OTScanIt logfile created on: 27/07/2008 01:06:49
OTScanIt by OldTimer - Version 1.0.16.2     Folder = F:\Documents and Settings\Yaacov\Desktop\OTScanIt
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040D | Country: Israel | Language: HEB | Date Format: dd/MM/yyyy

991.48 Mb Total Physical Memory | 270.18 Mb Available Physical Memory | 27.25% Memory free
3.04 Gb Paging File | 2.30 Gb Available in Paging File | 75.74% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440;F:\pagefile.sys 0 0;

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 37.26 Gb Total Space | 25.64 Gb Free Space | 68.81% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 78.13 Gb Total Space | 29.94 Gb Free Space | 38.33% Space Free | Partition Type: NTFS
Drive G: | 70.92 Gb Total Space | 61.53 Gb Free Space | 86.76% Space Free | Partition Type: NTFS
Drive H: | 93.16 Gb Total Space | 48.99 Gb Free Space | 52.59% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive K: | 93.15 Gb Total Space | 31.01 Gb Free Space | 33.29% Space Free | Partition Type: NTFS

Computer Name: TAUBE
Current User Name: Yaacov
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users

[Processes - Non-Microsoft Only]
fwservice.exe -> %ProgramFiles%\PC Tools Firewall Plus\FWService.exe -> PC Tools [Ver = 3, 0, 0, 36 | Size = 91480 bytes | Modified Date = 19/09/2007 15:26:14 | Attr =    ]
aawservice.exe -> %ProgramFiles%\Adware\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 23/04/2008 01:01:09 | Attr =    ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 13:28:18 | Attr =    ]
cbevtsvc.exe -> %SystemRoot%\system32\CbEvtSvc.exe ->  [Ver =  | Size = 78848 bytes | Modified Date = 25/07/2008 12:14:53 | Attr =    ]
ramaint.exe -> %ProgramFiles%\LogMeIn\x86\ramaint.exe -> LogMeIn, Inc. [Ver = 4.0.734 | Size = 116032 bytes | Modified Date = 28/05/2008 12:32:34 | Attr =    ]
logmein.exe -> %ProgramFiles%\LogMeIn\x86\LogMeIn.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63040 bytes | Modified Date = 17/04/2007 14:03:50 | Attr =    ]
lmiguardian.exe -> %ProgramFiles%\LogMeIn\x86\LMIGuardian.exe -> LogMeIn, Inc. [Ver = 8.0.734 | Size = 87360 bytes | Modified Date = 28/05/2008 12:32:28 | Attr =    ]
nod32krn.exe -> %ProgramFiles%\ESET\nod32krn.exe -> Eset  [Ver = 2, 50, 16  | Size = 495616 bytes | Modified Date = 02/07/2007 00:32:56 | Attr =    ]
streamloadservice.exe -> %ProgramFiles%\Streamload\MediaMax XL\StreamloadService.exe -> Streamload [Ver = 1.0.0.0 | Size = 49152 bytes | Modified Date = 12/09/2006 16:20:00 | Attr =    ]
upserv.exe -> %ProgramFiles%\UPSmart Server\UPServ.exe ->  [Ver = 1, 0, 0, 1 | Size = 61440 bytes | Modified Date = 11/01/2005 09:53:00 | Attr =    ]
upsmart.exe -> %ProgramFiles%\UPSmart Server\UPSmart.exe ->  [Ver = 1, 0, 0, 1 | Size = 356352 bytes | Modified Date = 21/02/2005 10:47:06 | Attr =    ]
hpztsb09.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\hpztsb09.exe -> HP [Ver = 2.236.2.0 | Size = 188416 bytes | Modified Date = 28/07/2003 15:43:44 | Attr =    ]
lvcomsx.exe -> %SystemRoot%\system32\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 221184 bytes | Modified Date = 08/10/2004 11:52:32 | Attr =    ]
logitray.exe -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 217088 bytes | Modified Date = 18/01/2005 17:37:30 | Attr =    ]
icqlite.exe -> G:\Program Files\ICQLite\ICQLite.exe -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 11/07/2006 12:06:40 | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 04:25:21 | Attr =    ]
logmeinsystray.exe -> %ProgramFiles%\LogMeIn\x86\LogMeInSystray.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63048 bytes | Modified Date = 17/04/2007 14:03:50 | Attr =    ]
hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/05/2004 15:18:56 | Attr =    ]
nod32kui.exe -> %ProgramFiles%\ESET\nod32kui.exe -> Eset  [Ver = 2, 50, 16  | Size = 917504 bytes | Modified Date = 02/07/2007 00:32:56 | Attr =    ]
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.706.29690 | Size = 1836544 bytes | Modified Date = 19/07/2007 07:19:01 | Attr =    ]
firewallgui.exe -> %ProgramFiles%\PC Tools Firewall Plus\FirewallGUI.exe -> PC Tools [Ver = 3, 0, 0, 36 | Size = 2483504 bytes | Modified Date = 19/09/2007 15:27:06 | Attr =    ]
