[code] OTScanIt logfile created on: 02/04/2008 5:03:01 PM OTScanIt by OldTimer - Version 1.0.8.3 Folder = C:\Documents and Settings\Bradley\Desktop\OTScanIt Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free 4.00 Gb Paging File | 3.77 Gb Available in Paging File | 94.37% Paging File free Paging file location(s): C:\pagefile.sys 1342 2014; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 12.15 Gb Free Space | 5.22% Space Free | Partition Type: NTFS Drive D: | 4.37 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded Drive F: | 931.52 Gb Total Space | 789.07 Gb Free Space | 84.71% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BRAD Current User Name: Bradley Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4190 | Size = 520192 bytes | Modified Date = 25/02/2008 9:00:02 PM | Attr = ] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4190 | Size = 520192 bytes | Modified Date = 25/02/2008 9:00:02 PM | Attr = ] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 04/12/2007 8:36:33 AM | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 04/12/2007 7:00:16 AM | Attr = ] lvprcsrv.exe -> %CommonProgramFiles%\logishrd\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 1:19:22 PM | Attr = ] applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 1:28:18 PM | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 6:31:10 AM | Attr = ] libusbd-nt.exe -> %SystemRoot%\system32\libusbd-nt.exe -> http://libusb-win32.sourceforge.net [Ver = 0.1.10.1 | Size = 18944 bytes | Modified Date = 09/03/2005 9:50:18 PM | Attr = ] lvcomser.exe -> %CommonProgramFiles%\logishrd\LVCOMSER\LVComSer.exe -> Logitech Inc. [Ver = 1.0.5.1158 | Size = 186904 bytes | Modified Date = 19/10/2007 1:17:28 PM | Attr = ] starwindserviceae.exe -> %ProgramFiles%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -> Rocket Division Software [Ver = 3.2.3 Build 20070527 | Size = 275968 bytes | Modified Date = 28/05/2007 10:57:54 AM | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 04/12/2007 6:59:53 AM | Attr = ] ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 04/12/2007 6:59:01 AM | Attr = ] lvcomser.exe -> %CommonProgramFiles%\logishrd\LVCOMSER\LVComSer.exe -> Logitech Inc. [Ver = 1.0.5.1158 | Size = 186904 bytes | Modified Date = 19/10/2007 1:17:28 PM | Attr = ] pdvdserv.exe -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 08/12/2003 6:35:14 PM | Attr = ] rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> Realtek Semiconductor Corp. [Ver = 1.1.1.9 | Size = 14565376 bytes | Modified Date = 08/06/2005 12:42:12 AM | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 04/12/2007 7:00:23 AM | Attr = ] memoryo.exe -> %ProgramFiles%\Systerac XP Tools 3\memoryo.exe -> MindSoft [Ver = 4.00.2146 | Size = 1056768 bytes | Modified Date = 02/05/2005 10:10:04 PM | Attr = ] aimlite.exe -> %ProgramFiles%\AIM Lite\aimlite.exe -> [Ver = | Size = 759808 bytes | Modified Date = 26/03/2007 2:54:54 PM | Attr = ] qttask.exe -> %ProgramFiles%\QuickTime Alternative\QTTask.exe -> Apple Inc. [Ver = 7.4.1 | Size = 385024 bytes | Modified Date = 31/01/2008 11:13:08 PM | Attr = ] ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.6.1.9 | Size = 267048 bytes | Modified Date = 19/02/2008 1:10:32 PM | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.1.9 | Size = 504104 bytes | Modified Date = 19/02/2008 1:10:24 PM | Attr = ] communications_helper.exe -> %CommonProgramFiles%\logishrd\LComMgr\Communications_Helper.exe -> [Ver = | Size = 563984 bytes | Modified Date = 25/10/2007 4:33:22 PM | Attr = ] quickcam.exe -> %ProgramFiles%\Logitech\QuickCam\Quickcam.exe -> [Ver = | Size = 2178832 bytes | Modified Date = 25/10/2007 4:37:32 PM | Attr = ] mom.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\MOM.exe -> Advanced Micro Devices Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 17/07/2007 11:13:56 AM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 4:25:21 AM | Attr = ] cocimanager.exe -> %CommonProgramFiles%\logishrd\LQCVFX\COCIManager.exe -> Logitech Inc. [Ver = 11.5.0.1169 | Size = 407824 bytes | Modified Date = 25/10/2007 4:32:58 PM | Attr = ] superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 30/03/2008 10:16:20 AM | Attr = ] ccc.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CCC.exe -> ATI Technologies Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 17/07/2007 11:13:34 AM | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.13: 2008031114 | Size = 7660656 bytes | Modified Date = 26/03/2008 5:10:08 PM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.8.3 | Size = 368640 bytes | Modified Date = 02/04/2008 4:21:18 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 1:28:18 PM | Attr = ] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 04/12/2007 8:36:33 AM | Attr = ] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4190 | Size = 520192 bytes | Modified Date = 25/02/2008 9:00:02 PM | Attr = ] (ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [Ver = 5.13.0027 | Size = 593920 bytes | Modified Date = 25/02/2008 9:05:00 PM | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 04/12/2007 7:00:16 AM | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 04/12/2007 6:59:53 AM | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 04/12/2007 6:59:01 AM | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 6:31:10 AM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 1:41:10 AM | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.1.9 | Size = 504104 bytes | Modified Date = 19/02/2008 1:10:24 PM | Attr = ] (libusbd) LibUsb-Win32 - Daemon, Version 0.1.10.1 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\libusbd-nt.exe -> http://libusb-win32.sourceforge.net [Ver = 0.1.10.1 | Size = 18944 bytes | Modified Date = 09/03/2005 9:50:18 PM | Attr = ] (LVCOMSer) LVCOMSer [Win32_Own | Auto | Running] -> %CommonProgramFiles%\logishrd\LVCOMSER\LVComSer.exe -> Logitech Inc. [Ver = 1.0.5.1158 | Size = 186904 bytes | Modified Date = 19/10/2007 1:17:28 PM | Attr = ] (LVPrcSrv) Process Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\logishrd\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 1:19:22 PM | Attr = ] (LVSrvLauncher) LVSrvLauncher [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\logishrd\SrvLnch\SrvLnch.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 1:21:16 PM | Attr = ] (StarWindServiceAE) StarWind AE Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -> Rocket Division Software [Ver = 3.2.3 Build 20070527 | Size = 275968 bytes | Modified Date = 28/05/2007 10:57:54 AM | Attr = ] [Driver Services - Non-Microsoft Only] (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 04/12/2007 8:49:02 AM | Attr = ] (Afc) PPdus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\afc.sys -> Arcsoft, Inc. [Ver = 1, 0, 0, 2 | Size = 11776 bytes | Modified Date = 23/02/2005 2:58:56 PM | Attr = ] (AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.2.2 (dnsrv(wmbla).050120-1444) | Size = 36352 bytes | Modified Date = 09/03/2005 12:53:00 AM | Attr = R ] (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 04/12/2007 8:55:46 AM | Attr = ] (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 04/12/2007 8:53:39 AM | Attr = ] (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 04/12/2007 8:51:52 AM | Attr = ] (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6783 | Size = 2863616 bytes | Modified Date = 25/02/2008 11:51:43 PM | Attr = ] (ATIAVAIW) ATI T200 Unified AVStream service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\atinavt2.sys -> ATI Technologies Inc. [Ver = 6.14.10.1086 | Size = 169856 bytes | Modified Date = 06/11/2007 9:40:20 PM | Attr = ] (atinevxx) ATI WDM Rage Theater Video NSP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\atinevxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6321 | Size = 166400 bytes | Modified Date = 01/11/2005 9:02:54 PM | Attr = ] (AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 30/05/2007 6:10:42 AM | Attr = ] (AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 6:10:42 AM | Attr = ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] (dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 2:44:04 PM | Attr = ] (HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Hdaudio.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 145920 bytes | Modified Date = 07/01/2005 6:07:16 PM | Attr = ] (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 07/01/2005 6:07:18 PM | Attr = ] (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5128 built by: WinDDK | Size = 3160576 bytes | Modified Date = 08/06/2005 2:22:20 AM | Attr = ] (libusb0) LibUsb-Win32 - Kernel Driver, Version 0.1.10.1 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\libusb0.sys -> [Ver = | Size = 33792 bytes | Modified Date = 09/03/2005 8:50:16 PM | Attr = ] (LVcKap) Logitech AEC Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Lvckap.sys -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 2109976 bytes | Modified Date = 19/10/2007 1:16:30 PM | Attr = ] (LVMVDrv) Logitech Machine Vision Engine Loader [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LVMVdrv.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 2142488 bytes | Modified Date = 11/10/2007 6:59:02 PM | Attr = ] (LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LVPr2Mon.sys -> [Ver = | Size = 25624 bytes | Modified Date = 11/10/2007 6:59:24 PM | Attr = ] (LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LVUSBSta.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 41752 bytes | Modified Date = 11/10/2007 8:00:42 PM | Attr = ] (MVDCODEC) ATI WDM Specialized MVD Codec [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\atinmdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6321 | Size = 15360 bytes | Modified Date = 01/11/2005 9:01:50 PM | Attr = ] (pepifilter) Volume Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\lv302af.