[code] WinPFind35 logfile created on: 3/5/2008 8:47:30 PM WinPFind35U Version 1.0.3.0 Folder = C:\Documents and Settings\Danielle J\Desktop\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 112.55 Mb Available Physical Memory | 22.07% Memory free 1.22 Gb Paging File | 0.48 Gb Available in Paging File | 39.28% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 70.36 Gb Total Space | 54.93 Gb Free Space | 78.07% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DANIELLE Current User Name: Danielle J Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 149864 bytes | Modified Date = 2/14/2008 11:02:00 AM | Attr = ] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 1:27:08 PM | Attr = ] aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ] aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.4.0.162 | Size = 243064 bytes | Modified Date = 8/23/2007 3:35:30 PM | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 7:31:10 AM | Attr = ] smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 5 | Size = 1404928 bytes | Modified Date = 10/14/2004 7:42:54 PM | Attr = ] jusched.exe -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 11/19/2003 5:48:14 PM | Attr = ] dvdlauncher.exe -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 53248 bytes | Modified Date = 2/23/2005 4:19:56 PM | Attr = ] mm_tray.exe -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe -> Musicmatch, Inc. [Ver = 10.10.0093 | Size = 110592 bytes | Modified Date = 7/12/2005 2:13:44 PM | Attr = ] realplay.exe -> %ProgramFiles%\Real\RealPlayer\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.9.584 | Size = 26112 bytes | Modified Date = 7/28/2005 12:06:20 PM | Attr = ] tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ] issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 4:50:18 PM | Attr = ] dmxlauncher.exe -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 86016 bytes | Modified Date = 1/27/2005 1:02:00 AM | Attr = ] dlbtbmgr.exe -> %ProgramFiles%\Dell Photo AIO Printer 922\dlbtbmgr.exe -> [Ver = 1.0.15.4 | Size = 290816 bytes | Modified Date = 11/10/2004 2:36:00 PM | Attr = ] dlbtbmon.exe -> %ProgramFiles%\Dell Photo AIO Printer 922\dlbtbmon.exe -> [Ver = 1.0.15.4 | Size = 102400 bytes | Modified Date = 11/10/2004 2:59:26 PM | Attr = ] qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 9/4/2005 12:30:56 AM | Attr = ] sealmon.exe -> %ProgramFiles%\SealedMedia\sealmon.exe -> SealedMedia [Ver = 4.1 release 9 build 1 | Size = 94208 bytes | Modified Date = 12/8/2005 5:35:54 PM | Attr = ] hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4396 | Size = 77824 bytes | Modified Date = 9/20/2005 9:32:24 AM | Attr = ] igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4396 | Size = 114688 bytes | Modified Date = 9/20/2005 9:36:20 AM | Attr = ] mmdiag.exe -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe -> Musicmatch, Inc. [Ver = 10.10.0093 | Size = 102400 bytes | Modified Date = 7/12/2005 2:13:44 PM | Attr = ] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 149864 bytes | Modified Date = 2/14/2008 11:02:00 AM | Attr = ] mim.exe -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\mim.exe -> Musicmatch, Inc. [Ver = 10.10.0093 | Size = 464384 bytes | Modified Date = 7/12/2005 2:13:42 PM | Attr = ] hpwuschd.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 8/4/2003 5:28:18 PM | Attr = ] hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/22/2003 8:38:42 AM | Attr = ] isuspm.exe -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 7/27/2004 4:50:42 PM | Attr = ] avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 4:25:42 AM | Attr = ] aim.exe -> %ProgramFiles%\AIM\aim.exe -> America Online, Inc. [Ver = 5.9.3797 | Size = 67160 bytes | Modified Date = 6/2/2005 12:34:34 AM | Attr = ] googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 2/19/2008 10:05:16 PM | Attr = ] agent.exe -> %CommonProgramFiles%\InstallShield\UpdateService\agent.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 503808 bytes | Modified Date = 7/27/2004 4:50:04 PM | Attr = ] aoltray.exe -> %ProgramFiles%\America Online 9.0\aoltray.exe -> America Online, Inc. [Ver = 9.00.001 | Size = 156784 bytes | Modified Date = 9/1/2004 11:56:34 AM | Attr = H ] dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = R ] hpqtra08.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 5.35.0.035 | Size = 237568 bytes | Modified Date = 9/16/2003 5:19:24 AM | Attr = ] symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [Ver = | Size = 1251720 bytes | Modified Date = 2/20/2008 9:57:20 AM | Attr = ] pdesrv2.exe -> %SystemRoot%\system32\PdeSrv2.exe -> Creative Technology Ltd [Ver = 1.0.10.0 | Size = 192512 bytes | Modified Date = 9/29/2004 9:21:26 AM | Attr = ] mbam.exe -> %ProgramFiles%\Malwarebytes' Anti-Malware\mbam.exe -> Malwarebytes [Ver = 1.05 | Size = 605904 bytes | Modified Date = 2/21/2008 7:50:30 PM | Attr = ] smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 5 | Size = 1404928 bytes | Modified Date = 10/14/2004 7:42:54 PM | Attr = ] jusched.exe -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 11/19/2003 5:48:14 PM | Attr = ] dvdlauncher.exe -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 53248 bytes | Modified Date = 2/23/2005 4:19:56 PM | Attr = ] mm_tray.exe -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe -> Musicmatch, Inc. [Ver = 10.10.0093 | Size = 110592 bytes | Modified Date = 7/12/2005 2:13:44 PM | Attr = ] realplay.exe -> %ProgramFiles%\Real\RealPlayer\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.9.584 | Size = 26112 bytes | Modified Date = 7/28/2005 12:06:20 PM | Attr = ] tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ] issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 4:50:18 PM | Attr = ] dmxlauncher.exe -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 86016 bytes | Modified Date = 1/27/2005 1:02:00 AM | Attr = ] dlbtbmgr.exe -> %ProgramFiles%\Dell Photo AIO Printer 922\dlbtbmgr.exe -> [Ver = 1.0.15.4 | Size = 290816 bytes | Modified Date = 11/10/2004 2:36:00 PM | Attr = ] dlbtbmon.exe -> %ProgramFiles%\Dell Photo AIO Printer 922\dlbtbmon.exe -> [Ver = 1.0.15.4 | Size = 102400 bytes | Modified Date = 11/10/2004 2:59:26 PM | Attr = ] qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 9/4/2005 12:30:56 AM | Attr = ] sealmon.exe -> %ProgramFiles%\SealedMedia\sealmon.exe -> SealedMedia [Ver = 4.1 release 9 build 1 | Size = 94208 bytes | Modified Date = 12/8/2005 5:35:54 PM | Attr = ] hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4396 | Size = 77824 bytes | Modified Date = 9/20/2005 9:32:24 AM | Attr = ] igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4396 | Size = 114688 bytes | Modified Date = 9/20/2005 9:36:20 AM | Attr = ] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 149864 bytes | Modified Date = 2/14/2008 11:02:00 AM | Attr = ] hpwuschd.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 8/4/2003 5:28:18 PM | Attr = ] hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/22/2003 8:38:42 AM | Attr = ] avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 4:25:42 AM | Attr = ] aim.exe -> %ProgramFiles%\AIM\aim.exe -> America Online, Inc. [Ver = 5.9.3797 | Size = 67160 bytes | Modified Date = 6/2/2005 12:34:34 AM | Attr = ] dsagnt.exe -> %ProgramFiles%\DellSupport\DSAgnt.exe -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 11:09:36 AM | Attr = ] superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 6, 0, 1000 | Size = 1310720 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] transferagent.exe -> %AllUsersProfile%\Application Data\Dell\TransferAgent\TransferAgent.exe -> [Ver = 1.0.2873.20447 | Size = 135168 bytes | Modified Date = 11/13/2007 4:46:00 PM | Attr = ] aoltray.exe -> %ProgramFiles%\America Online 9.0\aoltray.exe -> America Online, Inc. [Ver = 9.00.001 | Size = 156784 bytes | Modified Date = 9/1/2004 11:56:34 AM | Attr = H ] dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = R ] hpqtra08.