[code]
OTScanIt logfile created on: 4/7/2008 7:26:38 PM
OTScanIt by OldTimer - Version 1.0.9.0     Folder = C:\Documents and Settings\Jimmy\Desktop\OTScanIt
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1021.98 Mb Total Physical Memory | 547.76 Mb Available Physical Memory | 53.60% Memory free
1.66 Gb Paging File | 1.27 Gb Available in Paging File | 76.52% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.27 Gb Total Space | 39.70 Gb Free Space | 55.70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 20.39 Gb Total Space | 17.77 Gb Free Space | 87.19% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JIM-PC
Current User Name: Jimmy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users

[Processes - Non-Microsoft Only]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 5:31:10 AM | Attr =    ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 1/15/2008 9:17:44 PM | Attr =    ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 1/15/2008 9:17:50 PM | Attr =    ]
ramaint.exe -> %ProgramFiles%\LogMeIn\x86\ramaint.exe -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 116032 bytes | Modified Date = 11/15/2007 7:46:14 PM | Attr =    ]
tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/5/2004 11:05:00 PM | Attr =    ]
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 2:50:18 PM | Attr =    ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 1/15/2008 9:17:44 PM | Attr =    ]
ssmmgr.exe -> %SystemRoot%\Samsung\PanelMgr\SSMMgr.exe ->  [Ver = 2, 5, 4, 0 | Size = 507904 bytes | Modified Date = 2/14/2006 2:32:15 AM | Attr =    ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 2:25:42 AM | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr =    ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 6/19/2007 7:43:18 PM | Attr =    ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Modified Date = 4/4/2008 12:24:38 PM | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe ->  [Ver = 2.41.000 | Size = 68096 bytes | Modified Date = 11/19/2006 2:29:34 PM | Attr =    ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 5:31:10 AM | Attr =    ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 1/15/2008 9:17:44 PM | Attr =    ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 1/15/2008 9:17:50 PM | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr =    ]
(DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe ->  [Ver = 1, 0, 0, 8 | Size = 76848 bytes | Modified Date = 3/7/2007 3:47:46 PM | Attr =    ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 1/26/2007 9:51:36 PM | Attr =    ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr =    ]
(LMIMaint) LogMeIn Maintenance Service [Win32_Own | Auto | Running] -> %ProgramFiles%\LogMeIn\x86\ramaint.exe -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 116032 bytes | Modified Date = 11/15/2007 7:46:14 PM | Attr =    ]
(LogMeIn) LogMeIn [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\LogMeIn\x86\LogMeIn.exe -> LogMeIn, Inc. [Ver = 3.0.596 | Size = 63040 bytes | Modified Date = 8/3/2007 4:09:34 PM | Attr =    ]
(NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Intel\PROSetWired\NCS\Sync\NetSvc.exe -> Intel(R) Corporation [Ver = 1.6.3.0 | Size = 143360 bytes | Modified Date = 12/17/2003 11:59:48 AM | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe ["C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 2:25:42 AM | Attr =    ]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe [C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP] -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 1/15/2008 9:17:44 PM | Attr =    ]
dla -> %SystemRoot%\system32\dla\tfswctrl.exe [C:\WINDOWS\system32\dla\tfswctrl.exe] -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/5/2004 11:05:00 PM | Attr =    ]
igfxhkcmd -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> Intel Corporation [Ver = 3.0.0.4396 | Size = 77824 bytes | Modified Date = 9/20/2005 9:32:24 AM | Attr =    ]
igfxpers -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> Intel Corporation [Ver = 3.0.0.4396 | Size = 114688 bytes | Modified Date = 9/20/2005 9:36:20 AM | Attr =    ]
igfxtray -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> Intel Corporation [Ver = 3.0.0.4396 | Size = 94208 bytes | Modified Date = 9/20/2005 9:35:40 AM | Attr =    ]
ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 7/27/2004 2:50:42 PM | Attr =    ]
ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 2:50:18 PM | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Computer, Inc. [Ver = 6.5 | Size = 98304 bytes | Modified Date = 9/6/2005 11:57:13 AM | Attr =    ]