lmiguardian.exe -> %ProgramFiles%\LogMeIn\x86\LMIGuardian.exe -> LogMeIn, Inc. [Ver = 8.0.734 | Size = 87360 bytes | Modified Date = 28/05/2008 12:32:28 | Attr =    ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.6.1.9 | Size = 267048 bytes | Modified Date = 19/02/2008 13:10:32 | Attr =    ]
qttask.exe -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.5 (861) | Size = 413696 bytes | Modified Date = 27/05/2008 10:50:30 | Attr =    ]
lphcrfdj0ev7d.exe -> %SystemRoot%\system32\lphcrfdj0ev7d.exe -> File not found
skype.exe -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.6.0.216 | Size = 21760296 bytes | Modified Date = 16/11/2007 12:36:48 | Attr = R  ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 27/06/2007 22:51:32 | Attr =    ]
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.706.29690 | Size = 1836544 bytes | Modified Date = 19/07/2007 07:19:01 | Attr =    ]
fxsvr2.exe -> %ProgramFiles%\Logitech\Video\FxSvr2.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 192512 bytes | Modified Date = 18/01/2005 17:08:36 | Attr =    ]
calcheck.exe -> %ProgramFiles%\Photo Express 3.0 SE\CalCheck.exe -> Ulead Systems, Inc. [Ver = 3, 0, 0, 1 | Size = 61440 bytes | Modified Date = 15/06/1999 18:19:42 | Attr =    ]
watch.exe -> %SystemRoot%\twain_32\C6U14K\WATCH.exe -> Common Group [Ver = 2, 3, 5, 0 | Size = 356352 bytes | Modified Date = 09/07/2001 15:38:10 | Attr =    ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.1.9 | Size = 504104 bytes | Modified Date = 19/02/2008 13:10:24 | Attr =    ]
wzqkpick.exe -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing, Inc. [Ver = 1.0 (32-bit) | Size = 106560 bytes | Modified Date = 11/02/2003 08:10:00 | Attr =    ]
skypepm.exe -> %ProgramFiles%\Skype\Plugin Manager\skypePM.exe -> Skype Technologies [Ver = 1.5.0.32 | Size = 2051016 bytes | Modified Date = 16/11/2007 12:36:48 | Attr = R  ]
hpztsb09.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\hpztsb09.exe -> HP [Ver = 2.236.2.0 | Size = 188416 bytes | Modified Date = 28/07/2003 15:43:44 | Attr =    ]
lvcomsx.exe -> %SystemRoot%\system32\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 221184 bytes | Modified Date = 08/10/2004 11:52:32 | Attr =    ]
logitray.exe -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 217088 bytes | Modified Date = 18/01/2005 17:37:30 | Attr =    ]
icqlite.exe -> G:\Program Files\ICQLite\ICQLite.exe -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 11/07/2006 12:06:40 | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 04:25:21 | Attr =    ]
logmeinsystray.exe -> %ProgramFiles%\LogMeIn\x86\LogMeInSystray.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63048 bytes | Modified Date = 17/04/2007 14:03:50 | Attr =    ]
hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/05/2004 15:18:56 | Attr =    ]
nod32kui.exe -> %ProgramFiles%\ESET\nod32kui.exe -> Eset  [Ver = 2, 50, 16  | Size = 917504 bytes | Modified Date = 02/07/2007 00:32:56 | Attr =    ]
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.706.29690 | Size = 1836544 bytes | Modified Date = 19/07/2007 07:19:01 | Attr =    ]
firewallgui.exe -> %ProgramFiles%\PC Tools Firewall Plus\FirewallGUI.exe -> PC Tools [Ver = 3, 0, 0, 36 | Size = 2483504 bytes | Modified Date = 19/09/2007 15:27:06 | Attr =    ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.6.1.9 | Size = 267048 bytes | Modified Date = 19/02/2008 13:10:32 | Attr =    ]
qttask.exe -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.5 (861) | Size = 413696 bytes | Modified Date = 27/05/2008 10:50:30 | Attr =    ]
lphcrfdj0ev7d.exe -> %SystemRoot%\system32\lphcrfdj0ev7d.exe -> File not found
lmiguardian.exe -> %ProgramFiles%\LogMeIn\x86\LMIGuardian.exe -> LogMeIn, Inc. [Ver = 8.0.734 | Size = 87360 bytes | Modified Date = 28/05/2008 12:32:28 | Attr =    ]
fxsvr2.exe -> %ProgramFiles%\Logitech\Video\FxSvr2.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 192512 bytes | Modified Date = 18/01/2005 17:08:36 | Attr =    ]
calcheck.exe -> %ProgramFiles%\Photo Express 3.0 SE\CalCheck.exe -> Ulead Systems, Inc. [Ver = 3, 0, 0, 1 | Size = 61440 bytes | Modified Date = 15/06/1999 18:19:42 | Attr =    ]
watch.exe -> %SystemRoot%\twain_32\C6U14K\WATCH.exe -> Common Group [Ver = 2, 3, 5, 0 | Size = 356352 bytes | Modified Date = 09/07/2001 15:38:10 | Attr =    ]