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 13848 bytes | Modified Date = 11/10/2007 7:55:58 PM | Attr = ] (pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 204 | Size = 10368 bytes | Modified Date = 05/12/2003 3:46:36 AM | Attr = ] (PID_PEPI) Logitech QuickCam IM(PID_PEPI) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LV302V32.SYS -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 1279000 bytes | Modified Date = 11/10/2007 7:55:58 PM | Attr = ] (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 03/08/2004 11:31:34 PM | Attr = ] (SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 10/10/2006 12:53:48 PM | Attr = ] (SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 16/02/2006 4:51:08 PM | Attr = R ] (SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [Ver = 1, 0, 0, 1050 | Size = 51440 bytes | Modified Date = 30/03/2008 10:16:20 AM | Attr = ] (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 4:25:53 AM | Attr = ] (SNPP106) PC Camera (6029 CIF) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\snpp106.sys -> [Ver = 0.9.3.0 | Size = 238080 bytes | Modified Date = 08/11/2002 6:56:28 PM | Attr = ] (sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 03/02/2008 5:08:26 AM | Attr = ] (STEC3) STEC3 [Kernel | Auto | Running] -> %SystemRoot%\system32\STEC3.sys -> AntiCracking [Ver = 4.00 | Size = 2368 bytes | Modified Date = 05/05/2006 12:53:43 PM | Attr = ] (yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\yk51x86.sys -> Marvell [Ver = 8.41.1.3 built by: WinDDK | Size = 241280 bytes | Modified Date = 19/09/2005 9:41:00 AM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe ["C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 3:25:42 AM | Attr = ] Alcmtr -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> Realtek Semiconductor Corp. [Ver = 1.6.0.2 | Size = 69632 bytes | Modified Date = 03/05/2005 4:43:28 AM | Attr = ] avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 04/12/2007 7:00:23 AM | Attr = ] High Definition Audio Property Page Shortcut -> %SystemRoot%\system32\HdAShCut.exe [HDAShCut.exe] -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 07/01/2005 6:07:16 PM | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Inc. [Ver = 7.6.1.9 | Size = 267048 bytes | Modified Date = 19/02/2008 1:10:32 PM | Attr = ] laim -> %ProgramFiles%\AIM Lite\aimlite.exe ["C:\Program Files\AIM Lite\aimlite.exe" -autorun] -> [Ver = | Size = 759808 bytes | Modified Date = 26/03/2007 2:54:54 PM | Attr = ] LogitechCommunicationsManager -> %CommonProgramFiles%\logishrd\LComMgr\Communications_Helper.exe ["C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"] -> [Ver = | Size = 563984 bytes | Modified Date = 25/10/2007 4:33:22 PM | Attr = ] LogitechQuickCamRibbon -> %ProgramFiles%\Logitech\QuickCam\Quickcam.exe ["C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide] -> [Ver = | Size = 2178832 bytes | Modified Date = 25/10/2007 4:37:32 PM | Attr = ] Memory Optimizer -> %ProgramFiles%\Systerac XP Tools 3\memoryo.exe ["C:\Program Files\Systerac XP Tools 3\memoryo.exe"] -> MindSoft [Ver = 4.00.2146 | Size = 1056768 bytes | Modified Date = 02/05/2005 10:10:04 PM | Attr = ] NeroFilterCheck -> %SystemRoot%\system32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09/07/2001 12:50:42 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime Alternative\QTTask.exe ["C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime] -> Apple Inc. [Ver = 7.4.1 | Size = 385024 bytes | Modified Date = 31/01/2008 11:13:08 PM | Attr = ] Registry Compact -> %ProgramFiles%\Systerac XP Tools 3\regcomp.exe ["C:\Program Files\Systerac XP Tools 3\regcomp.exe" /Auto] -> Systerac [Ver = 1.00.2005 | Size = 659456 bytes | Modified Date = 17/02/2005 8:17:20 AM | Attr = ] RemoteControl -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"] -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 08/12/2003 6:35:14 PM | Attr = ] RTHDCPL -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> Realtek Semiconductor Corp. [Ver = 1.1.1.9 | Size = 14565376 bytes | Modified Date = 08/06/2005 12:42:12 AM | Attr = ] StartCCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"] -> Advanced Micro Devices, Inc. [Ver = 1, 0, 0, 1 | Size = 61440 bytes | Modified Date = 21/01/2008 12:17:18 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 4:25:21 AM | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AlcoholAutomount -> %ProgramFiles%\Alcohol Soft\Alcohol 120\AxCmd.exe ["C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount] -> Alcohol Soft Development Team [Ver = 1.9.6.5431 | Size = 221568 bytes | Modified Date = 22/12/2007 1:23:18 AM | Attr = ] iLike -> %ProgramFiles%\iLike\1.1.27\ilikesidebar.exe [C:\Program Files\iLike\1.1.27\ilikesidebar.exe /checkforupdate] -> iLike [Ver = 0.0.0.27 | Size = 63024 bytes | Modified Date = 13/09/2007 12:34:28 PM | Attr = ] NBJ -> %ProgramFiles%\Ahead\Nero BackItUp\NBJ.exe ["C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"] -> Ahead Software AG [Ver = 1, 2, 0, 60 | Size = 1961984 bytes | Modified Date = 16/09/2005 6:41:26 PM | Attr = ] PowerBar -> [] -> File not found Steam -> %ProgramFiles%\Steam\steam.exe ["c:\program files\steam\steam.exe" -silent] -> Valve Corporation [Ver = 1.0.0.0 | Size = 1271032 bytes | Modified Date = 29/03/2008 6:37:25 AM | Attr = ] SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 30/03/2008 10:16:20 AM | Attr = ] < Run [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AlcoholAutomount -> %ProgramFiles%\Alcohol Soft\Alcohol 120\AxCmd.exe ["C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount] -> Alcohol Soft Development Team [Ver = 1.9.6.5431 | Size = 221568 bytes | Modified Date = 22/12/2007 1:23:18 AM | Attr = ] iLike -> %ProgramFiles%\iLike\1.1.27\ilikesidebar.exe [C:\Program Files\iLike\1.1.27\ilikesidebar.exe /checkforupdate] -> iLike [Ver = 0.0.0.27 | Size = 63024 bytes | Modified Date = 13/09/2007 12:34:28 PM | Attr = ] NBJ -> %ProgramFiles%\Ahead\Nero BackItUp\NBJ.exe ["C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"] -> Ahead Software AG [Ver = 1, 2, 0, 60 | Size = 1961984 bytes | Modified Date = 16/09/2005 6:41:26 PM | Attr = ] PowerBar -> [] -> File not found Steam -> %ProgramFiles%\Steam\steam.exe ["c:\program files\steam\steam.exe" -silent] -> Valve Corporation [Ver = 1.0.0.0 | Size = 1271032 bytes | Modified Date = 29/03/2008 6:37:25 AM | Attr = ] SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 30/03/2008 10:16:20 AM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Bradley Startup Folder > -> C:\Documents and Settings\Bradley\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Shawn Startup Folder > -> C:\Documents and Settings\Shawn\Start Menu\Programs\Startup -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 6:29:58 AM | Attr = ] {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 20/12/2006 12:55:48 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\sbwltbxa.exe -> %SystemRoot%\system32\sbwltbxa.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\sbwltbxa.exe -> %SystemRoot%\system32\sbwltbxa.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\sbwltbxa.exe -> %SystemRoot%\system32\sbwltbxa.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\sbwltbxa.exe -> %SystemRoot%\system32\sbwltbxa.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\sbwltbxa.exe -> %SystemRoot%\system32\sbwltbxa.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\sbwltbxa.exe -> %SystemRoot%\system32\sbwltbxa.exe -> File not found *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.DLL -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 30/03/2008 10:16:20 AM | Attr = ] AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4176 | Size = 126976 bytes | Modified Date = 25/02/2008 9:01:31 PM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\_NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\_NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\] > -> -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 16/04/2001 5:39:02 PM | Attr = ] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\FlashGet\jccatch.dll [FGCatchUrl] -> www.flashget.com [Ver = 1, 8, 4, 1007 | Size = 94308 bytes | Modified Date = 16/05/2007 3:03:26 AM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22/02/2008 4:25:19 AM | Attr = ] {F156768E-81EF-470C-9057-481BA8380DBA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\FlashGet\getflash.dll [FlashGet GetFlash Class] -> www.flashget.com [Ver = 1, 8, 4, 1003 | Size = 163840 bytes | Modified Date = 15/05/2007 11:05:16 PM | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {E0E899AB-F487-11D5-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\FlashGet\fgiebar.dll [FlashGet Bar] -> Amaze Soft [Ver = 1, 2, 0, 0 | Size = 86016 bytes | Modified Date = 07/06/2005 12:06:10 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 4:25:19 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22/02/2008 4:25:19 AM | Attr = ] {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}:Exec -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 01/08/2006 4:35:36 PM | Attr = ] {D6E814A0-E0C5-11d4-8D29-0050BA6940E3}:Exec -> %ProgramFiles%\FlashGet\flashget.exe [FlashGet] -> FlashGet.com [Ver = 1, 8, 6, 1008 | Size = 1986608 bytes | Modified Date = 30/05/2007 1:28:50 AM | Attr = ] {d9288080-1baa-4bc4-9cf8-a92d743db949}:Exec -> %UserProfile%\Start Menu\Programs\IMVU\Run IMVU [Run IMVU] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 4:25:19 AM | Attr = ] CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 01/08/2006 4:35:36 PM | Attr = ] CmdMapping\\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\FlashGet\flashget.exe [FlashGet] -> FlashGet.com [Ver = 1, 8, 6, 1008 | Size = 1986608 bytes | Modified Date = 30/05/2007 1:28:50 AM | Attr = ] CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKEY_LOCAL_MACHINE] -> %UserProfile%\Start Menu\Programs\IMVU\Run IMVU [Run IMVU] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Download All with FlashGet -> %ProgramFiles%\FlashGet\jc_all.htm -> [Ver = | Size = 1049 bytes | Modified Date = 15/05/2007 3:10:34 AM | Attr = ] &Download with FlashGet -> %ProgramFiles%\FlashGet\jc_link.htm -> [Ver = | Size = 1898 bytes | Modified Date = 15/05/2007 3:10:34 AM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 4:25:19 AM | Attr = ] CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 01/08/2006 4:35:36 PM | Attr = ] CmdMapping\\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\FlashGet\flashget.exe [FlashGet] -> FlashGet.com [Ver = 1, 8, 6, 1008 | Size = 1986608 bytes | Modified Date = 30/05/2007 1:28:50 AM | Attr = ] CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKEY_LOCAL_MACHINE] -> %UserProfile%\Start Menu\Programs\IMVU\Run IMVU [Run IMVU] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\] > -> HKEY_USERS\S-1-5-21-1036893752-4074264256-4249479951-1006\Software\Microsoft\Internet Explorer\MenuExt\ -> &Download All with FlashGet -> %ProgramFiles%\FlashGet\jc_all.htm -> [Ver = | Size = 1049 bytes | Modified Date = 15/05/2007 3:10:34 AM | Attr = ] &Download with FlashGet -> %ProgramFiles%\FlashGet\jc_link.htm -> [Ver = | Size = 1898 bytes | Modified Date = 15/05/2007 3:10:34 AM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> Extension\.