Samsung PanelMgr -> %SystemRoot%\Samsung\PanelMgr\SSMMgr.exe [C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun] ->  [Ver = 2, 5, 4, 0 | Size = 507904 bytes | Modified Date = 2/14/2006 2:32:15 AM | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe [C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr =    ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> 
IMAIL-> Installed = 1 -> 
MAPI-> Installed = 1 -> 
MSFS-> Installed = 1 -> 
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 6/19/2007 7:43:18 PM | Attr =    ]
< Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
AVG7_Run -> %ProgramFiles%\Grisoft\AVG7\avgw.exe [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE] -> GRISOFT, s.r.o. [Ver = 7.5.0.502 | Size = 219136 bytes | Modified Date = 1/15/2008 9:17:49 PM | Attr =    ]
< Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
AVG7_Run -> %ProgramFiles%\Grisoft\AVG7\avgw.exe [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE] -> GRISOFT, s.r.o. [Ver = 7.5.0.502 | Size = 219136 bytes | Modified Date = 1/15/2008 9:17:49 PM | Attr =    ]
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
AVG7_Run -> %ProgramFiles%\Grisoft\AVG7\avgw.exe [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE] -> GRISOFT, s.r.o. [Ver = 7.5.0.502 | Size = 219136 bytes | Modified Date = 1/15/2008 9:17:49 PM | Attr =    ]
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
AVG7_Run -> %ProgramFiles%\Grisoft\AVG7\avgw.exe [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE] -> GRISOFT, s.r.o. [Ver = 7.5.0.502 | Size = 219136 bytes | Modified Date = 1/15/2008 9:17:49 PM | Attr =    ]
< Run [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 6/19/2007 7:43:18 PM | Attr =    ]
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> 
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< Jimmy Startup Folder > -> C:\Documents and Settings\Jimmy\Start Menu\Programs\Startup -> 
< Tina Startup Folder > -> C:\Documents and Settings\Tina\Start Menu\Programs\Startup -> 
< ICQ Agent [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\ ->
HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\ -> ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 5:29:58 AM | Attr =    ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> Intel Corporation [Ver = 3.0.0.4396 | Size = 135168 bytes | Modified Date = 9/20/2005 9:31:28 AM | Attr =    ]
LMIinit -> %SystemRoot%\system32\LMIinit.dll -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 87352 bytes | Modified Date = 11/15/2007 7:46:22 PM | Attr =    ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLegacyLogonScripts -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLogoffScripts -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunLogonScriptSync -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunStartupScriptSync -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideStartupScripts -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 1 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 1 -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< HOSTS File > (226500 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://search.msn.com/spbasic.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.com/ie -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.mail.yahoo.com/ -> 
HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie -> 
HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/search?q=%s[gogl] -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\Default_Page_URL -> http://www.dell4me.com/mywaybiz -> 
HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\Default_Page_URL -> http://www.dell4me.com/mywaybiz -> 
HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
HKEY_USERS\S-1-5-19\: Main\\Search Bar -> http://search.msn.com/spbasic.htm -> 
HKEY_USERS\S-1-5-19\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-19\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
HKEY_USERS\S-1-5-20\: Main\\Search Bar -> http://search.msn.com/spbasic.htm -> 
HKEY_USERS\S-1-5-20\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-20\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\] > -> -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\: Main\\Search Bar -> http://www.google.com/ie -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\: Main\\Search Page -> http://www.google.com -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\: Main\\Start Page -> http://www.mail.yahoo.com/ -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\: Search\\SearchAssistant -> http://www.google.com/ie -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\: SearchURL\\ -> http://www.google.com/search?q=%s[gogl] -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\: ProxyEnable -> 0 -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4224 domain(s) found. -> 
