[code] OTScanIt logfile created on: 3/19/2008 5:41:22 PM OTScanIt by OldTimer - Version 1.0.6.0 Folder = C:\Documents and Settings\Band\Desktop\OTScanIt Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 510.73 Mb Total Physical Memory | 187.21 Mb Available Physical Memory | 36.65% Memory free 1.22 Gb Paging File | 0.91 Gb Available in Paging File | 74.28% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files Drive C: | 74.53 Gb Total Space | 59.68 Gb Free Space | 80.08% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BANDHALL Current User Name: Band Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3249 | Size = 180269 bytes | Modified Date = 3/2/2005 3:12:24 PM | Attr = ] qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 3/21/2005 3:53:20 PM | Attr = ] winampa.exe -> %ProgramFiles%\Winamp\winampa.exe -> [Ver = | Size = 35328 bytes | Modified Date = 11/21/2006 12:38:22 PM | Attr = ] avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 3/7/2008 8:50:50 PM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 2:11:35 AM | Attr = ] avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 4:25:42 AM | Attr = ] googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 8/14/2007 8:18:02 AM | Attr = ] superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 3/7/2008 9:18:33 PM | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 7:31:10 AM | Attr = ] avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 3/7/2008 8:50:48 PM | Attr = ] avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 8/14/2007 1:17:10 PM | Attr = ] avgemc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 406528 bytes | Modified Date = 3/7/2008 8:50:52 PM | Attr = ] nmsaccess.exe -> %ProgramFiles%\Cheetah Burner\Cheetah CD Burner\NMSAccess.exe -> [Ver = | Size = 45056 bytes | Modified Date = 12/7/2005 10:44:20 AM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4467 | Size = 73728 bytes | Modified Date = 6/13/2003 11:31:00 AM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.6.0 | Size = 311808 bytes | Modified Date = 3/19/2008 6:01:26 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 7:31:10 AM | Attr = ] (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 3/7/2008 8:50:48 PM | Attr = ] (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 8/14/2007 1:17:10 PM | Attr = ] (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 406528 bytes | Modified Date = 3/7/2008 8:50:52 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 8/13/2007 7:53:26 AM | Attr = ] (iPodService) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 4.7.1.30 | Size = 327680 bytes | Modified Date = 12/18/2004 1:19:58 AM | Attr = ] (NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Intel\NCS\Sync\NetSvc.exe -> Intel(R) Corporation [Ver = 1.2.26.0 | Size = 143360 bytes | Modified Date = 3/3/2003 2:33:40 PM | Attr = ] (NMSAccess) NMSAccess [Win32_Own | Auto | Running] -> %ProgramFiles%\Cheetah Burner\Cheetah CD Burner\NMSAccess.exe -> [Ver = | Size = 45056 bytes | Modified Date = 12/7/2005 10:44:20 AM | Attr = ] (NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4467 | Size = 73728 bytes | Modified Date = 6/13/2003 11:31:00 AM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 4:25:42 AM | Attr = ] au -> %ProgramFiles%\Dealio\DealioAU.exe -> File not found AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 3/7/2008 8:50:50 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 3/21/2005 3:53:20 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 2:11:35 AM | Attr = ] TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3249 | Size = 180269 bytes | Modified Date = 3/2/2005 3:12:24 PM | Attr = ] WinampAgent -> %ProgramFiles%\Winamp\winampa.exe -> [Ver = | Size = 35328 bytes | Modified Date = 11/21/2006 12:38:22 PM | Attr = ] YSearchProtection -> %ProgramFiles%\Yahoo!\Search Protection\SearchProtection.exe -> File not found < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AROReminder -> %ProgramFiles%\Advanced Registry Optimizer\ARO.exe -> Sammsoft [Ver = 5.1.338.343 | Size = 1798656 bytes | Modified Date = 5/23/2007 10:41:42 AM | Attr = ] SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 3/7/2008 9:18:33 PM | Attr = ] swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 8/14/2007 8:18:02 AM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Band Startup Folder > -> C:\Documents and Settings\Band\Start Menu\Programs\Startup -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 7:29:58 AM | Attr = ] {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 2:55:48 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 4/19/2007 2:41:36 PM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> (binary data) -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < HOSTS File > (27 bytes) -> C:\WINNT\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINNT\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.wbsd.k12.ms.us/default.html -> HKEY_CURRENT_USER\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/search?q=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> .