Thank you for looking at this Fenzodahl
Here is the log as requested
Run by Gunter - Shawn on 2008-07-14 17:45:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
18: 2008-07-14 16:45:37 UTC - RP18 - Deckard's System Scanner Restore Point
17: 2008-07-13 22:33:24 UTC - RP17 - Software Distribution Service 3.0
16: 2008-07-13 22:24:17 UTC - RP16 - Installed HPSU306Stub
15: 2008-07-13 18:51:57 UTC - RP15 - ComboFix created restore point
14: 2008-07-13 17:27:58 UTC - RP14 - Software Distribution Service 3.0
and the second one
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English
CPU 0: Intel® Celeron® CPU 2.80GHz
Percentage of Memory in Use: 74%
Physical Memory (total/avail): 246.73 MiB / 64 MiB
Pagefile Memory (total/avail): 976.47 MiB / 519.98 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1881.8 MiB
C: is Fixed (NTFS) - 73.65 GiB total, 58.73 GiB free.
D: is Fixed (FAT32) - 3.03 GiB total, 1.43 GiB free.
E: is CDROM (CDFS)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
\\.\PHYSICALDRIVE0 - HDS728080PLAT20 - 76.69 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 73.65 GiB - C:
\PARTITION1 - Unknown - 3.03 GiB - D:
\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Gunter - Shawn\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=GVSKVWPC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Gunter - Shawn
LOGONSERVER=\\GVSKVWPC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\GUNTER~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\GUNTER~1\LOCALS~1\Temp
USERDOMAIN=GVSKVWPC
USERNAME=Gunter - Shawn
USERPROFILE=C:\Documents and Settings\Gunter - Shawn
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Gunter - Shawn
(admin)Audrey
(new local, admin)Administrator
(new local, admin)-- Add/Remove Programs ---------------------------------------------------------
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
AOL Connectivity Services --> C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c
AOL Spyware Protection --> C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
AOL UK (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\Aolunins_uk.exe
BigFix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34FF0741-EC67-4C05-AC2A-6D257123DF2E}\setup.exe" -l0x9 -uninst -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Digital Media Reader --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GTOneCare --> MsiExec.exe /X{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Intel® Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Intel® PRO Network Adapters and Drivers --> Prounstl.exe
Java 2 Runtime Environment, SE v1.4.2 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
Java 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Protection Service --> MsiExec.exe /I{85CFDC2D-710E-49D5-B799-F3743CA506BA}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Live OneCare Resources v2.5.2900.03 --> MsiExec.exe /I{5660022E-F3F2-4126-8CC5-9726C47150EB}
Microsoft Windows OneCare Live AntiSpyware and AntiVirus --> MsiExec.exe /I{AB65455A-059F-41C3-AAD6-2EFAFB38B19B}
Microsoft Windows OneCare Live v2.5.2900.03 --> MsiExec.exe /I{D07A8E7E-D324-4945-BA8C-E532AD008FF3}
Microsoft Windows OneCare Live v2.5.2900.03 Idcrl Install --> MsiExec.exe /I{3851147E-5A91-4469-BA4D-13FFFCC8A920}
Multimedia Keyboard Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x9
OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Opera 9.51 --> MsiExec.exe /X{88A081BE-AF75-4556-9AD1-EE2B1A61BDF5}
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PX Engine --> MsiExec.exe /I{6513E869-647F-40FD-A55D-CFC92579B9BA}
Skype™ 3.8 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Smart Link 56K Voice Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Live OneCare --> "C:\Program Files\Microsoft Windows OneCare Live\OCSetup.exe" /u
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type571 / Warning
Event Submitted/Written: 07/13/2008 11:49:24 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0
Event Record #/Type570 / Warning
Event Submitted/Written: 07/13/2008 11:49:24 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0
Event Record #/Type568 / Warning
Event Submitted/Written: 07/13/2008 11:48:33 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0
Event Record #/Type565 / Warning
Event Submitted/Written: 07/13/2008 11:48:30 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0
Event Record #/Type563 / Warning
Event Submitted/Written: 07/13/2008 11:48:20 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type164817 / Warning
Event Submitted/Written: 07/14/2008 03:38:33 PM
Event ID/Source: 20 / Print
Event Description:
Printer Driver HP Photosmart C4100 series for Windows NT x86 Version-3 was added or updated. Files:- UNIDRV.DLL, UNIDRVUI.DLL, hpac4103.GPD, UNIDRV.HLP, hpac410a.ini, hpzst054.dll, hpac4103.xml, hpzsc054.dtd, hpzui054.dll, hpz3r054.dll, hpzpr054.dll, hpcdmc32.dll, hpbcfgre.dll, hpahc410.exp, hpzsm054.gpd, hpz3m054.gpd, hpzev054.dll, hpzhl054.cab, STDNAMES.GPD, hpz3a054.dll, hpzss054.dll, hpfie054.dll, hpfig054.dll, hpfrs054.dll, UNIRES.DLL.
