[code] OTScanIt logfile created on: 5/18/2008 11:38:58 AM OTScanIt by OldTimer - Version 1.0.14.0 Folder = C:\Documents and Settings\Karen\Desktop\OTScanIt Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 759.52 Mb Total Physical Memory | 436.90 Mb Available Physical Memory | 57.52% Memory free 1.81 Gb Paging File | 1.52 Gb Available in Paging File | 83.80% Paging File free Paging file location(s): C:\pagefile.sys 1140 2280; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 13.97 Gb Total Space | 1.37 Gb Free Space | 9.82% Space Free | Partition Type: NTFS Drive D: | 92.83 Gb Total Space | 86.11 Gb Free Space | 92.76% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 492.73 Mb Total Space | 397.03 Mb Free Space | 80.58% Space Free | Partition Type: FAT H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MAIN Current User Name: Karen Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.3.2.7 | Size = 108904 bytes | Modified Date = 7/17/2007 9:53:26 PM | Attr = ] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 3/19/2008 5:08:58 PM | Attr = ] lexbces.exe -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.18 | Size = 303104 bytes | Modified Date = 3/26/2003 10:17:14 AM | Attr = ] lexpps.exe -> %SystemRoot%\system32\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 8.18 | Size = 174592 bytes | Modified Date = 3/26/2003 10:16:04 AM | Attr = ] appservices.exe -> %ProgramFiles%\Iomega\System32\AppServices.exe -> Iomega Corporation [Ver = 2, 0, 2, 4 | Size = 73728 bytes | Modified Date = 7/31/2002 4:15:18 PM | Attr = ] sssvr.exe -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Music\SSSvr.exe -> Sony Corporation [Ver = 2.6.00.07010 | Size = 495705 bytes | Modified Date = 7/1/2003 9:53:48 PM | Attr = ] sv_httpd.exe -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> Sony Corporation [Ver = 2.6.00.06090 | Size = 57344 bytes | Modified Date = 6/23/2003 11:16:38 PM | Attr = ] ezsp_px.exe -> %SystemRoot%\system32\ezSP_Px.exe -> Easy Systems Japan Ltd. [Ver = 1, 0, 0, 0 | Size = 40960 bytes | Modified Date = 8/20/2002 1:29:26 PM | Attr = ] hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3,0,0,2104 | Size = 114688 bytes | Modified Date = 4/7/2003 3:07:38 AM | Attr = ] agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 2/14/2003 3:59:00 PM | Attr = ] itouch.exe -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.15.264 | Size = 631362 bytes | Modified Date = 11/23/2002 3:15:00 AM | Attr = ] lvcomsx.exe -> %SystemRoot%\system32\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 221184 bytes | Modified Date = 10/8/2004 1:52:32 PM | Attr = ] logitray.exe -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 217088 bytes | Modified Date = 10/8/2004 2:24:42 PM | Attr = ] qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.0.3 | Size = 155648 bytes | Modified Date = 8/23/2006 10:49:08 PM | Attr = ] hpwuschd2.exe -> %ProgramFiles%\hp\HP Software Update\hpwuSchd2.exe -> Hewlett-Packard [Ver = 80, 1, 0, 0 | Size = 54840 bytes | Modified Date = 5/8/2007 4:24:20 PM | Attr = ] ccapp.exe -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 106.3.2.7 | Size = 116072 bytes | Modified Date = 7/17/2007 9:54:00 PM | Attr = ] em_exec.exe -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE -> Logitech Inc. [Ver = 9.75.302 | Size = 37888 bytes | Modified Date = 11/21/2002 10:50:00 AM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 144784 bytes | Modified Date = 3/25/2008 4:28:02 AM | Attr = ] upnpframework.exe -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> Sony Corporation [Ver = 4.0.00.06240 | Size = 720896 bytes | Modified Date = 6/24/2003 5:49:54 PM | Attr = ] hpqtra08.exe -> %ProgramFiles%\hp\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Development Company, L.P. [Ver = 70.0.170.000 | Size = 288472 bytes | Modified Date = 2/19/2006 6:21:22 AM | Attr = ] bwgo00018c4d.exe -> %UserProfile%\Local Settings\Temp\bwgo00018c4d.exe -> [Ver = | Size = 16384 bytes | Modified Date = 2/9/2005 6:47:49 AM | Attr = ] fxsvr2.exe -> %ProgramFiles%\Logitech\Video\FxSvr2.exe -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 192512 bytes | Modified Date = 10/8/2004 2:07:06 PM | Attr = ] hpqste08.exe -> %ProgramFiles%\hp\Digital Imaging\bin\hpqste08.exe -> Hewlett-Packard Development Company, L.P. [Ver = 70.0.170.000 | Size = 239320 bytes | Modified Date = 2/19/2006 7:24:52 AM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.14.0 | Size = 372224 bytes | Modified Date = 5/9/2008 9:51:12 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 3/19/2008 5:08:58 PM | Attr = ] (ccEvtMgr) Symantec Event Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.3.2.7 | Size = 108904 bytes | Modified Date = 7/17/2007 9:53:26 PM | Attr = ] (ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.3.2.7 | Size = 108904 bytes | Modified Date = 7/17/2007 9:53:26 PM | Attr = ] (CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.3.2.7 | Size = 108904 bytes | Modified Date = 7/17/2007 9:53:26 PM | Attr = ] (comHost) COM Host [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\VAScanner\comHost.exe -> Symantec Corporation [Ver = 1.2.0.28 | Size = 49248 bytes | Modified Date = 1/12/2007 10:40:58 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 3:56:48 AM | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 1:41:10 AM | Attr = ] (Iomega Activity Disk2) Iomega Activity Disk2 [Win32_Own | Disabled | Stopped] -> -> File not found (Iomega App Services) Iomega App Services [Win32_Own | Auto | Running] -> %ProgramFiles%\Iomega\System32\AppServices.exe -> Iomega Corporation [Ver = 2, 0, 2, 4 | Size = 73728 bytes | Modified