[msn] -> My Computer -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 2:11:33 AM | Attr = ] < Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {5C4C24D0-28B6-4B6B-B70F-E09848367F10} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Dealio\kb106\Dealio.dll [Dealio] -> File not found < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R ] {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BearShare applications\BearShare MediaBar\MediaBar.dll [BearShare MediaBar] -> File not found {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Dealio\kb106\Dealio.dll [Dealio] -> File not found < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BearShare applications\BearShare MediaBar\MediaBar.dll [BearShare MediaBar] -> File not found WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BearShare applications\BearShare MediaBar\MediaBar.dll [BearShare MediaBar] -> File not found WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 2:11:34 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 2:11:33 AM | Attr = ] {E908B145-C847-4e85-B315-07E2E70DECF8}:{9F038672-0425-4792-BC9C-36DE3308E8AA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Dealio\kb106\Dealio.dll [Dealio] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 2:11:34 AM | Attr = ] CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{E908B145-C847-4e85-B315-07E2E70DECF8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Dealio\kb106\Dealio.dll [Dealio] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Google Search -> %ProgramFiles%\google\GoogleToolbar1.dll -> File not found &Translate English Word -> %ProgramFiles%\google\GoogleToolbar1.dll -> File not found Backward Links -> %ProgramFiles%\google\GoogleToolbar1.dll -> File not found Cached Snapshot of Page -> %ProgramFiles%\google\GoogleToolbar1.dll -> File not found Compare Prices with &Dealio -> %ProgramFiles%\Dealio\kb106\res\DealioSearch.htm -> File not found Similar Pages -> %ProgramFiles%\google\GoogleToolbar1.dll -> File not found Translate Page into English -> %ProgramFiles%\google\GoogleToolbar1.dll -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> Extension\.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [] -> Intertrust Technologies, Inc. [Ver = 1.0.0.32 | Size = 270336 bytes | Modified Date = 8/1/2001 6:05:42 PM | Attr = ] < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {C4E357A8-056E-4C95-84C2-B0606C25BC09} -> (Intel(R) PRO/1000 CT Network Connection) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}[HKEY_LOCAL_MACHINE] -> http://go.microsoft.com/fwlink/?linkid=67633[Office Genuine Advantage Validation Tool] -> {166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537}[HKEY_LOCAL_MACHINE] -> http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab[MSN Photo Upload Tool] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}[HKEY_LOCAL_MACHINE] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1205015352312[MUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> [Files/Folders - Created Within 30 days] autorun.inf -> %SystemDrive%\autorun.inf -> [Folder | Created Date = 3/18/2008 8:44:04 PM | Attr = RHS] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 535613440 bytes | Created Date = 3/13/2008 6:26:28 AM | Attr = HS] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 3/16/2008 9:21:21 PM | Attr = ] SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 3/7/2008 7:33:59 PM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 3/17/2008 9:18:05 PM | Attr = ] AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 3/8/2008 12:01:30 AM | Attr = ] SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Created Date = 3/8/2008 1:14:38 PM | Attr = ] shdkodudebgq.sys -> %SystemRoot%\System32\drivers\shdkodudebgq.sys -> Panda Software International [Ver = 1, 0, 0, 5 | Size = 8576 bytes | Created Date = 3/8/2008 11:27:34 AM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Created Date = 3/8/2008 8:55:33 AM | Attr = ] 2 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 3/8/2008 9:48:59 AM | Attr = ] dumphive.exe -> %SystemRoot%\System32\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 3/12/2008 9:22:13 AM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Created Date = 3/7/2008 9:45:31 PM | Attr = ] fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 3/16/2008 9:21:18 PM | Attr = ] grep.exe -> %SystemRoot%\System32\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 3/16/2008 9:21:18 PM | Attr = ] IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Created Date = 3/12/2008 9:22:13 AM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Created Date = 3/7/2008 10:28:28 PM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Created Date = 3/7/2008 10:28:28 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 139264 bytes | Created Date = 3/7/2008 10:28:28 PM | Attr = ] Process.exe -> %SystemRoot%\System32\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/12/2008 9:22:10 AM | Attr = ] sed.exe -> %SystemRoot%\System32\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 3/16/2008 9:21:18 PM | Attr = ] SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 3/12/2008 9:22:13 AM | Attr = ] swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 3/12/2008 9:22:11 AM | Attr = ] swsc.exe -> %SystemRoot%\System32\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 3/12/2008 9:22:12 AM | Attr = ] swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 3/12/2008 9:22:13 AM | Attr = ] tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 3458 bytes | Created Date = 3/12/2008 9:23:10 AM | Attr = ] VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Created Date = 3/12/2008 9:22:13 AM | Attr = ] VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Created Date = 3/12/2008 9:22:13 AM | Attr = ] VFind.exe -> %SystemRoot%\System32\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 3/16/2008 9:21:18 PM | Attr = ] WS2Fix.exe -> %SystemRoot%\System32\WS2Fix.exe -> [Ver = | Size = 25600 bytes | Created Date = 3/12/2008 9:22:13 AM | Attr = ] zip.exe -> %SystemRoot%\System32\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 3/16/2008 9:21:18 PM | Attr = ] ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 3/8/2008 9:48:59 AM | Attr = ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 3/7/2008 9:39:46 PM | Attr = H ] 3 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 3/7/2008 9:38:04 PM | Attr = H ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 3/16/2008 9:22:27 PM | Attr = ] ERUNT -> %SystemRoot%\ERUNT -> [Folder | Created Date = 3/7/2008 7:39:31 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 3/7/2008 9:41:04 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 3/7/2008 9:49:03 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 