Event Record #/Type164816 / Warning
Event Submitted/Written: 07/14/2008 03:37:36 PM
Event ID/Source: 20 / Print
Event Description:
Printer Driver HP Photosmart C4100 series for Windows NT x86 Version-3 was added or updated. Files:- UNIDRV.DLL, UNIDRVUI.DLL, hpac4103.GPD, UNIDRV.HLP, hpac410a.ini, hpzst054.dll, hpac4103.xml, hpzsc054.dtd, hpzui054.dll, hpz3r054.dll, hpzpr054.dll, hpcdmc32.dll, hpbcfgre.dll, hpahc410.exp, hpzsm054.gpd, hpz3m054.gpd, hpzev054.dll, hpzhl054.cab, STDNAMES.GPD, hpz3a054.dll, hpzss054.dll, hpfie054.dll, hpfig054.dll, hpfrs054.dll, UNIRES.DLL.
Event Record #/Type164815 / Warning
Event Submitted/Written: 07/14/2008 09:43:25 AM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Event Record #/Type164804 / Error
Event Submitted/Written: 07/13/2008 11:35:15 PM / 07/13/2008 11:35:16 PM
Event ID/Source: 20 / Windows Update Agent
Event Description:
Installation Failure: Windows failed to install the following update with error 0x80070652: Office XP Service Pack 3.
Event Record #/Type164776 / Error
Event Submitted/Written: 07/13/2008 10:30:24 PM
Event ID/Source: 7016 / Service Control Manager
Event Description:
The SmartLinkService service has reported an invalid current state 0.
-- End of Deckard's System Scanner: finished at 2008-07-14 17:50:16 ------------
-- First Restore Point --
1: 2008-07-07 20:52:57 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 247 MiB (512 MiB recommended).-- HijackThis (run as Gunter - Shawn.exe) --------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:42, on 14/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
C:\Program Files\BigFix\BigFix.exe
C:\Documents and Settings\Gunter - Shawn\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Gunter - Shawn.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1215411105468O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 4610 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*.txt - txtfile - shell\open\command - NOTEPAD.EXE %1-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 SunkFilt (Alcor Micro Corp Reader) - c:\windows\system32\drivers\sunkfilt.sys <Not Verified; Alcor Micro Corp.; SunkFilt>
S3 ATE_PROCMON - c:\program files\anti trojan elite\atepmon.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 ThreatFire - c:\program files\threatfire\tfservice.exe service (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Generic Digital camera
Device ID: USB\VID_04FC&PID_0561\5&FCDEEB7&0&1
Manufacturer:
Name: Generic Digital camera
PNP Device ID: USB\VID_04FC&PID_0561\5&FCDEEB7&0&1
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Base System Device
Device ID: PCI\VEN_14F1&DEV_1610&SUBSYS_5506141B&REV_01\4&29817089&0&00F0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_14F1&DEV_1610&SUBSYS_5506141B&REV_01\4&29817089&0&00F0
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: ATM Network Controller
Device ID: PCI\VEN_14F1&DEV_1611&SUBSYS_5507141B&REV_01\4&29817089&0&01F0
Manufacturer:
Name: ATM Network Controller
PNP Device ID: PCI\VEN_14F1&DEV_1611&SUBSYS_5507141B&REV_01\4&29817089&0&01F0
Service:
-- Files created between 2008-06-14 and 2008-07-14 -----------------------------
2008-07-13 23:49:39 0 d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-07-13 23:47:47 0 d-------- C:\bin
2008-07-13 23:45:54 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-07-13 23:45:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2008-07-13 23:37:50 0 d-------- C:\Program Files\Common Files\HP
2008-07-13 23:20:54 0 d-------- C:\Program Files\Hewlett-Packard
2008-07-13 23:19:12 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-07-13 22:52:29 0 d-------- C:\WINDOWS\LastGood
2008-07-13 22:51:24 0 d-------- C:\Program Files\HP
2008-07-13 22:50:04 117013 --a------ C:\WINDOWS\hpoins11.dat
2008-07-13 22:47:42 0 d-------- C:\Program Files\Picasa2
2008-07-13 19:49:37 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-07-13 19:49:36 68096 --a------ C:\WINDOWS\zip.exe