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [] -> Intertrust Technologies, Inc. [Ver = 1.0.0.32 | Size = 270336 bytes | Modified Date = 01/08/2001 6:05:42 PM | Attr = ] < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SV1 -> -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {0DBA1AEF-0E6E-4186-B165-3958A27D96B9} -> 4.2.2.2,4.2.2.3 (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> {46BF9D9B-CC27-477A-A26E-8778DAC587C5} -> (1394 Net Adapter) -> {919CDF2F-A4EE-4E99-AF60-CF8AF1F7326A} -> () -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {5C051655-FCD5-4969-9182-770EA5AA5565}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab[Solitaire Showdown Class] -> {5F5F9FB8-878E-4455-95E0-F64B2314288A}[HKEY_LOCAL_MACHINE] -> http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab[ijjiPlugin2 Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[MessengerStatsClient Class] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {F6BF0D00-0B2A-4A75-BF7B-F385591623AF}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab[Solitaire Showdown Class] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/asinst.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/asinst.dll\\.Owner -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/asinst.dll\\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HGPlugin7USA.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HGPlugin7USA.dll\\.Owner -> {A2E05F45-F127-4092-B9F7-9A02C3E04C77} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HGPlugin7USA.dll\\{A2E05F45-F127-4092-B9F7-9A02C3E04C77} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HGStart7USA.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HGStart7USA.exe\\.Owner -> {A2E05F45-F127-4092-B9F7-9A02C3E04C77} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HGStart7USA.exe\\{A2E05F45-F127-4092-B9F7-9A02C3E04C77} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiNotify2.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiNotify2.exe\\.Owner -> {5F5F9FB8-878E-4455-95E0-F64B2314288A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiNotify2.exe\\{5F5F9FB8-878E-4455-95E0-F64B2314288A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPlugin2.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPlugin2.dll\\.Owner -> {5F5F9FB8-878E-4455-95E0-F64B2314288A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPlugin2.dll\\{5F5F9FB8-878E-4455-95E0-F64B2314288A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPreNotify2.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPreNotify2.exe\\.Owner -> {5F5F9FB8-878E-4455-95E0-F64B2314288A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPreNotify2.exe\\{5F5F9FB8-878E-4455-95E0-F64B2314288A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPreStarter2.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPreStarter2.exe\\.Owner -> {5F5F9FB8-878E-4455-95E0-F64B2314288A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjiPreStarter2.exe\\{5F5F9FB8-878E-4455-95E0-F64B2314288A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjistarter2.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjistarter2.exe\\.Owner -> {5F5F9FB8-878E-4455-95E0-F64B2314288A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ijjistarter2.exe\\{5F5F9FB8-878E-4455-95E0-F64B2314288A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\.Owner -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/minesweeper.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/minesweeper.dll\\.Owner -> {2917297F-F02B-4B9D-81DF-494B6333150B} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/minesweeper.dll\\{2917297F-F02B-4B9D-81DF-494B6333150B} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnMessengerSetupDownloader.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnMessengerSetupDownloader.ocx\\.Owner -> {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnMessengerSetupDownloader.ocx\\{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/NMJTransX.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/NMJTransX.ocx\\.Owner -> {6FC19219-C47E-4880-9A79-D218A1C374F9} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/NMJTransX.ocx\\{6FC19219-C47E-4880-9A79-D218A1C374F9} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/NMStarterJP5.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/NMStarterJP5.dll\\.Owner -> {20050325-D35A-4233-926E-2E801AE25949} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/NMStarterJP5.dll\\{20050325-D35A-4233-926E-2E801AE25949} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/solitaireshowdown.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/solitaireshowdown.dll\\.Owner -> {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/solitaireshowdown.dll\\{F6BF0D00-0B2A-4A75-BF7B-F385591623AF} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/NMUninstJ.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/NMUninstJ.exe\\.Owner -> {20050325-D35A-4233-926E-2E801AE25949} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/NMUninstJ.exe\\{20050325-D35A-4233-926E-2E801AE25949} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/NMWizardJP5.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/NMWizardJP5.exe\\.Owner -> {20050325-D35A-4233-926E-2E801AE25949} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/NMWizardJP5.exe\\{20050325-D35A-4233-926E-2E801AE25949} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/NMJ_Util.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/NMJ_Util.exe\\.Owner -> {6FC19219-C47E-4880-9A79-D218A1C374F9} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/NMJ_Util.exe\\{6FC19219-C47E-4880-9A79-D218A1C374F9} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\\.Owner -> Unknown Owner -> [Registry - Additional Scans - Non-Microsoft Only] < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> %ProgramFiles%\7-Zip\7zFM.exe [C:\Program Files\7-Zip] -> [Ver = | Size = 300544 bytes | Modified Date = 13/05/2006 10:24:50 PM | Attr = ] AcroRd32.exe -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\AcroRd32.exe [C:\Program Files\Adobe\Acrobat 5.0\Reader] -> Adobe Systems Incorporated [Ver = 5.0.5.2001092400 | Size = 3891268 bytes | Modified Date = 24/09/2001 6:15:58 PM | Attr = ] aim.exe -> %ProgramFiles%\AIM\aim.exe [C:\PROGRA~1\AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 01/08/2006 4:35:36 PM | Attr = ] aimlite.exe -> %ProgramFiles%\AIM Lite\aimlite.exe [Reg Error: Value Path does not exist or could not be read.] -> [Ver = | Size = 759808 bytes | Modified Date = 26/03/2007 2:54:54 PM | Attr = ] alcohol.exe -> %ProgramFiles%\Alcohol Soft\Alcohol 120\Alcohol.exe [C:\Program Files\Alcohol Soft\Alcohol 120\] -> Alcohol Soft Development Team [Ver = 1.9.7.6022 | Size = 1780608 bytes | Modified Date = 22/12/2007 1:23:16 AM | Attr = ] ashAvast.exe -> %ProgramFiles%\Alwil Software\Avast4\ashAvast.exe [C:\Program Files\Alwil Software\Avast4] -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 271736 bytes | Modified Date = 04/12/2007 6:52:15 AM | Attr = ] Avi2Dvd.exe -> %ProgramFiles%\Avi2Dvd\Avi2Dvd.exe [Reg Error: Value Path does not exist or could not be read.] -> [Ver = | Size = 2996736 bytes | Modified Date = 23/11/2005 6:26:41 PM | Attr = ] BackItUp.EXE -> %ProgramFiles%\Ahead\Nero BackItUp\BackItUp.exe [C:\Program Files\Ahead\Nero BackItUp] -> Ahead Software AG [Ver = 1, 2, 0, 60 | Size = 6459392 bytes | Modified Date = 16/09/2005 6:40:20 PM | Attr = ] cmmgr32.exe -> Reg Error: Value does not exist or could not be read. [C:\WINDOWS\system32] -> File not found collage.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found D: -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found DVD Solution -> Reg Error: Value does not exist or could not be read. [C:\Program Files\CyberLink DVD Solution] -> File not found EPSONCD.exe -> %ProgramFiles%\EPSON Print CD\EPSONCD.exe [C:\Program Files\EPSON Print CD] -> EPSON [Ver = 1.50 | Size = 2744320 bytes | Modified Date = 08/05/2006 1:50:00 AM | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox] -> Mozilla Corporation [Ver = 1.8.1.13: 2008031114 | Size = 7660656 bytes | Modified Date = 26/03/2008 5:10:08 PM | Attr = ] HijackThis.exe -> %ProgramFiles%\Trend Micro\HijackThis\HijackThis.exe [C:\PROGRA~1\TRENDM~1\HIJACK~1] -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 396288 bytes | Modified Date = 31/03/2008 5:56:54 AM | Attr = ] HYDRAVISION -> Reg Error: Value does not exist or could not be read. [C:\Program Files\ATI Technologies\ATI HYDRAVISION] -> File not found hypertrm.exe -> %ProgramFiles%\Windows NT\hypertrm.exe [Reg Error: Value Path does not exist or could not be read.] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 28160 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] ImageDrive.exe -> %ProgramFiles%\Ahead\ImageDrive\ImageDrive.exe [C:\Program Files\Ahead\ImageDrive] -> Ahead Software AG [Ver = 2, 27, 0, 7 | Size = 893016 bytes | Modified Date = 03/03/2005 9:34:30 PM | Attr = ] install.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found InterActual Player -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found iTunes.exe -> %ProgramFiles%\iTunes\iTunes.exe [Reg Error: Value Path does not exist or could not be read.] -> Apple Inc. [Ver = 7.6.1.9 | Size = 19897640 bytes | Modified Date = 19/02/2008 1:10:26 PM | Attr = ] javaws.