online_musicmatch.com [https] -> Trusted sites -> 
34 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4221 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4222 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4222 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4222 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4222 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4221 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 5:46:14 PM | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr =    ]
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> 
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Bars [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> 
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R  ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R  ]
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R  ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R  ]
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R  ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Sun Java Console] -> File not found
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 5:46:14 PM | Attr =    ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] ->  [Sun Java Console] -> File not found
CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 5:46:14 PM | Attr =    ]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] ->  [Sun Java Console] -> File not found
CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] ->  [Sun Java Console] -> File not found
CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\] > -> HKEY_USERS\S-1-5-21-2387782153-4263827435-1929671467-1006\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] ->  [Sun Java Console] -> File not found
CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 5:46:14 PM | Attr =    ]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> 
SV1 ->  -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{EA587C0F-B352-4299-8EEC-B51D07E53D03} -> 192.168.2.1,4.2.2.2   (Intel(R) PRO/100 VE Network Connection) -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 27, 2 | Size = 1828176 bytes | Modified Date = 8/31/2007 5:40:02 PM | Attr = R  ]
vnd.ms.radio:{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Key does not exist or could not be opened.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{01111F00-3E00-11D2-8470-0060089874ED}[HKEY_LOCAL_MACHINE] -> http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab[Support.com Installer] -> 
{33564D57-0000-0010-8000-00AA00389B71}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB[Reg Error: Key does not exist or could not be opened.] -> 
{4D054067-DE3A-48F9-B19B-BCD229B9AE8D}[HKEY_LOCAL_MACHINE] -> http://www.samsungdp.com/printerhelp/ActiveX/DrPrinter.cab[PrinterHelpEtcActiveX Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9}[HKEY_LOCAL_MACHINE] -> https://secure.logmein.com/activex/ractrl.cab?lmi=100[Performance Viewer Activex Control] -> 
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LMIProxyHelper.exe\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LMIProxyHelper.exe\\.Owner -> {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LMIProxyHelper.exe\\{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PrinterHelpEtcActiveX.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PrinterHelpEtcActiveX.ocx\\.Owner -> {4D054067-DE3A-48F9-B19B-BCD229B9AE8D} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PrinterHelpEtcActiveX.ocx\\{4D054067-DE3A-48F9-B19B-BCD229B9AE8D} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/RACtrl.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/RACtrl.dll\\.Owner -> {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/RACtrl.dll\\{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlins.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlins.dll\\.Owner -> {01111F00-3E00-11D2-8470-0060089874ED} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlins.dll\\{01111F00-3E00-11D2-8470-0060089874ED} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/unicows.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/unicows.dll\\.Owner -> {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/unicows.dll\\{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{4D054067-DE3A-48F9-B19B-BCD229B9AE8D} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{4D054067-DE3A-48F9-B19B-BCD229B9AE8D} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{4D054067-DE3A-48F9-B19B-BCD229B9AE8D} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ractrlkeyhook.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ractrlkeyhook.dll\\.Owner -> {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ractrlkeyhook.dll\\{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} ->  -> 



