[code] OTScanIt logfile created on: 27/04/2008 17:17:34 OTScanIt by OldTimer - Version 1.0.11.5 Folder = C:\Documents and Settings\Compaq_Owner\Desktop\OTScanIt Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1023.36 Mb Total Physical Memory | 453.62 Mb Available Physical Memory | 44.33% Memory free 2.40 Gb Paging File | 1.70 Gb Available in Paging File | 70.92% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 226.88 Gb Total Space | 167.69 Gb Free Space | 73.91% Space Free | Partition Type: NTFS Drive D: | 5.99 Gb Total Space | 2.54 Gb Free Space | 42.39% Space Free | Partition Type: FAT32 Drive E: | 1.59 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-447023AE6B Current User Name: Compaq_Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 364544 bytes | Modified Date = 15/04/2005 03:09:00 | Attr = ] avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.100 | Size = 282904 bytes | Modified Date = 27/04/2008 00:50:44 | Attr = ] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 364544 bytes | Modified Date = 15/04/2005 03:09:00 | Attr = ] googleupdaterservice.exe -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.2.824.5515.beta | Size = 138680 bytes | Modified Date = 18/02/2008 11:25:28 | Attr = ] nbservice.exe -> %ProgramFiles%\Nero\Nero8\Nero BackItUp\NBService.exe -> Nero AG [Ver = 3, 2, 3, 0 | Size = 869672 bytes | Modified Date = 03/12/2007 15:21:24 | Attr = ] hpzipm12.exe -> %SystemRoot%\system32\HPZipm12.exe -> HP [Ver = 10, 1, 1, 6 | Size = 73728 bytes | Modified Date = 09/08/2007 08:27:52 | Attr = ] pctsauxs.exe -> %ProgramFiles%\Spyware Doctor\pctsAuxs.exe -> PC Tools [Ver = 5.5.0.40 | Size = 747912 bytes | Modified Date = 01/02/2008 11:55:54 | Attr = ] avgrsx.exe -> %ProgramFiles%\AVG\AVG8\avgrsx.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.84 | Size = 311576 bytes | Modified Date = 27/04/2008 00:51:09 | Attr = ] pctssvc.exe -> %ProgramFiles%\Spyware Doctor\pctsSvc.exe -> PC Tools [Ver = 5.5.0.75 | Size = 948616 bytes | Modified Date = 04/03/2008 16:49:08 | Attr = ] pctstray.exe -> %ProgramFiles%\Spyware Doctor\pctsTray.exe -> PC Tools [Ver = 5.5.0.106 | Size = 1103240 bytes | Modified Date = 01/02/2008 11:55:56 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 05:25:21 | Attr = ] hpsysdrv.exe -> %SystemRoot%\system\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 07/05/1998 17:04:38 | Attr = ] atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5150 | Size = 344064 bytes | Modified Date = 15/04/2005 05:05:00 | Attr = ] soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 17 | Size = 90112 bytes | Modified Date = 04/05/2005 02:43:50 | Attr = ] alcwzrd.exe -> %SystemRoot%\ALCWZRD.EXE -> RealTek Semicoductor Corp. [Ver = 1.1.0.20 | Size = 2805248 bytes | Modified Date = 04/05/2005 18:01:36 | Attr = ] alcmtr.exe -> %SystemRoot%\ALCMTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.6.0.2 | Size = 69632 bytes | Modified Date = 04/05/2005 02:43:28 | Attr = ] kbd.exe -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.2.20205 | Size = 61440 bytes | Modified Date = 03/02/2005 00:44:24 | Attr = ] ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 4.8.0.31 | Size = 278528 bytes | Modified Date = 05/05/2005 01:21:42 | Attr = ] hpwuschd2.exe -> %ProgramFiles%\Hp\HP Software Update\hpwuSchd2.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 49152 bytes | Modified Date = 11/05/2005 23:12:54 | Attr = ] itouch.exe -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.10.159 | Size = 577602 bytes | Modified Date = 22/07/2002 03:10:00 | Attr = ] qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 03/01/2005 07:02:53 | Attr = ] application launcher.exe -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe -> [Ver = 2.0.6.50 | Size = 487424 bytes | Modified Date = 24/11/2006 01:06:38 | Attr = R ] issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 28/07/2004 00:50:18 | Attr = ] nbkeyscan.exe -> %ProgramFiles%\Nero\Nero8\Nero BackItUp\NBKeyScan.exe -> Nero AG [Ver = 3, 2, 3, 0 | Size = 2213160 bytes | Modified Date = 03/12/2007 15:21:24 | Attr = ] hpgs2wnd.exe -> %ProgramFiles%\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 57344 bytes | Modified Date = 03/07/2001 10:11:52 | Attr = ] hpgs2wnf.exe -> %ProgramFiles%\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnf.exe -> [Ver = 2,4,0,26 | Size = 65536 bytes | Modified Date = 03/07/2001 10:17:04 | Attr = ] pwrisovm.exe -> %ProgramFiles%\PowerISO\PWRISOVM.EXE -> PowerISO Computing, Inc. [Ver = 4, 0, 0, 0 | Size = 233472 bytes | Modified Date = 15/03/2008 00:50:59 | Attr = ] avgtray.exe -> %ProgramFiles%\AVG\AVG8\avgtray.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.94 | Size = 1177368 bytes | Modified Date = 27/04/2008 00:50:59 | Attr = ] googleupdater.exe -> %ProgramFiles%\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.2.1111.1511.beta | Size = 125624 bytes | Modified Date = 18/02/2008 11:25:25 | Attr = ] hpqtra08.exe -> %ProgramFiles%\Hp\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 282624 bytes | Modified Date = 11/05/2005 23:23:26 | Attr = ] superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 27/04/2008 14:36:59 | Attr = ] hpqste08.exe -> %ProgramFiles%\Hp\Digital Imaging\bin\hpqste08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 204800 bytes | Modified Date = 12/05/2005 00:40:38 | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 4.8.0.31 | Size = 327680 bytes | Modified Date = 05/05/2005 01:21:26 | Attr = ] generic.exe -> %CommonProgramFiles%\Teleca Shared\Generic.exe -> Obigo AB [Ver = 1, 4, 12, 0 | Size = 983040 bytes | Modified Date = 13/10/2006 09:11:16 | Attr = R ] epmworker.exe -> %ProgramFiles%\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe -> Sony Ericsson Mobile Communications AB [Ver = 1, 2, 0,1219 | Size = 872448 bytes | Modified Date = 13/11/2006 15:17:38 | Attr = R ] regmech.exe -> %ProgramFiles%\Registry Mechanic\RegMech.exe -> PC Tools [Ver = 6.00.0780 | Size = 2299400 bytes | Modified Date = 09/05/2007 10:41:14 | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.11.5 | Size = 370688 bytes | Modified Date = 24/04/2008 04:30:38 | Attr = ] [Win32 Services - Non-Microsoft Only] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 364544 bytes | Modified Date = 15/04/2005 03:09:00 | Attr = ] (Autodesk Licensing Service) Autodesk Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> Autodesk [Ver = 2.80.011 | Size = 85096 bytes | Modified Date = 10/04/2008 23:29:28 | Attr = ] (avg8wd) AVG8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.100 | Size = 282904 bytes | Modified Date = 27/04/2008 00:50:44 | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 13:00:00 | Attr = ] (gusvc) Google Updater Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.2.824.5515.beta | Size = 138680 bytes | Modified Date = 18/02/2008 11:25:28 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14/11/2005 01:06:04 | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found (iPodService) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 4.8.0.31 | Size = 327680 bytes | Modified Date = 05/05/2005 01:21:26 | Attr = ] (Nero BackItUp Scheduler 3) Nero BackItUp Scheduler 3 [Win32_Own | Auto | Running] -> %ProgramFiles%\Nero\Nero8\Nero BackItUp\NBService.exe -> Nero AG [Ver = 3, 2, 3, 0 | Size = 869672 bytes | Modified Date = 03/12/2007 15:21:24 | Attr = ] (NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Nero\Lib\NMIndexingService.exe -> Nero AG [Ver = 3.2.5.0 | Size = 447784 bytes | Modified Date = 13/12/2007 20:10:56 | Attr = ] (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\HPZipm12.exe -> HP [Ver = 10, 1, 1, 6 | Size = 73728 bytes | Modified Date = 09/08/2007 08:27:52 | Attr = ] (sdAuxService) PC Tools Auxiliary Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Doctor\pctsAuxs.exe -> PC Tools [Ver = 5.5.0.40 | Size = 747912 bytes | Modified Date = 01/02/2008 11:55:54 | Attr = ] (sdCoreService) PC Tools Security Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Doctor\pctsSvc.exe -> PC Tools [Ver = 5.5.0.75 | Size = 948616 bytes | Modified Date = 04/03/2008 16:49:08 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_SL.