008-02-09 15:32:56 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-02-09 13:54:09 1306881 --a------ C:\SDFix.exe
2008-02-09 13:18:04 1593889 --a------ C:\ComboFix.exe
2008-02-08 07:06:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-08 07:06:20 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-08 06:34:24 0 d-------- C:\Program Files\EsetOnlineScanner
2008-02-07 23:54:12 0 d-------- C:\Documents and Settings\Owner\DoctorWeb
2008-02-04 07:27:35 8576 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys <Not Verified; Panda Software International; RKPavProc Driver>
2008-02-04 07:07:47 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-02-03 21:51:57 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-03 21:51:57 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-02-03 21:51:57 83456 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-02-03 21:51:57 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-02-03 21:51:57 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-02-03 21:51:57 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-02-03 21:51:57 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-03 20:45:11 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-02-03 20:05:33 0 d-------- C:\Documents and Settings\Gabe\Application Data\SUPERAntiSpyware.com
2008-02-03 20:03:33 0 d-------- C:\Documents and Settings\Gabe\Application Data\AVG7
2008-02-03 18:50:00 0 dr-h----- C:\$VAULT$.AVG
2008-02-03 18:31:23 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-02-03 18:31:10 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-02-03 18:30:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-03 18:11:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-02-03 17:31:33 0 d-------- C:\WINDOWS\BDOSCAN8
2008-02-03 16:48:18 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-03 16:48:04 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-02-03 16:48:04 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-02-03 16:47:28 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-03 15:59:41 0 d-------- C:\WINDOWS\ERUNT
2008-02-03 15:58:35 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-02-03 15:58:35 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-02-03 15:58:35 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2008-02-03 15:58:35 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\interMute
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-02-03 15:58:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-02-03 15:58:34 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-02-03 15:58:34 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-02-03 15:58:34 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-02-03 15:58:34 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-02-03 15:58:34 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-02-03 15:58:34 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-02-03 15:58:34 786432 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2008-02-03 15:58:34 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-02-03 15:58:34 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-02-03 15:58:34 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
-- Find3M Report ---------------------------------------------------------------
2008-02-07 22:12:50 0 d-------- C:\Program Files\Windows Media Connect 2
2008-02-03 21:36:01 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-02-03 20:49:38 0 d-------- C:\Program Files\Common Files
2008-02-03 20:47:34 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-03 20:38:53 0 d-------- C:\Program Files\Common Files\Real
2008-02-03 17:26:42 0 d-------- C:\Program Files\Java
2008-02-03 15:18:53 0 d-------- C:\Documents and Settings\Owner\Application Data\interMute
2008-02-03 15:18:27 0 d-------- C:\Program Files\Softex
2008-01-09 15:01:48 53248 --a------ C:\WINDOWS\bdoscandel.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [03/03/2003 01:44 PM]
"nwiz"="nwiz.exe" [03/03/2003 01:44 PM C:\WINDOWS\system32\nwiz.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [09/07/2004 01:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"yttnymw"="C:\WINDOWS\system32\yttnymw.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 05:24 AM]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 02:06 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [02/03/2008 06:32 PM]
"StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [02/13/2003 10:01 AM]
"Share-to-Web Namespace Daemon"="c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [04/17/2002 07:42 PM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [09/13/2002 11:42 PM]
"KBD"="C:\HP\KBD\KBD.EXE" []
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [05/07/1998 06:04 PM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [03/11/2003 07:11 PM]
"CamMonitor"="c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [06/22/2002 09:27 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIEW"="nview.dll,nViewLoadHook" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [04/27/2007 04:17 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/21/2007 02:06 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"yttnymw"=C:\WINDOWS\system32\yttnymw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
C:\Program Files\Softex\OmniPass\opxpgina.dll 02/21/2003 05:50 AM 40960 C:\Program Files\Softex\OmniPass\OPXPGina.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Messenger"=2 (0x2)
-- End of Deckard's System Scanner: finished at 2008-02-10 11:29:55 ------------