Date = 7/31/2002 4:15:18 PM | Attr = ] (LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.18 | Size = 303104 bytes | Modified Date = 3/26/2003 10:17:14 AM | Attr = ] (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_2.EXE -> Symantec Corporation [Ver = 3.2.0.68 | Size = 2999664 bytes | Modified Date = 9/12/2007 6:27:24 PM | Attr = ] (LiveUpdate Notice Ex) LiveUpdate Notice Service Ex [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.3.2.7 | Size = 108904 bytes | Modified Date = 7/17/2007 9:53:26 PM | Attr = ] (LiveUpdate Notice Service) LiveUpdate Notice Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 1/29/2008 5:38:31 PM | Attr = ] (NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4474 | Size = 73728 bytes | Modified Date = 7/16/2003 2:22:00 PM | Attr = ] (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\HPZipm12.exe -> HP [Ver = 10, 1, 1, 6 | Size = 73728 bytes | Modified Date = 8/9/2007 3:27:52 AM | Attr = ] (SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 3.2.00.12242 | Size = 65536 bytes | Modified Date = 12/24/2002 2:01:22 PM | Attr = ] (Symantec Core LC) Symantec Core LC [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [Ver = | Size = 1251720 bytes | Modified Date = 5/14/2008 6:51:57 PM | Attr = ] (VAIOMediaPlatform-MusicServer-AppServer) VAIO Media Music Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Music\SSSvr.exe -> Sony Corporation [Ver = 2.6.00.07010 | Size = 495705 bytes | Modified Date = 7/1/2003 9:53:48 PM | Attr = ] (VAIOMediaPlatform-MusicServer-HTTP) VAIO Media Music Server (HTTP) [Win32_Shared | Auto | Running] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> Sony Corporation [Ver = 2.6.00.06090 | Size = 57344 bytes | Modified Date = 6/23/2003 11:16:38 PM | Attr = ] (VAIOMediaPlatform-MusicServer-UPnP) VAIO Media Music Server (UPnP) [Win32_Own | Auto | Running] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> Sony Corporation [Ver = 4.0.00.06240 | Size = 720896 bytes | Modified Date = 6/24/2003 5:49:54 PM | Attr = ] (VAIOMediaPlatform-PhotoServer-AppServer) VAIO Media Photo Server [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe -> Sony Corporation [Ver = 2, 6, 0,06300 | Size = 925696 bytes | Modified Date = 6/30/2003 8:35:22 PM | Attr = ] (VAIOMediaPlatform-PhotoServer-HTTP) VAIO Media Photo Server (HTTP) [Win32_Shared | Auto | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> Sony Corporation [Ver = 2.6.00.06090 | Size = 57344 bytes | Modified Date = 6/23/2003 11:16:38 PM | Attr = ] (VAIOMediaPlatform-PhotoServer-UPnP) VAIO Media Photo Server (UPnP) [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> Sony Corporation [Ver = 4.0.00.06240 | Size = 720896 bytes | Modified Date = 6/24/2003 5:49:54 PM | Attr = ] (VAIOMediaPlatform-VideoServer-AppServer) VAIO Media Video Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe -> Sony Corporation [Ver = 2, 6, 00,06300 | Size = 1196032 bytes | Modified Date = 6/30/2003 8:38:40 PM | Attr = ] (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP) [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> Sony Corporation [Ver = 2.6.00.06090 | Size = 57344 bytes | Modified Date = 6/23/2003 11:16:38 PM | Attr = ] (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> Sony Corporation [Ver = 4.0.00.06240 | Size = 720896 bytes | Modified Date = 6/24/2003 5:49:54 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AGRSMMSG -> %SystemRoot%\AGRSMMSG.exe [AGRSMMSG.exe] -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 2/14/2003 3:59:00 PM | Attr = ] ATIModeChange -> %SystemRoot%\system32\Ati2mdxx.exe [Ati2mdxx.exe] -> ATI Technologies, Inc. [Ver = 4.13.3 | Size = 28672 bytes | Modified Date = 9/4/2001 7:24:26 PM | Attr = ] ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe [C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] -> ATI Technologies, Inc. [Ver = 6.14.10.5022 | Size = 335872 bytes | Modified Date = 7/6/2003 4:01:00 PM | Attr = ] ccApp -> %CommonProgramFiles%\Symantec Shared\ccApp.exe ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> Symantec Corporation [Ver = 106.3.2.7 | Size = 116072 bytes | Modified Date = 7/17/2007 9:54:00 PM | Attr = ] ezShieldProtector for Px -> %SystemRoot%\system32\ezSP_Px.exe [C:\WINDOWS\System32\ezSP_Px.exe] -> Easy Systems Japan Ltd. [Ver = 1, 0, 0, 0 | Size = 40960 bytes | Modified Date = 8/20/2002 1:29:26 PM | Attr = ] HotKeysCmds -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\System32\hkcmd.exe] -> Intel Corporation [Ver = 3,0,0,2104 | Size = 114688 bytes | Modified Date = 4/7/2003 3:07:38 AM | Attr = ] HP Software Update -> %ProgramFiles%\hp\HP Software Update\hpwuSchd2.exe [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] -> Hewlett-Packard [Ver = 80, 1, 0, 0 | Size = 54840 bytes | Modified Date = 5/8/2007 4:24:20 PM | Attr = ] IgfxTray -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\System32\igfxtray.exe] -> Intel Corporation [Ver = 3,0,0,2104 | Size = 155648 bytes | Modified Date = 4/7/2003 3:19:52 AM | Attr = ] Logitech Utility -> %SystemRoot%\LOGI_MWX.EXE [Logi_MwX.Exe] -> Logitech Inc. [Ver = 9.75.294 | Size = 19968 bytes | Modified Date = 11/8/2002 5:50:00 AM | Attr = ] LogitechGalleryRepair -> %ProgramFiles%\Logitech\ImageStudio\ISStart.exe [C:\Program Files\Logitech\ImageStudio\ISStart.exe] -> Logitech Inc. [Ver = 7.3.0.1113 | Size = 155648 bytes | Modified Date = 12/10/2002 7:32:12 PM | Attr = ] LogitechImageStudioTray -> %ProgramFiles%\Logitech\ImageStudio\LogiTray.exe [C:\Program Files\Logitech\ImageStudio\LogiTray.exe] -> Logitech Inc. [Ver = 7.3.0.1113 | Size = 61440 bytes | Modified Date = 12/10/2002 7:31:34 