[Files/Folders - Created Within 90 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG ->  [Folder | Created Date = 1/15/2008 11:07:59 PM | Attr = RH ]
.rnd -> %SystemDrive%\.rnd ->  [Ver =  | Size = 1024 bytes | Created Date = 2/15/2008 11:34:24 PM | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1071697920 bytes | Created Date = 4/2/2008 12:32:42 AM | Attr =  HS]
media -> %SystemDrive%\media ->  [Folder | Created Date = 3/4/2008 9:00:19 PM | Attr =    ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Created Date = 4/3/2008 9:29:20 PM | Attr =  HS]
avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Created Date = 1/15/2008 9:17:56 PM | Attr =    ]
avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Created Date = 1/15/2008 9:18:04 PM | Attr =    ]
avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Created Date = 1/15/2008 9:18:04 PM | Attr =    ]
AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 4/1/2008 7:47:32 PM | Attr =    ]
avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Created Date = 1/15/2008 9:18:05 PM | Attr =    ]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Created Date = 1/15/2008 9:18:05 PM | Attr =    ]
LMIRfsDriver.sys -> %SystemRoot%\System32\drivers\LMIRfsDriver.sys -> LogMeIn, Inc. [Ver = 2.4.2.0 | Size = 46112 bytes | Created Date = 2/15/2008 11:34:33 PM | Attr =    ]
fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
grep.exe -> %SystemRoot%\System32\grep.exe ->  [Ver =  | Size = 80412 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/13/2008 7:25:42 PM | Attr =    ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Created Date = 2/12/2008 7:21:49 PM | Attr =    ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/13/2008 7:25:42 PM | Attr =    ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 3/13/2008 7:25:42 PM | Attr =    ]
LMIinit.dll -> %SystemRoot%\System32\LMIinit.dll -> LogMeIn, Inc. [Ver = 4.0.680 | Size = 87352 bytes | Created Date = 2/15/2008 11:34:26 PM | Attr =    ]
LMIport.dll -> %SystemRoot%\System32\LMIport.dll -> LogMeIn, Inc. [Ver = 0.2.0.0 | Size = 21496 bytes | Created Date = 2/15/2008 11:34:34 PM | Attr =    ]
LMIRfsClientNP.dll -> %SystemRoot%\System32\LMIRfsClientNP.dll -> LogMeIn, Inc. [Ver = 2.1.3.0 | Size = 83288 bytes | Created Date = 2/15/2008 11:34:33 PM | Attr =    ]
sed.exe -> %SystemRoot%\System32\sed.exe ->  [Ver =  | Size = 98816 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
swsc.exe -> %SystemRoot%\System32\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
VFind.exe -> %SystemRoot%\System32\VFind.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
zip.exe -> %SystemRoot%\System32\zip.exe ->  [Ver =  | Size = 68096 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Created Date = 4/2/2008 10:42:03 PM | Attr =    ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 4/2/2008 10:41:35 PM | Attr =    ]
PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Created Date = 4/2/2008 10:45:47 PM | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 3/30/2008 7:31:56 AM | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 3/30/2008 7:31:56 AM | Attr =  H ]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Created Date = 4/2/2008 10:45:52 PM | Attr =    ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
avg7 -> %AllUsersProfile%\Application Data\avg7 ->  [Folder | Created Date = 1/15/2008 9:17:41 PM | Attr =    ]
Dell -> %AllUsersProfile%\Application Data\Dell ->  [Folder | Created Date = 1/26/2008 9:20:32 AM | Attr =    ]
Grisoft -> %AllUsersProfile%\Application Data\Grisoft ->  [Folder | Created Date = 1/15/2008 9:17:41 PM | Attr =    ]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes ->  [Folder | Created Date = 4/6/2008 3:09:17 PM | Attr =    ]
SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com ->  [Folder | Created Date = 4/1/2008 8:09:21 PM | Attr =    ]
TEMP -> %AllUsersProfile%\Application Data\TEMP ->  [Folder | Created Date = 3/30/2008 5:47:27 PM | Attr =    ]
@Alternate Data Stream - 111 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2
WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller ->  [Folder | Created Date = 4/3/2008 8:49:12 PM | Attr =    ]
AVG7 -> %AppData%\AVG7 ->  [Folder | Created Date = 1/15/2008 9:18:12 PM | Attr =    ]
Grisoft -> %AppData%\Grisoft ->  [Folder | Created Date = 4/1/2008 7:47:43 PM | Attr =    ]
Malwarebytes -> %AppData%\Malwarebytes ->  [Folder | Created Date = 4/6/2008 3:09:23 PM | Attr =    ]
SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com ->  [Folder | Created Date = 4/1/2008 8:09:14 PM | Attr =    ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ->  [Ver =  | Size = 3584 bytes | Created Date = 1/31/2008 8:18:26 PM | Attr =    ]
AVG-7.5-Anti-virus -> %AllUsersProfile%\Documents\AVG-7.5-Anti-virus ->  [Folder | Created Date = 2/12/2008 7:17:45 PM | Attr =    ]
back-up-2007 -> %AllUsersProfile%\Documents\back-up-2007 ->  [Folder | Created Date = 1/15/2008 8:52:47 PM | Attr =    ]
Google-Toolbar -> %AllUsersProfile%\Documents\Google-Toolbar ->  [Folder | Created Date = 2/16/2008 7:16:28 PM | Attr =    ]
MSN-messenger -> %AllUsersProfile%\Documents\MSN-messenger ->  [Folder | Created Date = 2/16/2008 7:23:35 PM | Attr =    ]
PCG-K15-sony-updates -> %AllUsersProfile%\Documents\PCG-K15-sony-updates ->  [Folder | Created Date = 2/12/2008 7:20:32 PM | Attr =    ]
Spybot -> %AllUsersProfile%\Documents\Spybot ->  [Folder | Created Date = 2/12/2008 7:18:16 PM | Attr =    ]
Troubleshooting-Internet-Connectivity.doc -> %AllUsersProfile%\Documents\Troubleshooting-Internet-Connectivity.doc ->  [Ver =  | Size = 146944 bytes | Created Date = 2/16/2008 6:51:23 PM | Attr =    ]
TurboTax -> %AllUsersProfile%\Documents\TurboTax ->  [Folder | Created Date = 2/11/2008 9:06:36 PM | Attr =    ]
TurboTax-new -> %AllUsersProfile%\Documents\TurboTax-new ->  [Folder | Created Date = 2/16/2008 3:45:41 PM | Attr =    ]
XP-key -> %AllUsersProfile%\Documents\XP-key ->  [Folder | Created Date = 2/16/2008 2:59:42 PM | Attr =    ]
State job application.pdf -> %UserProfile%\My Documents\State job application.pdf ->  [Ver =  | Size = 20191 bytes | Created Date = 2/11/2008 8:41:27 PM | Attr =    ]
AVG 7.5.lnk -> %AllUsersProfile%\Desktop\AVG 7.5.lnk ->  [Ver =  | Size = 1542 bytes | Created Date = 1/15/2008 9:18:05 PM | Attr =    ]
Arabicinterpreting.com -> %UserProfile%\Desktop\Arabicinterpreting.com ->  [Folder | Created Date = 2/28/2008 11:48:32 PM | Attr =    ]
AVG-7.5-Anti-virus -> %UserProfile%\Desktop\AVG-7.5-Anti-virus ->  [Folder | Created Date = 1/15/2008 8:44:22 PM | Attr =    ]
Glee Cube.lnk -> %UserProfile%\Desktop\Glee Cube.lnk ->  [Ver =  | Size = 2313 bytes | Created Date = 3/4/2008 8:59:53 PM | Attr =    ]
jenny[1].pdf -> %UserProfile%\Desktop\jenny[1].pdf ->  [Ver =  | Size = 707502 bytes | Created Date = 1/24/2008 11:47:43 PM | Attr =    ]
OTScanIt -> %UserProfile%\Desktop\OTScanIt ->  [Folder | Created Date = 4/7/2008 7:24:55 PM | Attr =    ]
OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe ->  [Ver =  | Size = 540250 bytes | Created Date = 4/7/2008 7:24:29 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier
Shortcut to CD Drive.lnk -> %UserProfile%\Desktop\Shortcut to CD Drive.lnk ->  [Ver =  | Size = 203 bytes | Created Date = 2/9/2008 7:47:00 PM | Attr =    ]
Spybot -> %UserProfile%\Desktop\Spybot ->  [Folder | Created Date = 1/15/2008 11:34:27 PM | Attr =    ]
TW cable -> %UserProfile%\Desktop\TW cable ->  [Folder | Created Date = 3/4/2008 8:56:59 PM | Attr =    ]
XP-key -> %UserProfile%\Desktop\XP-key ->  [Folder | Created Date = 2/12/2008 10:45:42 PM | Attr =    ]
WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller ->  [Folder | Created Date = 4/3/2008 8:49:46 PM | Attr =  HS]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard ->  [Folder | Created Date = 3/4/2008 8:59:26 PM | Attr =    ]

[Files/Folders - Modified Within 90 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG ->  [Folder | Modified Date = 4/6/2008 10:42:01 PM | Attr = RH ]
.rnd -> %SystemDrive%\.rnd ->  [Ver =  | Size = 1024 bytes | Modified Date = 2/15/2008 11:34:25 PM | Attr =    ]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 211 bytes | Modified Date = 4/6/2008 8:22:55 PM | Attr =  HS]
dell -> %SystemDrive%\dell ->  [Folder | Modified Date = 1/19/2008 11:55:03 PM | Attr =    ]
Documents and Settings -> %SystemDrive%\Documents and Settings ->  [Folder | Modified Date = 4/1/2008 7:53:01 PM | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1071697920 bytes | Modified Date = 4/7/2008 5:51:23 PM | Attr =  HS]
media -> %SystemDrive%\media ->  [Folder | Modified Date = 3/4/2008 9:00:19 PM | Attr =    ]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 4/6/2008 8:29:18 PM | Attr =    ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Modified Date = 4/3/2008 9:29:20 PM | Attr =  HS]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 4/6/2008 3:21:03 PM | Attr =    ]
avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 1/15/2008 9:17:56 PM | Attr =    ]
avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 1/15/2008 9:18:04 PM | Attr =    ]
avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 1/15/2008 9:18:04 PM | Attr =    ]
avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 1/15/2008 9:18:05 PM | Attr =    ]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Modified Date = 1/15/2008 9:18:05 PM | Attr =    ]
etc -> %SystemRoot%\System32\drivers\etc ->  [Folder | Modified Date = 3/30/2008 6:11:22 PM | Attr =    ]
hosts -> %SystemRoot%\System32\drivers\etc\hosts ->  [Ver =  | Size = 226500 bytes | Modified Date = 3/30/2008 6:11:22 PM | Attr = R  ]
hosts.20080330-181122.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080330-181122.backup ->  [Ver =  | Size = 226500 bytes | Modified Date = 3/30/2008 6:10:42 PM | Attr = R  ]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Modified Date = 4/4/2008 8:54:29 PM | Attr =    ]
3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Modified Date = 2/13/2008 1:07:02 AM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Modified Date = 4/2/2008 10:44:25 PM | Attr =    ]
DRVSTORE -> %SystemRoot%\System32\DRVSTORE ->  [Folder | Modified Date = 4/3/2008 8:50:45 PM | Attr =    ]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT ->  [Ver =  | Size = 216064 bytes | Modified Date = 4/5/2008 7:43:41 PM | Attr =    ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 2/22/2008 1:23:35 AM | Attr =    ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Modified Date = 2/22/2008 2:33:31 AM | Attr =    ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 2/22/2008 1:23:39 AM | Attr =    ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 2/22/2008 2:33:32 AM | Attr =    ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat ->  [Ver =  | Size = 65884 bytes | Modified Date = 4/2/2008 7:01:49 PM | Attr =    ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat ->  [Ver =  | Size = 412008 bytes | Modified Date = 4/2/2008 7:01:49 PM | Attr =    ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 465336 bytes | Modified Date = 4/2/2008 7:01:49 PM | Attr =    ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 2206 bytes | Modified Date = 4/7/2008 5:51:28 PM | Attr =    ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 2/12/2008 7:13:11 PM | Attr =  H ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
assembly -> %SystemRoot%\assembly ->  [Folder | Modified Date = 4/5/2008 10:02:44 AM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 4/7/2008 5:51:25 PM | Attr =   S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 4/6/2008 3:29:13 PM | Attr =   S]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Modified Date = 4/2/2008 10:42:03 PM | Attr =    ]
Fonts -> %SystemRoot%\Fonts ->  [Folder | Modified Date = 4/5/2008 10:01:50 AM | Attr = R S]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 2/13/2008 1:06:56 AM | Attr =    ]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 4/4/2008 8:54:29 PM | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 4/6/2008 6:39:36 PM | Attr =  HS]
MEMORY.DMP -> %SystemRoot%\MEMORY.DMP ->  [Ver =  | Size = 805306368 bytes | Modified Date = 3/10/2008 6:29:07 PM | Attr =    ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET ->  [Folder | Modified Date = 4/2/2008 7:14:06 PM | Attr =    ]
Minidump -> %SystemRoot%\Minidump ->  [Folder | Modified Date = 3/10/2008 6:29:12 PM | Attr =    ]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 4/7/2008 7:25:25 PM | Attr =    ]
PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Modified Date = 4/2/2008 10:45:47 PM | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 3/30/2008 7:31:56 AM | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 3/30/2008 7:31:56 AM | Attr =  H ]
system -> %SystemRoot%\system ->  [Folder | Modified Date = 1/15/2008 9:17:21 PM | Attr =    ]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 227 bytes | Modified Date = 4/6/2008 8:22:55 PM | Attr =    ]
system32 -> %SystemRoot%\system32 ->  [Folder | Modified Date = 4/6/2008 3:21:03 PM | Attr =    ]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 1/15/2008 9:08:04 PM | Attr =   S]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Modified Date = 4/7/2008 5:51:54 PM | Attr =    ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 594 bytes | Modified Date = 4/6/2008 8:22:55 PM | Attr =    ]
wininit.ini -> %SystemRoot%\wininit.ini ->  [Ver =  | Size = 227 bytes | Modified Date = 3/30/2008 6:34:45 PM | Attr =    ]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 4/2/2008 7:01:30 PM | Attr =    ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 4/7/2008 5:51:28 PM | Attr =  H ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 8802 bytes | Modified Date = 4/7/2008 5:52:44 PM | Attr =    ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 8802 bytes | Modified Date = 4/7/2008 5:52:44 PM | Attr =    ]
opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat ->  [Ver =  | Size = 8206 bytes | Modified Date = 9/15/2005 11:23:42 PM | Attr =    ]
SSUPDATE.EXE -> C:\Documents and Settings\Jimmy\Local Settings\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 143360 bytes | Modified Date = 2/17/2006 3:55:46 PM | Attr =    ]
5 C:\Documents and Settings\Jimmy\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Jimmy\Local Settings\Temp\*.tmp -> 
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
Adobe -> %AllUsersProfile%\Application Data\Adobe ->  [Folder | Modified Date = 3/23/2008 7:07:26 PM | Attr =    ]
avg7 -> %AllUsersProfile%\Application Data\avg7 ->  [Folder | Modified Date = 4/6/2008 9:05:30 PM | Attr =    ]
Dell -> %AllUsersProfile%\Application Data\Dell ->  [Folder | Modified Date = 1/26/2008 9:20:32 AM | Attr =    ]
Grisoft -> %AllUsersProfile%\Application Data\Grisoft ->  [Folder | Modified Date = 1/15/2008 9:17:41 PM | Attr =    ]
Intuit -> %AllUsersProfile%\Application Data\Intuit ->  [Folder | Modified Date = 2/11/2008 9:04:31 PM | Attr =    ]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes ->  [Folder | Modified Date = 4/6/2008 3:09:17 PM | Attr =    ]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy ->  [Folder | Modified Date = 1/16/2008 12:05:16 AM | Attr =    ]
SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com ->  [Folder | Modified Date = 4/1/2008 8:09:21 PM | Attr =    ]
Symantec -> %AllUsersProfile%\Application Data\Symantec ->  [Folder | Modified Date = 1/15/2008 9:13:58 PM | Attr =    ]
TEMP -> %AllUsersProfile%\Application Data\TEMP ->  [Folder | Modified Date = 4/2/2008 6:12:37 PM | Attr =    ]
@Alternate Data Stream - 111 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2
WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller ->  [Folder | Modified Date = 4/3/2008 8:49:12 PM | Attr =    ]
Adobe -> %AppData%\Adobe ->  [Folder | Modified Date = 3/23/2008 6:49:18 PM | Attr =    ]
AdobeUM -> %AppData%\AdobeUM ->  [Folder | Modified Date = 2/26/2008 12:06:31 AM | Attr =    ]
AVG7 -> %AppData%\AVG7 ->  [Folder | Modified Date = 4/6/2008 10:42:00 PM | Attr =    ]
Grisoft -> %AppData%\Grisoft ->  [Folder | Modified Date = 4/1/2008 7:47:43 PM | Attr =    ]
Malwarebytes -> %AppData%\Malwarebytes ->  [Folder | Modified Date = 4/6/2008 3:09:23 PM | Attr =    ]
Microsoft -> %AppData%\Microsoft ->  [Folder | Modified Date = 3/4/2008 8:59:54 PM | Attr =   S]
SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com ->  [Folder | Modified Date = 4/6/2008 3:30:04 PM | Attr =    ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ->  [Ver =  | Size = 3584 bytes | Modified Date = 1/31/2008 8:18:26 PM | Attr =    ]
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ->  [Ver =  | Size = 55880 bytes | Modified Date = 4/5/2008 10:43:15 PM | Attr =    ]
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db ->  [Ver =  | Size = 4319112 bytes | Modified Date = 4/2/2008 9:20:37 PM | Attr =  H ]
Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft ->  [Folder | Modified Date = 4/3/2008 8:51:22 PM | Attr =    ]
AVG-7.5-Anti-virus -> %AllUsersProfile%\Documents\AVG-7.5-Anti-virus ->  [Folder | Modified Date = 2/12/2008 7:17:45 PM | Attr =    ]
back-up-2007 -> %AllUsersProfile%\Documents\back-up-2007 ->  [Folder | Modified Date = 1/15/2008 8:57:03 PM | Attr =    ]
Compare It -> %AllUsersProfile%\Documents\Compare It ->  [Folder | Modified Date = 2/12/2008 7:38:11 PM | Attr =    ]
Google-Toolbar -> %AllUsersProfile%\Documents\Google-Toolbar ->  [Folder | Modified Date = 2/16/2008 7:16:49 PM | Attr =    ]
MSN-messenger -> %AllUsersProfile%\Documents\MSN-messenger ->  [Folder | Modified Date = 2/16/2008 8:16:04 PM | Attr =    ]
My Music -> %AllUsersProfile%\Documents\My Music ->  [Folder | Modified Date = 3/1/2008 10:00:26 PM | Attr = R  ]
PCG-K15-sony-updates -> %AllUsersProfile%\Documents\PCG-K15-sony-updates ->  [Folder | Modified Date = 2/17/2008 7:44:29 PM | Attr =    ]
Spybot -> %AllUsersProfile%\Documents\Spybot ->  [Folder | Modified Date = 2/12/2008 7:30:18 PM | Attr =    ]
Troubleshooting-Internet-Connectivity.doc -> %AllUsersProfile%\Documents\Troubleshooting-Internet-Connectivity.doc ->  [Ver =  | Size = 146944 bytes | Modified Date = 2/16/2008 7:00:43 PM | Attr =    ]
TurboTax -> %AllUsersProfile%\Documents\TurboTax ->  [Folder | Modified Date = 2/11/2008 10:28:17 PM | Attr =    ]
TurboTax-new -> %AllUsersProfile%\Documents\TurboTax-new ->  [Folder | Modified Date = 3/28/2008 9:05:24 PM | Attr =    ]