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 10/10/2007 20:51:55 | Attr = ] Alcmtr -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> Realtek Semiconductor Corp. [Ver = 1.6.0.2 | Size = 69632 bytes | Modified Date = 04/05/2005 02:43:28 | Attr = ] AlcWzrd -> %SystemRoot%\ALCWZRD.EXE [ALCWZRD.EXE] -> RealTek Semicoductor Corp. [Ver = 1.1.0.20 | Size = 2805248 bytes | Modified Date = 04/05/2005 18:01:36 | Attr = ] ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe [C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] -> ATI Technologies, Inc. [Ver = 6.14.10.5150 | Size = 344064 bytes | Modified Date = 15/04/2005 05:05:00 | Attr = ] AVG8_TRAY -> %ProgramFiles%\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.94 | Size = 1177368 bytes | Modified Date = 27/04/2008 00:50:59 | Attr = ] CXMon -> %ProgramFiles%\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_monitor.exe ["C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"] -> Hewlett-Packard Company [Ver = 3.8.0.0 | Size = 45056 bytes | Modified Date = 27/08/2001 11:52:58 | Attr = ] EM_EXEC -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE [C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE] -> Logitech Inc. [Ver = 9.71.218 | Size = 28672 bytes | Modified Date = 09/07/2002 09:50:00 | Attr = ] High Definition Audio Property Page Shortcut -> %SystemRoot%\system32\HdAShCut.exe [HDAShCut.exe] -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 08/01/2005 01:07:16 | Attr = ] HP Software Update -> %ProgramFiles%\Hp\HP Software Update\hpwuSchd2.exe [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 49152 bytes | Modified Date = 11/05/2005 23:12:54 | Attr = ] hpsysdrv -> %SystemRoot%\system\hpsysdrv.exe [c:\windows\system\hpsysdrv.exe] -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 07/05/1998 17:04:38 | Attr = ] ISTray -> %ProgramFiles%\Spyware Doctor\pctsTray.exe ["C:\Program Files\Spyware Doctor\pctsTray.exe"] -> PC Tools [Ver = 5.5.0.106 | Size = 1103240 bytes | Modified Date = 01/02/2008 11:55:56 | Attr = ] ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 28/07/2004 00:50:42 | Attr = ] ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 28/07/2004 00:50:18 | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Computer, Inc. [Ver = 4.8.0.31 | Size = 278528 bytes | Modified Date = 05/05/2005 01:21:42 | Attr = ] KBD -> %SystemDrive%\hp\KBD\kbd.exe [C:\HP\KBD\KBD.EXE] -> Hewlett-Packard Company [Ver = 1.0.2.2.20205 | Size = 61440 bytes | Modified Date = 03/02/2005 00:44:24 | Attr = ] Logitech Hardware Abstraction Layer -> %SystemRoot%\KHALMNPR.Exe [KHALMNPR.EXE] -> Logitech Inc. [Ver = 3.30.152 | Size = 101136 bytes | Modified Date = 23/01/2007 15:44:00 | Attr = ] LSBWatcher -> %SystemDrive%\hp\drivers\hplsbwatcher\LSBurnWatcher.exe [c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe] -> Hewlett-Packard Company [Ver = 4, 10, 15, 0 | Size = 253952 bytes | Modified Date = 11/05/2005 01:50:42 | Attr = ] Media Codec Update Service -> %ProgramFiles%\Essentials Codec Pack\update.exe [C:\Program Files\Essentials Codec Pack\update.exe -silent] -> MediaCodec.Org [Ver = 1, 0, 0, 1 | Size = 303104 bytes | Modified Date = 08/04/2007 17:44:40 | Attr = ] NBKeyScan -> %ProgramFiles%\Nero\Nero8\Nero BackItUp\NBKeyScan.exe ["C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"] -> Nero AG [Ver = 3, 2, 3, 0 | Size = 2213160 bytes | Modified Date = 03/12/2007 15:21:24 | Attr = ] NeroFilterCheck -> %CommonProgramFiles%\Nero\Lib\NeroCheck.exe [C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe] -> Nero AG [Ver = 1, 0, 0, 6 | Size = 153136 bytes | Modified Date = 01/03/2007 15:57:24 | Attr = ] PCDrProfiler -> [] -> File not found PS2 -> %SystemRoot%\system32\ps2.EXE [C:\WINDOWS\system32\ps2.exe] -> Hewlett-Packard Company [Ver = 1.0.2.2.112404 | Size = 90112 bytes | Modified Date = 25/10/2004 23:17:56 | Attr = ] PWRISOVM.EXE -> %ProgramFiles%\PowerISO\PWRISOVM.EXE [C:\Program Files\PowerISO\PWRISOVM.EXE] -> PowerISO Computing, Inc. [Ver = 4, 0, 0, 0 | Size = 233472 bytes | Modified Date = 15/03/2008 00:50:59 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 03/01/2005 07:02:53 | Attr = ] Recguard -> %SystemRoot%\SMINST\Recguard.exe [C:\WINDOWS\SMINST\RECGUARD.EXE] -> [Ver = 5, 0, 44, 2 | Size = 233472 bytes | Modified Date = 14/04/2004 21:43:46 | Attr = ] RegistryMechanic -> [] -> File not found Share-to-Web Namespace Daemon -> %ProgramFiles%\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe [C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe] -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 57344 bytes | Modified Date = 03/07/2001 10:11:52 | Attr = ] Sony Ericsson PC Suite -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ["C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions] -> [Ver = 2.0.6.50 | Size = 487424 bytes | Modified Date = 24/11/2006 01:06:38 | Attr = R ] SoundMan -> %SystemRoot%\SOUNDMAN.EXE [SOUNDMAN.EXE] -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 17 | Size = 90112 bytes | Modified Date = 04/05/2005 02:43:50 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 05:25:21 | Attr = ] TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> RealNetworks, Inc. [Ver = 0.1.0.3249 | Size = 180269 bytes | Modified Date = 03/01/2005 06:57:21 | Attr = ] zBrowser Launcher -> %ProgramFiles%\Logitech\iTouch\iTouch.exe [C:\Program Files\Logitech\iTouch\iTouch.exe] -> Logitech Inc. [Ver = 2.10.159 | Size = 577602 bytes | Modified Date = 22/07/2002 03:10:00 | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 27/04/2008 14:36:59 | Attr = ] < Run [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 27/04/2008 14:36:59 | Attr = ] < RunOnce [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> NeroHomeFirstStart -> %CommonProgramFiles%\Nero\Lib\NMFirstStart.exe ["C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"] -> Nero AG [Ver = 3.2.5.0 | Size = 19752 bytes | Modified Date = 13/12/2007 20:10:46 | Attr = ] < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Google Updater.lnk -> %ProgramFiles%\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.2.1111.1511.beta | Size = 125624 bytes | Modified Date = 18/02/2008 11:25:25 | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\Hp\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 282624 bytes | Modified Date = 11/05/2005 23:23:26 | Attr = ] < Compaq_Owner Startup Folder > -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> avgrsstx.dll -> %SystemRoot%\system32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Modified Date = 27/04/2008 00:51:34 | Attr = ] *MultiFile Done* -> -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 20/12/2006 12:55:48 | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.DLL -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 27/04/2008 14:37:00 | Attr = ] AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 46080 bytes | Modified Date = 15/04/2005 03:10:00 | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://uk.yahoo.com/ -> HKEY_CURRENT_USER\: SearchURL\\ -> [Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\] > -> -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\: Main\\Start Page -> http://uk.yahoo.com/ -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\: SearchURL\\ -> [Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\] > -> -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\: SearchURL\\ -> [Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3252 domain(s) found. -> www_logofresh.com [https] -> Trusted sites -> 27 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3252 domain(s) found. -> www_logofresh.com [https] -> Trusted sites -> 27 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 23/10/2006 00:08:42 | Attr = ] {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.90 | Size = 419096 bytes | Modified Date = 27/04/2008 00:51:11 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22/02/2008 05:25:19 | Attr = ] {A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.387 | Size = 2050816 bytes | Modified Date = 27/04/2008 00:51:18 | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 1, 1119, 1736 | Size = 654320 bytes | Modified Date = 18/02/2008 11:25:32 | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] {A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.387 | Size = 2050816 bytes | Modified Date = 27/04/2008 00:51:18 | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.387 | Size = 2050816 bytes | Modified Date = 27/04/2008 00:51:18 | Attr = ] < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.387 | Size = 2050816 bytes | Modified Date = 27/04/2008 00:51:18 | Attr = ] < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 05:25:19 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22/02/2008 05:25:19 | Attr = ] {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [PartyCasino.com] -> File not found {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [PartyPoker.com] -> File not found {E2D4D26B-0180-43a4-B05F-462D6D54C789}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Connection Help] -> File not found {F47C1DB5-ED21-4dc1-853E-D1495792D4C5}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Bodog Poker] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 05:25:19 | Attr = ] CmdMapping\\{E2D4D26B-0180-43a4-B05F-462D6D54C789} [HKEY_LOCAL_MACHINE] -> [Connection Help] -> File not found < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 05:25:19 | Attr = ] CmdMapping\\{E2D4D26B-0180-43a4-B05F-462D6D54C789} [HKEY_LOCAL_MACHINE] -> [Connection Help] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 05:25:19 | Attr = ] CmdMapping\\{E2D4D26B-0180-43a4-B05F-462D6D54C789} [HKEY_LOCAL_MACHINE] -> [Connection Help] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 05:25:19 | Attr = ] CmdMapping\\{E2D4D26B-0180-43a4-B05F-462D6D54C789} [HKEY_LOCAL_MACHINE] -> [Connection Help] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-500\Software\Microsoft\Internet Explorer\MenuExt\ -> &Google Search -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] Backward Links -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] Cached Snapshot of Page -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] Similar Pages -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] Translate into English -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 18/02/2008 11:25:56 | Attr = R ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3E6FEE58-B8F7-4BD7-BE9F-C169B181809B} -> (Sony Ericsson Device 068 USB Ethernet Emulation (NDIS 5)) -> {60D60900-715E-4808-8AB1-45FD806E0C1A} -> (Sony Ericsson Device 068 USB Ethernet Emulation (NDIS 5)) -> {7A545EDF-3EBE-41C5-B268-01AB4F12860F} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> {8DE152D4-737F-4613-8328-04680BB65153} -> (Intel(R) PRO/100 VE Network Connection) -> {FDF623F6-FAF0-41BB-B72B-9ADF76F36DBD} -> (1394 Net Adapter) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> bwfile-8876480:{9462A756-7B47-47BC-8C80-C34B9B80B32B} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll[BackWeb GA Pluggable Protocol] -> Logitech Inc. [Ver = Version 8.1.1 (Build 50R) | Size = 28711 bytes | Modified Date = 16/08/2007 18:26:23 | Attr = ] ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> AVG Technologies CZ, s.r.o. [Ver = | Size = 79128 bytes | Modified Date = 27/04/2008 00:51:17 | Attr = ] msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab[Office Genuine Advantage Validation Tool] -> {166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {193C772A-87BE-4B19-A7BB-445B226FE9A1}[HKEY_LOCAL_MACHINE] -> http://downloads.ewido.net/ewidoOnlineScan.cab[ewidoOnlineScan Control] -> {238F6F83-B8B4-11CF-8771-00A024541EE3}[HKEY_LOCAL_MACHINE] -> http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab[Reg Error: Key does not exist or could not be opened.] -> {67DABFBF-D0AB-41FA-9C46-CC0F21721616}[HKEY_LOCAL_MACHINE] -> http://download.divx.com/player/DivXBrowserPlugin.cab[DivXBrowserPlugin Object] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab[Java Plug-in 1.5.0] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ewidoOnlineScan.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ewidoOnlineScan.dll\\.Owner -> {193C772A-87BE-4B19-A7BB-445B226FE9A1} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ewidoOnlineScan.dll\\{193C772A-87BE-4B19-A7BB-445B226FE9A1} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\.Owner -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\{D27CDB6E-AE6D-11CF-96B8-444553540000} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/OGACheckControl.DLL\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/OGACheckControl.DLL\\.Owner -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/OGACheckControl.DLL\\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} -> -> [Registry - Additional Scans - Non-Microsoft Only] < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [HKEY_LOCAL_MACHINE] -> C:\WINDOWS\system32\java.exe [(default): Java (Sun); IsInstalled: 1] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22/02/2008 02:23:35 | Attr = ] {10072CEC-8CC1-11D1-986E-00A0C955B42F} [HKEY_LOCAL_MACHINE] -> [(default): Vector Graphics Rendering (VML); IsInstalled: 01 00 00 00 [binary data]] -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [StubPath] -> [ComponentID: NetShow; IsInstalled: 1] -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> [(default): Microsoft Windows Media Player 6.4; IsInstalled: 1] -> {233C1507-6A77-46A4-9443-F871F945D258} [HKEY_LOCAL_MACHINE] -> [(default): Adobe Shockwave Director 11.0; IsInstalled: 01 00 00 00 [binary data]] -> {283807B5-2C60-11D0-A31D-00AA00B92C03} [HKEY_LOCAL_MACHINE] -> [(default): DirectAnimation; IsInstalled: 1] -> {2A202491-F00D-11cf-87CC-0020AFEECF20} [HKEY_LOCAL_MACHINE] -> [(default): Adobe Shockwave Director 11.0; IsInstalled: 01 00 00 00 [binary data]] -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {34789AE1-DFB8-FBEB-8D73-008883EAB459} [HKEY_LOCAL_MACHINE] -> [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {36f8ec70-c29a-11d1-b5c7-0000f8051515} [HKEY_LOCAL_MACHINE] -> [(default): Dynamic HTML Data Binding for Java; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKEY_LOCAL_MACHINE] -> [(default): Offline Browsing Pack; IsInstalled: 1] -> {3bf42070-b3b1-11d1-b5c5-0000f8051515} [HKEY_LOCAL_MACHINE] -> [(default): Uniscribe; IsInstalled: 1] -> {411EDCF7-755D-414E-A74B-3DCD6583F589} [HKEY_LOCAL_MACHINE] -> [(default): Microsoft .NET Framework 1.1 Service Pack 1 (KB867460); IsInstalled: 1] -> {4278c270-a269-11d1-b5bf-0000f8051515} [HKEY_LOCAL_MACHINE] -> [(default): Advanced Authoring; IsInstalled: 1] -> {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [(default): Microsoft Outlook Express 6; IsInstalled: 1] -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [(default): NetMeeting 3.01; IsInstalled: 01 00 00 00 [binary data]] -> {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> [(default): DirectShow; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKEY_LOCAL_MACHINE] -> [(default): DirectDrawEx; IsInstalled: 1] -> {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKEY_LOCAL_MACHINE] -> [(default): Internet Explorer Help; IsInstalled: 1] -> {4f216970-c90c-11d1-b5c7-0000f8051515} [HKEY_LOCAL_MACHINE] -> [(default): DirectAnimation Java Classes; IsInstalled: 1] -> {4f645220-306d-11d2-995d-00c04f98bbc9} [HKEY_LOCAL_MACHINE] -> [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> {5945c046-1e7d-11d1-bc44-00c04fd912be} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [(default): Windows Messenger 4.7; IsInstalled: 1] -> {5A8D6EE0-3E18-11D0-821E-444553540000} [HKEY_LOCAL_MACHINE] -> Reg Error: Value does not exist or could not be read. [ComponentID: ICW; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKEY_LOCAL_MACHINE] -> [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> {630b1da0-b465-11d1-9948-00c04f98bbc9} [HKEY_LOCAL_MACHINE] -> [(default): Browsing Enhancements; IsInstalled: 1] -> {653AC3C4-1593-CBB8-6D0A-F53DCFA3FCD0} [HKEY_LOCAL_MACHINE] -> [(default): Microsoft Windows Media Player 6.4; IsInstalled: 1] -> {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKEY_LOCAL_MACHINE] -> [(default): MSN Site Access; IsInstalled: 1] -> {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} [HKEY_LOCAL_MACHINE] -> [(default): .NET Framework] -> {73fa19d0-2d75-11d2-995d-00c04f98bbc9} [HKEY_LOCAL_MACHINE] -> [(default): Web Folders; IsInstalled: 1] -> {7790769C-0471-11d2-AF11-00C04FA35D02} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [(default): Address Book 6; IsInstalled: 1] -> {85018C9B-81CB-444F-0BC3-94AF9FCE0D0A} [HKEY_LOCAL_MACHINE] -> [(default): DirectAnimation; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [(default): Internet Explorer; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {8b15971b-5355-4c82-8c07-7e181ea07608} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser [(default): Fax; IsInstalled: 1] -> {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} [HKEY_LOCAL_MACHINE] -> [(default): Microsoft .NET Framework 1.1 Hotfix (KB928366); IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKEY_LOCAL_MACHINE] -> [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> {94de52c8-2d59-4f1b-883e-79663d2d9a8c} [StubPath] -> [(default): Fax Provider; IsInstalled: 1] -> {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} [HKEY_LOCAL_MACHINE] -> Reg Error: Value does not exist or could not be read. [(no name)] -> File not found {B508B3F1-A24A-32C0-B310-85786919EF28} [HKEY_LOCAL_MACHINE] -> [(default): .NET Framework] -> {C9E9A340-D1F1-11D0-821E-444553540600} [HKEY_LOCAL_MACHINE] -> [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKEY_LOCAL_MACHINE] -> [(default): .NET Framework] -> {CC2A9BA0-3BDD-11D0-821E-444553540000} [HKEY_LOCAL_MACHINE] -> [(default): Task Scheduler; IsInstalled: 1] -> {CDD7975E-60F8-41d5-8149-19E51D6F71D0} [HKEY_LOCAL_MACHINE] -> Reg Error: Value does not exist or could not be read. [ComponentID: Windows Movie Maker v2.1; IsInstalled: 01 00 00 00 [binary data]] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKEY_LOCAL_MACHINE] -> [(default): Adobe Flash Player; IsInstalled: 01 00 00 00 [binary data]] -> {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKEY_LOCAL_MACHINE] -> [(default): HTML Help; IsInstalled: 1] -> {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKEY_LOCAL_MACHINE] -> [(default): Active Directory Service Interface; IsInstalled: 01 00 00 00 [binary data]] -> <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [StubPath] -> C:\WINDOWS\system32\ieudinit.exe [(default): IE7 Uninstall Stub; IsInstalled: 1] -> >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [StubPath] -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [(default): Outlook Express; IsInstalled: 1] -> < ActiveX StubPath [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKEY_LOCAL_MACHINE] -> [HKLM: Microsoft NetShow Player] -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKEY_LOCAL_MACHINE] -> [HKLM: Windows Media Player] -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {4b218e3e-bc98-4770-93d3-2731b9329278} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKEY_LOCAL_MACHINE] -> [HKLM: Windows Media Player] -> {7790769C-0471-11d2-AF11-00C04FA35D02} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {89820200-ECBD-11cf-8B85-00AA005B4340} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKEY_LOCAL_MACHINE] -> Reg Error: Value does not exist or could not be read. [(no name)] -> File not found {8b15971b-5355-4c82-8c07-7e181ea07608} [HKEY_LOCAL_MACHINE] -> [(no