PM | Attr = ] LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe [C:\Program Files\Logitech\Video\ISStart.exe ] -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 458752 bytes | Modified Date = 10/8/2004 2:31:02 PM | Attr = ] LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe [C:\Program Files\Logitech\Video\LogiTray.exe] -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 217088 bytes | Modified Date = 10/8/2004 2:24:42 PM | Attr = ] LVCOMSX -> %SystemRoot%\system32\LVCOMSX.EXE [C:\WINDOWS\system32\LVCOMSX.EXE] -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 221184 bytes | Modified Date = 10/8/2004 1:52:32 PM | Attr = ] NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.4474 | Size = 4743168 bytes | Modified Date = 7/16/2003 2:22:00 PM | Attr = ] nwiz -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /installquiet] -> NVIDIA Corporation [Ver = 6.14.10.4474 | Size = 323584 bytes | Modified Date = 7/16/2003 2:22:00 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Computer, Inc. [Ver = 7.0.3 | Size = 155648 bytes | Modified Date = 8/23/2006 10:49:08 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_06\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 144784 bytes | Modified Date = 3/25/2008 4:28:02 AM | Attr = ] Symantec PIF AlertEng -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe ["C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"] -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 1/29/2008 5:38:31 PM | Attr = ] UVS10 Preload -> D:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [D:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe] -> Ulead Systems, Inc. [Ver = 9.0 | Size = 36864 bytes | Modified Date = 3/7/2006 1:52:16 AM | Attr = ] VAIO Recovery -> %SystemRoot%\SONYSYS\VAIO Recovery\PartSeal.exe [C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe] -> Sony Electronics Inc [Ver = 1.0.2 | Size = 28672 bytes | Modified Date = 4/20/2003 1:08:44 AM | Attr = ] zBrowser Launcher -> %ProgramFiles%\Logitech\iTouch\iTouch.exe [C:\Program Files\Logitech\iTouch\iTouch.exe] -> Logitech Inc. [Ver = 2.15.264 | Size = 631362 bytes | Modified Date = 11/23/2002 3:15:00 AM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> LDM -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] -> Logitech [Ver = 2.1.2.0 | Size = 32768 bytes | Modified Date = 2/9/2005 6:47:49 AM | Attr = ] LogitechSoftwareUpdate -> %ProgramFiles%\Logitech\Video\ManifestEngine.exe ["C:\Program Files\Logitech\Video\ManifestEngine.exe" boot] -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 196608 bytes | Modified Date = 10/8/2004 2:06:52 PM | Attr = ] updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe ["C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1] -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 3/30/2006 5:45:08 PM | Attr = R ] < Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> MySpaceIM -> %ProgramFiles%\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe] -> File not found < Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> MySpaceIM -> %ProgramFiles%\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe] -> File not found < Run [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> LDM -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] -> Logitech [Ver = 2.1.2.0 | Size = 32768 bytes | Modified Date = 2/9/2005 6:47:49 AM | Attr = ] LogitechSoftwareUpdate -> %ProgramFiles%\Logitech\Video\ManifestEngine.exe ["C:\Program Files\Logitech\Video\ManifestEngine.exe" boot] -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 196608 bytes | Modified Date = 10/8/2004 2:06:52 PM | Attr = ] updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe ["C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1] -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 3/30/2006 5:45:08 PM | Attr = R ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/23/2005 11:05:26 PM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\hp\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Development Company, L.P. [Ver = 70.0.170.000 | Size = 288472 bytes | Modified Date = 2/19/2006 6:21:22 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Logitech Desktop Messenger Agent.lnk -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe -> Logitech [Ver = 2.01.02 | Size = 450560 bytes | Modified Date = 2/9/2005 6:47:49 AM | Attr = ] < Karen Startup Folder > -> C:\Documents and Settings\Karen\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk -> %ProgramFiles%\Yahoo!\WidgetEngine\YahooWidgetEngine.exe -> File not found < ICQ Agent [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\ -> HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\ -> -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> zwebauth.dll -> %SystemRoot%\system32\ZWebAuth.dll -> [Ver = | Size = 16973 bytes | Modified Date = 9/18/2001 8:37:34 PM | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,2104 | Size = 315392 bytes | Modified Date = 4/7/2003 3:06:48 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoSimpleStartMenu -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoCDBurning -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoComputersNearMe -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\NoActiveDesktopChanges -> [binary data] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\NoActiveDesktop -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\NoSaveSettings -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\ClassicShell -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLegacyLogonScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLogoffScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunLogonScriptSync -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunStartupScriptSync -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideStartupScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 0 -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> C:\WINDOWS\system32\drivers\cdrom.sys [System32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/4/2004 1:59:52 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomPIONEER_DVD-RW__DVR-106D________________1.00____\5&7f7462a&0&0.0.