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 5.35.0.035 | Size = 237568 bytes | Modified Date = 9/16/2003 5:19:24 AM | Attr = ] memonitor.exe -> %ProgramFiles%\Verizon Wireless\V CAST Music Manager\MEMonitor.exe -> Smith Micro Software, Inc. [Ver = 1.1.0 | Size = 951640 bytes | Modified Date = 11/7/2007 9:29:27 AM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.3.0 | Size = 310784 bytes | Modified Date = 3/1/2008 1:06:42 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 1:27:08 PM | Attr = ] (AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ] (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.4.0.162 | Size = 243064 bytes | Modified Date = 8/23/2007 3:35:30 PM | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 7:31:10 AM | Attr = ] (ccEvtMgr) Symantec Event Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 149864 bytes | Modified Date = 2/14/2008 11:02:00 AM | Attr = ] (ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 149864 bytes | Modified Date = 2/14/2008 11:02:00 AM | Attr = ] (CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 149864 bytes | Modified Date = 2/14/2008 11:02:00 AM | Attr = ] (dlbt_device) dlbt_device [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\dlbtcoms.exe -> Dell [Ver = 1.27.33.0 | Size = 421888 bytes | Modified Date = 10/25/2004 4:01:52 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] (DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [Ver = 1, 0, 0, 8 | Size = 76848 bytes | Modified Date = 3/7/2007 3:47:46 PM | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 2/19/2008 10:05:12 PM | Attr = ] (iPodService) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> File not found (LiveUpdate) LiveUpdate [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_4.EXE -> Symantec Corporation [Ver = 3.4.0.162 | Size = 3192184 bytes | Modified Date = 8/23/2007 3:35:22 PM | Attr = ] (LiveUpdate Notice) LiveUpdate Notice [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 149864 bytes | Modified Date = 2/14/2008 11:02:00 AM | Attr = ] (NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Intel\PROSetWired\NCS\Sync\NetSvc.exe -> Intel(R) Corporation [Ver = 1.6.3.0 | Size = 143360 bytes | Modified Date = 12/17/2003 1:59:48 PM | Attr = ] (Symantec Core LC) Symantec Core LC [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [Ver = | Size = 1251720 bytes | Modified Date = 2/20/2008 9:57:20 AM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 4:25:42 AM | Attr = ] Blubster -> %ProgramFiles%\Blubster\Blubster.exe -> File not found ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 107.0.3.7 | Size = 51048 bytes | Modified Date = 2/14/2008 11:01:56 AM | Attr = ] Dell Photo AIO Printer 922 -> %ProgramFiles%\Dell Photo AIO Printer 922\dlbtbmgr.exe -> [Ver = 1.0.15.4 | Size = 290816 bytes | Modified Date = 11/10/2004 2:36:00 PM | Attr = ] dla -> %SystemRoot%\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ] DLBTCATS -> %SystemRoot%\system32\spool\drivers\w32x86\3\dlbttime.dll -> [Ver = 0.1.11.5 | Size = 69632 bytes | Modified Date = 11/9/2004 4:41:32 PM | Attr = ] DMXLauncher -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 86016 bytes | Modified Date = 1/27/2005 1:02:00 AM | Attr = ] DVDLauncher -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 53248 bytes | Modified Date = 2/23/2005 4:19:56 PM | Attr = ] HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/22/2003 8:38:42 AM | Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 8/4/2003 5:28:18 PM | Attr = ] igfxhkcmd -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4396 | Size = 77824 bytes | Modified Date = 9/20/2005 9:32:24 AM | Attr = ] igfxpers -> %SystemRoot%\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4396 | Size = 114688 bytes | Modified Date = 9/20/2005 9:36:20 AM | Attr = ] igfxtray -> %SystemRoot%\system32\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4396 | Size = 94208 bytes | Modified Date = 9/20/2005 9:35:40 AM | Attr = ] ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 7/27/2004 4:50:42 PM | Attr = ] ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 4:50:18 PM | Attr = ] MimBoot -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\mimboot.exe -> Musicmatch, Inc. [Ver = 10.10.0093 | Size = 8192 bytes | Modified Date = 7/12/2005 2:13:44 PM | Attr = ] MMTray -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe -> Musicmatch, Inc. [Ver = 10.10.0093 | Size = 110592 bytes | Modified Date = 7/12/2005 2:13:44 PM | Attr = ] osCheck -> %ProgramFiles%\Norton AntiVirus\osCheck.exe -> Symantec Corporation [Ver = 15.0.0.178 | Size = 714608 bytes | Modified Date = 8/24/2007 11:53:28 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 9/4/2005 12:30:56 AM | Attr = ] RealTray -> %ProgramFiles%\Real\RealPlayer\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.9.584 | Size = 26112 bytes | Modified Date = 7/28/2005 12:06:20 PM | Attr = ] sealmon -> %ProgramFiles%\SealedMedia\sealmon.exe -> SealedMedia [Ver = 4.1 release 9 build 1 | Size = 94208 bytes | Modified Date = 12/8/2005 5:35:54 PM | Attr = ] SoundMAXPnP -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 5 | Size = 1404928 bytes | Modified Date = 10/14/2004 7:42:54 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 11/19/2003 5:48:14 PM | Attr = ] UserFaultCheck -> -> File not found < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AIM -> %ProgramFiles%\AIM\aim.exe -cnetwait.odl -> File not found DellSupport -> %ProgramFiles%\DellSupport\DSAgnt.exe -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 11:09:36 AM | Attr = ] DellTransferAgent -> %AllUsersProfile%\Application Data\Dell\TransferAgent\TransferAgent.exe -> [Ver = 1.0.2873.20447 | Size = 135168 bytes | Modified Date = 11/13/2007 4:46:00 PM | Attr = ] SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 6, 0, 1000 | Size = 1310720 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] < Run [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AIM -> %ProgramFiles%\AIM\aim.exe -cnetwait.odl -> File not found DellSupport -> %ProgramFiles%\DellSupport\DSAgnt.exe -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 11:09:36 AM | Attr = ] DellTransferAgent -> %AllUsersProfile%\Application Data\Dell\TransferAgent\TransferAgent.exe -> [Ver = 1.0.2873.20447 | Size = 135168 bytes | Modified Date = 11/13/2007 4:46:00 PM | Attr = ] SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 6, 0, 1000 | Size = 1310720 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] < Run [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AIM -> %ProgramFiles%\AIM\aim.exe -cnetwait.odl -> File not found QdrModule13 -> %ProgramFiles%\QdrModule\QdrModule13.exe -> File not found swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 2/19/2008 10:05:16 PM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk -> %ProgramFiles%\America Online 9.0\aoltray.exe -> America Online, Inc. [Ver = 9.00.001 | Size = 156784 bytes | Modified Date = 9/1/2004 11:56:34 AM | Attr = H ] %AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = R ] %AllUsersProfile%\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 5.35.0.035 | Size = 237568 bytes | Modified Date = 9/16/2003 5:19:24 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> %CommonProgramFiles%\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> Intuit, Inc. [Ver = 15.0 R2 | Size = 806912 bytes | Modified Date = 11/11/2004 11:59:36 AM | Attr = ] < Danielle J Startup Folder > -> C:\Documents and Settings\Danielle J\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\MEMonitor.lnk -> %ProgramFiles%\Verizon Wireless\V CAST Music Manager\MEMonitor.exe -> Smith Micro Software, Inc. [Ver = 1.1.0 | Size = 951640 bytes | Modified Date = 11/7/2007 9:29:27 AM | Attr = ] < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < JokerKing Startup Folder > -> C:\Documents and Settings\JokerKing\Start Menu\Programs\Startup -> < Nana Startup Folder > -> C:\Documents and Settings\Nana\Start Menu\Programs\Startup -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 7:29:58 AM | Attr = ] {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 282624 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] igfxcui -> %SystemRoot%\system32\igfxdev.dll -> Intel Corporation [Ver = 3.0.0.4396 | Size = 135168 bytes | Modified Date = 9/20/2005 9:31:28 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: URLSearchHooks\\{EA756889-2338-43DB-8F07-D1CA6FB9C90D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOLTBSearch Class] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\Default_Page_URL -> http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\Default_Page_URL -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\] > -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\: URLSearchHooks\\{EA756889-2338-43DB-8F07-D1CA6FB9C90D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOLTBSearch Class] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\] > -> -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\: Main\\Search Bar -> http://bfc.myway.com/search/de_srchlft.html -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\: Main\\Start Page -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\: URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> online_musicmatch.com [https] -> Trusted sites -> 2 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 6.0.1.2003110300 | Size = 54248 bytes | Modified Date = 11/3/2003 2:17:44 PM | Attr = ] {5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ] {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Symantec Shared\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> Symantec Corporation [Ver = 8.2.0.86 | Size = 116088 bytes | Modified Date = 2/20/2008 9:58:44 AM | Attr = ] {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar Launcher] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/19/2008 10:05:11 PM | Attr = R ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/19/2008 10:05:11 PM | Attr = R ] {DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/19/2008 10:05:11 PM | Attr = R ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/19/2008 10:05:11 PM | Attr = R ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/19/2008 10:05:11 PM | Attr = R ] WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {3369AF0D-62E9-4bda-8103-B4C75499B578}:{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}:Exec -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.3797 | Size = 67160 bytes | Modified Date = 6/2/2005 12:34:34 AM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\{3369AF0D-62E9-4bda-8103-B4C75499B578} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.3797 | Size = 67160 bytes | Modified Date = 6/2/2005 12:34:34 AM | Attr = ] < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &AOL Toolbar Search -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltbhtml.dll -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 376832 bytes | Modified Date = 6/1/2005 1:43:20 PM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value does not exist or could not be read.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value does not exist or could not be read.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\{3369AF0D-62E9-4bda-8103-B4C75499B578} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.3797 | Size = 67160 bytes | Modified Date = 6/2/2005 12:34:34 AM | Attr = ] < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1006\Software\Microsoft\Internet Explorer\MenuExt\ -> &AOL Toolbar Search -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltbhtml.dll -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 376832 bytes | Modified Date = 6/1/2005 1:43:20 PM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\{3369AF0D-62E9-4bda-8103-B4C75499B578} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 512000 bytes | Modified Date = 6/1/2005 1:44:01 PM | Attr = ] CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.3797 | Size = 67160 bytes | Modified Date = 6/2/2005 12:34:34 AM | Attr = ] < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\] > -> HKEY_USERS\S-1-5-21-2612418357-2070113430-1387593011-1007\Software\Microsoft\Internet Explorer\MenuExt\ -> &AOL Toolbar Search -> %ProgramFiles%\AOL\AOL Toolbar 2.0\aoltbhtml.dll -> America Online, Inc. [Ver = 2.0.4239.56 | Size = 376832 bytes | Modified Date = 6/1/2005 1:43:20 PM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {F9817432-A28D-4E02-B239-25ACBC6A4E05} -> (Intel(R) PRO/100 VE Network Connection) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> cetihpz:{CF184AD3-CDCB-4168-A3F7-8E447D129300} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll[CZipHandler Object] -> Hewlett-Packard Company [Ver = 2.1.4 | Size = 81920 bytes | Modified Date = 12/22/2003 8:38:40 AM | Attr = ] ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> text/html:{07851C6A-1C43-41d9-8319-BC89154A8C00}[HKEY_LOCAL_MACHINE] -> %ProgramFiles%\RcvSystem\httpdchk.dll[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {01113300-3E00-11D2-8470-0060089874ED}[HKEY_LOCAL_MACHINE] -> https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab[Support.com Configuration Class] -> {55027008-315F-4F45-BBC3-8BE119764741}[HKEY_LOCAL_MACHINE] -> http://www.slide.com/uploader/SlideImageUploader.cab[Slide Image Uploader Control] -> {5F8469B4-B055-49DD-83F7-62B522420ECC}[HKEY_LOCAL_MACHINE] -> http://upload.facebook.com/controls/FacebookPhotoUploader.cab[Facebook Photo Uploader Control] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}[HKEY_LOCAL_MACHINE] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1204495879015[MUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {94B82441-A413-4E43-8422-D49930E69764}[HKEY_LOCAL_MACHINE] -> https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB[TLIEFlashObj Class] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {9FC5238F-12C4-454F-B1B5-74599A21DE47}[HKEY_LOCAL_MACHINE] -> http://community.webshots.com/html/WSPhotoUploader.CAB[Webshots Photo Uploader] -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] -> {D0B5B58D-8CB9-4EDB-8BB0-9D34AEF727CF}[HKEY_LOCAL_MACHINE] -> http://upload.facebook.com/controls/FacebookPhotoUploader.cab[Facebook Photo Uploader Control] -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 12:49:30 PM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 9:21:15 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 3/23/2006 11:37:50 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 964 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 52065 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLDial.exe -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> America Online, Inc [Ver = 2.0.20.1.US.1 | Size = 496752 bytes | Modified Date = 4/7/2004 12:07:34 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\America Online 9.0\waol.exe -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> America Online, Inc. [Ver = 9.00.001 | Size = 259184 bytes | Modified Date = 9/1/2004 11:56:56 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLDial.exe -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> America Online, Inc [Ver = 2.0.20.1.US.1 | Size = 496752 bytes | Modified Date = 4/7/2004 12:07:34 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\America Online 9.0\waol.exe -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> America Online, Inc. [Ver = 9.00.001 | Size = 259184 bytes | Modified Date = 9/1/2004 11:56:56 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Blubster\Blubster.exe -> C:\Program Files\Blubster\Blubster.exe [C:\Program Files\Blubster\Blubster.exe:*:Enabled:Blubster] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> [Files/Folders - Created Within 90 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 3/3/2008 11:28:39 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 534827008 bytes | Modified Date = 3/5/2008 3:25:58 PM | Attr = HS] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 