name)] -> {94de52c8-2d59-4f1b-883e-79663d2d9a8c} [HKEY_LOCAL_MACHINE] -> [(no name)] -> <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [HKEY_LOCAL_MACHINE] -> [(no name)] -> >{26923b43-4d38-484f-9b9e-de460746276c} [HKEY_LOCAL_MACHINE] -> [(no name)] -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [HKEY_LOCAL_MACHINE] -> [(no name)] -> < ActiveX StubPath [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Microsoft NetShow Player] -> File not found {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Microsoft NetShow Player] -> File not found {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Microsoft NetShow Player] -> File not found {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Microsoft NetShow Player] -> File not found {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\] > -> HKEY_USERS\S-1-5-21-1257293555-3702680850-1884092972-1008\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Microsoft NetShow Player] -> File not found {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {4b218e3e-bc98-4770-93d3-2731b9329278} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [HKLM: Windows Media Player] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {8b15971b-5355-4c82-8c07-7e181ea07608} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found {94de52c8-2d59-4f1b-883e-79663d2d9a8c} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [(no name)] -> File not found [Files/Folders - Created Within 90 days] $AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [Folder | Created Date = 27/04/2008 12:27:09 | Attr = H ] 1 C:\*.tmp files -> C:\*.tmp -> 20080213_194321_Compaq_Owner_AA (D)_1_1.nda -> %SystemDrive%\20080213_194321_Compaq_Owner_AA (D)_1_1.nda -> [Ver = | Size = 1992293403 bytes | Created Date = 13/02/2008 21:33:53 | Attr = ] 20080213_194321_Compaq_Owner_AA (D)_1_2.nda -> %SystemDrive%\20080213_194321_Compaq_Owner_AA (D)_1_2.nda -> [Ver = | Size = 1141682061 bytes | Created Date = 13/02/2008 22:12:25 | Attr = ] ConverterOutput -> %SystemDrive%\ConverterOutput -> [Folder | Created Date = 04/02/2008 19:50:22 | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 27/04/2008 16:21:59 | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073139712 bytes | Created Date = 18/04/2008 19:31:40 | Attr = HS] install -> %SystemDrive%\install -> [Folder | Created Date = 20/02/2008 13:13:05 | Attr = ] NBDBList.ini -> %SystemDrive%\NBDBList.ini -> [Ver = | Size = 264 bytes | Created Date = 13/02/2008 22:21:57 | Attr = ] Team17 -> %SystemDrive%\Team17 -> [Folder | Created Date = 10/03/2008 20:28:56 | Attr = ] temp -> %SystemDrive%\temp -> [Folder | Created Date = 31/01/2008 14:41:11 | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Created Date = 27/04/2008 00:51:21 | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 5618689 bytes | Created Date = 27/04/2008 00:51:21 | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 23161060 bytes | Created Date = 27/04/2008 00:51:22 | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 112421 bytes | Created Date = 27/04/2008 00:51:22 | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 786367 bytes | Created Date = 27/04/2008 00:51:22 | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.58 | Size = 96520 bytes | Created Date = 27/04/2008 00:51:29 | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 8.0.0.46 | Size = 26184 bytes | Created Date = 27/04/2008 00:51:27 | Attr = ] pctfw2.sys -> %SystemRoot%\System32\drivers\pctfw2.sys -> PC Tools [Ver = 3, 0, 1, 9 | Size = 159112 bytes | Created Date = 17/03/2008 09:50:05 | Attr = ] scdemu.sys -> %SystemRoot%\System32\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 4, 0, 0, 0 | Size = 46652 bytes | Created Date = 14/03/2008 07:04:29 | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 18/03/2008 10:20:47 | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 18/03/2008 10:21:01 | Attr = H ] AC3ACM.acm -> %SystemRoot%\System32\AC3ACM.acm -> fccHandler [Ver = 0, 7, 0, 0 | Size = 81920 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] ac3filter.ax -> %SystemRoot%\System32\ac3filter.ax -> [Ver = 0.68b | Size = 172032 bytes | Created Date = 04/02/2008 19:50:08 | Attr = ] AcSignExt.dll -> %SystemRoot%\System32\AcSignExt.dll -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 28312 bytes | Created Date = 09/02/2008 23:08:18 | Attr = ] AcSignExtRes.dll -> %SystemRoot%\System32\AcSignExtRes.dll -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 13464 bytes | Created Date = 09/02/2008 23:09:54 | Attr = ] AcSignIcon.dll -> %SystemRoot%\System32\AcSignIcon.dll -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 43160 bytes | Created Date = 09/02/2008 23:08:18 | Attr = ] AcSignOpt.exe -> %SystemRoot%\System32\AcSignOpt.exe -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 426136 bytes | Created Date = 09/02/2008 23:08:20 | Attr = ] Adobe -> %SystemRoot%\System32\Adobe -> [Folder | Created Date = 22/04/2008 20:07:48 | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> alf2cd.acm -> %SystemRoot%\System32\alf2cd.acm -> NCT Company [Ver = 2.03 | Size = 38912 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Created Date = 27/04/2008 00:51:33 | Attr = ] BuzzingBee.wav -> %SystemRoot%\System32\BuzzingBee.wav -> [Ver = | Size = 146650 bytes | Created Date = 16/03/2008 22:14:54 | Attr = ] cygiconv-2.dll -> %SystemRoot%\System32\cygiconv-2.dll -> [Ver = | Size = 980992 bytes | Created Date = 11/03/2008 12:30:13 | Attr = ] cygwin1.dll -> %SystemRoot%\System32\cygwin1.dll -> Red Hat [Ver = 1.5.10-cr-0x5e6 | Size = 1153417 bytes | Created Date = 11/03/2008 12:30:14 | Attr = ] cygxml2-2.dll -> %SystemRoot%\System32\cygxml2-2.dll -> [Ver = | Size = 1208320 bytes | Created Date = 11/03/2008 12:30:13 | Attr = ] cygz.dll -> %SystemRoot%\System32\cygz.dll -> [Ver = | Size = 62464 bytes | Created Date = 11/03/2008 12:30:13 | Attr = ] DRWEBSP.DLL -> %SystemRoot%\System32\DRWEBSP.DLL -> Doctor Web, Ltd. [Ver = 4.44.0.12180 | Size = 77824 bytes | Created Date = 24/04/2008 18:33:45 | Attr = ] ffdshow.ax -> %SystemRoot%\System32\ffdshow.ax -> [Ver = 1, 0, 0, 1 | Size = 1761280 bytes | Created Date = 04/02/2008 19:50:09 | Attr = ] FLASH.OCX -> %SystemRoot%\System32\FLASH.OCX -> Macromedia, Inc. [Ver = 7,0,14,0 | Size = 917504 bytes | Created Date = 17/03/2008 10:09:53 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 13/03/2008 09:20:17 | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 13/03/2008 09:20:17 | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 13/03/2008 09:20:17 | Attr = ] Jgar500.dll -> %SystemRoot%\System32\Jgar500.dll -> Johnson-Grace Company [Ver = 5013 | Size = 11264 bytes | Created Date = 31/01/2008 14:48:43 | Attr = ] Jgdw500.dll -> %SystemRoot%\System32\Jgdw500.dll -> America Online [Ver = 076 | Size = 144896 bytes | Created Date = 31/01/2008 14:48:43 | Attr = ] Jgid500.dll -> %SystemRoot%\System32\Jgid500.dll -> Johnson-Grace Company [Ver = 5014 | Size = 11264 bytes | Created Date = 31/01/2008 14:48:43 | Attr = ] Jgme500.dll -> %SystemRoot%\System32\Jgme500.dll -> Johnson-Grace Company [Ver = 5014 | Size = 7168 bytes | Created Date = 31/01/2008 14:48:43 | Attr = ] Jgpl500.dll -> %SystemRoot%\System32\Jgpl500.dll -> Johnson-Grace Company [Ver = 5016 | Size = 15872 bytes | Created Date = 31/01/2008 14:48:43 | Attr = ] Jgst500.dll -> %SystemRoot%\System32\Jgst500.dll -> Johnson-Grace Company [Ver = 5014 | Size = 13312 bytes | Created Date = 31/01/2008 14:48:43 | Attr = ] ldf252.dll -> %SystemRoot%\System32\ldf252.dll -> [Ver = | Size = 335872 bytes | Created Date = 31/01/2008 14:48:45 | Attr = ] libavcodec.dll -> %SystemRoot%\System32\libavcodec.dll -> [Ver = | Size = 2255360 bytes | Created Date = 04/02/2008 19:50:08 | Attr = ] libmpeg2_ff.dll -> %SystemRoot%\System32\libmpeg2_ff.dll -> [Ver = | Size = 112640 bytes | Created Date = 04/02/2008 19:50:09 | Attr = ] libmplayer.dll -> %SystemRoot%\System32\libmplayer.dll -> [Ver = | Size = 395776 bytes | Created Date = 04/02/2008 19:50:09 | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 18/03/2008 10:20:47 | Attr = ] LoopyMusic.wav -> %SystemRoot%\System32\LoopyMusic.wav -> [Ver = | Size = 940794 bytes | Created Date = 16/03/2008 22:14:54 | Attr = ] lwf214p.dll -> %SystemRoot%\System32\lwf214p.dll -> LuraTech GmbH [Ver = 2, 0, 11, 14 | Size = 126976 bytes | Created Date = 31/01/2008 14:48:46 | Attr = ] mcdvd_32.dll -> %SystemRoot%\System32\mcdvd_32.dll -> MainConcept [Ver = 2.0.4 | Size = 261632 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] Mpeg2Decoder.ax -> %SystemRoot%\System32\Mpeg2Decoder.ax -> Ligos Corporation [Ver = 1.3.0.82 | Size = 139264 bytes | Created Date = 11/03/2008 12:30:14 | Attr = ] Mpeg2Parser.ax -> %SystemRoot%\System32\Mpeg2Parser.ax -> Ligos Corporation [Ver = 1.3.0.81 | Size = 94208 bytes | Created Date = 11/03/2008 12:30:14 | Attr = ] OGACheckControl.DLL -> %SystemRoot%\System32\OGACheckControl.DLL -> [Ver = | Size = 693792 bytes | Created Date = 04/02/2008 18:23:10 | Attr = ] plotman.cpl -> %SystemRoot%\System32\plotman.cpl -> Autodesk, Inc. [Ver = 9.2.56.0 | Size = 266904 bytes | Created Date = 09/02/2008 23:09:28 | Attr = ] Scg726.acm -> %SystemRoot%\System32\Scg726.acm -> SHARP Corporation [Ver = 