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> IDE\CdRomSAMSUNG_CD-ROM_SC-140C__________________A101____\5&7f7462a&0&0.1.0 -> < Drives - Autoruns > -> -> AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 50 bytes | Modified Date = 8/22/2006 5:03:27 PM | Attr = ] < HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> HKEY_USERS\S-1-5-19\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> HKEY_USERS\S-1-5-20\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\] > -> -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> 2 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 67 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 22 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 22 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 22 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 22 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 22 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 67 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 22 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {1E8A6170-7264-4D0F-BEAE-D42A53123C75} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\1.7\NppBHO.dll [Reg Error: Value does not exist or could not be read.] -> Symantec Corporation [Ver = 2007.1.7.20 | Size = 97696 bytes | Modified Date = 7/11/2007 9:49:20 PM | Attr = R ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] < Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\npjpi160_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 132496 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] {2499216C-4BA5-11D5-BD9C-000103C116D5}:{2499216C-4BA5-11D5-BD9C-000103C116D5} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\ylogin.dll [Yahoo! Login] -> Yahoo! Inc. [Ver = 2001, 10, 23, 1 | Size = 90112 bytes | Modified Date = 10/23/2001 3:14:34 AM | Attr = ] {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}:Exec -> %ProgramFiles%\AIM95\aim.exe [AIM] -> America Online, Inc. [Ver = 5.5.3595 | Size = 61440 bytes | Modified Date = 4/27/2004 6:18:34 PM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{2499216C-4BA5-11D5-BD9C-000103C116D5} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\ylogin.dll [] -> Yahoo! Inc. [Ver = 2001, 10, 23, 1 | Size = 90112 bytes | Modified Date = 10/23/2001 3:14:34 AM | Attr = ] CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{669B269B-0D4E-41FB-A3D8-FD67CA94F646} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{8828075D-D097-4055-AA02-2DBFA9D85E8A} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{97809617-3937-4F84-B335-9BB05EF1A8D4} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM95\aim.exe [AIM] -> America Online, Inc. [Ver = 5.5.3595 | Size = 61440 bytes | Modified Date = 4/27/2004 6:18:34 PM | Attr = ] CmdMapping\\{AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{2499216C-4BA5-11D5-BD9C-000103C116D5} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\ylogin.dll [] -> Yahoo! Inc. [Ver = 2001, 10, 23, 1 | Size = 90112 bytes | Modified Date = 10/23/2001 3:14:34 AM | Attr = ] CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM95\aim.exe [AIM] -> America Online, Inc. [Ver = 5.5.3595 | Size = 61440 bytes | Modified Date = 4/27/2004 6:18:34 PM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{2499216C-4BA5-11D5-BD9C-000103C116D5} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\ylogin.dll [] -> Yahoo! Inc. [Ver = 2001, 10, 23, 1 | Size = 90112 bytes | Modified Date = 10/23/2001 3:14:34 AM | Attr = ] CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM95\aim.exe [AIM] -> America Online, Inc. [Ver = 5.5.3595 | Size = 61440 bytes | Modified Date = 4/27/2004 6:18:34 PM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\] > -> HKEY_USERS\S-1-5-21-1805098417-3191082650-149060278-1005\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{2499216C-4BA5-11D5-BD9C-000103C116D5} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\ylogin.dll [] -> Yahoo! Inc. [Ver = 2001, 10, 23, 1 | Size = 90112 bytes | Modified Date = 10/23/2001 3:14:34 AM | Attr = ] CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{669B269B-0D4E-41FB-A3D8-FD67CA94F646} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{8828075D-D097-4055-AA02-2DBFA9D85E8A} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{97809617-3937-4F84-B335-9BB05EF1A8D4} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM95\aim.exe [AIM] -> America Online, Inc. [Ver = 5.5.3595 | Size = 61440 bytes | Modified Date = 4/27/2004 6:18:34 PM | Attr = ] CmdMapping\\{AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {54C45769-4A6A-4940-8374-1EA5EC845E55} -> (1394 Net Adapter) -> {7B0CF0BD-F45D-4728-9BF4-FFB2D0A30F9C} -> (Linksys Wireless-G PCI Adapter with SpeedBooster) -> {7C2CC3FF-437F-44D3-91FA-E41654497E44} -> (Scientific-Atlanta WebSTAR 2000 series Cable Modem) -> {7DC122E3-FB03-4F71-BC6D-15EE27DB6307} -> (3Com 3C900TPO-based Ethernet Adapter (Generic)) -> {B821443B-D772-4392-A6BF-28E93BD36F8D} -> () -> {E018EAAE-6220-4A0A-BC18-7CD4B2BA09F2} -> (Scientific-Atlanta WebSTAR 2000 series Cable