2008-07-13 19:49:36 49152 --a------ C:\WINDOWS\VFind.exe
2008-07-13 19:49:36 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-07-13 19:49:36 98816 --a------ C:\WINDOWS\sed.exe
2008-07-13 19:49:36 80412 --a------ C:\WINDOWS\grep.exe
2008-07-13 19:49:36 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-07-13 19:49:35 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-13 18:55:04 0 d-------- C:\Program Files\Trend Micro
2008-07-13 09:07:31 0 dr-h----- C:\Documents and Settings\Gunter - Shawn\Recent
2008-07-10 22:12:28 0 d-------- C:\Program Files\Panda Security
2008-07-09 21:54:32 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-09 21:53:05 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-07-09 21:53:05 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\SUPERAntiSpyware.com
2008-07-09 17:54:59 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-09 11:55:48 0 d-------- C:\WINDOWS\Prefetch
2008-07-09 07:50:58 0 d-------- C:\WINDOWS\system32\scripting
2008-07-09 07:50:57 0 d-------- C:\WINDOWS\l2schemas
2008-07-09 07:50:55 0 d-------- C:\WINDOWS\system32\en
2008-07-09 07:46:22 0 d-------- C:\WINDOWS\ServicePackFiles
2008-07-09 07:16:30 0 d-------- C:\WINDOWS\EHome
2008-07-08 22:53:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-07 22:05:03 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Malwarebytes
2008-07-07 22:04:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-07 22:04:50 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-07 22:04:23 0 d-------- C:\Program Files\Common Files\Download Manager
2008-07-07 14:07:56 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\AdobeUM
2008-07-07 14:07:33 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-06 09:46:36 0 d-------- C:\WINDOWS\system32\bits
2008-07-06 07:26:09 0 d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-07-05 17:41:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-05 17:25:49 0 dr------- C:\Documents and Settings\Audrey\Favorites
2008-07-05 17:25:49 0 d-------- C:\Documents and Settings\Audrey\Desktop
2008-07-05 17:25:49 0 d--hs---- C:\Documents and Settings\Audrey\Cookies
2008-07-05 17:25:49 0 dr-h----- C:\Documents and Settings\Audrey\Application Data
2008-07-05 17:25:49 0 d-------- C:\Documents and Settings\Audrey\Application Data\Sun
2008-07-05 17:25:49 0 d-------- C:\Documents and Settings\Audrey\Application Data\SampleView
2008-07-05 17:25:49 0 d---s---- C:\Documents and Settings\Audrey\Application Data\Microsoft
2008-07-05 17:25:49 0 d-------- C:\Documents and Settings\Audrey\Application Data\Identities
2008-07-05 17:25:48 0 d-------- C:\Documents and Settings\Audrey\WINDOWS
2008-07-05 17:25:48 0 d--h----- C:\Documents and Settings\Audrey\Templates
2008-07-05 17:25:48 0 dr------- C:\Documents and Settings\Audrey\Start Menu
2008-07-05 17:25:48 0 dr-h----- C:\Documents and Settings\Audrey\SendTo
2008-07-05 17:25:48 0 dr-h----- C:\Documents and Settings\Audrey\Recent
2008-07-05 17:25:48 0 d--h----- C:\Documents and Settings\Audrey\PrintHood
2008-07-05 17:25:48 0 d--h----- C:\Documents and Settings\Audrey\NetHood
2008-07-05 17:25:48 0 dr------- C:\Documents and Settings\Audrey\My Documents
2008-07-05 17:25:48 0 d--h----- C:\Documents and Settings\Audrey\Local Settings
2008-07-05 17:25:47 2097152 --ah----- C:\Documents and Settings\Audrey\NTUSER.DAT
2008-07-05 04:24:13 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\FRISK Software
2008-07-05 04:05:58 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-07-05 04:05:16 0 d-------- C:\Documents and Settings\All Users\Application Data\FRISK Software
2008-07-04 00:44:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-07-03 17:08:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Skype
2008-07-03 16:57:02 0 d-------- C:\fsaua.data
2008-07-03 15:33:55 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-07-03 15:17:14 0 d-------- C:\Documents and Settings\Administrator\Application Data\WinRAR