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\javaws.exe [C:\Program Files\Java\jre1.6.0_05\bin] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 22/02/2008 2:33:32 AM | Attr = ] mbam.exe -> %ProgramFiles%\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files\Malwarebytes' Anti-Malware] -> Malwarebytes [Ver = 1.10 | Size = 1191632 bytes | Modified Date = 01/04/2008 6:13:14 PM | Attr = ] ModelFileHandler.exe -> %CommonProgramFiles%\logishrd\LQCVFX\ModelFileHandler.exe [C:\Program Files\Common Files\Logishrd\LQCVFX\] -> Logitech Inc. [Ver = 11.5.0.1169 | Size = 449296 bytes | Modified Date = 25/10/2007 4:36:12 PM | Attr = ] mplayer2.exe -> %ProgramFiles%\Windows Media Player\mplayer2.exe ["C:\Program Files\Windows Media Player"] -> [Ver = | Size = 4639 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] mplayerc.exe -> %ProgramFiles%\Combined Community Codec Pack\MPC\mplayerc.exe [C:\Program Files\Combined Community Codec Pack\MPC] -> Gabest [Ver = 6, 4, 9, 0 | Size = 4231168 bytes | Modified Date = 28/07/2007 1:44:48 AM | Attr = ] msimn.exe -> [%ProgramFiles%\Outlook Express] -> File not found NCoverEd.exe -> %ProgramFiles%\Ahead\CoverDesigner\CoverDes.exe [C:\Program Files\Ahead\CoverDesigner] -> Nero AG [Ver = 2, 3, 0, 50 | Size = 2613333 bytes | Modified Date = 01/09/2005 5:26:56 PM | Attr = ] nero.exe -> %ProgramFiles%\Ahead\Nero\nero.exe [C:\Program Files\Ahead\Nero] -> Ahead Software AG [Ver = 6, 6, 0, 18 | Size = 15458371 bytes | Modified Date = 07/10/2005 9:26:24 PM | Attr = ] NeroStartSmart.exe -> %ProgramFiles%\Ahead\Nero StartSmart\NeroStartSmart.exe [C:\Program Files\Ahead\Nero StartSmart] -> Ahead Software AG [Ver = 2, 0, 0, 28 | Size = 4776022 bytes | Modified Date = 01/09/2005 5:42:50 PM | Attr = ] PEX.Exe -> %ProgramFiles%\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\pex.exe [C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic] -> Ulead Systems, Inc. [Ver = 8.0 | Size = 1441792 bytes | Modified Date = 28/05/2003 10:08:28 PM | Attr = ] PhotoImpression.exe -> %ProgramFiles%\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files\ArcSoft\PhotoImpression 5] -> ArcSoft Inc. [Ver = 5.1.1.88 | Size = 135168 bytes | Modified Date = 13/07/2005 2:46:02 PM | Attr = ] PictureViewer.exe -> %ProgramFiles%\QuickTime Alternative\PictureViewer.exe [C:\Program Files\QuickTime Alternative\] -> Apple Inc. [Ver = 7.4.1 | Size = 512000 bytes | Modified Date = 31/01/2008 11:13:02 PM | Attr = ] pinball.exe -> %ProgramFiles%\Windows NT\Pinball\PINBALL.EXE [C:\Program Files\Windows NT\Pinball] -> Cinematronics [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 281088 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] PowerBar -> %ProgramFiles%\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe [C:\Program Files\CyberLink DVD Solution\Multimedia Launcher] -> Cyberlink, Corp. [Ver = 1.01.0421 | Size = 86016 bytes | Modified Date = 21/04/2004 11:26:28 AM | Attr = ] PowerDVD -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PowerDVD.exe [C:\Program Files\CyberLink DVD Solution\PowerDVD] -> CyberLink Corp. [Ver = 5.00.1307 | Size = 413696 bytes | Modified Date = 07/01/2004 7:10:22 PM | Attr = ] PowerDVD.exe -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PowerDVD.exe [C:\Program Files\CyberLink DVD Solution\PowerDVD] -> CyberLink Corp. [Ver = 5.00.1307 | Size = 413696 bytes | Modified Date = 07/01/2004 7:10:22 PM | Attr = ] PowerProducer -> %ProgramFiles%\CyberLink DVD Solution\PowerProducer\Producer.exe [C:\Program Files\CyberLink DVD Solution\PowerProducer] -> Cyberlink [Ver = 2.05.1630 | Size = 2134016 bytes | Modified Date = 14/10/2004 3:37:44 PM | Attr = ] Quickcam.exe -> %ProgramFiles%\Logitech\QuickCam\Quickcam.exe [C:\Program Files\Logitech\QuickCam\] -> [Ver = | Size = 2178832 bytes | Modified Date = 25/10/2007 4:37:32 PM | Attr = ] QuickTimePlayer.exe -> %ProgramFiles%\QuickTime Alternative\QuickTimePlayer.exe [C:\Program Files\QuickTime Alternative\] -> Apple Inc. [Ver = 7.4.1 | Size = 7525680 bytes | Modified Date = 31/01/2008 11:13:52 PM | Attr = ] RumbleLauncher.exe -> F:\Games\Rumble Fighter\RumbleFighter\RumbleLauncher.exe [F:\Games\Rumble Fighter\RumbleFighter] -> [Ver = | Size = 425984 bytes | Modified Date = 22/03/2008 2:18:38 AM | Attr = H ] setup.exe -> %ProgramFiles%\EPSON\Epson StoryTeller\Setup.exe [C:\Program Files\EPSON\Epson StoryTeller] -> File not found sinf.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found Star Wars Empire at War -> Reg Error: Value does not exist or could not be read. [C:\Program Files\LucasArts\Star Wars Empire at War] -> File not found table30.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found wab.exe -> [%ProgramFiles%\Outlook Express] -> File not found wabmig.exe -> [%ProgramFiles%\Outlook Express] -> File not found WebcamSnapshot.exe -> %ProgramFiles%\Logitech\QuickCam\Quickcam.exe [C:\Program Files\Logitech\QuickCam\] -> [Ver = | Size = 2178832 bytes | Modified Date = 25/10/2007 4:37:32 PM | Attr = ] white.exe -> %ProgramFiles%\Lionhead Studios\Black & White 2\white.exe [C:\Program Files\Lionhead Studios\Black & White 2] -> Lionhead Studios Ltd [Ver = 1, 0, 0, 0 | Size = 21739061 bytes | Modified Date = 14/09/2005 12:15:42 PM | Attr = ] winnt32.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found WMPBurn.exe -> %ProgramFiles%\Ahead\WMPBurn\WMPBurn.exe [C:\Program Files\Ahead\WMPBurn] -> Ahead Software AG [Ver = 1, 2, 0, 1 | Size = 1265664 bytes | Modified Date = 08/01/2004 6:19:24 PM | Attr = ] WORDPAD.EXE -> [Reg Error: Value Path does not exist or could not be read.] -> File not found WRITE.EXE -> [Reg Error: Value Path does not exist or could not be read.] -> File not found xfire.exe -> %ProgramFiles%\Xfire\Xfire.exe [Reg Error: Value Path does not exist or could not be read.] -> Xfire Inc. [Ver = 13133 | Size = 3437704 bytes | Modified Date = 07/12/2005 6:11:54 PM | Attr = ] yourapp.Exe -> F:\Games\RPG maker\yourapp.Exe [F:\Games\RPG maker] -> File not found zplayer.exe -> %ProgramFiles%\Combined Community Codec Pack\Zoom Player\zplayer.exe [C:\Program Files\Combined Community Codec Pack\Zoom Player] -> [Ver = 5.0.0.0 | Size = 1131520 bytes | Modified Date = 13/08/2007 4:37:30 AM | Attr = ] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 15/06/2005 11:49:30 AM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 25/04/2007 8:21:15 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49152 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 696 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 2185 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:02 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 5:18:24 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10280:UDP -> 10280:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10281:UDP -> 10281:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10282:UDP -> 10282:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10283:UDP -> 10283:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10284:UDP -> 10284:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10243:TCP -> 10243:TCP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe -> C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe [C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars: Empire at War] -> Lucasfilm Entertainment Company, Ltd. [Ver = 1.0.0.0 | Size = 12808192 bytes | Modified Date = 20/01/2006 7:18:03 PM | Attr = R ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Azureus\Azureus.exe -> C:\Program Files\Azureus\Azureus.exe [C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus] -> Azureus Inc [Ver = 3.0.0.0 | Size = 254976 bytes | Modified Date = 06/03/2008 6:29:04 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\FlashGet\flashget.exe -> C:\Program Files\FlashGet\flashget.exe [C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget] -> FlashGet.com [Ver = 1, 8, 6, 1008 | Size = 1986608 bytes | Modified Date = 30/05/2007 1:28:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:02 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 5:18:24 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> Apple Inc. [Ver = 7.6.1.9 | Size = 19897640 bytes | Modified Date = 19/02/2008 1:10:26 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10280:UDP -> 10280:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10281:UDP -> 10281:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10282:UDP -> 10282:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10283:UDP -> 10283:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10284:UDP -> 10284:UDP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10243:TCP -> 10243:TCP:LocalSubNet:Enabled:Windows Media Connect -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 0 -> [Key] -> 0 -> FriendlyName = My Current Home Page -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> [Files/Folders - Created Within 90 days] torrents -> %SystemDrive%\torrents -> [Folder | Created Date = 14/03/2008 6:02:53 AM | Attr = ] AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 29/03/2008 7:21:22 AM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Created Date = 30/03/2008 5:04:54 AM | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> amdpcom32.dll -> %SystemRoot%\System32\amdpcom32.dll -> Advanced Micro Devices, Inc. [Ver = 6.14.10.0001 | Size = 46080 bytes | Created Date = 25/02/2008 8:29:25 PM | Attr = ] asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 30/03/2008 5:07:25 AM | Attr = ] avcodec.dll -> %SystemRoot%\System32\avcodec.dll -> [Ver = | Size = 1544542 bytes | Created Date = 01/04/2008 5:44:30 PM | Attr = ] DSKernel2.dll -> %SystemRoot%\System32\DSKernel2.dll -> LEAD Technologies, Inc. [Ver = 1.0.0.060 | Size = 135168 bytes | Created Date = 01/04/2008 6:20:58 PM | Attr = ] dumphive.exe -> %SystemRoot%\System32\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 29/03/2008 6:51:46 AM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 30/03/2008 5:04:58 AM | Attr = ] IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Created Date = 29/03/2008 6:51:46 AM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 02/04/2008 4:18:12 PM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 02/04/2008 4:18:12 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 02/04/2008 4:18:12 PM | Attr = ] libusbd-9x.exe -> %SystemRoot%\System32\libusbd-9x.exe -> http://libusb-win32.sourceforge.net [Ver = 0.1.10.1 | Size = 19456 bytes | Created Date = 15/01/2008 1:16:40 AM | Attr = ] libusbd-nt.exe -> %SystemRoot%\System32\libusbd-nt.exe -> http://libusb-win32.sourceforge.net [Ver = 0.1.10.1 | Size = 18944 bytes | Created Date = 15/01/2008 1:16:40 AM | Attr = ] ltmm15.dll -> %SystemRoot%\System32\ltmm15.dll -> [Ver = 15.1.0.002 | Size = 1936528 bytes | Created Date = 01/04/2008 6:20:59 PM | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 30/03/2008 5:04:56 AM | Attr = ] Process.exe -> %SystemRoot%\System32\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 29/03/2008 6:51:46 AM | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Created Date = 01/04/2008 5:58:34 