wzqkpick.exe -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing, Inc. [Ver = 1.0 (32-bit) | Size = 106560 bytes | Modified Date = 11/02/2003 08:10:00 | Attr =    ]
nero.exe -> %ProgramFiles%\Ahead\Nero\nero.exe -> Ahead Software AG [Ver = 6, 3, 1, 6 | Size = 13983802 bytes | Modified Date = 19/03/2004 19:11:18 | Attr =    ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.9.0.1 | Size = 307712 bytes | Modified Date = 18/07/2008 14:30:37 | Attr =    ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 12/07/2008 09:29:54 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Adware\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 23/04/2008 01:01:09 | Attr =    ]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 13:28:18 | Attr =    ]
(CbEvtSvc) CbEvtSvc [Win32_Own | Auto | Running] -> %SystemRoot%\system32\CbEvtSvc.exe ->  [Ver =  | Size = 78848 bytes | Modified Date = 25/07/2008 12:14:53 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 14:00:00 | Attr =    ]
(GoogleDesktopManager) GoogleDesktopManager [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.706.29690 | Size = 1836544 bytes | Modified Date = 19/07/2007 07:19:01 | Attr =    ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 31/01/2007 22:38:27 | Attr =    ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.1.9 | Size = 504104 bytes | Modified Date = 19/02/2008 13:10:24 | Attr =    ]
(LMIMaint) LogMeIn Maintenance Service [Win32_Own | Auto | Running] -> %ProgramFiles%\LogMeIn\x86\ramaint.exe -> LogMeIn, Inc. [Ver = 4.0.734 | Size = 116032 bytes | Modified Date = 28/05/2008 12:32:34 | Attr =    ]
(LogMeIn) LogMeIn [Win32_Own | Auto | Running] -> %ProgramFiles%\LogMeIn\x86\LogMeIn.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63040 bytes | Modified Date = 17/04/2007 14:03:50 | Attr =    ]
(NOD32krn) NOD32 Kernel Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\nod32krn.exe -> Eset  [Ver = 2, 50, 16  | Size = 495616 bytes | Modified Date = 02/07/2007 00:32:56 | Attr =    ]
(PCToolsFirewallPlus) PC Tools Firewall Plus [Win32_Own | Auto | Running] -> %ProgramFiles%\PC Tools Firewall Plus\FWService.exe -> PC Tools [Ver = 3, 0, 0, 36 | Size = 91480 bytes | Modified Date = 19/09/2007 15:26:14 | Attr =    ]
(StreamloadService) Streamload Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Streamload\MediaMax XL\StreamloadService.exe -> Streamload [Ver = 1.0.0.0 | Size = 49152 bytes | Modified Date = 12/09/2006 16:20:00 | Attr =    ]
(UPSmart) UPSmart [Win32_Own | Auto | Running] -> %ProgramFiles%\UPSmart Server\UPServ.exe ->  [Ver = 1, 0, 0, 1 | Size = 61440 bytes | Modified Date = 11/01/2005 09:53:00 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
00PCTFW -> %ProgramFiles%\PC Tools Firewall Plus\FirewallGUI.exe ["F:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s] -> PC Tools [Ver = 3, 0, 0, 36 | Size = 2483504 bytes | Modified Date = 19/09/2007 15:27:06 | Attr =    ]
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 11/01/2008 22:16:38 | Attr =    ]
Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe ["F:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> Google [Ver = 5.1.706.29690 | Size = 1836544 bytes | Modified Date = 19/07/2007 07:19:01 | Attr =    ]
HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe ["F:\Program Files\HP\hpcoretech\hpcmpmgr.exe"] -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/05/2004 15:18:56 | Attr =    ]
HPDJ Taskbar Utility -> %SystemRoot%\system32\spool\drivers\w32x86\3\hpztsb09.exe [F:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe] -> HP [Ver = 2.236.2.0 | Size = 188416 bytes | Modified Date = 28/07/2003 15:43:44 | Attr =    ]
ICQ Lite -> G:\Program Files\ICQLite\ICQLite.exe ["G:\Program Files\ICQLite\ICQLite.exe" -minimize] -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 11/07/2006 12:06:40 | Attr =    ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["F:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Inc. [Ver = 7.6.1.9 | Size = 267048 bytes | Modified Date = 19/02/2008 13:10:32 | Attr =    ]
LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe ["F:\Program Files\Logitech\Video\ISStart.exe" ] -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 458752 bytes | Modified Date = 18/01/2005 17:47:30 | Attr =    ]
LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe ["F:\Program Files\Logitech\Video\LogiTray.exe"] -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 217088 bytes | Modified Date = 18/01/2005 17:37:30 | Attr =    ]
LogMeIn GUI -> %ProgramFiles%\LogMeIn\x86\LogMeInSystray.exe ["F:\Program Files\LogMeIn\x86\LogMeInSystray.exe"] -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63048 bytes | Modified Date = 17/04/2007 14:03:50 | Attr =    ]
LVCOMSX -> %SystemRoot%\system32\LVCOMSX.EXE [F:\WINDOWS\system32\LVCOMSX.EXE] -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 221184 bytes | Modified Date = 08/10/2004 11:52:32 | Attr =    ]
NeroFilterCheck -> %SystemRoot%\system32\NeroCheck.exe [F:\WINDOWS\system32\NeroCheck.exe] -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09/07/2001 12:50:42 | Attr = R  ]
nod32kui -> %ProgramFiles%\ESET\nod32kui.exe ["F:\Program Files\Eset\nod32kui.exe" /WAITSERVICE] -> Eset  [Ver = 2, 50, 16  | Size = 917504 bytes | Modified Date = 02/07/2007 00:32:56 | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["F:\Program Files\QuickTime\QTTask.exe" -atboottime] -> Apple Inc. [Ver = 7.5 (861) | Size = 413696 bytes | Modified Date = 27/05/2008 10:50:30 | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe ["F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 04:25:21 | Attr =    ]
VTPreset -> %SystemRoot%\system32\VTPreset.exe [VTPreset.exe] -> S3 Graphics, Inc. [Ver = 1.01.00.0102 | Size = 45056 bytes | Modified Date = 24/02/2004 20:17:18 | Attr =    ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
LogitechSoftwareUpdate -> %ProgramFiles%\Logitech\Video\ManifestEngine.exe ["F:\Program Files\Logitech\Video\ManifestEngine.exe" boot] -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 196608 bytes | Modified Date = 18/01/2005 17:07:54 | Attr =    ]
Magentic -> %SystemDrive%\PROGRA~1\Magentic\bin\Magentic.exe [F:\PROGRA~1\Magentic\bin\Magentic.exe /c] -> File not found
Skype -> %ProgramFiles%\Skype\Phone\Skype.exe ["F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized] -> Skype Technologies S.A. [Ver = 3.6.0.216 | Size = 21760296 bytes | Modified Date = 16/11/2007 12:36:48 | Attr = R  ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 27/06/2007 22:51:32 | Attr =    ]
TritUPSAutoRun -> %SystemDrive%\PROGRA~1\WINSTA~1\UPS.EXE [F:\PROGRA~1\WINSTA~1\UPS.EXE] -> File not found
< Run [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
LogitechSoftwareUpdate -> %ProgramFiles%\Logitech\Video\ManifestEngine.exe ["F:\Program Files\Logitech\Video\ManifestEngine.exe" boot] -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 196608 bytes | Modified Date = 18/01/2005 17:07:54 | Attr =    ]
Magentic -> %SystemDrive%\PROGRA~1\Magentic\bin\Magentic.exe [F:\PROGRA~1\Magentic\bin\Magentic.exe /c] -> File not found
Skype -> %ProgramFiles%\Skype\Phone\Skype.exe ["F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized] -> Skype Technologies S.A. [Ver = 3.6.0.216 | Size = 21760296 bytes | Modified Date = 16/11/2007 12:36:48 | Attr = R  ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 27/06/2007 22:51:32 | Attr =    ]
TritUPSAutoRun -> %SystemDrive%\PROGRA~1\WINSTA~1\UPS.EXE [F:\PROGRA~1\WINSTA~1\UPS.EXE] -> File not found
< Run [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe ["F:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> Google [Ver = 5.1.706.29690 | Size = 1836544 bytes | Modified Date = 19/07/2007 07:19:01 | Attr =    ]
updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe ["F:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_5] -> File not found
< Administrator Startup Folder > -> F:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
< All Users Startup Folder > -> F:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 04/11/1999 15:06:48 | Attr =    ]
%AllUsersProfile%\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe -> File not found
%AllUsersProfile%\Start Menu\Programs\Startup\Ulead Photo Express 3.0 SE Calendar Checker.lnk -> %ProgramFiles%\Photo Express 3.0 SE\CalCheck.exe -> Ulead Systems, Inc. [Ver = 3, 0, 0, 1 | Size = 61440 bytes | Modified Date = 15/06/1999 18:19:42 | Attr =    ]