2008-07-03 14:58:44 0 d-------- C:\Documents and Settings\Administrator\Application Data\Opera
2008-07-03 14:56:12 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-07-03 14:56:12 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-07-03 14:56:12 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-07-03 14:56:12 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-07-03 14:56:12 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-07-03 14:56:12 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-07-03 14:56:12 0 d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-07-03 14:56:12 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-07-03 14:56:12 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-07-03 14:56:11 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-07-03 14:56:11 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-07-03 14:56:11 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-07-03 14:56:11 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-07-03 14:56:11 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-07-03 14:56:11 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-07-03 14:56:11 2359296 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-07-03 14:56:11 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-07-03 14:56:11 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-07-03 11:57:36 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-07-03 03:02:38 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Adobe
2008-07-02 09:09:09 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-01 16:43:00 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Microsoft Web Folders
2008-07-01 13:58:02 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Opera
2008-07-01 13:50:05 0 d-------- C:\Program Files\Opera
2008-06-30 15:27:08 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-06-30 15:27:05 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\skypePM
2008-06-30 15:22:01 0 d-------- C:\Temp
2008-06-30 15:21:33 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Skype
2008-06-30 13:21:21 0 d-------- C:\Program Files\Skype
2008-06-30 13:15:51 0 d-------- C:\Program Files\Common Files\Skype
2008-06-30 12:17:38 0 d-------- C:\WINDOWS\network diagnostic
2008-06-30 12:02:32 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-30 11:58:57 0 d-------- C:\WINDOWS\ShellNew
2008-06-30 00:50:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-06-30 00:03:52 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\WinRAR
2008-06-29 19:14:28 135168 --a------ C:\WINDOWS\system32\SLMOHServ.dll <Not Verified; ; SLMOHServ Dynamic Link Library>
2008-06-29 19:14:28 368640 --a------ C:\WINDOWS\system32\slmh.exe <Not Verified; ; Modem Helper>
2008-06-29 19:14:28 528384 --a------ C:\WINDOWS\system32\SLLights.dll <Not Verified; ; SLLights>
2008-06-29 19:14:28 167936 --a------ C:\WINDOWS\system32\minirec.exe <Not Verified; ; MiniRec>
2008-06-29 19:14:28 14968 --a------ C:\WINDOWS\system32\drivers\winddx.sys <Not Verified; ; Modem>
2008-06-29 19:14:28 208896 --a------ C:\WINDOWS\system32\amr_cpl.dll <Not Verified; ; Modem>
2008-06-29 19:14:28 65536 --a------ C:\WINDOWS\SmCfg.exe <Not Verified; ; Modem>
2008-06-29 19:14:28 0 d-------- C:\WINDOWS\Modio
2008-06-29 19:11:58 0 d--hs---- C:\System Volume Information
2008-06-29 18:57:54 0 d-------- C:\WINDOWS\creator
2008-06-29 18:57:43 0 d-------- C:\WINDOWS\SMINST
2008-06-29 18:56:53 0 dr------- C:\Program Files
2008-06-29 18:56:38 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-06-29 18:56:38 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-29 18:56:38 0 d--h----- C:\Documents and Settings\Default User\Local Settings
2008-06-29 18:56:38 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-29 18:56:38 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-06-29 18:56:37 0 dr------- C:\Documents and Settings\All Users\Documents