PM | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.4.1 | Size = 57344 bytes | Created Date = 31/01/2008 11:13:18 PM | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.4.1 | Size = 90112 bytes | Created Date = 31/01/2008 11:13:18 PM | Attr = ] RGSS100J.dll -> %SystemRoot%\System32\RGSS100J.dll -> [Ver = | Size = 771584 bytes | Created Date = 07/02/2008 9:38:40 PM | Attr = ] RGSS102E.dll -> %SystemRoot%\System32\RGSS102E.dll -> [Ver = | Size = 778752 bytes | Created Date = 07/02/2008 9:38:41 PM | Attr = ] RGSS102J.dll -> %SystemRoot%\System32\RGSS102J.dll -> [Ver = | Size = 781312 bytes | Created Date = 07/02/2008 9:38:40 PM | Attr = ] RGSS103J.dll -> %SystemRoot%\System32\RGSS103J.dll -> [Ver = | Size = 685056 bytes | Created Date = 07/02/2008 9:38:41 PM | Attr = ] SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 29/03/2008 6:51:46 AM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 30/03/2008 5:04:58 AM | Attr = ] VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Created Date = 29/03/2008 6:51:46 AM | Attr = ] VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Created Date = 29/03/2008 6:51:46 AM | Attr = ] ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 30/03/2008 5:07:25 AM | Attr = ] default.htm -> %SystemRoot%\default.htm -> [Ver = | Size = 1906 bytes | Created Date = 29/03/2008 6:37:55 AM | Attr = ] iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Created Date = 01/04/2008 6:19:56 PM | Attr = ] Menu.INI -> %SystemRoot%\Menu.INI -> [Ver = | Size = 32 bytes | Created Date = 15/01/2008 12:31:13 AM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 16/03/2008 7:23:21 AM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 16/03/2008 7:23:21 AM | Attr = H ] [Files Created - Additional Folder Scans - Non-Microsoft Only] ATI -> %AllUsersProfile%\Application Data\ATI -> [Folder | Created Date = 31/03/2008 10:38:13 PM | Attr = ] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Created Date = 29/03/2008 7:21:18 AM | Attr = ] Logishrd -> %AllUsersProfile%\Application Data\Logishrd -> [Folder | Created Date = 16/03/2008 6:51:23 PM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Created Date = 01/04/2008 5:20:59 PM | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Created Date = 30/03/2008 1:16:57 AM | Attr = ] WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller -> [Folder | Created Date = 14/03/2008 3:44:39 AM | Attr = ] Aim -> %AppData%\Aim -> [Folder | Created Date = 05/01/2008 3:09:30 PM | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Created Date = 29/03/2008 7:21:29 AM | Attr = ] Help -> %AppData%\Help -> [Folder | Created Date = 31/01/2008 3:23:33 PM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Created Date = 01/04/2008 5:21:04 PM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 30/03/2008 1:16:52 AM | Attr = ] ?????????? -> %AppData%\私立さくらんぼ小学校 -> [Folder | Modified Date = 29/05/2007 8:51:59 PM | Attr = ] Help -> %UserProfile%\Local Settings\Application Data\Help -> [Folder | Created Date = 31/01/2008 3:23:33 PM | Attr = ] Runscanner.net -> %UserProfile%\Local Settings\Application Data\Runscanner.net -> [Folder | Created Date = 31/03/2008 2:41:44 PM | Attr = ] filelib -> %UserProfile%\My Documents\filelib -> [Folder | Created Date = 05/01/2008 3:09:49 PM | Attr = ] iPod Videos -> %UserProfile%\My Documents\iPod Videos -> [Folder | Created Date = 31/01/2008 6:33:20 PM | Attr = ] New Folder -> %UserProfile%\My Documents\New Folder -> [Folder | Created Date = 22/03/2008 2:07:05 AM | Attr = ] Alcohol 120%.lnk -> %AllUsersProfile%\Desktop\Alcohol 120%.lnk -> [Ver = | Size = 843 bytes | Created Date = 03/02/2008 5:27:30 AM | Attr = ] AVG Anti-Spyware.lnk -> %AllUsersProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 859 bytes | Created Date = 29/03/2008 7:21:24 AM | Attr = ] Logitech QuickCam.lnk -> %AllUsersProfile%\Desktop\Logitech QuickCam.lnk -> [Ver = | Size = 1791 bytes | Created Date = 16/03/2008 6:51:24 PM | Attr = ] QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk -> [Ver = | Size = 1674 bytes | Created Date = 16/03/2008 7:21:29 AM | Attr = ] Safari.lnk -> %AllUsersProfile%\Desktop\Safari.lnk -> [Ver = | Size = 1854 bytes | Created Date = 23/03/2008 12:17:50 AM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 790 bytes | Created Date = 30/03/2008 1:16:53 AM | Attr = ] Windows Live Messenger .lnk -> %AllUsersProfile%\Desktop\Windows Live Messenger .lnk -> [Ver = | Size = 1837 bytes | Created Date = 14/03/2008 5:49:43 AM | Attr = ] 2003rtp.exe -> %UserProfile%\Desktop\2003rtp.exe -> [Ver = 2.71.3.12 | Size = 15373384 bytes | Created Date = 06/02/2008 11:32:14 PM | Attr = ] Alcohol120_retail_1.9.7.6022.exe -> %UserProfile%\Desktop\Alcohol120_retail_1.9.7.6022.exe -> Alcohol Soft [Ver = 4.10.7.6022 | Size = 9009024 bytes | Created Date = 03/02/2008 5:07:20 AM | Attr = ] amv2c.WMV -> %UserProfile%\Desktop\amv2c.WMV -> [Ver = | Size = 21416803 bytes | Created Date = 31/01/2008 6:51:12 PM | Attr = ] anvsoft_Flash_to_iPod_Converter_setup_v110.exe -> %UserProfile%\Desktop\anvsoft_Flash_to_iPod_Converter_setup_v110.exe -> Digital River [Ver = 1.0.0.1 | Size = 128376 bytes | Created Date = 29/03/2008 3:51:28 AM | Attr = ] Applocale.rar -> %UserProfile%\Desktop\Applocale.rar -> [Ver = | Size = 1058692 bytes | Created Date = 03/02/2008 5:32:06 AM | Attr = ] ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 29/03/2008 7:09:05 AM | Attr = ] avgas-setup-7.5.1.43-3339.exe -> %UserProfile%\Desktop\avgas-setup-7.5.1.43-3339.exe -> [Ver = | Size = 14113576 bytes | Created Date = 29/03/2008 7:18:05 AM | Attr = ] Combined-Community-Codec-Pack-2008-01-24.exe -> %UserProfile%\Desktop\Combined-Community-Codec-Pack-2008-01-24.exe -> CCCP Project [Ver = | Size = 6089998 bytes | Created Date = 31/03/2008 7:47:17 PM | Attr = ] fix.run -> %UserProfile%\Desktop\fix.run -> [Ver = | Size = 131873 bytes | Created Date = 31/03/2008 3:16:56 PM | Attr = ] fix.zip -> %UserProfile%\Desktop\fix.zip -> [Ver = | Size = 130474 bytes | Created Date = 31/03/2008 3:16:43 PM | Attr = ] flash_video_update.zip -> %UserProfile%\Desktop\flash_video_update.zip -> [Ver = | Size = 2393917 bytes | Created Date = 01/04/2008 5:34:40 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1744 bytes | Created Date = 29/03/2008 6:45:35 AM | Attr = ] HJTInstall.exe -> %UserProfile%\Desktop\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Created Date = 29/03/2008 6:45:23 AM | Attr = ] Install_AIM59.exe -> %UserProfile%\Desktop\Install_AIM59.exe -> [Ver = | Size = 8506408 bytes | Created Date = 05/01/2008 3:08:11 PM | Attr = ] jre-6u5-windows-i586-p-iftw.exe -> %UserProfile%\Desktop\jre-6u5-windows-i586-p-iftw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 382352 bytes | Created Date = 02/04/2008 4:16:23 PM | Attr = ] mpc_help_eng_20050402.zip -> %UserProfile%\Desktop\mpc_help_eng_20050402.zip -> [Ver = | Size = 415192 bytes | Created Date = 31/03/2008 8:17:36 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 02/04/2008 4:58:30 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 539905 bytes | Created Date = 02/04/2008 4:52:04 PM | Attr = ] RCSetup.exe -> %UserProfile%\Desktop\RCSetup.exe -> [Ver = 6.0.1.4 | Size = 25990432 bytes | Created Date = 01/04/2008 6:17:38 PM | Attr = ] Replay Converter.lnk -> %UserProfile%\Desktop\Replay Converter.lnk -> [Ver = | Size = 769 bytes | Created Date = 01/04/2008 6:19:57 PM | Attr = ] Rumble Fighter.lnk -> %UserProfile%\Desktop\Rumble Fighter.lnk -> [Ver = | Size = 706 bytes | Created Date = 22/03/2008 2:07:53 AM | Attr = ] rumblefighter-v1.4.0.exe -> %UserProfile%\Desktop\rumblefighter-v1.4.0.exe -> Gretech Corp. [Ver = | Size = 289995632 bytes | Created Date = 22/03/2008 2:02:42 AM | Attr = ] save000.rar -> %UserProfile%\Desktop\save000.rar -> [Ver = | Size = 290 bytes | Created Date = 03/02/2008 7:35:27 AM | Attr = ] sqtexud001.exe -> %UserProfile%\Desktop\sqtexud001.exe -> web technology Corp. http://www.webtech.co.jp/ [Ver = 4.31 | Size = 323608 bytes | Created Date = 06/02/2008 11:29:30 PM | Attr = ] sqtud006(2).exe -> %UserProfile%\Desktop\sqtud006(2).exe -> web technology Corp. http://www.webtech.co.jp/ [Ver = 4.31 | Size = 929950 bytes | Created Date = 07/02/2008 9:31:55 PM | Attr = ] sqtud006.exe -> %UserProfile%\Desktop\sqtud006.exe -> web technology Corp. http://www.webtech.co.jp/ [Ver = 4.31 | Size = 929950 bytes | Created Date = 06/02/2008 11:27:27 PM | Attr = ] SUPERAntiSpyware.exe -> %UserProfile%\Desktop\SUPERAntiSpyware.exe -> [Ver = | Size = 5797152 bytes | Created Date = 30/03/2008 1:16:15 AM | Attr = ] the brilliant green - Ash Like Snow (M-ON!).avi -> %UserProfile%\Desktop\the brilliant green - Ash Like Snow (M-ON!).avi -> [Ver = | Size = 86341632 bytes | Created Date = 23/01/2008 8:04:08 PM | Attr = ] t_disgaea3_jp_ext_h264.wmv -> %UserProfile%\Desktop\t_disgaea3_jp_ext_h264.wmv -> [Ver = | Size = 131759283 bytes | Created Date = 09/01/2008 7:34:45 AM | Attr = ] vx_rtp.exe -> %UserProfile%\Desktop\vx_rtp.exe -> Enterbrain [Ver = 1.0.0.0 | Size = 35947942 bytes | Created Date = 06/02/2008 11:41:18 PM | Attr = ] xp_rtp103.exe -> %UserProfile%\Desktop\xp_rtp103.exe -> [Ver = 2.16.4.8 | Size = 21573144 bytes | Created Date = 07/02/2008 9:35:51 PM | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Created Date = 29/03/2008 3:51:59 AM | Attr = ] [Files/Folders - Modified Within 90 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 29/03/2008 7:19:53 AM | Attr = HS] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 26/03/2008 5:03:22 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 01/04/2008 6:18:32 PM | Attr = R ] torrents -> %SystemDrive%\torrents -> [Folder | Modified Date = 19/03/2008 1:14:10 AM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 02/04/2008 4:23:53 PM | Attr = ] ati2mtag.sys -> %SystemRoot%\System32\dllcache\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6783 | Size = 2863616 bytes | Modified Date = 25/02/2008 11:51:43 PM | Attr = ] ati2erec.dll -> %SystemRoot%\System32\drivers\ati2erec.dll -> ATI Technologies Inc. [Ver = 1.0.0.12 | Size = 49152 bytes | Modified Date = 25/02/2008 8:22:38 PM | Attr = ] ati2mtag.sys -> %SystemRoot%\System32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6783 | Size = 2863616 bytes | Modified Date = 25/02/2008 11:51:43 PM | Attr = ] sptd.sys -> %SystemRoot%\System32\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 