3/4/2008 10:56:40 AM | Attr = ] apphelp.sdb -> %SystemRoot%\System32\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Modified Date = 10/4/2006 9:06:13 AM | Attr = ] apph_sp.sdb -> %SystemRoot%\System32\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Modified Date = 10/4/2006 9:06:20 AM | Attr = ] sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Modified Date = 10/4/2006 9:06:21 AM | Attr = ] AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 5/30/2007 7:10:42 AM | Attr = ] SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [Ver = | Size = 10740 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [Ver = | Size = 805 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.2.1 | Size = 123952 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 2/28/2008 9:54:45 PM | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 2/28/2008 9:54:53 PM | Attr = H ] Msft_User_WpdMtpDr_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 3/2/2008 2:56:49 PM | Attr = H ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Created Date = 3/2/2008 9:24:25 PM | Attr = ] 7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Modified Date = 8/2/2006 12:39:06 PM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Created Date = 2/19/2008 9:37:10 PM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 3/2/2008 9:24:30 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 2/28/2008 9:54:45 PM | Attr = ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 12/14/2007 11:32:52 AM | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 3/2/2008 9:24:30 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 12.5.2.2 | Size = 60800 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 5346 bytes | Modified Date = 3/3/2008 10:59:06 PM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 3/2/2008 9:24:30 PM | Attr = ] VZWDLManager.dll -> %SystemRoot%\System32\VZWDLManager.dll -> [Ver = 1, 12, 2007, 215 | Size = 49152 bytes | Modified Date = 5/1/2007 5:23:46 PM | Attr = ] VZWDLManager.inf -> %SystemRoot%\System32\VZWDLManager.inf -> [Ver = | Size = 375 bytes | Modified Date = 5/2/2007 3:34:00 AM | Attr = ] VZWDownManager.exe -> %SystemRoot%\System32\VZWDownManager.exe -> Verizon [Ver = 0, 28, 2007, 215 | Size = 528384 bytes | Modified Date = 5/1/2007 5:23:26 PM | Attr = ] ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Modified Date = 3/25/2003 6:53:50 PM | Attr = ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 2/19/2008 9:35:25 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 2/19/2008 9:35:04 PM | Attr = H ] DSL -> %SystemRoot%\DSL -> [Folder | Created Date = 2/19/2008 8:10:35 PM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 3/3/2008 11:30:59 PM | Attr = ] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Created Date = 2/28/2008 9:43:40 PM | Attr = HS] hpoins03.dat -> %SystemRoot%\hpoins03.dat -> [Ver = | Size = 29315 bytes | Modified Date = 2/28/2008 2:18:00 PM | Attr = ] hpomdl03.dat -> %SystemRoot%\hpomdl03.dat -> [Ver = | Size = 38868 bytes | Modified Date = 2/26/2004 1:17:50 AM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 2/19/2008 9:35:39 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 2/19/2008 9:39:25 PM | Attr = ] MEDB.ldb -> %SystemRoot%\MEDB.ldb -> [Ver = | Size = 128 bytes | Modified Date = 2/28/2008 11:09:43 PM | Attr = ] MEDB.mdb -> %SystemRoot%\MEDB.mdb -> [Ver = | Size = 1609728 bytes | Modified Date = 2/28/2008 10:15:33 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 2/19/2008 9:33:16 PM | Attr = ] SwSys1.bmp -> %SystemRoot%\SwSys1.bmp -> [Ver = | Size = 0 bytes | Modified Date = 2/28/2008 9:14:34 PM | Attr = H ] SwSys2.bmp -> %SystemRoot%\SwSys2.bmp -> [Ver = | Size = 0 bytes | Modified Date = 2/28/2008 9:14:34 PM | Attr = H ] WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 2/19/2008 9:37:11 PM | Attr = ] Norton AntiVirus - Run Full System Scan - Danielle J.job -> %SystemRoot%\tasks\Norton AntiVirus - Run Full System Scan - Danielle J.job -> [Ver = | Size = 566 bytes | Modified Date = 3/3/2008 8:00:00 PM | Attr = ] Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [Ver = | Size = 366 bytes | Modified Date = 3/5/2008 8:47:00 PM | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Created Date = 2/19/2008 10:05:16 PM | Attr = ] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Created Date = 3/2/2008 7:05:50 AM | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Created Date = 3/1/2008 10:15:31 PM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Created Date = 3/4/2008 4:40:35 PM | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Created Date = 3/2/2008 7:03:19 PM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Created Date = 3/2/2008 5:19:02 PM | Attr = ] Google -> %AppData%\Google -> [Folder | Created Date = 2/19/2008 10:09:14 PM | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Created Date = 3/2/2008 7:06:14 AM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Created Date = 3/4/2008 4:40:48 PM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 3/2/2008 7:02:59 PM | Attr = ] Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Created Date = 2/19/2008 10:09:14 PM | Attr = ] SupportSoft -> %UserProfile%\Local Settings\Application Data\SupportSoft -> [Folder | Created Date = 2/19/2008 8:02:02 PM | Attr = ] Config -> %AllUsersProfile%\Documents\Config -> [Folder | Created Date = 2/28/2008 9:14:33 PM | Attr = ] Fonts -> %AllUsersProfile%\Documents\Fonts -> [Folder | Created Date = 2/28/2008 9:14:33 PM | Attr = ] Global.sw2 -> %AllUsersProfile%\Documents\Global.sw2 -> [Ver = | Size = 2453 bytes | Modified Date = 3/1/2008 8:04:05 PM | Attr = ] Softwrap -> %AllUsersProfile%\Documents\Softwrap -> [Folder | Created Date = 2/28/2008 9:14:33 PM | Attr = ] taskmanager.reg -> %UserProfile%\My Documents\taskmanager.reg -> [Ver = | Size = 152 bytes | Modified Date = 3/1/2008 8:58:15 PM | Attr = ] Ad-Aware 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Aware 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 3/1/2008 10:15:43 PM | Attr = ] Ad-Watch 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Watch 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 3/1/2008 10:15:42 PM | Attr = ] AVG Anti-Spyware.lnk -> %AllUsersProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 849 bytes | Modified Date = 3/2/2008 7:06:02 AM | Attr = ] HP Director.lnk -> %AllUsersProfile%\Desktop\HP Director.lnk -> [Ver = | Size = 804 bytes | Modified Date = 2/28/2008 2:05:36 PM | Attr = ] HP Image Zone.lnk -> %AllUsersProfile%\Desktop\HP Image Zone.lnk -> [Ver = | Size = 902 bytes | Modified Date = 2/28/2008 2:03:33 PM | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 696 bytes | Modified Date = 3/4/2008 4:40:36 PM | Attr = ] Norton AntiVirus.lnk -> %AllUsersProfile%\Desktop\Norton AntiVirus.lnk -> [Ver = | Size = 1963 bytes | Modified Date = 2/20/2008 9:34:36 AM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 780 bytes | Modified Date = 3/2/2008 7:03:03 PM | Attr = ] V CAST Music Manager.lnk -> %AllUsersProfile%\Desktop\V CAST Music Manager.lnk -> [Ver = | Size = 1883 bytes | Modified Date = 2/28/2008 10:11:44 PM | Attr = ] aaw2007.exe -> %UserProfile%\Desktop\aaw2007.exe -> [Ver = | Size = 21364592 bytes | Modified Date = 3/1/2008 10:04:55 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\aaw2007.exe:Zone.Identifier ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 3/1/2008 10:37:48 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ATF_Cleaner.exe:Zone.Identifier avgas-setup-7.5.1.43-3339.exe -> %UserProfile%\Desktop\avgas-setup-7.5.1.43-3339.exe -> [Ver = | Size = 14113576 bytes | Modified Date = 3/1/2008 10:41:10 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\avgas-setup-7.5.1.43-3339.exe:Zone.Identifier BlubsterSetup.exe -> %UserProfile%\Desktop\BlubsterSetup.exe -> [Ver = | Size = 13022757 bytes | Modified Date = 2/28/2008 9:11:19 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\BlubsterSetup.exe:Zone.Identifier dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Modified Date = 3/3/2008 10:50:17 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 3/2/2008 9:42:47 PM | Attr = ] HJTInstall.exe -> %UserProfile%\Desktop\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Modified Date = 3/2/2008 9:42:33 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\HJTInstall.exe:Zone.Identifier mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> Malwarebytes [Ver = 1.0.0.0 | Size = 1366048 bytes | Modified Date = 3/4/2008 4:40:17 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\mbam-setup.exe:Zone.Identifier OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.17.0 | Size = 290816 bytes | Modified Date = 3/4/2008 10:44:46 AM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier Records and Reproduction Clerk Vacancy Announcement 08 04.pdf -> %UserProfile%\Desktop\Records and Reproduction Clerk Vacancy Announcement 08 04.pdf -> [Ver = | Size = 189146 bytes | Modified Date = 3/3/2008 10:43:07 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\Records and Reproduction Clerk Vacancy Announcement 08 04.pdf:Zone.Identifier Resume DSL Activation.lnk -> %UserProfile%\Desktop\Resume DSL Activation.lnk -> [Ver = | Size = 353 bytes | Modified Date = 2/19/2008 8:37:19 PM | Attr = ] Resume High Speed Internet Activation.lnk -> %UserProfile%\Desktop\Resume High Speed Internet Activation.lnk -> [Ver = | Size = 1720 bytes | Modified Date = 2/19/2008 8:11:01 PM | Attr = ] Shortcut (2) to Internet Explorer.lnk -> %UserProfile%\Desktop\Shortcut (2) to Internet Explorer.lnk -> [Ver = | Size = 104 bytes | Modified Date = 2/19/2008 9:48:08 PM | Attr = ] Shortcut (3) to Internet Explorer.lnk -> %UserProfile%\Desktop\Shortcut (3) to Internet Explorer.lnk -> [Ver = | Size = 104 bytes | Modified Date = 2/19/2008 10:01:36 PM | Attr = ] Shortcut to Internet Explorer.lnk -> %UserProfile%\Desktop\Shortcut to Internet Explorer.lnk -> [Ver = | Size = 104 bytes | Modified Date = 2/19/2008 9:47:28 PM | Attr = ] SmitfraudFix -> %UserProfile%\Desktop\SmitfraudFix -> [Folder | Created Date = 3/3/2008 10:58:22 PM | Attr = ] SmitfraudFix.exe -> %UserProfile%\Desktop\SmitfraudFix.exe -> [Ver = | Size = 1303792 bytes | Modified Date = 3/3/2008 10:49:06 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\SmitfraudFix.exe:Zone.Identifier SUPERAntiSpyware.exe -> %UserProfile%\Desktop\SUPERAntiSpyware.exe -> [Ver = | Size = 5797152 bytes | Modified Date = 3/2/2008 5:15:25 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\SUPERAntiSpyware.exe:Zone.Identifier vcast.exe -> %UserProfile%\Desktop\vcast.exe -> Smith Micro Software, Inc. [Ver = 9.1 | Size = 20394784 bytes | Modified Date = 2/28/2008 9:48:28 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\vcast.exe:Zone.Identifier video.3g2 -> %UserProfile%\Desktop\video.3g2 -> [Ver = | Size = 228071 bytes | Modified Date = 2/19/2008 9:53:17 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\video.3g2:Zone.Identifier WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Created Date = 3/4/2008 9:42:30 PM | Attr = ] WinPFind35u.exe -> %UserProfile%\Desktop\WinPFind35u.exe -> [Ver = | Size = 482000 bytes | Modified Date = 3/4/2008 9:42:01 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\WinPFind35u.exe:Zone.Identifier HP Digital Imaging Monitor.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> [Ver = | Size = 1808 bytes | Modified Date = 2/28/2008 2:15:37 PM | Attr = ] MEMonitor.lnk -> %UserProfile%\Start Menu\Programs\Startup\MEMonitor.lnk -> [Ver = | Size = 872 bytes | Modified Date = 2/28/2008 10:11:51 PM | Attr = ] Hewlett-Packard -> %CommonProgramFiles%\Hewlett-Packard -> [Folder | Created Date = 2/28/2008 2:10:11 PM | Attr = ] HP -> %CommonProgramFiles%\HP -> [Folder | Created Date = 2/28/2008 1:59:02 PM | Attr = ] SupportSoft -> %CommonProgramFiles%\SupportSoft -> [Folder | Created Date = 2/19/2008 8:37:10 PM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 3/1/2008 10:14:40 PM | Attr = ] [Files/Folders - Modified Within 90 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 3/3/2008 11:28:39 PM | Attr = ] dell -> %SystemDrive%\dell -> [Folder | Modified Date = 2/26/2008 7:58:36 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 3/1/2008 8:01:44 PM | Attr = ] do_work -> %SystemDrive%\do_work -> [Folder | Modified Date = 2/21/2008 9:11:21 AM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 534827008 bytes | Modified Date = 3/5/2008 3:25:58 PM | Attr = HS] i386 -> %SystemDrive%\i386 -> [Folder | Modified Date = 3/3/2008 7:29:19 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/4/2008 4:40:34 PM | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 2/28/2008 5:03:38 PM | Attr = HS] Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 2/28/2008 10:12:55 PM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/5/2008 8:36:14 PM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 3/4/2008 10:56:40 AM | Attr = ] coh_mon.cat -> %SystemRoot%\System32\drivers\coh_mon.cat -> [Ver = | Size = 10537 bytes | Modified Date = 1/15/2008 9:54:42 AM | Attr = ] COH_Mon.inf -> %SystemRoot%\System32\drivers\COH_Mon.inf -> [Ver = | Size = 706 bytes | Modified Date = 1/15/2008 5:28:00 AM | Attr = ] COH_Mon.sys -> %SystemRoot%\System32\drivers\COH_Mon.sys -> Symantec Corporation [Ver = 6,1,4,10 | Size = 23904 bytes | Modified Date = 1/12/2008 6:32:00 PM | Attr = ] SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [Ver = | Size = 10740 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [Ver = | Size = 805 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.2.1 | Size = 123952 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 3/2/2008 2:56:49 PM | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 2/28/2008 9:54:53 PM | Attr = H ] Msft_User_WpdMtpDr_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 3/2/2008 2:56:49 PM | Attr = H ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Modified Date = 3/2/2008 9:36:31 PM | Attr = ] 7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2/29/2008 10:29:30 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 3/5/2008 3:28:38 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 2/29/2008 10:29:30 AM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 3/2/2008 7:05:57 AM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 2/19/2008 9:39:57 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 237552 bytes | Modified Date = 2/19/2008 9:45:20 PM | Attr = ] FxsTmp -> %SystemRoot%\System32\FxsTmp -> [Folder | Modified Date = 2/25/2008 4:48:00 PM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 3/2/2008 9:24:30 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 2/28/2008 9:54:45 PM | Attr = ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 12/14/2007 11:32:52 AM | Attr = ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Modified Date = 2/20/2008 9:19:39 AM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Modified Date = 2/26/2008 8:22:39 PM | Attr = S] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 3/2/2008 9:24:30 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 53436 bytes | Modified Date = 2/19/2008 9:47:54 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 381692 bytes | Modified Date = 2/19/2008 9:47:55 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 441626 bytes | Modified Date = 2/19/2008 9:47:53 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 12.5.2.2 | Size = 60800 bytes | Modified Date = 2/23/2008 7:46:38 PM | Attr = ] tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 5346 bytes | Modified Date = 3/3/2008 10:59:06 PM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 3/2/2008 9:24:30 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 3/2/2008 5:19:01 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/20/2008 4:23:59 PM | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 2/19/2008 9:35:25 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 2/19/2008 9:35:04 PM | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 