1, 0, 0, 3 | Size = 13239 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] styleman.cpl -> %SystemRoot%\System32\styleman.cpl -> Autodesk, Inc. [Ver = 9.2.56.0 | Size = 266904 bytes | Created Date = 09/02/2008 23:09:28 | Attr = ] TomsMoComp_ff.dll -> %SystemRoot%\System32\TomsMoComp_ff.dll -> [Ver = | Size = 262144 bytes | Created Date = 04/02/2008 19:50:09 | Attr = ] vct3216.acm -> %SystemRoot%\System32\vct3216.acm -> Voxware, Inc. [Ver = 1.6.0.17 | Size = 82944 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Created Date = 10/04/2008 20:04:56 | Attr = ] xvid.ax -> %SystemRoot%\System32\xvid.ax -> [Ver = | Size = 53248 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 524288 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] xvidvfw.dll -> %SystemRoot%\System32\xvidvfw.dll -> [Ver = | Size = 180224 bytes | Created Date = 04/02/2008 19:27:18 | Attr = ] ALCFDRTM.EXE -> %SystemRoot%\ALCFDRTM.EXE -> Realtek Semiconductor Corp. [Ver = 1, 2, 0, 0 | Size = 73728 bytes | Created Date = 16/03/2008 22:14:51 | Attr = ] ALCFDRTM.VER -> %SystemRoot%\ALCFDRTM.VER -> Realtek Semiconductor Corp. [Ver = 1, 2, 0, 0 | Size = 73728 bytes | Created Date = 16/03/2008 22:14:51 | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 27/04/2008 16:22:48 | Attr = ] Irremote.ini -> %SystemRoot%\Irremote.ini -> [Ver = | Size = 0 bytes | Created Date = 30/01/2008 13:48:10 | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 27/04/2008 17:01:58 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Created Date = 31/01/2008 13:05:32 | Attr = ] PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 23/04/2008 17:51:40 | Attr = H ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 25/04/2008 21:01:28 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 25/04/2008 21:01:28 | Attr = H ] WMSysPr8.prx -> %SystemRoot%\WMSysPr8.prx -> [Ver = | Size = 156910 bytes | Created Date = 04/02/2008 19:27:19 | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Created Date = 27/04/2008 00:50:30 | Attr = ] AVS4YOU -> %AllUsersProfile%\Application Data\AVS4YOU -> [Folder | Created Date = 04/02/2008 19:29:29 | Attr = ] Google Updater -> %AllUsersProfile%\Application Data\Google Updater -> [Folder | Created Date = 18/02/2008 11:25:30 | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Created Date = 27/04/2008 11:14:31 | Attr = ] Office Genuine Advantage -> %AllUsersProfile%\Application Data\Office Genuine Advantage -> [Folder | Created Date = 25/04/2008 18:04:31 | Attr = ] PC Tools -> %AllUsersProfile%\Application Data\PC Tools -> [Folder | Created Date = 17/03/2008 09:50:05 | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Created Date = 27/04/2008 11:54:53 | Attr = ] AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [Folder | Created Date = 27/04/2008 00:51:20 | Attr = ] AVS4YOU -> %AppData%\AVS4YOU -> [Folder | Created Date = 04/02/2008 19:29:39 | Attr = ] Azureus -> %AppData%\Azureus -> [Folder | Created Date = 05/02/2008 21:55:32 | Attr = ] DAEMON Tools -> %AppData%\DAEMON Tools -> [Folder | Created Date = 30/03/2008 13:59:46 | Attr = ] Help -> %AppData%\Help -> [Folder | Created Date = 31/01/2008 14:50:47 | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Created Date = 24/04/2008 20:33:58 | Attr = ] Leadertech -> %AppData%\Leadertech -> [Folder | Created Date = 30/01/2008 16:06:00 | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Created Date = 27/04/2008 11:16:34 | Attr = ] Media Player Classic -> %AppData%\Media Player Classic -> [Folder | Created Date = 16/03/2008 22:41:54 | Attr = ] Share-to-Web Upload Folder -> %AppData%\Share-to-Web Upload Folder -> [Folder | Created Date = 31/01/2008 14:47:59 | Attr = ] Sonic -> %AppData%\Sonic -> [Folder | Created Date = 30/01/2008 16:06:25 | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 27/04/2008 11:54:34 | Attr = ] vlc -> %AppData%\vlc -> [Folder | Created Date = 03/02/2008 01:23:39 | Attr = ] WinRAR -> %AppData%\WinRAR -> [Folder | Created Date = 12/04/2008 15:46:51 | Attr = ] Autodesk -> %UserProfile%\Local Settings\Application Data\Autodesk -> [Folder | Created Date = 20/02/2008 13:26:25 | Attr = ] Conduit -> %UserProfile%\Local Settings\Application Data\Conduit -> [Folder | Created Date = 16/02/2008 18:42:43 | Attr = ] Help -> %UserProfile%\Local Settings\Application Data\Help -> [Folder | Created Date = 31/01/2008 14:44:29 | Attr = ] Live_TV -> %UserProfile%\Local Settings\Application Data\Live_TV -> [Folder | Created Date = 18/02/2008 09:51:52 | Attr = ] Nero -> %UserProfile%\Local Settings\Application Data\Nero -> [Folder | Created Date = 31/01/2008 13:01:05 | Attr = ] WorldTV_Bar -> %UserProfile%\Local Settings\Application Data\WorldTV_Bar -> [Folder | Created Date = 16/02/2008 19:12:36 | Attr = ] belfordrd grd floor elec plan.dwg -> %UserProfile%\My Documents\belfordrd grd floor elec plan.dwg -> [Ver = | Size = 1560853 bytes | Created Date = 11/04/2008 12:39:43 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\My Documents\belfordrd grd floor elec plan.dwg:Zone.Identifier byley -> %UserProfile%\My Documents\byley -> [Folder | Created Date = 20/02/2008 19:32:53 | Attr = ] Edinburgh -> %UserProfile%\My Documents\Edinburgh -> [Folder | Created Date = 20/02/2008 19:44:16 | Attr = ] Heatley mere -> %UserProfile%\My Documents\Heatley mere -> [Folder | Created Date = 18/03/2008 15:09:42 | Attr = ] My Web Sites -> %UserProfile%\My Documents\My Web Sites -> [Folder | Created Date = 01/04/2008 22:11:53 | Attr = S] Nero Home -> %UserProfile%\My Documents\Nero Home -> [Folder | Created Date = 31/01/2008 13:03:09 | Attr = ] new image file -> %UserProfile%\My Documents\new image file -> [Folder | Created Date = 01/04/2008 14:22:40 | Attr = ] office ultimate.daa -> %UserProfile%\My Documents\office ultimate.daa -> [Ver = | Size = 463 bytes | Created Date = 01/04/2008 12:04:36 | Attr = ] ofiice ultimate poweriso file -> %UserProfile%\My Documents\ofiice ultimate poweriso file -> [Folder | Created Date = 01/04/2008 12:12:24 | Attr = ] OneNote Notebooks -> %UserProfile%\My Documents\OneNote Notebooks -> [Folder | Created Date = 01/04/2008 22:15:31 | Attr = ] PLAKIAS -> %UserProfile%\My Documents\PLAKIAS -> [Folder | Created Date = 27/03/2008 14:52:44 | Attr = ] space-to-breathe-..._324.gif -> %UserProfile%\My Documents\space-to-breathe-..._324.gif -> [Ver = | Size = 11821 bytes | Created Date = 26/04/2008 13:48:03 | Attr = ] The English Beat - 01 - Mirror In The Bathroom.mp3 -> %UserProfile%\My Documents\The English Beat - 01 - Mirror In The Bathroom.mp3 -> [Ver = | Size = 6041686 bytes | Created Date = 22/04/2008 17:27:11 | Attr = ] Updater5 -> %UserProfile%\My Documents\Updater5 -> [Folder | Created Date = 20/02/2008 16:19:15 | Attr = ] AutoCAD 2009.lnk -> %AllUsersProfile%\Desktop\AutoCAD 2009.lnk -> [Ver = | Size = 1698 bytes | Created Date = 10/04/2008 23:28:05 | Attr = ] AVG Free 8.0.lnk -> %AllUsersProfile%\Desktop\AVG Free 8.0.lnk -> [Ver = | Size = 1515 bytes | Created Date = 27/04/2008 00:51:35 | Attr = ] DWG TrueView 2008.lnk -> %AllUsersProfile%\Desktop\DWG TrueView 2008.lnk -> [Ver = | Size = 1765 bytes | Created Date = 20/02/2008 13:28:44 | Attr = ] HP Photo Imaging Software.lnk -> %AllUsersProfile%\Desktop\HP Photo Imaging Software.lnk -> [Ver = | Size = 1934 bytes | Created Date = 31/01/2008 14:45:31 | Attr = ] HP Quick Reference - Photo Imaging .lnk -> %AllUsersProfile%\Desktop\HP Quick Reference - Photo Imaging .lnk -> [Ver = | Size = 1960 bytes | Created Date = 31/01/2008 14:45:31 | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 704 bytes | Created Date = 27/04/2008 11:14:32 | Attr = ] Nero Home.lnk -> %AllUsersProfile%\Desktop\Nero Home.lnk -> [Ver = | Size = 2262 bytes | Created Date = 02/02/2008 20:38:56 | Attr = ] Nero StartSmart.lnk -> %AllUsersProfile%\Desktop\Nero StartSmart.lnk -> [Ver = | Size = 2360 bytes | Created Date = 02/02/2008 20:38:56 | Attr = ] PowerISO.lnk -> %AllUsersProfile%\Desktop\PowerISO.lnk -> [Ver = | Size = 690 bytes | Created Date = 30/03/2008 17:20:47 | Attr = ] Spyware Doctor.lnk -> %AllUsersProfile%\Desktop\Spyware Doctor.lnk -> [Ver = | Size = 1645 bytes | Created Date = 17/04/2008 14:19:00 | Attr = ] Step-up Guide.lnk -> %AllUsersProfile%\Desktop\Step-up Guide.lnk -> [Ver = | Size = 2007 bytes | Created Date = 30/03/2008 11:02:45 | Attr = ] VLC media player.lnk -> %AllUsersProfile%\Desktop\VLC media player.lnk -> [Ver = | Size = 727 bytes | Created Date = 03/02/2008 01:19:33 | Attr = ] Worms World Party.lnk -> %AllUsersProfile%\Desktop\Worms World Party.lnk -> [Ver = | Size = 477 bytes | Created Date = 10/03/2008 20:28:56 | Attr = ] avg overview.csv -> %UserProfile%\Desktop\avg overview.csv -> [Ver = | Size = 184564 bytes | Created Date = 27/04/2008 16:46:42 | Attr = ] Cucusoft AVI to VCD DVD MPEG Creator Pro.lnk -> %UserProfile%\Desktop\Cucusoft AVI to VCD DVD MPEG Creator Pro.lnk -> [Ver = | Size = 813 bytes | Created Date = 04/02/2008 19:50:09 | Attr = ] downloads desktop -> %UserProfile%\Desktop\downloads desktop -> [Folder | Created Date = 30/03/2008 15:02:15 | Attr = ] DVD Decrypter.lnk -> %UserProfile%\Desktop\DVD Decrypter.lnk -> [Ver = | Size = 1643 bytes | Created Date = 12/04/2008 14:45:42 | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1742 bytes | Created Date = 27/04/2008 02:03:38 | Attr = ] IrfanView Thumbnails.lnk -> %UserProfile%\Desktop\IrfanView Thumbnails.lnk -> [Ver = | Size = 1573 bytes | Created Date = 26/04/2008 13:52:20 | Attr = ] IrfanView.lnk -> %UserProfile%\Desktop\IrfanView.lnk -> [Ver = | Size = 693 bytes | Created Date = 26/04/2008 13:52:20 | Attr = ] Microsoft Expression Web (2).lnk -> %UserProfile%\Desktop\Microsoft Expression Web (2).lnk -> [Ver = | Size = 2461 bytes | Created Date = 01/04/2008 22:11:23 | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 27/04/2008 17:15:11 | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 541685 bytes | Created Date = 27/04/2008 17:10:53 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier SpywareBlaster.lnk -> %UserProfile%\Desktop\SpywareBlaster.lnk -> [Ver = | Size = 698 bytes | Created Date = 25/04/2008 23:02:08 | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %UserProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 788 bytes | Created Date = 27/04/2008 11:54:35 | Attr = ] World of Warcraft Trial.lnk -> %UserProfile%\Desktop\World of Warcraft Trial.lnk -> [Ver = | Size = 713 bytes | Created Date = 17/04/2008 18:07:18 | Attr = ] Google Updater.