2008-06-29 18:56:37 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-29 18:56:15 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-29 18:53:00 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-29 18:51:50 60 --a------ C:\MOVE_RECOVERY
2008-06-29 18:50:10 0 d-------- C:\My Backup -- 29-06-08 1050
2008-06-29 13:06:40 0 d-------- C:\Program Files\AVG
2008-06-29 12:44:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-29 12:30:50 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\LimeWire
2008-06-29 12:10:55 0 d-------- C:\Program Files\CCleaner
2008-06-29 11:57:42 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-29 11:54:15 0 d--hs---- C:\Documents and Settings\Gunter - Shawn\UserData
2008-06-29 11:46:29 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Macromedia
2008-06-29 11:43:00 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-29 11:38:04 0 dr------- C:\Documents and Settings\Gunter - Shawn\Favorites
2008-06-29 11:38:04 0 d-------- C:\Documents and Settings\Gunter - Shawn\Desktop
2008-06-29 11:38:04 0 d--hs---- C:\Documents and Settings\Gunter - Shawn\Cookies
2008-06-29 11:38:04 0 d--h----- C:\Documents and Settings\Gunter - Shawn\Application Data
2008-06-29 11:38:04 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Sun
2008-06-29 11:38:04 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\SampleView
2008-06-29 11:38:04 0 d-------- C:\Documents and Settings\Gunter - Shawn\Application Data\Identities
2008-06-29 11:38:03 0 d-------- C:\Documents and Settings\Gunter - Shawn\WINDOWS
2008-06-29 11:38:03 0 d--h----- C:\Documents and Settings\Gunter - Shawn\Templates
2008-06-29 11:38:03 0 dr------- C:\Documents and Settings\Gunter - Shawn\Start Menu
2008-06-29 11:38:03 0 dr-h----- C:\Documents and Settings\Gunter - Shawn\SendTo
2008-06-29 11:38:03 0 d--h----- C:\Documents and Settings\Gunter - Shawn\PrintHood
2008-06-29 11:38:03 2883584 --ah----- C:\Documents and Settings\Gunter - Shawn\NTUSER.DAT
2008-06-29 11:38:03 0 d--h----- C:\Documents and Settings\Gunter - Shawn\NetHood
2008-06-29 11:38:03 0 dr------- C:\Documents and Settings\Gunter - Shawn\My Documents
2008-06-29 11:38:03 0 d--h----- C:\Documents and Settings\Gunter - Shawn\Local Settings
2008-06-29 11:37:14 0 d-------- C:\Documents and Settings\Default User\WINDOWS
2008-06-29 11:37:14 0 d-------- C:\Documents and Settings\Default User\Application Data\Sun
2008-06-29 11:37:14 0 d-------- C:\Documents and Settings\Default User\Application Data\SampleView
2008-06-29 11:37:14 0 d-------- C:\Documents and Settings\Default User\Application Data\Identities
2008-06-29 11:35:47 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-29 11:24:26 0 d-------- C:\WINDOWS\RegisteredPackages
2008-06-29 11:24:15 0 d-------- C:\Program Files\CyberLink
2008-06-29 11:24:14 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-06-29 11:24:11 20480 --a------ C:\WINDOWS\system32\Marker32.exe <Not Verified; Gateway; Marker32>
2008-06-29 11:24:09 471300 --a------ C:\WINDOWS\wallpe.exe <Not Verified; ; wallpe>
2008-06-29 11:23:59 212480 -ra------ C:\WINDOWS\system32\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2008-06-29 11:23:59 37888 -ra------ C:\WINDOWS\system32\ochlp30e.dll <Not Verified; Microsoft Corporation; Microsoft Multimedia Controls>
2008-06-29 11:23:59 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>
2008-06-29 11:23:59 91136 -ra------ C:\WINDOWS\system32\msls2.dll <Not Verified; Microsoft Corporation; Microsoft® Line Services>
2008-06-29 11:23:59 31744 -ra------ C:\WINDOWS\system32\hlp95en.dll <Not Verified; Microsoft Corporation; Microsoft Office>
2008-06-29 11:23:18 67072 --a------ C:\WINDOWS\POWERCFG.EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-29 11:21:56 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT
2008-06-29 11:21:38 0 d-------- C:\Program Files\BigFix
2008-06-29 11:21:04 0 d-------- C:\WINDOWS\Drivers