2/29/2008 9:14:51 AM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 3/5/2008 3:26:03 PM | Attr = S] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2/19/2008 9:27:42 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 3/3/2008 11:34:41 PM | Attr = S] DSL -> %SystemRoot%\DSL -> [Folder | Modified Date = 2/19/2008 8:10:35 PM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 3/3/2008 11:31:00 PM | Attr = ] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Modified Date = 2/28/2008 9:43:40 PM | Attr = HS] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 3/1/2008 10:14:05 PM | Attr = ] hpoins03.dat -> %SystemRoot%\hpoins03.dat -> [Ver = | Size = 29315 bytes | Modified Date = 2/28/2008 2:18:00 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 2/19/2008 9:36:52 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 2/19/2008 9:39:25 PM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 2/28/2008 10:00:11 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/3/2008 11:41:24 AM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/2/2008 7:03:09 PM | Attr = HS] MEDB.ldb -> %SystemRoot%\MEDB.ldb -> [Ver = | Size = 128 bytes | Modified Date = 2/28/2008 11:09:43 PM | Attr = ] MEDB.mdb -> %SystemRoot%\MEDB.mdb -> [Ver = | Size = 1609728 bytes | Modified Date = 2/28/2008 10:15:33 PM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 2/19/2008 9:37:02 PM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 2/19/2008 9:45:16 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 2/19/2008 9:33:17 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/5/2008 8:30:27 PM | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 2/24/2008 9:17:48 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 3/2/2008 5:11:26 PM | Attr = ] SwSys1.bmp -> %SystemRoot%\SwSys1.bmp -> [Ver = | Size = 0 bytes | Modified Date = 2/28/2008 9:14:34 PM | Attr = H ] SwSys2.bmp -> %SystemRoot%\SwSys2.bmp -> [Ver = | Size = 0 bytes | Modified Date = 2/28/2008 9:14:34 PM | Attr = H ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 3/4/2008 5:42:08 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2/20/2008 9:38:55 AM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 3/5/2008 8:33:54 PM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 2/19/2008 9:37:11 PM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 660 bytes | Modified Date = 3/2/2008 9:36:40 PM | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 2/19/2008 9:26:33 PM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 2/28/2008 9:58:05 PM | Attr = ] Norton AntiVirus - Run Full System Scan - Danielle J.job -> %SystemRoot%\tasks\Norton AntiVirus - Run Full System Scan - Danielle J.job -> [Ver = | Size = 566 bytes | Modified Date = 3/3/2008 8:00:00 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/5/2008 3:26:44 PM | Attr = H ] Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [Ver = | Size = 366 bytes | Modified Date = 3/5/2008 8:47:00 PM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4232 bytes | Modified Date = 3/3/2008 3:57:14 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4617 bytes | Modified Date = 3/3/2008 3:57:14 PM | Attr = ] data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1372 bytes | Modified Date = 8/3/2005 2:24:59 PM | Attr = ] wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat -> [Ver = | Size = 201928 bytes | Modified Date = 2/25/2008 5:02:18 PM | Attr = ] SSUPDATE.EXE -> C:\Documents and Settings\Danielle J\Local Settings\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 143360 bytes | Modified Date = 2/17/2006 3:55:46 PM | Attr = ] 4 C:\Documents and Settings\Danielle J\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Danielle J\Local Settings\Temp\*.tmp -> Perflib_Perfdata_170.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_170.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/3/2008 11:15:12 PM | Attr = ] Perflib_Perfdata_19c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_19c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/4/2008 11:19:15 AM | Attr = ] Perflib_Perfdata_78.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_78.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/4/2008 9:58:11 AM | Attr = ] Perflib_Perfdata_8c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_8c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/5/2008 3:33:09 PM | Attr = ] Perflib_Perfdata_cc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_cc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/4/2008 5:48:04 PM | Attr = ] Perflib_Perfdata_d0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_d0.dat -> [Ver = | Size = 0 bytes | Modified Date = 3/4/2008 7:24:07 PM | Attr = ] 4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> [Files Modified - Additional Folder Scans - Non-Microsoft Only] Dell -> %AllUsersProfile%\Application Data\Dell -> [Folder | Modified Date = 3/4/2008 8:15:16 PM | Attr = ] Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Modified Date = 2/19/2008 10:05:16 PM | Attr = ] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Modified Date = 3/2/2008 7:05:50 AM | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Modified Date = 3/1/2008 10:16:53 PM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Modified Date = 3/4/2008 4:40:35 PM | Attr = ] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Modified Date = 3/2/2008 2:56:51 PM | Attr = S] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 3/2/2008 7:03:19 PM | Attr = ] Symantec -> %AllUsersProfile%\Application Data\Symantec -> [Folder | Modified Date = 2/20/2008 9:57:18 AM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 3/2/2008 5:19:02 PM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 2/19/2008 10:05:24 PM | Attr = ] Google -> %AppData%\Google -> [Folder | Modified Date = 2/27/2008 11:03:16 PM | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Modified Date = 3/2/2008 7:06:14 AM | Attr = ] Gtek -> %AppData%\Gtek -> [Folder | Modified Date = 2/26/2008 8:22:08 PM | Attr = H ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Modified Date = 3/4/2008 4:40:48 PM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 3/2/2008 7:02:59 PM | Attr = ] Symantec -> %AppData%\Symantec -> [Folder | Modified Date = 2/19/2008 8:43:42 PM | Attr = ] wklnhst.dat -> %AppData%\wklnhst.dat -> [Ver = | Size = 9052 bytes | Modified Date = 2/21/2008 10:51:57 PM | Attr = ] ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [Folder | Modified Date = 3/4/2008 8:15:33 PM | Attr = ] Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Modified Date = 2/19/2008 10:09:14 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 4849060 bytes | Modified Date = 3/2/2008 9:04:54 PM | Attr = H ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 2/29/2008 9:22:09 AM | Attr = ] SupportSoft -> %UserProfile%\Local Settings\Application Data\SupportSoft -> [Folder | Modified Date = 2/19/2008 8:02:02 PM | Attr = ] Config -> %AllUsersProfile%\Documents\Config -> [Folder | Modified Date = 2/28/2008 9:14:34 PM | Attr = ] Fonts -> %AllUsersProfile%\Documents\Fonts -> [Folder | Modified Date = 2/28/2008 9:14:34 PM | Attr = ] Global.sw2 -> %AllUsersProfile%\Documents\Global.sw2 -> [Ver = | Size = 2453 bytes | Modified Date = 3/1/2008 8:04:05 PM | Attr = ] Softwrap -> %AllUsersProfile%\Documents\Softwrap -> [Folder | Modified Date = 2/28/2008 9:14:33 PM | Attr = ] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 81 bytes | Modified Date = 2/19/2008 9:46:25 PM | Attr = HS] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 3/3/2008 7:29:19 PM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 3/4/2008 6:53:28 PM | Attr = R ] taskmanager.reg -> %UserProfile%\My Documents\taskmanager.reg -> [Ver = | Size = 152 bytes | Modified Date = 3/1/2008 8:58:15 PM | Attr = ] Ad-Aware 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Aware 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 3/1/2008 10:15:43 PM | Attr = ] Ad-Watch 