03/02/2008 5:08:26 AM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Modified Date = 30/03/2008 6:28:37 AM | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> amdpcom32.dll -> %SystemRoot%\System32\amdpcom32.dll -> Advanced Micro Devices, Inc. [Ver = 6.14.10.0001 | Size = 46080 bytes | Modified Date = 25/02/2008 8:29:25 PM | Attr = ] ati2cqag.dll -> %SystemRoot%\System32\ati2cqag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0367 | Size = 520192 bytes | Modified Date = 25/02/2008 8:16:49 PM | Attr = ] ati2dvag.dll -> %SystemRoot%\System32\ati2dvag.dll -> ATI Technologies Inc. [Ver = 6.14.10.6783 | Size = 299520 bytes | Modified Date = 25/02/2008 9:10:53 PM | Attr = ] ati2edxx.dll -> %SystemRoot%\System32\ati2edxx.dll -> ATI Technologies, Inc. [Ver = 6, 14, 10, 2513 | Size = 43520 bytes | Modified Date = 25/02/2008 9:01:44 PM | Attr = ] ati2evxx.dll -> %SystemRoot%\System32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4176 | Size = 126976 bytes | Modified Date = 25/02/2008 9:01:31 PM | Attr = ] ati2evxx.exe -> %SystemRoot%\System32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4190 | Size = 520192 bytes | Modified Date = 25/02/2008 9:00:02 PM | Attr = ] Ati2mdxx.exe -> %SystemRoot%\System32\Ati2mdxx.exe -> ATI Technologies, Inc. [Ver = 6, 14, 10, 2495 | Size = 26112 bytes | Modified Date = 25/02/2008 9:01:53 PM | Attr = ] ati2sgag.exe -> %SystemRoot%\System32\ati2sgag.exe -> [Ver = 5.13.0027 | Size = 593920 bytes | Modified Date = 25/02/2008 9:05:00 PM | Attr = ] ati3duag.dll -> %SystemRoot%\System32\ati3duag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0567 | Size = 3176480 bytes | Modified Date = 25/02/2008 8:49:29 PM | Attr = ] ATIDDC.DLL -> %SystemRoot%\System32\ATIDDC.DLL -> ATI Technologies Inc. [Ver = 6.14.10.8 | Size = 53248 bytes | Modified Date = 25/02/2008 8:58:43 PM | Attr = ] ATIDEMGX.dll -> %SystemRoot%\System32\ATIDEMGX.dll -> Advanced Micro Devices, Inc. [Ver = 2.0.2977.39963 | Size = 372736 bytes | Modified Date = 25/02/2008 9:12:07 PM | Attr = ] atiicdxx.dat -> %SystemRoot%\System32\atiicdxx.dat -> [Ver = | Size = 166450 bytes | Modified Date = 14/02/2008 11:35:13 AM | Attr = ] atiiiexx.dll -> %SystemRoot%\System32\atiiiexx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4005 | Size = 307200 bytes | Modified Date = 25/02/2008 9:10:59 PM | Attr = ] atikvmag.dll -> %SystemRoot%\System32\atikvmag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0072 | Size = 393216 bytes | Modified Date = 25/02/2008 8:25:32 PM | Attr = ] atioglx2.dll -> %SystemRoot%\System32\atioglx2.dll -> ATI Technologies Inc. [Ver = 6.14.10.7412 | Size = 9797632 bytes | Modified Date = 25/02/2008 8:59:23 PM | Attr = ] atioglxx.dll -> %SystemRoot%\System32\atioglxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.7412 | Size = 5439488 bytes | Modified Date = 25/02/2008 8:21:36 PM | Attr = ] atiok3x2.dll -> %SystemRoot%\System32\atiok3x2.dll -> ATI Technologies Inc. [Ver = 6.14.10.7412 | Size = 167936 bytes | Modified Date = 25/02/2008 8:19:20 PM | Attr = ] atipdlxx.dll -> %SystemRoot%\System32\atipdlxx.dll -> ATI Technologies, Inc. [Ver = 6, 14, 10, 2530 | Size = 172032 bytes | Modified Date = 25/02/2008 9:02:15 PM | Attr = ] atitvo32.dll -> %SystemRoot%\System32\atitvo32.dll -> ATI Technologies Inc. [Ver = 6.14.10.4200 | Size = 17408 bytes | Modified Date = 25/02/2008 8:23:24 PM | Attr = ] ativva6x.dat -> %SystemRoot%\System32\ativva6x.dat -> [Ver = | Size = 887724 bytes | Modified Date = 25/02/2008 8:41:28 PM | Attr = ] ativvaxx.dll -> %SystemRoot%\System32\ativvaxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.0182 | Size = 1755264 bytes | Modified Date = 25/02/2008 8:41:47 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 16/03/2008 6:55:09 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 02/04/2008 4:08:02 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 31/03/2008 9:58:21 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2626 bytes | Modified Date = 11/02/2008 6:48:31 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 02/04/2008 4:09:04 PM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 31/03/2008 10:24:56 PM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 16/03/2008 6:54:28 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 157160 bytes | Modified Date = 29/03/2008 6:35:54 AM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 30/03/2008 5:07:03 AM | Attr = ] IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Modified Date = 26/03/2008 8:50:46 AM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22/02/2008 1:23:35 AM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Modified Date = 22/02/2008 2:33:31 AM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22/02/2008 1:23:39 AM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 22/02/2008 2:33:32 AM | Attr = ] Lang -> %SystemRoot%\System32\Lang -> [Folder | Modified Date = 02/04/2008 4:30:17 PM | Attr = ] Oemdspif.dll -> %SystemRoot%\System32\Oemdspif.dll -> ATI Technologies, Inc. [Ver = 6.15.0300 | Size = 126976 bytes | Modified Date = 25/02/2008 9:02:02 PM | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 30/03/2008 5:07:03 AM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 62402 bytes | Modified Date = 16/03/2008 6:49:50 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 400932 bytes | Modified Date = 16/03/2008 6:49:51 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 470652 bytes | Modified Date = 16/03/2008 6:49:47 PM | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Modified Date = 01/04/2008 5:58:34 PM | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.4.1 | Size = 57344 bytes | Modified Date = 31/01/2008 11:13:18 PM | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.4.1 | Size = 90112 bytes | Modified Date = 31/01/2008 11:13:18 PM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 30/03/2008 5:07:03 AM | Attr = ] VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Modified Date = 28/03/2008 11:19:34 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 30/03/2008 6:31:52 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 12598 bytes | Modified Date = 02/04/2008 4:30:06 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 06/03/2008 6:10:21 PM | Attr = H ] 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 02/04/2008 4:26:44 PM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 31/03/2008 10:27:26 PM | Attr = R S] atiogl.xml -> %SystemRoot%\atiogl.xml -> [Ver = | Size = 12477 bytes | Modified Date = 21/01/2008 8:48:20 AM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 02/04/2008 4:29:30 PM | Attr = S] default.htm -> %SystemRoot%\default.htm -> [Ver = | Size = 1906 bytes | Modified Date = 30/03/2008 4:48:23 AM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 02/04/2008 4:12:31 PM | Attr = S] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 24/03/2008 12:16:39 AM | Attr = R S] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 31/03/2008 10:24:29 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 02/04/2008 4:20:47 PM | Attr = HS] iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Modified Date = 01/04/2008 6:18:32 PM | Attr = ] Menu.INI -> %SystemRoot%\Menu.INI -> [Ver = | Size = 32 bytes | Modified Date = 15/01/2008 12:31:42 AM | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 02/04/2008 3:18:11 PM | Attr = ] Pex.INI -> %SystemRoot%\Pex.INI -> [Ver = | Size = 71 bytes | Modified Date = 02/04/2008 12:47:36 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 02/04/2008 4:57:51 PM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 16/03/2008 7:23:21 AM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 02/04/2008 4:30:25 PM | Attr = H ] scanreg.ini -> %SystemRoot%\scanreg.ini -> [Ver = | Size = 314 bytes | Modified Date = 02/04/2008 4:30:22 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 30/03/2008 6:28:33 AM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 29/03/2008 7:19:53 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 02/04/2008 4:30:16 PM | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 02/04/2008 4:30:28 PM | Attr = ] Ulead32.ini -> %SystemRoot%\Ulead32.ini -> [Ver = | Size = 229 bytes | Modified Date = 02/04/2008 12:47:28 AM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1006 bytes | Modified Date = 30/03/2008 5:15:13 AM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 22/03/2008 8:59:02 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 02/04/2008 4:29:34 PM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6592 bytes | Modified Date = 02/04/2008 4:30:47 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 6592 bytes | Modified Date = 02/04/2008 4:30:47 PM | Attr = ] SSUPDATE.EXE -> C:\Documents and Settings\Bradley\Local Settings\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 143360 bytes | Modified Date = 17/02/2006 3:55:46 PM | Attr = ] 12 C:\Documents and Settings\Bradley\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Bradley\Local Settings\Temp\*.tmp -> swt-gdip-win32-3430.dll -> C:\Documents and Settings\Bradley\Local Settings\Temp\swt-gdip-win32-3430.dll -> Eclipse Foundation [Ver = 3.430 | Size = 77824 bytes | Modified Date = 31/03/2008 7:13:22 PM | Attr = ] swt-win32-3430.dll -> C:\Documents and Settings\Bradley\Local Settings\Temp\swt-win32-3430.dll -> Eclipse Foundation [Ver = 3.430 | Size = 323584 bytes | Modified Date = 31/03/2008 7:13:14 PM | Attr = ] 12 C:\Documents and Settings\Bradley\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Bradley\Local Settings\Temp\*.tmp -> Perflib_Perfdata_520.