Modem) -> {EF2A4818-E376-40C3-955E-D12FF8F8B01E} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) -> < Default Protocols [HKEY_USERS\.DEFAULT\] - Select to Repair > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-18\] - Select to Repair > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> bw+0:{222994ed-9f45-4840-90b7-ad2294a6e59d} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll[BackWeb Proactive Portal Pluggable Protocol] -> BackWeb Technologies Inc. [Ver = Version 7.2.0 (Build 137R) | Size = 40999 bytes | Modified Date = 2/9/2005 6:47:49 AM | Attr = ] ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value offline-8876480:{222994ED-9F45-4840-90B7-AD2294A6E59D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll[BackWeb Proactive Portal Pluggable Protocol] -> BackWeb Technologies Inc. [Ver = Version 7.2.0 (Build 137R) | Size = 40999 bytes | Modified Date = 2/9/2005 6:47:49 AM | Attr = ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089}[HKEY_LOCAL_MACHINE] -> http://office.microsoft.com/templates/ieawsdc.cab[Microsoft Office Template and Media Control] -> {02CF1781-EA91-4FA5-A200-646E8241987C}[HKEY_LOCAL_MACHINE] -> http://esupport.sony.com/VaioInfo.CAB[VaioInfo.CMClass] -> {05D44720-58E3-49E6-BDF6-D00330E511D3}[HKEY_LOCAL_MACHINE] -> http://zone.msn.com/binFrameWork/v10/StagingUI.cab40641.cab[StagingUI Object] -> {17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://go.microsoft.com/fwlink/?linkid=39204[Windows Genuine Advantage Validation Tool] -> {193C772A-87BE-4B19-A7BB-445B226FE9A1}[HKEY_LOCAL_MACHINE] -> http://downloads.ewido.net/ewidoOnlineScan.cab[ewidoOnlineScan Control] -> {3BB54395-5982-4788-8AF4-B5388FFDD0D8}[HKEY_LOCAL_MACHINE] -> http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab[ZoneBuddy Class] -> {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886}[HKEY_LOCAL_MACHINE] -> http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab[WebGameLoader Class] -> {41F17733-B041-4099-A042-B518BB6A408C}[HKEY_LOCAL_MACHINE] -> http://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe[Reg Error: Key does not exist or could not be opened.] -> {55027008-315F-4F45-BBC3-8BE119764741}[HKEY_LOCAL_MACHINE] -> http://www.slide.com/uploader/SlideImageUploader.cab[Slide Image Uploader Control] -> {5736C456-EA94-4AAC-BB08-917ABDD035B3}[HKEY_LOCAL_MACHINE] -> http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab[ZonePAChat Object] -> {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A}[HKEY_LOCAL_MACHINE] -> http://zone.msn.com/bingame/luxr/default/mjolauncher.cab[MJLauncherCtrl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {924C1588-90C3-4910-B6CA-D57A1C0418FE}[HKEY_LOCAL_MACHINE] -> http://download.yahoo.com/dl/bookmarks/ybconvfav030408.cab[YbUploadFavsCtl Class] -> {9AA73F41-EC64-489E-9A73-9CD52E528BC4}[HKEY_LOCAL_MACHINE] -> http://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab[ZoneAxRcMgr Class] -> {9BDF4724-10AA-43D5-BD15-AEA0D2287303}[HKEY_LOCAL_MACHINE] -> http://zone.msn.com/bingame/zpagames/zpa_txhe.cab43895.cab[ZPA_TexasHoldem Object] -> {A17E30C4-A9BA-11D4-8673-60DB54C10000}[HKEY_LOCAL_MACHINE] -> c:\program files\yahoo!\installs\ymmapi.dll[YahooYMailTo Class] -> {B8BE5E93-A60C-4D26-A2DC-220313175592}[HKEY_LOCAL_MACHINE] -> http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab[MSN Games - Installer] -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937}[HKEY_LOCAL_MACHINE] -> http://zone.msn.com/binframework/v10/StProxy.cab41227.cab[StadiumProxy Class] -> {E5D419D6-A846-4514-9FAD-97E826C84822}[HKEY_LOCAL_MACHINE] -> http://fdl.msn.com/zone/datafiles/heartbeat.cab[HeartbeatCtl Class] -> DirectAnimation Java Classes[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\dajava.cab[Reg Error: Key does not exist or could not be opened.] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Program Files/Common Files/Symantec Shared/ecmldr32.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Program Files/Common Files/Symantec Shared/ecmldr32.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Program Files/Norton Internet Security/navapi.vxd\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Program Files/Norton Internet Security/navapi.vxd\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Program Files/Norton Internet Security/navapi32.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Program Files/Norton Internet Security/navapi32.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ewidoOnlineScan.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ewidoOnlineScan.dll\\.Owner -> {193C772A-87BE-4B19-A7BB-445B226FE9A1} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ewidoOnlineScan.dll\\{193C772A-87BE-4B19-A7BB-445B226FE9A1} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/hrtbeat.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/hrtbeat.ocx\\.Owner -> {E5D419D6-A846-4514-9FAD-97E826C84822} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/hrtbeat.ocx\\{E5D419D6-A846-4514-9FAD-97E826C84822} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/IEAWSDC.DLL\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/IEAWSDC.DLL\\.Owner -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/IEAWSDC.DLL\\{02BCC737-B171-4746-94C9-0D8A0B2C0089} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ImageUploader3.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ImageUploader3.ocx\\.Owner -> {55027008-315F-4F45-BBC3-8BE119764741} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ImageUploader3.ocx\\{55027008-315F-4F45-BBC3-8BE119764741} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/mjolauncher.