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Google Updater.lnk -> [Ver = | Size = 928 bytes | Created Date = 18/02/2008 11:25:31 | Attr = ] OneNote 2007 Screen Clipper and Launcher.lnk -> %UserProfile%\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> [Ver = | Size = 955 bytes | Created Date = 01/04/2008 22:15:31 | Attr = ] AVSMedia -> %CommonProgramFiles%\AVSMedia -> [Folder | Created Date = 04/02/2008 19:28:05 | Attr = ] Blizzard Entertainment -> %CommonProgramFiles%\Blizzard Entertainment -> [Folder | Created Date = 04/04/2008 20:23:15 | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Created Date = 27/04/2008 11:14:13 | Attr = ] PC Tools -> %CommonProgramFiles%\PC Tools -> [Folder | Created Date = 17/03/2008 09:47:10 | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 27/04/2008 11:53:06 | Attr = ] [Files/Folders - Modified Within 90 days] $AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [Folder | Modified Date = 27/04/2008 17:15:36 | Attr = H ] 1 C:\*.tmp files -> C:\*.tmp -> 20080213_194321_Compaq_Owner_AA (D)_1_1.nda -> %SystemDrive%\20080213_194321_Compaq_Owner_AA (D)_1_1.nda -> [Ver = | Size = 1992293403 bytes | Modified Date = 13/02/2008 22:12:25 | Attr = ] 20080213_194321_Compaq_Owner_AA (D)_1_2.nda -> %SystemDrive%\20080213_194321_Compaq_Owner_AA (D)_1_2.nda -> [Ver = | Size = 1141682061 bytes | Modified Date = 13/02/2008 22:17:11 | Attr = ] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 27/04/2008 11:54:37 | Attr = H ] ConverterOutput -> %SystemDrive%\ConverterOutput -> [Folder | Modified Date = 04/02/2008 19:53:59 | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 27/04/2008 16:21:59 | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 18/04/2008 18:57:01 | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073139712 bytes | Modified Date = 27/04/2008 14:35:26 | Attr = HS] install -> %SystemDrive%\install -> [Folder | Modified Date = 20/02/2008 13:13:05 | Attr = ] NBDBList.ini -> %SystemDrive%\NBDBList.ini -> [Ver = | Size = 264 bytes | Modified Date = 13/02/2008 22:21:57 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 27/04/2008 11:54:34 | Attr = ] Team17 -> %SystemDrive%\Team17 -> [Folder | Modified Date = 10/03/2008 20:28:56 | Attr = ] temp -> %SystemDrive%\temp -> [Folder | Modified Date = 16/03/2008 23:01:42 | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 27/04/2008 17:02:34 | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Modified Date = 27/04/2008 14:55:10 | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 5618689 bytes | Modified Date = 27/04/2008 00:51:22 | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 23161060 bytes | Modified Date = 27/04/2008 14:55:09 | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 112421 bytes | Modified Date = 27/04/2008 00:53:14 | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 786367 bytes | Modified Date = 27/04/2008 00:51:22 | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.58 | Size = 96520 bytes | Modified Date = 27/04/2008 00:51:29 | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 8.0.0.46 | Size = 26184 bytes | Modified Date = 27/04/2008 00:51:27 | Attr = ] ikfilesec.sys -> %SystemRoot%\System32\drivers\ikfilesec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1039 built by: WinDDK | Size = 42376 bytes | Modified Date = 01/02/2008 11:55:52 | Attr = ] pctfw2.sys -> %SystemRoot%\System32\drivers\pctfw2.sys -> PC Tools [Ver = 3, 0, 1, 9 | Size = 159112 bytes | Modified Date = 20/03/2008 20:26:45 | Attr = ] scdemu.sys -> %SystemRoot%\System32\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 4, 0, 0, 0 | Size = 46652 bytes | Modified Date = 14/03/2008 07:04:29 | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 18/03/2008 10:21:52 | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 18/03/2008 10:21:01 | Attr = H ] AcSignExt.dll -> %SystemRoot%\System32\AcSignExt.dll -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 28312 bytes | Modified Date = 09/02/2008 23:08:18 | Attr = ] AcSignExtRes.dll -> %SystemRoot%\System32\AcSignExtRes.dll -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 13464 bytes | Modified Date = 09/02/2008 23:09:54 | Attr = ] AcSignIcon.dll -> %SystemRoot%\System32\AcSignIcon.dll -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 43160 bytes | Modified Date = 09/02/2008 23:08:18 | Attr = ] AcSignOpt.exe -> %SystemRoot%\System32\AcSignOpt.exe -> Autodesk, Inc. [Ver = 17.2.56.0 | Size = 426136 bytes | Modified Date = 09/02/2008 23:08:20 | Attr = ] Adobe -> %SystemRoot%\System32\Adobe -> [Folder | Modified Date = 22/04/2008 20:07:58 | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 18/03/2008 10:33:40 | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Modified Date = 27/04/2008 00:51:34 | Attr = ] BuzzingBee.wav -> %SystemRoot%\System32\BuzzingBee.wav -> [Ver = | Size = 146650 bytes | Modified Date = 16/03/2008 22:14:54 | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 27/04/2008 17:02:34 | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 27/04/2008 14:49:54 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 16/04/2008 19:00:34 | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 27/04/2008 11:43:59 | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 10/04/2008 23:22:11 | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 25/04/2008 15:54:20 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 27/04/2008 14:37:31 | Attr = ] DRWEBSP.DLL -> %SystemRoot%\System32\DRWEBSP.DLL -> Doctor Web, Ltd. [Ver = 4.44.0.12180 | Size = 77824 bytes | Modified Date = 24/04/2008 20:35:17 | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 16/04/2008 15:23:41 | Attr = ] FLASH.OCX -> %SystemRoot%\System32\FLASH.OCX -> Macromedia, Inc. [Ver = 7,0,14,0 | Size = 917504 bytes | Modified Date = 17/03/2008 10:09:53 | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 376856 bytes | Modified Date = 25/04/2008 15:59:27 | Attr = ] FxsTmp -> %SystemRoot%\System32\FxsTmp -> [Folder | Modified Date = 25/04/2008 11:18:03 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22/02/2008 02:23:35 | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Modified Date = 22/02/2008 03:33:31 | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22/02/2008 02:23:39 | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 22/02/2008 03:33:32 | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 18/03/2008 10:20:47 | Attr = ] LoopyMusic.wav -> %SystemRoot%\System32\LoopyMusic.wav -> [Ver = | Size = 940794 bytes | Modified Date = 16/03/2008 22:14:54 | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 18/03/2008 10:33:40 | Attr = ] OGACheckControl.DLL -> %SystemRoot%\System32\OGACheckControl.DLL -> [Ver = | Size = 693792 bytes | Modified Date = 04/02/2008 18:23:10 | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 80334 bytes | Modified Date = 17/04/2008 14:27:00 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 467688 bytes | Modified Date = 17/04/2008 14:27:00 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 558006 bytes | Modified Date = 17/04/2008 14:27:00 | Attr = ] plotman.cpl -> %SystemRoot%\System32\plotman.cpl -> Autodesk, Inc. [Ver = 9.2.56.0 | Size = 266904 bytes | Modified Date = 09/02/2008 23:09:28 | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Modified Date = 30/03/2008 12:58:14 | Attr = ] SageInformer50.ssf -> %SystemRoot%\System32\SageInformer50.ssf -> [Ver = | Size = 93 bytes | Modified Date = 23/04/2008 16:55:45 | Attr = ] SGLCH32.USR -> %SystemRoot%\System32\SGLCH32.USR -> [Ver = | Size = 640 bytes | Modified Date = 23/04/2008 16:55:48 | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 10/04/2008 21:24:23 | Attr = ] styleman.cpl -> %SystemRoot%\System32\styleman.cpl -> Autodesk, Inc. [Ver = 9.2.56.0 | Size = 266904 bytes | Modified Date = 09/02/2008 23:09:28 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 30/03/2008 14:11:23 | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 27/04/2008 17:08:19 | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Modified Date = 16/04/2008 