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_520.dat -> [Ver = | Size = 16384 bytes | Modified Date = 02/04/2008 4:29:35 PM | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] ATI -> %AllUsersProfile%\Application Data\ATI -> [Folder | Modified Date = 31/03/2008 10:38:13 PM | Attr = ] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Modified Date = 29/03/2008 7:21:18 AM | Attr = ] Logishrd -> %AllUsersProfile%\Application Data\Logishrd -> [Folder | Modified Date = 16/03/2008 7:01:59 PM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Modified Date = 01/04/2008 5:20:59 PM | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 30/03/2008 1:16:57 AM | Attr = ] WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller -> [Folder | Modified Date = 14/03/2008 5:48:27 AM | Attr = ] Aim -> %AppData%\Aim -> [Folder | Modified Date = 05/01/2008 3:09:32 PM | Attr = ] Azureus -> %AppData%\Azureus -> [Folder | Modified Date = 02/04/2008 4:26:36 PM | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Modified Date = 29/03/2008 7:21:29 AM | Attr = ] Help -> %AppData%\Help -> [Folder | Modified Date = 30/03/2008 3:06:17 AM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Modified Date = 01/04/2008 5:21:04 PM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 30/03/2008 1:16:52 AM | Attr = ] ?????????? -> %AppData%\私立さくらんぼ小学校 -> [Folder | Modified Date = 29/05/2007 8:51:59 PM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 81920 bytes | Modified Date = 02/04/2008 12:21:17 AM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 33832 bytes | Modified Date = 29/03/2008 6:39:37 AM | Attr = ] Help -> %UserProfile%\Local Settings\Application Data\Help -> [Folder | Modified Date = 31/01/2008 3:23:33 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 578134 bytes | Modified Date = 31/03/2008 10:31:38 PM | Attr = H ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 24/03/2008 4:19:09 AM | Attr = ] Runscanner.net -> %UserProfile%\Local Settings\Application Data\Runscanner.net -> [Folder | Modified Date = 31/03/2008 2:41:44 PM | Attr = ] WMTools Downloaded Files -> %UserProfile%\Local Settings\Application Data\WMTools Downloaded Files -> [Folder | Modified Date = 02/04/2008 12:37:39 AM | Attr = ] My Videos -> %AllUsersProfile%\Documents\My Videos -> [Folder | Modified Date = 26/03/2008 4:14:40 PM | Attr = R ] Anime Music -> %UserProfile%\My Documents\Anime Music -> [Folder | Modified Date = 05/02/2008 5:36:17 PM | Attr = ] filelib -> %UserProfile%\My Documents\filelib -> [Folder | Modified Date = 05/01/2008 3:09:49 PM | Attr = ] iPod Videos -> %UserProfile%\My Documents\iPod Videos -> [Folder | Modified Date = 20/03/2008 3:09:50 AM | Attr = ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 02/04/2008 4:42:44 PM | Attr = R ] My Received Files -> %UserProfile%\My Documents\My Received Files -> [Folder | Modified Date = 02/04/2008 2:54:48 AM | Attr = ] My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [Ver = | Size = 580 bytes | Modified Date = 02/04/2008 4:39:23 PM | Attr = ] Naruto -> %UserProfile%\My Documents\Naruto -> [Folder | Modified Date = 26/01/2008 3:30:23 PM | Attr = ] New Folder -> %UserProfile%\My Documents\New Folder -> [Folder | Modified Date = 22/03/2008 2:07:05 AM | Attr = ] Sayonara Zetsubou Sensei -> %UserProfile%\My Documents\Sayonara Zetsubou Sensei -> [Folder | Modified Date = 12/02/2008 11:29:44 PM | Attr = ] Tsubasa (season 1 burned) -> %UserProfile%\My Documents\Tsubasa (season 1 burned) -> [Folder | Modified Date = 26/01/2008 5:03:42 AM | Attr = ] Zero no Tsukaima 2 -> %UserProfile%\My Documents\Zero no Tsukaima 2 -> [Folder | Modified Date = 23/03/2008 9:33:55 PM | Attr = ] Alcohol 120%.lnk -> %AllUsersProfile%\Desktop\Alcohol 120%.lnk -> [Ver = | Size = 843 bytes | Modified Date = 03/02/2008 5:27:30 AM | Attr = ] AVG Anti-Spyware.lnk -> %AllUsersProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 859 bytes | Modified Date = 29/03/2008 7:21:24 AM | Attr = ] Logitech QuickCam.lnk -> %AllUsersProfile%\Desktop\Logitech QuickCam.lnk -> [Ver = | Size = 1791 bytes | Modified Date = 16/03/2008 6:55:02 PM | Attr = ] QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk -> [Ver = | Size = 1674 bytes | Modified Date = 16/03/2008 7:21:29 AM | Attr = ] Safari.lnk -> %AllUsersProfile%\Desktop\Safari.lnk -> [Ver = | Size = 1854 bytes | Modified Date = 23/03/2008 12:17:50 AM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 790 bytes | Modified Date = 30/03/2008 1:16:53 AM | Attr = ] Windows Live Messenger .lnk -> %AllUsersProfile%\Desktop\Windows Live Messenger .lnk -> [Ver = | Size = 1837 bytes | Modified Date = 14/03/2008 5:49:43 AM | Attr = ] 'Earthsim'.lnk -> %UserProfile%\Desktop\'Earthsim'.lnk -> [Ver = | Size = 1248 bytes | Modified Date = 31/03/2008 10:22:43 PM | Attr = ] 2003rtp.exe -> %UserProfile%\Desktop\2003rtp.exe -> [Ver = 2.71.3.12 | Size = 15373384 bytes | Modified Date = 06/02/2008 11:33:14 PM | Attr = ] Alcohol120_retail_1.9.7.6022.exe -> %UserProfile%\Desktop\Alcohol120_retail_1.9.7.6022.exe -> Alcohol Soft [Ver = 4.10.7.6022 | Size = 9009024 bytes | Modified Date = 03/02/2008 5:07:58 AM | Attr = ] amv2c.WMV -> %UserProfile%\Desktop\amv2c.WMV -> [Ver = | Size = 21416803 bytes | Modified Date = 31/01/2008 6:51:43 PM | Attr = ] anvsoft_Flash_to_iPod_Converter_setup_v110.exe -> %UserProfile%\Desktop\anvsoft_Flash_to_iPod_Converter_setup_v110.exe -> Digital River [Ver = 1.0.0.1 | Size = 128376 bytes | Modified Date = 29/03/2008 3:51:24 AM | Attr = ] Applocale.rar -> %UserProfile%\Desktop\Applocale.rar -> [Ver = | Size = 1058692 bytes | Modified Date = 03/02/2008 5:32:10 AM | Attr = ] ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 29/03/2008 7:09:02 AM | Attr = ] avgas-setup-7.5.1.43-3339.exe -> %UserProfile%\Desktop\avgas-setup-7.5.1.43-3339.exe -> [Ver = | Size = 14113576 bytes | Modified Date = 29/03/2008 7:20:31 AM | Attr = ] Combined-Community-Codec-Pack-2008-01-24.exe -> %UserProfile%\Desktop\Combined-Community-Codec-Pack-2008-01-24.exe -> CCCP Project [Ver = | Size = 6089998 bytes | Modified Date = 31/03/2008 7:47:42 PM | Attr = ] fix.run -> %UserProfile%\Desktop\fix.run -> [Ver = | Size = 131873 bytes | Modified Date = 31/03/2008 10:06:38 PM | Attr = ] fix.zip -> %UserProfile%\Desktop\fix.zip -> [Ver = | Size = 130474 bytes | Modified Date = 31/03/2008 3:16:36 PM | Attr = ] flash_video_update.zip -> %UserProfile%\Desktop\flash_video_update.zip -> [Ver = | Size = 2393917 bytes | Modified Date = 01/04/2008 5:34:26 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1744 bytes | Modified Date = 31/03/2008 5:56:54 AM | Attr = ] HJTInstall.exe -> %UserProfile%\Desktop\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Modified Date = 29/03/2008 6:45:22 AM | Attr = ] Install_AIM59.exe -> %UserProfile%\Desktop\Install_AIM59.exe -> [Ver = | Size = 8506408 bytes | Modified Date = 05/01/2008 3:08:11 PM | Attr = ] jre-6u5-windows-i586-p-iftw.exe -> %UserProfile%\Desktop\jre-6u5-windows-i586-p-iftw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 382352 bytes | Modified Date = 02/04/2008 4:16:20 PM | Attr = ] mpc_help_eng_20050402.zip -> %UserProfile%\Desktop\mpc_help_eng_20050402.zip -> [Ver = | Size = 415192 bytes | Modified Date = 31/03/2008 8:17:35 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 02/04/2008 4:58:30 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 539905 bytes | Modified Date = 02/04/2008 4:52:04 PM | Attr = ] RCSetup.exe -> %UserProfile%\Desktop\RCSetup.exe -> [Ver = 6.0.1.4 | Size = 25990432 bytes | Modified Date = 01/04/2008 6:18:17 PM | Attr = ] Replay Converter.lnk -> %UserProfile%\Desktop\Replay Converter.lnk -> [Ver = | Size = 769 bytes | Modified Date = 01/04/2008 6:19:57 PM | Attr = ] Rumble Fighter.lnk -> %UserProfile%\Desktop\Rumble Fighter.lnk -> [Ver = | Size = 706 bytes | Modified Date = 22/03/2008 2:07:53 AM | Attr = ] rumblefighter-v1.4.0.exe -> %UserProfile%\Desktop\rumblefighter-v1.4.0.exe -> Gretech Corp. [Ver = | Size = 289995632 bytes | Modified Date = 22/03/2008 2:06:22 AM | Attr = ] save000.rar -> %UserProfile%\Desktop\save000.rar -> [Ver = | Size = 290 bytes | Modified Date = 03/02/2008 7:35:24 AM | Attr = ] sqtexud001.exe -> %UserProfile%\Desktop\sqtexud001.exe -> web technology Corp. http://www.webtech.co.jp/ [Ver = 4.31 | Size = 323608 bytes | Modified Date = 06/02/2008 11:29:31 PM | Attr = ] sqtud006(2).exe -> %UserProfile%\Desktop\sqtud006(2).exe -> web technology Corp. http://www.webtech.co.jp/ [Ver = 4.31 | Size = 929950 bytes | Modified Date = 07/02/2008 9:31:53 PM | Attr = ] sqtud006.exe -> %UserProfile%\Desktop\sqtud006.exe -> web technology Corp. http://www.webtech.co.jp/ [Ver = 4.31 | Size = 929950 bytes | Modified Date = 06/02/2008 11:27:32 PM | Attr = ] SUPERAntiSpyware.exe -> %UserProfile%\Desktop\SUPERAntiSpyware.exe -> [Ver = | Size = 5797152 bytes | Modified Date = 30/03/2008 1:16:22 AM | Attr = ] the brilliant green - Ash Like Snow (M-ON!).avi -> %UserProfile%\Desktop\the brilliant green - Ash Like Snow (M-ON!).avi -> [Ver = | Size = 86341632 bytes | Modified Date = 23/01/2008 8:09:57 PM | Attr = ] t_disgaea3_jp_ext_h264.wmv -> %UserProfile%\Desktop\t_disgaea3_jp_ext_h264.wmv -> [Ver = | Size = 131759283 bytes | Modified Date = 09/01/2008 7:37:46 AM | Attr = ] vx_rtp.exe -> %UserProfile%\Desktop\vx_rtp.exe -> Enterbrain [Ver = 1.0.0.0 | Size = 35947942 bytes | Modified Date = 06/02/2008 11:43:38 PM | Attr = ] xp_rtp103.exe -> %UserProfile%\Desktop\xp_rtp103.exe -> [Ver = 2.16.4.8 | Size = 21573144 bytes | Modified Date = 07/02/2008 9:37:43 PM | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Modified Date = 29/03/2008 3:51:59 AM | Attr = ] logishrd -> %CommonProgramFiles%\logishrd -> [Folder | Modified Date = 16/03/2008 6:54:17 PM | Attr = ] WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Modified Date = 14/03/2008 5:49:20 AM | Attr = HS] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 30/03/2008 1:16:30 AM | Attr = ] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] C:\Documents and Settings\All Users\Application Data\ -> C:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 01/04/2008 5:20:59 PM | Attr = RH ] AOL -> C:\Documents and Settings\All Users\Application Data\AOL -> [Folder | Modified Date = 05/01/2006 2:01:36 AM | Attr = ] AOL Downloads -> C:\Documents and Settings\All Users\Application Data\AOL Downloads -> [Folder | Modified Date = 05/01/2006 2:00:35 AM | Attr = ] Apple -> C:\Documents and Settings\All Users\Application Data\Apple -> [Folder | Modified Date = 02/09/2007 12:17:47 PM | Attr = ] Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [Folder | Modified Date = 02/09/2007 12:19:15 PM | Attr = ] ATI -> C:\Documents and Settings\All Users\Application Data\ATI -> [Folder | Modified Date = 31/03/2008 10:38:13 PM | Attr = ] CyberLink -> C:\Documents and Settings\All Users\Application Data\CyberLink -> [Folder | Modified Date = 19/12/2005 1:17:09 PM | Attr = ] EPSON -> C:\Documents and Settings\All Users\Application Data\EPSON -> [Folder | Modified Date = 08/04/2007 12:39:14 PM | Attr = ] Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [Folder | Modified Date = 29/03/2008 7:21:18 AM | Attr = ] IJJIGame -> C:\Documents and