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/mjolauncher.dll\\.Owner -> {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/mjolauncher.dll\\{7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll\\.Owner -> {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll\\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ReflexiveWebGameLoader.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ReflexiveWebGameLoader.dll\\.Owner -> {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ReflexiveWebGameLoader.dll\\{3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/StagingUI.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/StagingUI.ocx\\.Owner -> {05D44720-58E3-49E6-BDF6-D00330E511D3} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/StagingUI.ocx\\{05D44720-58E3-49E6-BDF6-D00330E511D3} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/StProxy.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/StProxy.dll\\.Owner -> {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/StProxy.dll\\{DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymDlBrg.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymDlBrg.dll\\.Owner -> {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymDlBrg.dll\\{B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/VaioInfo.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/VaioInfo.dll\\.Owner -> {02CF1781-EA91-4FA5-A200-646E8241987C} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/VaioInfo.dll\\{02CF1781-EA91-4FA5-A200-646E8241987C} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YbConvFav030408.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YbConvFav030408.dll\\.Owner -> {924C1588-90C3-4910-B6CA-D57A1C0418FE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YbConvFav030408.dll\\{924C1588-90C3-4910-B6CA-D57A1C0418FE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZAxRcMgr.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZAxRcMgr.ocx\\.Owner -> {9AA73F41-EC64-489E-9A73-9CD52E528BC4} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZAxRcMgr.ocx\\{9AA73F41-EC64-489E-9A73-9CD52E528BC4} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZBuddy.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZBuddy.ocx\\.Owner -> {3BB54395-5982-4788-8AF4-B5388FFDD0D8} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZBuddy.ocx\\{3BB54395-5982-4788-8AF4-B5388FFDD0D8} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZIntro.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZIntro.ocx\\.Owner -> {B8BE5E93-A60C-4D26-A2DC-220313175592} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZIntro.ocx\\{B8BE5E93-A60C-4D26-A2DC-220313175592} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZPAChat.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZPAChat.ocx\\.Owner -> {5736C456-EA94-4AAC-BB08-917ABDD035B3} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZPAChat.ocx\\{5736C456-EA94-4AAC-BB08-917ABDD035B3} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/zpa_txhe.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/zpa_txhe.ocx\\.Owner -> {9BDF4724-10AA-43D5-BD15-AEA0D2287303} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/zpa_txhe.ocx\\{9BDF4724-10AA-43D5-BD15-AEA0D2287303} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/zsetup.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/zsetup.exe\\.Owner -> {E5D419D6-A846-4514-9FAD-97E826C84822} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/zsetup.exe\\{E5D419D6-A846-4514-9FAD-97E826C84822} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/danim.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/danim.dll\\3dgreetings -> 3dgreetings -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/danim.dll\\.Owner -> 3dgreetings -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/ddrawex.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/ddrawex.dll\\3dgreetings -> 3dgreetings -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/ddrawex.dll\\.Owner -> 3dgreetings -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/GWFSPidGen.DLL\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/GWFSPidGen.DLL\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/GWFSPidGen.DLL\\{17492023-C23A-453E-A040-C7C580BBF700} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\{17492023-C23A-453E-A040-C7C580BBF700} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/quartz.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/quartz.dll\\3dgreetings -> 3dgreetings -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/quartz.dll\\.Owner -> 3dgreetings -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/unicows.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/unicows.dll\\.Owner -> {55027008-315F-4F45-BBC3-8BE119764741} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/unicows.dll\\{55027008-315F-4F45-BBC3-8BE119764741} -> -> [Registry - Additional Scans - Non-Microsoft Only] [Files/Folders - Created Within 90 days] desktopclean -> %SystemDrive%\desktopclean -> [Folder | Created Date = 5/14/2008 2:02:23 PM | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 5/18/2008 10:23:49 AM | Attr = ] Temp -> %SystemDrive%\Temp -> [Folder | Created Date = 5/11/2008 10:18:46 AM | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 5/14/2008 2:05:10 PM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 5/18/2008 10:13:05 AM | Attr = ] COH_Mon.cat -> %SystemRoot%\System32\drivers\COH_Mon.cat -> [Ver = | Size = 10537 bytes | Created Date = 5/15/2008 1:51:20 PM | Attr = ] COH_Mon.inf -> %SystemRoot%\System32\drivers\COH_Mon.inf -> [Ver = | Size = 706 bytes | Created Date = 5/15/2008 1:51:20 PM | Attr = ] COH_Mon.sys -> %SystemRoot%\System32\drivers\COH_Mon.sys -> Symantec Corporation [Ver = 6,1,4,10 | Size = 23904 bytes | Created Date = 5/15/2008 1:51:20 PM | Attr = ] kss.sys -> %SystemRoot%\System32\drivers\kss.sys -> [Ver = | Size = 0 bytes | Created Date = 5/11/2008 10:18:48 AM | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [Ver = | Size = 15864 bytes | Created Date = 5/14/2008 1:01:39 PM | Attr = ] mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys -> [Ver = | Size = 27048 bytes | Created Date = 5/14/2008 1:01:39 PM | Attr = ] Partizan.sys -> %SystemRoot%\System32\drivers\Partizan.sys -> Greatis Software [Ver = 1, 0, 0, 3 | Size = 30946 bytes | Created Date = 5/16/2008 6:28:12 PM | Attr = ] SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [Ver = | Size = 10740 bytes | Created Date = 2/27/2008 9:11:37 AM | Attr = ] SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [Ver = | Size = 805 bytes | Created Date = 2/27/2008 9:11:37 AM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.2.1 | Size = 123952 bytes | Created Date = 5/13/2008 9:15:55 PM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 135168 bytes | Created Date = 5/18/2008 10:01:05 AM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 69632 bytes | Created Date = 5/18/2008 10:01:05 AM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 135168 bytes | Created Date = 5/18/2008 10:01:05 AM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 139264 bytes | Created Date = 5/18/2008 10:01:05 AM | Attr = ] Partizan.exe -> %SystemRoot%\System32\Partizan.exe -> Greatis Software [Ver = 1, 0, 0, 2 | Size = 25088 bytes | Created Date = 5/16/2008 6:28:12 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 12.5.2.2 | Size = 60800 bytes | Created Date = 5/13/2008 9:15:55 PM | Attr = ] Thumbs.db -> %SystemRoot%\System32\Thumbs.db -> [Ver = | Size = 7168 bytes | Created Date = 2/23/2008 6:35:32 PM | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\System32\Thumbs.db:encryptable tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 4162 bytes | Created Date = 5/13/2008 4:30:23 PM | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 5/18/2008 10:24:28 AM | Attr = ] 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> fdsv.exe -> %SystemRoot%\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 5/18/2008 10:23:47 AM | Attr = ] grep.exe -> %SystemRoot%\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 5/18/2008 10:23:47 AM | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 5/18/2008 10:23:47 AM | Attr = ] sed.exe -> %SystemRoot%\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 5/18/2008 10:23:47 AM | Attr = ] shkguidr -> %SystemRoot%\shkguidr -> [Folder | Created Date = 3/2/2008 12:40:49 PM | Attr = ] swreg.exe -> %SystemRoot%\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 5/18/2008 10:23:47 AM | Attr = ] swsc.exe -> %SystemRoot%\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 5/18/2008 10:23:46 AM | Attr = ] swxcacls.exe -> %SystemRoot%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 5/18/2008 10:23:46 AM | Attr = ] VFind.exe -> %SystemRoot%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 5/18/2008 10:23:47 AM | Attr = ] winstart.bat -> %SystemRoot%\winstart.bat -> [Ver = | Size = 2 bytes | Created Date = 5/16/2008 6:27:31 PM | Attr = RHS] zip.exe -> %SystemRoot%\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 5/18/2008 10:23:47 AM | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Created Date = 4/27/2008 8:24:13 PM | Attr = ] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Created Date = 3/2/2008 10:20:48 PM | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Created Date = 5/14/2008 2:31:50 AM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Created Date = 5/14/2008 1:01:39 PM | Attr = ] AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [Folder | Created Date = 4/27/2008 8:24:20 PM | Attr = ] install.ini -> %AppData%\install.ini -> [Ver = | Size = 33 bytes | Created Date = 4/29/2008 11:54:14 PM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Created Date = 5/14/2008 1:01:49 PM | Attr = ] Symantec -> %AppData%\Symantec -> [Folder | Created Date = 5/14/2008 10:53:25 AM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 3224962 bytes | Created Date = 3/3/2008 12:52:19 AM | Attr = H ] Symantec -> %AllUsersProfile%\Documents\Symantec -> [Folder | Created Date = 2/27/2008 9:31:46 AM | Attr = ] HJTInstall.exe -> %UserProfile%\My Documents\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Created Date = 5/13/2008 5:15:25 PM | Attr = ] LimeWire -> %UserProfile%\My Documents\LimeWire -> [Folder | Created Date = 3/27/2008 12:09:40 PM | Attr = ] RegRun2 -> %UserProfile%\My Documents\RegRun2 -> [Folder | Created Date = 5/16/2008 6:27:27 PM | Attr = ] Robert -> %UserProfile%\My Documents\Robert -> [Folder | Created Date = 5/14/2008 1:38:03 PM | Attr = ] VIDEO_TS.BUP -> %UserProfile%\My Documents\VIDEO_TS.BUP -> [Ver = | Size = 12288 bytes | Created Date = 4/17/2008 3:39:32 PM | Attr = ] VIDEO_TS.IFO -> %UserProfile%\My Documents\VIDEO_TS.IFO -> [Ver = | Size = 12288 bytes | Created Date = 4/17/2008 3:39:32 PM | Attr = ] VIDEO_TS.VOB -> %UserProfile%\My Documents\VIDEO_TS.VOB -> [Ver = | Size = 65536 bytes | Created Date = 4/17/2008 3:39:32 PM | Attr = ] VTS_01_0.BUP -> %UserProfile%\My Documents\VTS_01_0.BUP -> [Ver = | Size = 30720 bytes | Created Date = 4/17/2008 3:39:32 PM | Attr = ] VTS_01_0.IFO -> %UserProfile%\My Documents\VTS_01_0.IFO -> [Ver = | Size = 30720 bytes | Created Date = 4/17/2008 3:39:32 PM | Attr = ] VTS_01_0.VOB -> %UserProfile%\My Documents\VTS_01_0.VOB -> [Ver = | Size = 65536 bytes | Created Date = 4/17/2008 3:39:32 PM | Attr = ] Ad-Aware 