15:23:37 | Attr = ] hpsysdrv.dat -> %SystemRoot%\System\hpsysdrv.dat -> [Ver = | Size = 247 bytes | Modified Date = 27/04/2008 14:36:22 | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 11/04/2008 00:08:21 | Attr = H ] ALCFDRTM.EXE -> %SystemRoot%\ALCFDRTM.EXE -> Realtek Semiconductor Corp. [Ver = 1, 2, 0, 0 | Size = 73728 bytes | Modified Date = 16/03/2008 22:14:51 | Attr = ] ALCFDRTM.VER -> %SystemRoot%\ALCFDRTM.VER -> Realtek Semiconductor Corp. [Ver = 1, 2, 0, 0 | Size = 73728 bytes | Modified Date = 16/03/2008 22:14:51 | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 18/03/2008 10:31:01 | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 16/04/2008 17:42:19 | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 27/04/2008 14:35:36 | Attr = S] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 27/04/2008 16:26:16 | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 27/04/2008 16:22:48 | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 25/04/2008 15:54:15 | Attr = R S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 25/04/2008 23:17:38 | Attr = ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 09/04/2008 10:57:14 | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 10/04/2008 20:03:10 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 27/04/2008 17:01:59 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 27/04/2008 11:54:46 | Attr = HS] Irremote.ini -> %SystemRoot%\Irremote.ini -> [Ver = | Size = 0 bytes | Modified Date = 30/01/2008 13:48:10 | Attr = ] iTouch.ini -> %SystemRoot%\iTouch.ini -> [Ver = | Size = 51 bytes | Modified Date = 27/04/2008 14:36:41 | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 27/04/2008 17:01:58 | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 16/04/2008 17:41:42 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 10/04/2008 19:12:39 | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 18/04/2008 19:00:42 | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 263 bytes | Modified Date = 16/04/2008 17:35:55 | Attr = ] PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 23/04/2008 17:51:40 | Attr = H ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 27/04/2008 17:15:15 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 25/04/2008 21:01:28 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 25/04/2008 21:01:28 | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 30/03/2008 14:11:23 | Attr = ] Sage.ini -> %SystemRoot%\Sage.ini -> [Ver = | Size = 4658 bytes | Modified Date = 23/04/2008 19:33:02 | Attr = ] SGREP32.INI -> %SystemRoot%\SGREP32.INI -> [Ver = | Size = 539 bytes | Modified Date = 23/04/2008 19:33:02 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 231 bytes | Modified Date = 25/04/2008 15:54:15 | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 27/04/2008 17:02:34 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 30/03/2008 13:15:43 | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 27/04/2008 17:17:51 | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 31/01/2008 14:45:22 | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 63 bytes | Modified Date = 16/04/2008 17:34:21 | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 667 bytes | Modified Date = 16/04/2008 17:40:41 | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 17/03/2008 00:37:35 | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 18/03/2008 10:22:04 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 27/04/2008 14:35:43 | Attr = H ] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 03/01/2005 06:44:18 | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 5861 bytes | Modified Date = 27/04/2008 17:01:08 | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5476 bytes | Modified Date = 27/04/2008 17:01:08 | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 02/02/2008 13:50:19 | Attr = ] opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8866 bytes | Modified Date = 01/04/2008 11:59:10 | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc -> [Folder | Modified Date = 27/04/2008 14:36:44 | Attr = ] Perflib_Perfdata_424.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_424.dat -> [Ver = | Size = 16384 bytes | Modified Date = 27/04/2008 14:36:44 | Attr = ] 2 C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\*.tmp files -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\*.tmp -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [Folder | Modified Date = 02/04/2008 00:00:05 | Attr = ] wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [Ver = | Size = 16384 bytes | Modified Date = 16/08/2007 11:06:55 | Attr = ] wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat -> [Ver = | Size = 161385 bytes | Modified Date = 16/08/2007 11:07:25 | Attr = ] C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp -> [Folder | Modified Date = 27/04/2008 17:15:36 | Attr = ] Perflib_Perfdata_fcc.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\Perflib_Perfdata_fcc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 27/04/2008 14:46:01 | Attr = ] 2 C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp -> [Files Modified - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Modified Date = 20/02/2008 12:34:25 | Attr = ] Autodesk -> %AllUsersProfile%\Application Data\Autodesk -> [Folder | Modified Date = 11/04/2008 00:11:42 | Attr = ] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Modified Date = 27/04/2008 00:50:32 | Attr = ] AVS4YOU -> %AllUsersProfile%\Application Data\AVS4YOU -> [Folder | Modified Date = 04/02/2008 19:29:29 | Attr = ] Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Modified Date = 18/02/2008 11:25:56 | Attr = ] Google Updater -> %AllUsersProfile%\Application Data\Google Updater -> [Folder | Modified Date = 26/04/2008 22:06:23 | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Modified Date = 27/04/2008 11:14:31 | Attr = ] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Modified Date = 01/04/2008 15:03:33 | Attr = ] Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [Folder | Modified Date = 16/04/2008 17:53:05 | Attr = ] Napster -> %AllUsersProfile%\Application Data\Napster -> [Folder | Modified Date = 31/03/2008 14:03:02 | Attr = ] Nero -> %AllUsersProfile%\Application Data\Nero -> [Folder | Modified Date = 02/02/2008 18:59:11 | Attr = ] Office Genuine Advantage -> %AllUsersProfile%\Application Data\Office Genuine Advantage -> [Folder | Modified Date = 25/04/2008 18:04:31 | Attr = ] PC Tools -> %AllUsersProfile%\Application Data\PC Tools -> [Folder | Modified Date = 17/03/2008 09:50:05 | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 27/04/2008 11:54:53 | Attr = ] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Modified Date = 27/04/2008 14:56:03 | Attr = ] @Alternate Data Stream - 115 bytes -> %AllUsersProfile%\Application Data\TEMP:5C321E34 @Alternate Data Stream - 124 bytes -> %AllUsersProfile%\Application Data\TEMP:80337C03 @Alternate Data Stream - 158 bytes -> %AllUsersProfile%\Application Data\TEMP:D1B5B4F1 @Alternate Data Stream - 140 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2 Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 13/02/2008 18:16:08 | Attr = ] Autodesk -> %AppData%\Autodesk -> [Folder | Modified Date = 11/04/2008 00:12:15 | Attr = ] AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [Folder | Modified Date = 27/04/2008 02:06:58 | Attr = ] AVS4YOU -> %AppData%\AVS4YOU -> [Folder | Modified Date = 04/02/2008 19:29:39 | Attr = ] Azureus -> %AppData%\Azureus -> [Folder | Modified Date = 10/03/2008 19:13:45 | Attr = ] DAEMON Tools -> %AppData%\DAEMON Tools -> [Folder | Modified Date = 30/03/2008 13:59:46 | Attr = ] Help -> %AppData%\Help -> [Folder | Modified Date = 31/01/2008 14:50:47 | Attr = ] Image Zone Express -> %AppData%\Image Zone Express -> [Folder | Modified Date = 25/04/2008 16:23:42 | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Modified Date = 24/04/2008 20:33:58 | Attr = ] Leadertech -> %AppData%\Leadertech -> [Folder | Modified Date = 30/01/2008 16:06:00 | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Modified Date = 27/04/2008 11:16:34 | Attr = ] Media Player Classic -> %AppData%\Media Player Classic -> [Folder | Modified Date = 16/03/2008 22:42:07 | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 03/04/2008 09:17:11 | Attr = ] Share-to-Web Upload Folder -> %AppData%\Share-to-Web Upload Folder -> [Folder | Modified Date = 31/01/2008 14:47:59 | Attr = ] Sonic -> %AppData%\Sonic -> [Folder | Modified Date = 30/01/2008 16:06:25 | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 27/04/2008 11:54:34 | Attr = ] ViewerApp.dat -> %AppData%\ViewerApp.dat -> [Ver = | Size = 2216 bytes | Modified Date = 16/04/2008 12:20:20 | Attr = ] vlc -> %AppData%\vlc -> [Folder | Modified Date = 03/02/2008 01:23:39 | Attr = ] WinRAR -> %AppData%\WinRAR -> [Folder | Modified Date = 12/04/2008 15:46:51 | Attr = ] Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Modified Date = 17/03/2008 10:52:58 | Attr = ] Autodesk -> %UserProfile%\Local Settings\Application Data\Autodesk -> [Folder | Modified Date = 10/04/2008 23:23:41 | Attr = ] Conduit -> %UserProfile%\Local Settings\Application Data\Conduit -> [Folder | Modified Date = 18/02/2008 09:52:46 | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 8192 bytes | Modified Date = 16/03/2008 10:29:37 | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 110128 bytes | Modified Date = 25/04/2008 16:18:11 | Attr = ] Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Modified Date = 20/02/2008 12:51:15 | Attr = ] Help -> %UserProfile%\Local Settings\Application Data\Help -> [Folder | Modified Date = 31/01/2008 14:44:29 | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 2110234 bytes | Modified Date = 31/01/2008 12:56:33 | Attr = H ] Live_TV -> %UserProfile%\Local Settings\Application Data\Live_TV -> [Folder | Modified Date = 18/02/2008 09:51:52 | Attr = ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 25/04/2008 16:06:29 | Attr = ] Nero -> %UserProfile%\Local Settings\Application Data\Nero -> [Folder | Modified Date = 31/01/2008 13:01:05 | Attr = ] WorldTV_Bar -> %UserProfile%\Local Settings\Application Data\WorldTV_Bar -> [Folder | Modified Date = 16/02/2008 19:12:36 | Attr = ] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [Folder | Modified Date = 20/02/2008 19:40:21 | Attr = ] belfordrd grd floor elec plan.dwg -> %UserProfile%\My Documents\belfordrd grd floor elec plan.dwg -> [Ver = | Size = 1560853 bytes | Modified Date = 26/02/2008 07:41:49 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\My Documents\belfordrd grd floor elec plan.dwg:Zone.Identifier byley -> %UserProfile%\My Documents\byley -> [Folder | Modified Date = 01/04/2008 23:51:57 | Attr = ] Edinburgh -> %UserProfile%\My Documents\Edinburgh -> [Folder | Modified Date = 22/04/2008 14:57:01 | Attr = ] Heatley mere -> %UserProfile%\My Documents\Heatley mere -> [Folder | Modified Date = 18/03/2008 15:10:03 | Attr = ] LYMM -> %UserProfile%\My Documents\LYMM -> [Folder | Modified Date = 23/04/2008 16:24:57 | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 26/04/2008 14:27:16 | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 08/04/2008 13:12:14 | Attr = R ] My Scans -> %UserProfile%\My Documents\My Scans -> [Folder | Modified Date = 08/04/2008 10:43:29 | Attr = ] My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Modified Date = 06/02/2008 00:00:48 | Attr = R ] My Web Sites -> %UserProfile%\My Documents\My Web Sites -> [Folder | Modified Date = 01/04/2008 22:11:53 | Attr = S] Nero Home -> %UserProfile%\My Documents\Nero Home -> [Folder | Modified Date = 31/01/2008 13:03:09 | Attr = ] new image file -> %UserProfile%\My Documents\new image file -> [Folder | Modified Date = 01/04/2008 14:22:40 | Attr = ] office ultimate.daa -> %UserProfile%\My Documents\office ultimate.daa -> [Ver = | Size = 463 bytes | Modified Date = 01/04/2008 14:48:49 | Attr = ] ofiice ultimate poweriso file -> %UserProfile%\My Documents\ofiice ultimate poweriso file -> [Folder | Modified Date = 01/04/2008 12:12:24 | Attr = ] OneNote Notebooks -> %UserProfile%\My Documents\OneNote Notebooks -> [Folder | Modified Date = 01/04/2008 22:15:33 | Attr = ] PLAKIAS -> %UserProfile%\My Documents\PLAKIAS -> [Folder | Modified Date = 27/03/2008 14:52:48 | Attr = ] SARAH -> %UserProfile%\My Documents\SARAH -> [Folder | Modified Date = 23/04/2008 13:14:12 | Attr = ] SPACE TO BREATHE -> %UserProfile%\My Documents\SPACE TO BREATHE -> [Folder | Modified Date = 26/04/2008 14:01:59 | Attr = ] space-to-breathe-..._324.gif -> %UserProfile%\My Documents\space-to-breathe-..._324.gif -> [Ver = | Size = 11821 bytes | Modified Date = 26/04/2008 08:48:42 | Attr = ] The English Beat - 01 - Mirror In The Bathroom.mp3 -> %UserProfile%\My Documents\The English Beat - 01 - Mirror In The Bathroom.mp3 -> [Ver = | Size = 6041686 bytes | Modified Date = 22/04/2008 13:58:33 | Attr = ] Updater5 -> %UserProfile%\My Documents\Updater5 -> [Folder | Modified Date = 20/02/2008 16:19:15 | Attr = ] Adobe Reader 8.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 8.lnk -> [Ver = | Size = 1737 bytes | Modified Date = 20/02/2008 12:34:51 | Attr = ] AutoCAD 2009.lnk -> %AllUsersProfile%\Desktop\AutoCAD 2009.lnk -> [Ver = | Size = 1698 bytes | Modified Date = 10/04/2008 23:28:05 | Attr = ] AVG Free 8.0.lnk -> %AllUsersProfile%\Desktop\AVG Free 8.0.lnk -> [Ver = | Size = 1515 bytes | Modified Date = 27/04/2008 00:51:35 | Attr = ] DWG TrueView 2008.lnk -> %AllUsersProfile%\Desktop\DWG TrueView 2008.lnk -> [Ver = | Size = 1765 bytes | Modified Date = 20/02/2008 13:28:45 | Attr = ] HP Photo Imaging Software.lnk -> %AllUsersProfile%\Desktop\HP Photo Imaging Software.lnk -> [Ver = | Size = 1934 bytes | Modified Date = 31/01/2008 14:45:31 | Attr = ] HP Quick Reference - Photo Imaging .lnk -> %AllUsersProfile%\Desktop\HP Quick Reference - Photo Imaging .lnk -> [Ver = | Size = 1960 bytes | Modified Date = 31/01/2008 14:45:31 | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 704 bytes | Modified Date = 27/04/2008 11:14:32 | Attr = ] Nero Home.lnk -> %AllUsersProfile%\Desktop\Nero Home.lnk -> [Ver = | Size = 2262 bytes | Modified Date = 02/02/2008 20:38:56 | Attr = ] Nero StartSmart.lnk -> %AllUsersProfile%\Desktop\Nero StartSmart.lnk -> [Ver = | Size = 2360 bytes | Modified Date = 02/02/2008 20:38:56 | Attr = ] PowerISO.lnk -> %AllUsersProfile%\Desktop\PowerISO.lnk -> [Ver = | Size = 690 bytes | Modified Date = 30/03/2008 17:20:47 | Attr = ] Sony Ericsson PC Suite.lnk -> %AllUsersProfile%\Desktop\Sony Ericsson PC Suite.lnk -> [Ver = | Size = 2673 bytes | Modified Date = 08/04/2008 12:37:26 | Attr = ] Spyware Doctor.lnk -> %AllUsersProfile%\Desktop\Spyware Doctor.lnk -> [Ver = | Size = 1645 bytes | Modified Date = 17/04/2008 14:19:00 | Attr = ] Step-up Guide.lnk -> %AllUsersProfile%\Desktop\Step-up Guide.lnk -> [Ver = | Size = 2007 bytes | Modified Date = 30/03/2008 11:02:45 | Attr = ] VLC media player.lnk -> %AllUsersProfile%\Desktop\VLC media player.lnk -> [Ver = | Size = 727 bytes | Modified Date = 03/02/2008 01:19:33 | Attr = ] Worms World Party.lnk -> %AllUsersProfile%\Desktop\Worms World Party.lnk -> [Ver = | Size = 477 bytes | Modified Date = 10/03/2008 20:28:56 | Attr = ] avg overview.csv -> %UserProfile%\Desktop\avg overview.csv -> [Ver = | Size = 184564 bytes | Modified Date = 27/04/2008 16:46:42 | Attr = ] Cucusoft AVI to VCD DVD MPEG Creator Pro.lnk -> %UserProfile%\Desktop\Cucusoft AVI to VCD DVD MPEG Creator Pro.lnk -> [Ver = | Size = 813 bytes | Modified Date = 04/02/2008 20:17:58 | Attr = ] downloads desktop -> %UserProfile%\Desktop\downloads desktop -> [Folder | Modified Date = 19/04/2008 20:33:21 | Attr = ] DVD Decrypter.lnk -> %UserProfile%\Desktop\DVD Decrypter.lnk -> [Ver = | Size = 1643 bytes | Modified Date = 12/04/2008 14:45:42 | Attr = ] Help and Support.lnk -> %UserProfile%\Desktop\Help and Support.lnk -> [Ver = | Size = 2846 bytes | Modified Date = 16/03/2008 22:21:09 | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1742 bytes | Modified Date = 27/04/2008 02:03:38 | Attr = ] IrfanView Thumbnails.lnk -> %UserProfile%\Desktop\IrfanView Thumbnails.lnk -> [Ver = | Size = 1573 bytes | Modified Date = 26/04/2008 13:52:20 | Attr = ] IrfanView.lnk -> %UserProfile%\Desktop\IrfanView.lnk -> [Ver = | Size = 693 bytes | Modified Date = 26/04/2008 13:52:20 | Attr = ] Microsoft Expression Web (2).lnk -> %UserProfile%\Desktop\Microsoft Expression Web (2).lnk -> [Ver = | Size = 2461 bytes | Modified Date = 23/04/2008 16:06:21 | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 27/04/2008 17:15:11 | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 541685 bytes | Modified Date = 27/04/2008 17:10:58 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier SpywareBlaster.lnk -> %UserProfile%\Desktop\SpywareBlaster.lnk -> [Ver = | Size = 698 bytes | Modified Date = 25/04/2008 23:02:08 | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %UserProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 788 bytes | Modified Date = 27/04/2008 11:54:35 | Attr = ] World of Warcraft Trial.lnk -> %UserProfile%\Desktop\World of Warcraft Trial.lnk -> [Ver = | Size = 713 bytes | Modified Date = 17/04/2008 18:07:19 | Attr = ] Google Updater.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Google Updater.lnk -> [Ver = | Size = 928 bytes | Modified Date = 18/02/2008 11:25:32 | Attr = ] OneNote 2007 Screen Clipper and Launcher.lnk -> %UserProfile%\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> [Ver = | Size = 955 bytes | Modified Date = 01/04/2008 22:15:31 | Attr = ] Autodesk Shared -> %CommonProgramFiles%\Autodesk Shared -> [Folder | Modified Date = 10/04/2008 23:29:28 | Attr = ] AVSMedia -> %CommonProgramFiles%\AVSMedia -> [Folder | Modified Date = 05/02/2008 14:24:48 | Attr = ] Blizzard Entertainment -> %CommonProgramFiles%\Blizzard Entertainment -> [Folder | Modified Date = 17/04/2008 18:05:45 | Attr = ] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 10/04/2008 21:24:44 | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Modified Date = 27/04/2008 11:14:13 | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 10/04/2008 21:24:43 | Attr = ] Nero -> %CommonProgramFiles%\Nero -> [Folder | Modified Date = 02/02/2008 19:04:03 | Attr = ] PC Tools -> %CommonProgramFiles%\PC Tools -> [Folder | Modified Date = 17/03/2008 09:50:04 | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 27/04/2008 11:53:06 | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]