3/7/2008 9:30:14 PM | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 3/16/2008 9:21:18 PM | Attr = ] TEMP -> %SystemRoot%\TEMP -> [Folder | Created Date = 3/18/2008 9:03:11 PM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 3/7/2008 9:45:37 PM | Attr = ] [Files/Folders - Modified Within 30 days] $VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Modified Date = 3/8/2008 9:15:43 AM | Attr = RH ] autorun.inf -> %SystemDrive%\autorun.inf -> [Folder | Modified Date = 3/18/2008 8:44:04 PM | Attr = RHS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 3/17/2008 5:48:32 AM | Attr = H ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 535613440 bytes | Modified Date = 3/19/2008 3:46:44 PM | Attr = HS] Incomplete -> %SystemDrive%\Incomplete -> [Folder | Modified Date = 3/6/2008 4:19:57 PM | Attr = ] My Downloads -> %SystemDrive%\My Downloads -> [Folder | Modified Date = 3/6/2008 3:14:25 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/19/2008 4:40:14 PM | Attr = R ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 3/18/2008 9:03:10 PM | Attr = ] SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 3/7/2008 8:10:23 PM | Attr = ] temp -> %SystemDrive%\temp -> [Folder | Modified Date = 3/7/2008 8:04:53 PM | Attr = ] WINNT -> %SystemRoot% -> [Folder | Modified Date = 3/18/2008 9:03:11 PM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 3/17/2008 9:18:05 PM | Attr = ] avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 3/7/2008 8:50:42 PM | Attr = ] avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 3/7/2008 8:50:58 PM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 3/16/2008 9:33:23 PM | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 27 bytes | Modified Date = 3/16/2008 9:33:23 PM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Modified Date = 3/8/2008 3:17:55 PM | Attr = ] 2 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 3/18/2008 9:02:08 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 3/19/2008 5:32:57 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 3/8/2008 4:01:19 AM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 3/18/2008 9:00:00 PM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 3/7/2008 9:49:14 PM | Attr = ] IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Modified Date = 3/5/2008 10:29:16 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 62344 bytes | Modified Date = 3/9/2008 3:08:44 AM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 401064 bytes | Modified Date = 3/9/2008 3:08:45 AM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 471150 bytes | Modified Date = 3/9/2008 3:08:42 AM | Attr = ] SearchTool -> %SystemRoot%\System32\SearchTool -> [Folder | Modified Date = 3/8/2008 1:12:51 AM | Attr = ] tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 3458 bytes | Modified Date = 3/12/2008 9:38:01 AM | Attr = ] VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Modified Date = 3/9/2008 1:15:33 AM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 3/8/2008 3:20:54 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 3/19/2008 3:47:26 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 3/8/2008 1:33:30 AM | Attr = H ] 3 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 3/7/2008 9:39:46 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 3/7/2008 9:38:04 PM | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 3/8/2008 2:56:13 PM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 3/19/2008 3:46:45 PM | Attr = S] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 3/16/2008 9:14:46 PM | Attr = S] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 3/19/2008 4:41:37 PM | Attr = ] ERUNT -> %SystemRoot%\ERUNT -> [Folder | Modified Date = 3/7/2008 7:39:42 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 3/16/2008 9:27:57 PM | Attr = R S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 3/7/2008 9:52:53 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 3/7/2008 9:44:19 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 3/8/2008 4:01:17 AM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 3/7/2008 9:50:03 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/8/2008 11:08:46 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/17/2008 5:48:32 AM | Attr = HS] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 3/7/2008 9:45:01 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 3/7/2008 9:30:15 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/19/2008 5:40:56 PM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 3/19/2008 4:34:24 PM | Attr = ] Q2VkcmljIEV2YW5z -> %SystemRoot%\Q2VkcmljIEV2YW5z -> [Folder | Modified Date = 3/6/2008 11:32:03 PM | Attr = HS] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 3/8/2008 3:17:51 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 280 bytes | Modified Date = 3/18/2008 9:02:00 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 3/18/2008 9:03:13 PM | Attr = HS] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 3/8/2008 5:21:45 PM | Attr = S] TEMP -> %SystemRoot%\TEMP -> [Folder | Modified Date = 3/19/2008 3:47:33 PM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 3/7/2008 9:45:37 PM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 674 bytes | Modified Date = 3/8/2008 11:00:59 AM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/19/2008 3:46:47 PM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6708 bytes | Modified Date = 3/15/2008 7:23:17 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 6708 bytes | Modified Date = 3/15/2008 7:23:17 PM | Attr = ] data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1388 bytes | Modified Date = 9/14/2006 1:23:46 PM | Attr = ] SSUPDATE.EXE -> C:\Documents and Settings\Band\Local Settings\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 146672 bytes | Modified Date = 6/21/2007 3:07:10 PM | Attr = ] < End of report > [/code]