XP-key -> %AllUsersProfile%\Documents\XP-key ->  [Folder | Modified Date = 2/16/2008 3:05:15 PM | Attr =    ]
My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk ->  [Ver =  | Size = 575 bytes | Modified Date = 4/7/2008 5:52:59 PM | Attr =    ]
State job application.pdf -> %UserProfile%\My Documents\State job application.pdf ->  [Ver =  | Size = 20191 bytes | Modified Date = 2/11/2008 8:41:27 PM | Attr =    ]
AVG 7.5.lnk -> %AllUsersProfile%\Desktop\AVG 7.5.lnk ->  [Ver =  | Size = 1542 bytes | Modified Date = 1/15/2008 9:18:05 PM | Attr =    ]
AOS -> %UserProfile%\Desktop\AOS ->  [Folder | Modified Date = 3/16/2008 11:22:42 PM | Attr =    ]
Arabicinterpreting.com -> %UserProfile%\Desktop\Arabicinterpreting.com ->  [Folder | Modified Date = 4/5/2008 10:39:41 PM | Attr =    ]
AVG-7.5-Anti-virus -> %UserProfile%\Desktop\AVG-7.5-Anti-virus ->  [Folder | Modified Date = 1/15/2008 8:48:09 PM | Attr =    ]
Brujim.com -> %UserProfile%\Desktop\Brujim.com ->  [Folder | Modified Date = 2/17/2008 7:43:12 PM | Attr =    ]
Craigslist -> %UserProfile%\Desktop\Craigslist ->  [Folder | Modified Date = 1/20/2008 7:59:35 PM | Attr =    ]
eBay -> %UserProfile%\Desktop\eBay ->  [Folder | Modified Date = 3/23/2008 7:08:22 PM | Attr =    ]
Glee Cube.lnk -> %UserProfile%\Desktop\Glee Cube.lnk ->  [Ver =  | Size = 2313 bytes | Modified Date = 3/4/2008 9:04:46 PM | Attr =    ]
House -> %UserProfile%\Desktop\House ->  [Folder | Modified Date = 1/22/2008 8:56:42 PM | Attr =    ]
jenny[1].pdf -> %UserProfile%\Desktop\jenny[1].pdf ->  [Ver =  | Size = 707502 bytes | Modified Date = 1/24/2008 11:47:43 PM | Attr =    ]
lawpage -> %UserProfile%\Desktop\lawpage ->  [Folder | Modified Date = 3/11/2008 9:48:24 PM | Attr =   S]
Linux Fedora 6 -> %UserProfile%\Desktop\Linux Fedora 6 ->  [Folder | Modified Date = 3/13/2008 10:55:14 PM | Attr =   S]
Linux SUSE 10.2 -> %UserProfile%\Desktop\Linux SUSE 10.2 ->  [Folder | Modified Date = 2/16/2008 2:54:02 PM | Attr =    ]
Microsoft Office FrontPage 2003 (2).lnk -> %UserProfile%\Desktop\Microsoft Office FrontPage 2003 (2).lnk ->  [Ver =  | Size = 2473 bytes | Modified Date = 3/11/2008 11:44:05 PM | Attr =    ]
Microsoft Office Word 2003 (2).lnk -> %UserProfile%\Desktop\Microsoft Office Word 2003 (2).lnk ->  [Ver =  | Size = 2497 bytes | Modified Date = 4/6/2008 11:15:11 PM | Attr =    ]
OTScanIt -> %UserProfile%\Desktop\OTScanIt ->  [Folder | Modified Date = 4/7/2008 7:24:55 PM | Attr =    ]
OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe ->  [Ver =  | Size = 540250 bytes | Modified Date = 4/7/2008 7:24:34 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier
Pictures -> %UserProfile%\Desktop\Pictures ->  [Folder | Modified Date = 1/13/2008 7:53:52 PM | Attr =    ]
resume -> %UserProfile%\Desktop\resume ->  [Folder | Modified Date = 3/28/2008 11:05:06 PM | Attr =    ]
Ryulkim -> %UserProfile%\Desktop\Ryulkim ->  [Folder | Modified Date = 3/11/2008 8:44:14 PM | Attr =    ]
Self-Study -> %UserProfile%\Desktop\Self-Study ->  [Folder | Modified Date = 2/26/2008 12:03:56 AM | Attr =    ]
Shortcut to CD Drive.lnk -> %UserProfile%\Desktop\Shortcut to CD Drive.lnk ->  [Ver =  | Size = 203 bytes | Modified Date = 2/9/2008 7:47:01 PM | Attr =    ]
Spybot -> %UserProfile%\Desktop\Spybot ->  [Folder | Modified Date = 1/15/2008 11:35:13 PM | Attr =    ]
Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk ->  [Ver =  | Size = 943 bytes | Modified Date = 1/15/2008 11:36:10 PM | Attr =    ]
stocks -> %UserProfile%\Desktop\stocks ->  [Folder | Modified Date = 4/6/2008 11:16:19 PM | Attr =    ]
Tax -> %UserProfile%\Desktop\Tax ->  [Folder | Modified Date = 2/3/2008 10:28:32 PM | Attr =    ]
Top-Echelon -> %UserProfile%\Desktop\Top-Echelon ->  [Folder | Modified Date = 1/13/2008 10:31:46 PM | Attr =    ]
TW cable -> %UserProfile%\Desktop\TW cable ->  [Folder | Modified Date = 3/4/2008 8:58:17 PM | Attr =    ]
XP-key -> %UserProfile%\Desktop\XP-key ->  [Folder | Modified Date = 2/12/2008 10:46:19 PM | Attr =    ]
AnswerWorks 4.0 -> %CommonProgramFiles%\AnswerWorks 4.0 ->  [Folder | Modified Date = 2/11/2008 9:06:13 PM | Attr =    ]
Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared ->  [Folder | Modified Date = 4/5/2008 9:59:45 AM | Attr =    ]
Symantec Shared -> %CommonProgramFiles%\Symantec Shared ->  [Folder | Modified Date = 1/15/2008 9:16:26 PM | Attr =    ]
WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller ->  [Folder | Modified Date = 4/3/2008 8:50:01 PM | Attr =  HS]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard ->  [Folder | Modified Date = 4/6/2008 3:29:55 PM | Attr =    ]

[File - Purity Scan: Additional Folder Scans - Non-Microsoft Only]

< End of report >
[/code]