2008-06-29 11:20:54 0 d-------- C:\Program Files\Intel
2008-06-29 11:20:12 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-29 11:19:13 0 d-------- C:\Program Files\Digital Media Reader
2008-06-29 11:19:07 0 d-------- C:\WINDOWS\Downloaded Installations
2008-06-29 11:18:53 0 d-------- C:\Program Files\AOL Companion
2008-06-29 11:18:47 368912 --a------ C:\WINDOWS\system32\vbar332.dll <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-06-29 11:18:47 102400 --a------ C:\WINDOWS\system32\SimpleRegistry.dll <Not Verified; 4Developers LLC; SimpleRegistry Control>
2008-06-29 11:18:47 118784 --a------ C:\WINDOWS\system32\Msstdfmt.dll <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-06-29 11:18:47 10752 --a------ C:\WINDOWS\system32\aamd532.dll <Not Verified; Almeida & Andrade Ltda; MD5 Maker DLL>
2008-06-29 11:18:45 0 d-------- C:\WINDOWS\occache
2008-06-29 11:18:44 0 d-------- C:\Program Files\Viewpoint
2008-06-29 11:18:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-06-29 11:18:31 86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>
2008-06-29 11:18:24 0 d-------- C:\Program Files\QuickTime
2008-06-29 11:18:24 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-06-29 11:18:20 0 d-------- C:\Program Files\Common Files\Nullsoft
2008-06-29 11:17:56 0 d-------- C:\My Music
2008-06-29 11:17:52 0 d-------- C:\Program Files\Common Files\Real
2008-06-29 11:17:32 153088 --a------ C:\WINDOWS\system32\jgdwmie.dll <Not Verified; America Online; JG Decoder>
2008-06-29 11:17:30 1044480 --a------ C:\WINDOWS\system32\roboex32.dll <Not Verified; eHelp Corporation.; RoboHELP for WinHelp 9>
2008-06-29 11:17:30 54784 --a------ C:\WINDOWS\system32\Inetwh32.dll <Not Verified; Blue Sky Software Corporation.; Blue Sky Software - INETWH32>
2008-06-29 11:17:11 225280 --a------ C:\WINDOWS\system32\AOLDial.dll <Not Verified; America Online, Inc; AOL Connectivity Service>
2008-06-29 11:17:09 0 d-------- C:\Program Files\Common Files\aolshare
2008-06-29 11:17:07 0 d-------- C:\Program Files\AOL 9.0
2008-06-29 11:17:07 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-06-29 11:16:58 0 d-------- C:\Program Files\Common Files\AOL
2008-06-29 11:16:57 335 --a------ C:\WINDOWS\nsreg.dat
2008-06-29 11:16:56 532544 --a------ C:\WINDOWS\PIC.dll
2008-06-29 11:16:56 3927 --a------ C:\WINDOWS\mHotkey.reg
2008-06-29 11:16:56 24576 --a------ C:\WINDOWS\HKNTDLL.dll
2008-06-29 11:16:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-29 11:16:55 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-29 11:16:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Prism Deploy
2008-06-29 11:16:54 0 d-------- C:\Program Files\Common Files\New Boundary
2008-06-29 11:16:51 0 d-------- C:\Program Files\Google
-- Find3M Report ---------------------------------------------------------------
2008-07-13 23:45:54 0 d-------- C:\Program Files\Common Files
2008-07-09 07:51:35 0 d-------- C:\Program Files\Messenger
2008-07-09 07:50:54 0 d-------- C:\Program Files\Movie Maker
2008-07-09 07:45:52 0 d-------- C:\Program Files\Windows NT
2008-07-01 16:40:50 0 d-------- C:\Program Files\microsoft frontpage
2008-06-29 12:28:03 0 d-------- C:\Program Files\Java
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [25/06/2008 06:48]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [19/02/2006 02:41]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 01:12]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [28/05/2008 10:33]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [26/02/2008 02:23]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [19/02/2006 04:21:22]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [10/02/2006 07:56:20]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [13/05/2008 10:13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d714aa36-45c5-11dd-883b-806d6172696f}]
AutoRun\command- E:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-07-14 17:50:16 ------------