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Watch 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 3/1/2008 10:15:42 PM | Attr = ] AVG Anti-Spyware.lnk -> %AllUsersProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 849 bytes | Modified Date = 3/2/2008 7:06:02 AM | Attr = ] HP Director.lnk -> %AllUsersProfile%\Desktop\HP Director.lnk -> [Ver = | Size = 804 bytes | Modified Date = 2/28/2008 2:05:36 PM | Attr = ] HP Image Zone.lnk -> %AllUsersProfile%\Desktop\HP Image Zone.lnk -> [Ver = | Size = 902 bytes | Modified Date = 2/28/2008 2:03:33 PM | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 696 bytes | Modified Date = 3/4/2008 4:40:36 PM | Attr = ] Norton AntiVirus.lnk -> %AllUsersProfile%\Desktop\Norton AntiVirus.lnk -> [Ver = | Size = 1963 bytes | Modified Date = 2/20/2008 9:34:36 AM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 780 bytes | Modified Date = 3/2/2008 7:03:03 PM | Attr = ] V CAST Music Manager.lnk -> %AllUsersProfile%\Desktop\V CAST Music Manager.lnk -> [Ver = | Size = 1883 bytes | Modified Date = 2/28/2008 10:11:44 PM | Attr = ] aaw2007.exe -> %UserProfile%\Desktop\aaw2007.exe -> [Ver = | Size = 21364592 bytes | Modified Date = 3/1/2008 10:04:55 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\aaw2007.exe:Zone.Identifier ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 3/1/2008 10:37:48 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ATF_Cleaner.exe:Zone.Identifier avgas-setup-7.5.1.43-3339.exe -> %UserProfile%\Desktop\avgas-setup-7.5.1.43-3339.exe -> [Ver = | Size = 14113576 bytes | Modified Date = 3/1/2008 10:41:10 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\avgas-setup-7.5.1.43-3339.exe:Zone.Identifier BlubsterSetup.exe -> %UserProfile%\Desktop\BlubsterSetup.exe -> [Ver = | Size = 13022757 bytes | Modified Date = 2/28/2008 9:11:19 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\BlubsterSetup.exe:Zone.Identifier dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Modified Date = 3/3/2008 10:50:17 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 3/2/2008 9:42:47 PM | Attr = ] HJTInstall.exe -> %UserProfile%\Desktop\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Modified Date = 3/2/2008 9:42:33 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\HJTInstall.exe:Zone.Identifier mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> Malwarebytes [Ver = 1.0.0.0 | Size = 1366048 bytes | Modified Date = 3/4/2008 4:40:17 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\mbam-setup.exe:Zone.Identifier myresume.doc -> %UserProfile%\Desktop\myresume.doc -> [Ver = | Size = 52736 bytes | Modified Date = 2/21/2008 9:47:50 PM | Attr = ] OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.17.0 | Size = 290816 bytes | Modified Date = 3/4/2008 10:44:46 AM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier Records and Reproduction Clerk Vacancy Announcement 08 04.pdf -> %UserProfile%\Desktop\Records and Reproduction Clerk Vacancy Announcement 08 04.pdf -> [Ver = | Size = 189146 bytes | Modified Date = 3/3/2008 10:43:07 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\Records and Reproduction Clerk Vacancy Announcement 08 04.pdf:Zone.Identifier Resume DSL Activation.lnk -> %UserProfile%\Desktop\Resume DSL Activation.lnk -> [Ver = | Size = 353 bytes | Modified Date = 2/19/2008 8:37:19 PM | Attr = ] Resume High Speed Internet Activation.lnk -> %UserProfile%\Desktop\Resume High Speed Internet Activation.lnk -> [Ver = | Size = 1720 bytes | Modified Date = 2/19/2008 8:11:01 PM | Attr = ] Shortcut (2) to Internet Explorer.lnk -> %UserProfile%\Desktop\Shortcut (2) to Internet Explorer.lnk -> [Ver = | Size = 104 bytes | Modified Date = 2/19/2008 9:48:08 PM | Attr = ] Shortcut (3) to Internet Explorer.lnk -> %UserProfile%\Desktop\Shortcut (3) to Internet Explorer.lnk -> [Ver = | Size = 104 bytes | Modified Date = 2/19/2008 10:01:36 PM | Attr = ] Shortcut to Internet Explorer.lnk -> %UserProfile%\Desktop\Shortcut to Internet Explorer.lnk -> [Ver = | Size = 104 bytes | Modified Date = 2/19/2008 9:47:28 PM | Attr = ] SmitfraudFix -> %UserProfile%\Desktop\SmitfraudFix -> [Folder | Modified Date = 3/3/2008 11:06:02 PM | Attr = ] SmitfraudFix.exe -> %UserProfile%\Desktop\SmitfraudFix.exe -> [Ver = | Size = 1303792 bytes | Modified Date = 3/3/2008 10:49:06 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\SmitfraudFix.exe:Zone.Identifier SUPERAntiSpyware.exe -> %UserProfile%\Desktop\SUPERAntiSpyware.exe -> [Ver = | Size = 5797152 bytes | Modified Date = 3/2/2008 5:15:25 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\SUPERAntiSpyware.exe:Zone.Identifier vcast.exe -> %UserProfile%\Desktop\vcast.exe -> Smith Micro Software, Inc. [Ver = 9.1 | Size = 20394784 bytes | Modified Date = 2/28/2008 9:48:28 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\vcast.exe:Zone.Identifier video.3g2 -> %UserProfile%\Desktop\video.3g2 -> [Ver = | Size = 228071 bytes | Modified Date = 2/19/2008 9:53:17 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\video.3g2:Zone.Identifier WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Modified Date = 3/4/2008 9:46:59 PM | Attr = ] WinPFind35u.exe -> %UserProfile%\Desktop\WinPFind35u.exe -> [Ver = | Size = 482000 bytes | Modified Date = 3/4/2008 9:42:01 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\WinPFind35u.exe:Zone.Identifier HP Digital Imaging Monitor.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> [Ver = | Size = 1808 bytes | Modified Date = 2/28/2008 2:15:37 PM | Attr = ] MEMonitor.lnk -> %UserProfile%\Start Menu\Programs\Startup\MEMonitor.lnk -> [Ver = | Size = 872 bytes | Modified Date = 2/28/2008 10:11:51 PM | Attr = ] Hewlett-Packard -> %CommonProgramFiles%\Hewlett-Packard -> [Folder | Modified Date = 2/28/2008 2:10:11 PM | Attr = ] HP -> %CommonProgramFiles%\HP -> [Folder | Modified Date = 2/28/2008 1:59:03 PM | Attr = ] SupportSoft -> %CommonProgramFiles%\SupportSoft -> [Folder | Modified Date = 2/19/2008 8:37:19 PM | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 3/3/2008 10:18:09 PM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 2/19/2008 9:23:16 PM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 3/2/2008 7:02:27 PM | Attr = ] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] C:\Documents and Settings\All Users\Application Data\ -> C:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 3/4/2008 4:40:35 PM | Attr = RH ] Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [Folder | Modified Date = 7/28/2005 11:59:54 AM | Attr = ] AOL -> C:\Documents and Settings\All Users\Application Data\AOL -> [Folder | Modified Date = 2/17/2006 2:50:04 PM | Attr = ] Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [Folder | Modified Date = 9/4/2005 12:30:16 AM | Attr = ] Dell -> C:\Documents and Settings\All Users\Application Data\Dell -> [Folder | Modified Date = 3/4/2008 8:15:16 PM | Attr = ] Google -> C:\Documents and Settings\All Users\Application Data\Google -> [Folder | Modified Date = 2/19/2008 10:05:16 PM | Attr = ] Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [Folder | Modified Date = 3/2/2008 7:05:50 AM | Attr = ] GTek -> C:\Documents and Settings\All Users\Application Data\GTek -> [Folder | Modified Date = 7/28/2005 12:15:22 PM | Attr = ] InstallShield -> C:\Documents and Settings\All Users\Application Data\InstallShield -> [Folder | Modified Date = 7/28/2005 12:02:10 PM | Attr = ] Intuit -> C:\Documents and Settings\All Users\Application Data\Intuit -> [Folder | Modified Date = 7/28/2005 12:07:15 PM | Attr = ] Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [Folder | Modified Date = 3/1/2008 10:16:53 PM | Attr = ] Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [Folder | Modified Date = 3/4/2008 4:40:35 PM | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 3/2/2008 2:56:51 PM | Attr = S] QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime -> [Folder | Modified Date = 5/18/2006 9:10:27 AM | Attr = ] SBSI -> C:\Documents and