Settings\All Users\Application Data\IJJIGame -> [Folder | Modified Date = 10/09/2007 12:26:33 AM | Attr = ] Logishrd -> C:\Documents and Settings\All Users\Application Data\Logishrd -> [Folder | Modified Date = 16/03/2008 7:01:59 PM | Attr = ] Logitech -> C:\Documents and Settings\All Users\Application Data\Logitech -> [Folder | Modified Date = 10/11/2007 12:53:03 PM | Attr = ] Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [Folder | Modified Date = 01/04/2008 5:20:59 PM | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 10/11/2007 12:48:58 PM | Attr = S] Pure Networks -> C:\Documents and Settings\All Users\Application Data\Pure Networks -> [Folder | Modified Date = 17/11/2006 2:53:16 PM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 30/03/2008 1:16:57 AM | Attr = ] Symantec -> C:\Documents and Settings\All Users\Application Data\Symantec -> [Folder | Modified Date = 19/12/2006 3:12:22 PM | Attr = ] Ulead Systems -> C:\Documents and Settings\All Users\Application Data\Ulead Systems -> [Folder | Modified Date = 15/02/2006 8:49:14 PM | Attr = ] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [Folder | Modified Date = 22/04/2006 3:14:37 PM | Attr = ] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 02/08/2006 7:55:48 PM | Attr = ] WLInstaller -> C:\Documents and Settings\All Users\Application Data\WLInstaller -> [Folder | Modified Date = 14/03/2008 5:48:27 AM | Attr = ] C:\Documents and Settings\Bradley\Application Data\ -> C:\Documents and Settings\Bradley\Application Data -> [Folder | Modified Date = 01/04/2008 5:21:04 PM | Attr = ] acccore -> C:\Documents and Settings\Bradley\Application Data\acccore -> [Folder | Modified Date = 05/01/2006 2:02:30 AM | Attr = ] Adobe -> C:\Documents and Settings\Bradley\Application Data\Adobe -> [Folder | Modified Date = 19/12/2007 8:18:33 PM | Attr = ] Ahead -> C:\Documents and Settings\Bradley\Application Data\Ahead -> [Folder | Modified Date = 14/12/2006 11:57:21 AM | Attr = ] Aim -> C:\Documents and Settings\Bradley\Application Data\Aim -> [Folder | Modified Date = 05/01/2008 3:09:32 PM | Attr = ] Apple Computer -> C:\Documents and Settings\Bradley\Application Data\Apple Computer -> [Folder | Modified Date = 19/12/2007 5:08:51 PM | Attr = ] Atari -> C:\Documents and Settings\Bradley\Application Data\Atari -> [Folder | Modified Date = 26/12/2005 12:14:50 AM | Attr = ] ATI -> C:\Documents and Settings\Bradley\Application Data\ATI -> [Folder | Modified Date = 27/10/2007 12:45:31 PM | Attr = ] Azureus -> C:\Documents and Settings\Bradley\Application Data\Azureus -> [Folder | Modified Date = 02/04/2008 4:26:36 PM | Attr = ] Command & Conquer 3 Tiberium Wars Demo -> C:\Documents and Settings\Bradley\Application Data\Command & Conquer 3 Tiberium Wars Demo -> [Folder | Modified Date = 27/02/2007 8:21:04 PM | Attr = ] CyberLink -> C:\Documents and Settings\Bradley\Application Data\CyberLink -> [Folder | Modified Date = 05/03/2006 1:43:34 PM | Attr = ] dvdcss -> C:\Documents and Settings\Bradley\Application Data\dvdcss -> [Folder | Modified Date = 01/02/2007 2:50:08 PM | Attr = ] Grisoft -> C:\Documents and Settings\Bradley\Application Data\Grisoft -> [Folder | Modified Date = 29/03/2008 7:21:29 AM | Attr = ] gunz-mrb -> C:\Documents and Settings\Bradley\Application Data\gunz-mrb -> [Folder | Modified Date = 27/06/2006 6:55:08 PM | Attr = ] Help -> C:\Documents and Settings\Bradley\Application Data\Help -> [Folder | Modified Date = 30/03/2008 3:06:17 AM | Attr = ] Identities -> C:\Documents and Settings\Bradley\Application Data\Identities -> [Folder | Modified Date = 01/12/2005 11:46:16 AM | Attr = ] ijjigame -> C:\Documents and Settings\Bradley\Application Data\ijjigame -> [Folder | Modified Date = 10/09/2007 10:26:42 PM | Attr = H ] iLike -> C:\Documents and Settings\Bradley\Application Data\iLike -> [Folder | Modified Date = 27/11/2007 8:36:14 PM | Attr = ] IMVU -> C:\Documents and Settings\Bradley\Application Data\IMVU -> [Folder | Modified Date = 24/11/2007 12:29:29 PM | Attr = ] InterTrust -> C:\Documents and Settings\Bradley\Application Data\InterTrust -> [Folder | Modified Date = 19/12/2005 1:17:58 PM | Attr = ] LAIM -> C:\Documents and Settings\Bradley\Application Data\LAIM -> [Folder | Modified Date = 23/09/2007 2:38:50 AM | Attr = ] Leadertech -> C:\Documents and Settings\Bradley\Application Data\Leadertech -> [Folder | Modified Date = 25/12/2005 11:59:55 PM | Attr = ] LucasArts -> C:\Documents and Settings\Bradley\Application Data\LucasArts -> [Folder | Modified Date = 17/02/2006 10:59:21 PM | Attr = ] Macromedia -> C:\Documents and Settings\Bradley\Application Data\Macromedia -> [Folder | Modified Date = 13/04/2006 8:50:53 PM | Attr = ] Malwarebytes -> C:\Documents and Settings\Bradley\Application Data\Malwarebytes -> [Folder | Modified Date = 01/04/2008 5:21:04 PM | Attr = ] Media Player Classic -> C:\Documents and Settings\Bradley\Application Data\Media Player Classic -> [Folder | Modified Date = 25/05/2006 1:48:30 AM | Attr = ] Microsoft -> C:\Documents and Settings\Bradley\Application Data\Microsoft -> [Folder | Modified Date = 28/02/2007 7:50:58 AM | Attr = S] Mozilla -> C:\Documents and Settings\Bradley\Application Data\Mozilla -> [Folder | Modified Date = 05/01/2006 2:00:35 AM | Attr = ] OLYMPUS -> C:\Documents and Settings\Bradley\Application Data\OLYMPUS -> [Folder | Modified Date = 27/12/2005 2:04:37 PM | Attr = ] Petroglyph -> C:\Documents and Settings\Bradley\Application Data\Petroglyph -> [Folder | Modified Date = 17/02/2006 11:00:38 PM | Attr = ] Sun -> C:\Documents and Settings\Bradley\Application Data\Sun -> [Folder | Modified Date = 03/02/2006 1:13:31 AM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\Bradley\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 30/03/2008 1:16:52 AM | Attr = ] Symantec -> C:\Documents and Settings\Bradley\Application Data\Symantec -> [Folder | Modified Date = 28/12/2005 10:36:51 PM | Attr = ] Talkback -> C:\Documents and Settings\Bradley\Application Data\Talkback -> [Folder | Modified Date = 25/12/2005 6:31:33 PM | Attr = ] Ulead Systems -> C:\Documents and Settings\Bradley\Application Data\Ulead Systems -> [Folder | Modified Date = 15/02/2006 8:50:41 PM | Attr = ] Ventrilo -> C:\Documents and Settings\Bradley\Application Data\Ventrilo -> [Folder | Modified Date = 11/07/2007 11:34:32 AM | Attr = ] vlc -> C:\Documents and Settings\Bradley\Application Data\vlc -> [Folder | Modified Date = 28/12/2005 3:02:18 PM | Attr = ] Xfire -> C:\Documents and Settings\Bradley\Application Data\Xfire -> [Folder | Modified Date = 28/12/2005 9:24:33 PM | Attr = ] ?????????? -> C:\Documents and Settings\Bradley\Application Data\私立さくらんぼ小学校 -> [Folder | Modified Date = 29/05/2007 8:51:59 PM | Attr = ] C:\Documents and Settings\Default User\Application Data\ -> C:\Documents and Settings\Default User\Application Data -> [Folder | Modified Date = 19/12/2005 1:17:58 PM | Attr = RH ] Adobe -> C:\Documents and Settings\Default User\Application Data\Adobe -> [Folder | Modified Date = 19/12/2005 1:17:58 PM | Attr = ] ATI -> C:\Documents and Settings\Default User\Application Data\ATI -> [Folder | Modified Date = 27/10/2007 12:32:13 PM | Attr = ] CyberLink -> C:\Documents and Settings\Default User\Application Data\CyberLink -> [Folder | Modified Date = 19/12/2005 3:21:42 PM | Attr = ] Identities -> C:\Documents and Settings\Default User\Application Data\Identities -> [Folder | Modified Date = 01/12/2005 11:46:16 AM | Attr = ] InterTrust -> C:\Documents and Settings\Default User\Application Data\InterTrust -> [Folder | Modified Date = 19/12/2005 1:17:58 PM | Attr = ] Microsoft -> C:\Documents and Settings\Default User\Application Data\Microsoft -> [Folder | Modified Date = 19/12/2005 1:02:53 PM | Attr = S] C:\Documents and Settings\LocalService\Application Data\ -> C:\Documents and Settings\LocalService\Application Data -> [Folder | Modified Date = 29/12/2006 6:22:53 PM | Attr = ] ATI -> C:\Documents and Settings\LocalService\Application Data\ATI -> [Folder | Modified Date = 27/10/2007 12:32:13 PM | Attr = ] Identities -> C:\Documents and Settings\LocalService\Application Data\Identities -> [Folder | Modified Date = 15/11/2006 12:03:24 AM | Attr = ] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [Folder | Modified Date = 01/06/2007 3:30:36 PM | Attr = S] C:\Documents and Settings\NetworkService\Application Data\ -> C:\Documents and Settings\NetworkService\Application Data -> [Folder | Modified Date = 01/12/2005 11:42:25 AM | Attr = ] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [Folder | Modified Date = 01/12/2005 11:39:41 AM | Attr = S] C:\Documents and Settings\Shawn\Application Data\ -> C:\Documents and Settings\Shawn\Application Data -> [Folder | Modified Date = 29/12/2006 6:22:53 PM | Attr = RH ] Adobe -> C:\Documents and Settings\Shawn\Application Data\Adobe -> [Folder | Modified Date = 19/12/2005 1:17:58 PM | Attr = ] ATI -> C:\Documents and Settings\Shawn\Application Data\ATI -> [Folder | Modified Date = 27/10/2007 12:32:13 PM | Attr = ] CyberLink -> C:\Documents and Settings\Shawn\Application Data\CyberLink -> [Folder | Modified Date = 19/12/2005 3:21:42 PM | Attr = ] Identities -> C:\Documents and Settings\Shawn\Application Data\Identities -> [Folder | Modified Date = 01/12/2005 11:46:16 AM | Attr = ] InterTrust -> C:\Documents and Settings\Shawn\Application Data\InterTrust -> [Folder | Modified Date = 19/12/2005 1:17:58 PM | Attr = ] Macromedia -> C:\Documents and Settings\Shawn\Application Data\Macromedia -> [Folder | Modified Date = 29/12/2005 10:06:42 PM | Attr = ] Microsoft -> C:\Documents and Settings\Shawn\Application Data\Microsoft -> [Folder | Modified Date = 29/12/2005 10:05:40 PM | Attr = S] Mozilla -> C:\Documents and Settings\Shawn\Application Data\Mozilla -> [Folder | Modified Date = 29/12/2005 10:02:00 PM | Attr = ] Talkback -> C:\Documents and Settings\Shawn\Application Data\Talkback -> [Folder | Modified Date = 29/12/2005 10:02:08 PM | Attr = ] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 17/09/2007 12:28:26 PM | Attr = S] AppleSoftwareUpdate.job -> C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 22/03/2008 8:59:02 PM | Attr = ] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 04/08/2004 6:00:00 AM | Attr = RH ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 02/04/2008 4:29:34 PM | Attr = H ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]