%AllUsersProfile%\Start Menu\Programs\Startup\Watch.lnk -> %SystemRoot%\twain_32\C6U14K\WATCH.exe -> Common Group [Ver = 2, 3, 5, 0 | Size = 356352 bytes | Modified Date = 09/07/2001 15:38:10 | Attr =    ]
%AllUsersProfile%\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing, Inc. [Ver = 1.0 (32-bit) | Size = 106560 bytes | Modified Date = 11/02/2003 08:10:00 | Attr =    ]
< Default User Startup Folder > -> F:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Eli Startup Folder > -> F:\Documents and Settings\Eli\Start Menu\Programs\Startup ->
< LogMeInRemoteUser Startup Folder > -> F:\Documents and Settings\LogMeInRemoteUser\Start Menu\Programs\Startup ->
< Roseanne Startup Folder > -> F:\Documents and Settings\Roseanne\Start Menu\Programs\Startup ->
< Talia Startup Folder > -> F:\Documents and Settings\Talia\Start Menu\Programs\Startup ->
< Yaacov Startup Folder > -> F:\Documents and Settings\Yaacov\Start Menu\Programs\Startup ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
F:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork3.dll -> Google [Ver = 5.1.706.29690 | Size = 145408 bytes | Modified Date = 19/07/2007 01:34:19 | Attr =    ]
*MultiFile Done* -> ->
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
{fbeb8a05-beee-4442-804e-409d6c4515e9} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [CDBurn] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 13/06/2007 12:23:07 | Attr =    ]
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
F:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 04/08/2004 14:00:00 | Attr =    ]
*MultiFile Done* -> ->
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost ->
logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 514560 bytes | Modified Date = 04/08/2004 14:00:00 | Attr =    ]
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 8453632 bytes | Modified Date = 19/12/2006 23:52:18 | Attr =    ]
Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 04/08/2004 14:00:00 | Attr =    ]
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\.default] > -> HKEY_USERS\.default\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\s-1-5-18] > -> HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\s-1-5-19] > -> HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\s-1-5-20] > -> HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
LMIinit -> %SystemRoot%\system32\LMIinit.dll -> LogMeIn, Inc. [Ver = 4.0.734 | Size = 87352 bytes | Modified Date = 28/05/2008 12:32:54 | Attr =    ]
WRNotifier ->  -> File not found
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\_NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispBackgroundPage -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispScrSavPage -> 1 ->
< CurrentVersion Policy Settings [HKEY_USERS\.default] > -> HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\s-1-5-18] > -> HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\s-1-5-19] > -> HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\s-1-5-20] > -> HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\_NoDriveTypeAutoRun -> 145 ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispBackgroundPage -> 1 ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispScrSavPage -> 1 ->
< CurrentVersion Policy Settings [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\NoDispBackgroundPage -> 1 ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\NoDispScrSavPage -> 1 ->
< CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup ->
SCSI miniport ->  -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 04/08/2004 14:00:00 | Attr =    ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 ->
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable ->
NEC     MBR-7    ->  -> File not found
NEC     MBR-7.4  ->  -> File not found
PIONEER CHANGR DRM-1804X ->  -> File not found
PIONEER CD-ROM DRM-6324X ->  -> File not found
PIONEER CD-ROM DRM-624X  ->  -> File not found
TORiSAN CD-ROM CDR_C36 ->  -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomIDE_DVD-ROM_16X_________________________7.b2____\5&1a3c7cc5&0&0.0.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> IDE\CdRomHL-DT-ST_DVD-RAM_GSA-H55N_______________1.05____\5&1a3c7cc5&0&0.1.0 ->
< Drives - Autoruns > ->  ->
AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ FAT32 ] ->  [Ver =  | Size = 0 bytes | Modified Date = 24/07/2006 20:46:28 | Attr =    ]