Settings\All Users\Application Data\SBSI -> [Folder | Modified Date = 8/10/2004 1:13:06 PM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 3/2/2008 7:03:19 PM | Attr = ] Symantec -> C:\Documents and Settings\All Users\Application Data\Symantec -> [Folder | Modified Date = 2/20/2008 9:57:18 AM | Attr = ] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [Folder | Modified Date = 7/28/2005 12:06:41 PM | Attr = ] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 3/2/2008 5:19:02 PM | Attr = ] C:\Documents and Settings\Danielle J\Application Data\ -> C:\Documents and Settings\Danielle J\Application Data -> [Folder | Modified Date = 3/4/2008 4:40:48 PM | Attr = RH ] Adobe -> C:\Documents and Settings\Danielle J\Application Data\Adobe -> [Folder | Modified Date = 2/19/2008 10:05:24 PM | Attr = ] AdobeUM -> C:\Documents and Settings\Danielle J\Application Data\AdobeUM -> [Folder | Modified Date = 2/6/2006 9:01:41 PM | Attr = ] Aim -> C:\Documents and Settings\Danielle J\Application Data\Aim -> [Folder | Modified Date = 8/1/2005 8:49:24 PM | Attr = ] Apple Computer -> C:\Documents and Settings\Danielle J\Application Data\Apple Computer -> [Folder | Modified Date = 9/4/2005 12:31:00 AM | Attr = ] Google -> C:\Documents and Settings\Danielle J\Application Data\Google -> [Folder | Modified Date = 2/27/2008 11:03:16 PM | Attr = ] Grisoft -> C:\Documents and Settings\Danielle J\Application Data\Grisoft -> [Folder | Modified Date = 3/2/2008 7:06:14 AM | Attr = ] Gtek -> C:\Documents and Settings\Danielle J\Application Data\Gtek -> [Folder | Modified Date = 2/26/2008 8:22:08 PM | Attr = H ] Identities -> C:\Documents and Settings\Danielle J\Application Data\Identities -> [Folder | Modified Date = 8/10/2004 1:08:32 PM | Attr = ] Jasc Software Inc -> C:\Documents and Settings\Danielle J\Application Data\Jasc Software Inc -> [Folder | Modified Date = 4/14/2006 7:34:18 AM | Attr = ] Leadertech -> C:\Documents and Settings\Danielle J\Application Data\Leadertech -> [Folder | Modified Date = 8/1/2005 8:34:02 PM | Attr = ] Macromedia -> C:\Documents and Settings\Danielle J\Application Data\Macromedia -> [Folder | Modified Date = 8/1/2005 5:51:04 PM | Attr = ] Malwarebytes -> C:\Documents and Settings\Danielle J\Application Data\Malwarebytes -> [Folder | Modified Date = 3/4/2008 4:40:48 PM | Attr = ] Microsoft -> C:\Documents and Settings\Danielle J\Application Data\Microsoft -> [Folder | Modified Date = 4/2/2006 9:59:20 PM | Attr = S] Sonic -> C:\Documents and Settings\Danielle J\Application Data\Sonic -> [Folder | Modified Date = 8/1/2005 8:36:04 PM | Attr = ] Sun -> C:\Documents and Settings\Danielle J\Application Data\Sun -> [Folder | Modified Date = 7/28/2005 11:57:41 AM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\Danielle J\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 3/2/2008 7:02:59 PM | Attr = ] Symantec -> C:\Documents and Settings\Danielle J\Application Data\Symantec -> [Folder | Modified Date = 2/19/2008 8:43:42 PM | Attr = ] C:\Documents and Settings\Default User\Application Data\ -> C:\Documents and Settings\Default User\Application Data -> [Folder | Modified Date = 2/26/2008 8:00:16 PM | Attr = RH ] Identities -> C:\Documents and Settings\Default User\Application Data\Identities -> [Folder | Modified Date = 8/10/2004 1:08:32 PM | Attr = ] Jasc Software Inc -> C:\Documents and Settings\Default User\Application Data\Jasc Software Inc -> [Folder | Modified Date = 7/28/2005 12:01:40 PM | Attr = ] Microsoft -> C:\Documents and Settings\Default User\Application Data\Microsoft -> [Folder | Modified Date = 7/28/2005 12:04:18 PM | Attr = S] Sun -> C:\Documents and Settings\Default User\Application Data\Sun -> [Folder | Modified Date = 7/28/2005 11:57:41 AM | Attr = ] Symantec -> C:\Documents and Settings\Default User\Application Data\Symantec -> [Folder | Modified Date = 7/28/2005 12:10:54 PM | Attr = ] C:\Documents and Settings\JokerKing\Application Data\ -> C:\Documents and Settings\JokerKing\Application Data -> [Folder | Modified Date = 3/5/2008 8:15:41 PM | Attr = RH ] Adobe -> C:\Documents and Settings\JokerKing\Application Data\Adobe -> [Folder | Modified Date = 2/25/2008 11:59:51 PM | Attr = ] AdobeUM -> C:\Documents and Settings\JokerKing\Application Data\AdobeUM -> [Folder | Modified Date = 2/26/2008 12:00:52 AM | Attr = ] Aim -> C:\Documents and Settings\JokerKing\Application Data\Aim -> [Folder | Modified Date = 2/20/2008 9:18:28 PM | Attr = ] Google -> C:\Documents and Settings\JokerKing\Application Data\Google -> [Folder | Modified Date = 2/24/2008 1:18:35 PM | Attr = ] Grisoft -> C:\Documents and Settings\JokerKing\Application Data\Grisoft -> [Folder | Modified Date = 3/2/2008 12:25:17 PM | Attr = ] Gtek -> C:\Documents and Settings\JokerKing\Application Data\Gtek -> [Folder | Modified Date = 2/26/2008 8:00:16 PM | Attr = H ] Identities -> C:\Documents and Settings\JokerKing\Application Data\Identities -> [Folder | Modified Date = 8/10/2004 1:08:32 PM | Attr = ] Jasc Software Inc -> C:\Documents and Settings\JokerKing\Application Data\Jasc Software Inc -> [Folder | Modified Date = 7/28/2005 12:01:40 PM | Attr = ] Macromedia -> C:\Documents and Settings\JokerKing\Application Data\Macromedia -> [Folder | Modified Date = 2/20/2008 9:19:31 PM | Attr = ] Malwarebytes -> C:\Documents and Settings\JokerKing\Application Data\Malwarebytes -> [Folder | Modified Date = 3/5/2008 8:15:41 PM | Attr = ] Microsoft -> C:\Documents and Settings\JokerKing\Application Data\Microsoft -> [Folder | Modified Date = 3/2/2008 3:09:17 PM | Attr = S] Sun -> C:\Documents and Settings\JokerKing\Application Data\Sun -> [Folder | Modified Date = 7/28/2005 11:57:41 AM | Attr = ] Symantec -> C:\Documents and Settings\JokerKing\Application Data\Symantec -> [Folder | Modified Date = 7/28/2005 12:10:54 PM | Attr = ] C:\Documents and Settings\LocalService\Application Data\ -> C:\Documents and Settings\LocalService\Application Data -> [Folder | Modified Date = 8/10/2004 1:08:16 PM | Attr = ] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [Folder | Modified Date = 8/10/2004 12:57:26 PM | Attr = S] C:\Documents and Settings\Nana\Application Data\ -> C:\Documents and Settings\Nana\Application Data -> [Folder | Modified Date = 7/28/2005 12:15:22 PM | Attr = RH ] Gtek -> C:\Documents and Settings\Nana\Application Data\Gtek -> [Folder | Modified Date = 2/26/2008 8:00:16 PM | Attr = ] Identities -> C:\Documents and Settings\Nana\Application Data\Identities -> [Folder | Modified Date = 8/10/2004 1:08:32 PM | Attr = ] Jasc Software Inc -> C:\Documents and Settings\Nana\Application Data\Jasc Software Inc -> [Folder | Modified Date = 7/28/2005 12:01:40 PM | Attr = ] Microsoft -> C:\Documents and Settings\Nana\Application Data\Microsoft -> [Folder | Modified Date = 7/28/2005 12:04:18 PM | Attr = S] Sun -> C:\Documents and Settings\Nana\Application Data\Sun -> [Folder | Modified Date = 7/28/2005 11:57:41 AM | Attr = ] Symantec -> C:\Documents and Settings\Nana\Application Data\Symantec -> [Folder | Modified Date = 7/28/2005 12:10:54 PM | Attr = ] C:\Documents and Settings\NetworkService\Application Data\ -> C:\Documents and Settings\NetworkService\Application Data -> [Folder | Modified Date = 8/10/2004 1:08:14 PM | Attr = ] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [Folder | Modified Date = 8/10/2004 12:57:26 PM | Attr = S] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 2/20/2008 9:38:55 AM | Attr = S] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = RH ] Norton AntiVirus - Run Full System Scan - Danielle J.job -> C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Danielle J.job -> [Ver = | Size = 566 bytes | Modified Date = 3/3/2008 8:00:00 PM | Attr = ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/5/2008 3:26:44 PM | Attr = H ] Symantec NetDetect.job -> C:\WINDOWS\Tasks\Symantec NetDetect.job -> [Ver = | Size = 366 bytes | Modified Date = 3/5/2008 8:47:00 PM | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]