< HOSTS File > (770 bytes) -> F:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> F:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.com/ie ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com ->
HKEY_CURRENT_USER\: Main\\Start Page -> www.kfar-etzion.co.il/Default.aspx?tabid=158 ->
HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_CURRENT_USER\: URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} [HKEY_LOCAL_MACHINE] -> G:\Program Files\ICQToolbar\tbu1E7\toolbaru.dll [ICQ Toolbar] -> IE Toolbar [Ver = 2, 0, 20, 7 | Size = 701952 bytes | Modified Date = 10/10/2006 11:18:24 | Attr =    ]
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\.default\] > -> ->
HKEY_USERS\.default\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\s-1-5-18\] > -> ->
HKEY_USERS\s-1-5-18\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\s-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\s-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\] > -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: Main\\Local Page -> F:\WINDOWS\system32\blank.htm ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: Main\\Search Bar -> http://www.google.com/ie ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: Main\\Search Page -> http://www.google.com ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: Main\\Start Page -> www.kfar-etzion.co.il/Default.aspx?tabid=158 ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: Search\\SearchAssistant -> http://www.google.com/ie ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} [HKEY_LOCAL_MACHINE] -> G:\Program Files\ICQToolbar\tbu1E7\toolbaru.dll [ICQ Toolbar] -> IE Toolbar [Ver = 2, 0, 20, 7 | Size = 701952 bytes | Modified Date = 10/10/2006 11:18:24 | Attr =    ]
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\] > -> ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\: Main\\Local Page -> F:\WINDOWS\system32\blank.htm ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\: Main\\Start Page -> www.kfar-etzion.co.il/default.aspx?tabid=158 ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\: URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} [HKEY_LOCAL_MACHINE] -> G:\Program Files\ICQToolbar\tbu1E7\toolbaru.dll [ICQ Toolbar] -> IE Toolbar [Ver = 2, 0, 20, 7 | Size = 701952 bytes | Modified Date = 10/10/2006 11:18:24 | Attr =    ]
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3412 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 70 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.default\] > -> HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.default\] > -> HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\s-1-5-18\] > -> HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\s-1-5-18\] > -> HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\s-1-5-19\] > -> HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\s-1-5-19\] > -> HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\s-1-5-20\] > -> HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\s-1-5-20\] > -> HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3412 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 70 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\] > -> HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\s-1-5-21-1606980848-746137067-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{055FD26D-3A88-4e15-963D-DC8493744B1D} [HKEY_LOCAL_MACHINE] -> G:\Program Files\ICQToolbar\tbu1E7\toolbaru.dll [XTTBPos00 Class] -> IE Toolbar [Ver = 2, 0, 20, 7 | Size = 701952 bytes | Modified Date = 10/10/2006 11:18:24 | Attr =    ]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 23:08:42 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22/02/2008 04:25:19 | Attr =    ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 23:55:32 | Attr = R  ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 3, 0, 1225, 9868 | Size = 734704 bytes | Modified Date = 05/04/2008 19:03:25 | Attr =    ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 23:55:32 | Attr = R  ]
{855F3B16-6D32-4fe6-8A56-BBB695989046} [HKEY_LOCAL_MACHINE] -> G:\Program Files\ICQToolbar\tbu1E7\toolbaru.dll [ICQ Toolbar] -> IE Toolbar [Ver = 2, 0, 20, 7 | Size = 701952 bytes | Modified Date = 10/10/2006 11:18:24 | Attr =