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Aware 2007.lnk -> [Ver = | Size = 1790 bytes | Created Date = 5/14/2008 2:32:09 AM | Attr = ] Ad-Watch 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Watch 2007.lnk -> [Ver = | Size = 1790 bytes | Created Date = 5/14/2008 2:32:04 AM | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 696 bytes | Created Date = 5/14/2008 1:01:40 PM | Attr = ] Norton 360.lnk -> %AllUsersProfile%\Desktop\Norton 360.lnk -> [Ver = | Size = 1632 bytes | Created Date = 5/13/2008 9:22:54 PM | Attr = ] CCleaner.lnk -> %UserProfile%\Desktop\CCleaner.lnk -> [Ver = | Size = 1548 bytes | Created Date = 5/14/2008 2:04:07 PM | Attr = ] ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [Ver = | Size = 1916951 bytes | Created Date = 5/18/2008 10:22:17 AM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Created Date = 5/13/2008 5:25:04 PM | Attr = ] Internet Downloads -> %UserProfile%\Desktop\Internet Downloads -> [Folder | Created Date = 3/2/2008 10:13:54 PM | Attr = ] LimeWire 4.16.6.lnk -> %UserProfile%\Desktop\LimeWire 4.16.6.lnk -> [Ver = | Size = 1580 bytes | Created Date = 3/27/2008 12:09:31 PM | Attr = ] New Folder -> %UserProfile%\Desktop\New Folder -> [Folder | Created Date = 3/2/2008 10:13:54 PM | Attr = ] Notepad.lnk -> %UserProfile%\Desktop\Notepad.lnk -> [Ver = | Size = 1519 bytes | Created Date = 5/18/2008 11:33:37 AM | Attr = ] OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.2 | Size = 291328 bytes | Created Date = 5/18/2008 9:18:33 AM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 5/18/2008 11:36:02 AM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 543023 bytes | Created Date = 5/18/2008 11:21:25 AM | Attr = ] reanimator -> %UserProfile%\Desktop\reanimator -> [Folder | Created Date = 5/16/2008 6:36:59 PM | Attr = ] Remove Spyware.lnk -> %UserProfile%\Desktop\Remove Spyware.lnk -> [Ver = | Size = 1756 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] SmitfraudFix -> %UserProfile%\Desktop\SmitfraudFix -> [Folder | Created Date = 5/13/2008 5:01:24 PM | Attr = ] SmitfraudFix.exe -> %UserProfile%\Desktop\SmitfraudFix.exe -> [Ver = | Size = 1390255 bytes | Created Date = 5/13/2008 4:13:45 PM | Attr = ] Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [Ver = | Size = 933 bytes | Created Date = 5/13/2008 5:44:39 PM | Attr = ] Today's BufferThis Newsletter.lnk -> %UserProfile%\Desktop\Today's BufferThis Newsletter.lnk -> [Ver = | Size = 2170 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] Today's FunFunPages Newsletter.lnk -> %UserProfile%\Desktop\Today's FunFunPages Newsletter.lnk -> [Ver = | Size = 2194 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] Today's Funnies Newsletter.lnk -> %UserProfile%\Desktop\Today's Funnies Newsletter.lnk -> [Ver = | Size = 2146 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] Today's GoodCleanVideos Newsletter.lnk -> %UserProfile%\Desktop\Today's GoodCleanVideos Newsletter.lnk -> [Ver = | Size = 2210 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] Today's NewFunPages Newsletter.lnk -> %UserProfile%\Desktop\Today's NewFunPages Newsletter.lnk -> [Ver = | Size = 2178 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] Today's PositiveThoughts Newsletter.lnk -> %UserProfile%\Desktop\Today's PositiveThoughts Newsletter.lnk -> [Ver = | Size = 2218 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] Today's ThisSiteRocks Newsletter.lnk -> %UserProfile%\Desktop\Today's ThisSiteRocks Newsletter.lnk -> [Ver = | Size = 2194 bytes | Created Date = 5/13/2008 3:51:23 PM | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Created Date = 5/18/2008 10:00:05 AM | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Created Date = 5/13/2008 9:14:36 PM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 5/14/2008 2:30:29 AM | Attr = ] CCleaner -> %ProgramFiles%\CCleaner -> [Folder | Created Date = 5/14/2008 2:04:06 PM | Attr = ] Enigma Software Group -> %ProgramFiles%\Enigma Software Group -> [Folder | Created Date = 5/11/2008 10:21:43 AM | Attr = ] Lavasoft -> %ProgramFiles%\Lavasoft -> [Folder | Created Date = 5/14/2008 2:31:53 AM | Attr = ] Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [Folder | Created Date = 5/14/2008 1:01:38 PM | Attr = ] Norton 360 -> %ProgramFiles%\Norton 360 -> [Folder | Created Date = 5/13/2008 9:17:06 PM | Attr = ] RcvSystem -> %ProgramFiles%\RcvSystem -> [Folder | Created Date = 3/24/2008 8:12:17 PM | Attr = ] Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [Folder | Created Date = 5/13/2008 5:44:35 PM | Attr = ] Symantec -> %ProgramFiles%\Symantec -> [Folder | Created Date = 5/13/2008 9:15:05 PM | Attr = ] Trend Micro -> %ProgramFiles%\Trend Micro -> [Folder | Created Date = 5/13/2008 5:25:04 PM | Attr = ] Unlocker -> %ProgramFiles%\Unlocker -> [Folder | Created Date = 5/14/2008 12:11:21 PM | Attr = ] [Files/Folders - Modified Within 90 days] desktopclean -> %SystemDrive%\desktopclean -> [Folder | Modified Date = 5/14/2008 2:02:23 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 3/18/2008 2:48:12 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 5/18/2008 9:51:30 AM | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 5/18/2008 10:38:43 AM | Attr = ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 5/14/2008 7:08:22 PM | Attr = HS] Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 5/18/2008 11:31:29 AM | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 5/14/2008 2:05:10 PM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 5/18/2008 11:31:29 AM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 5/18/2008 10:13:05 AM | Attr = ] msjetol1.dll -> %SystemRoot%\System32\dllcache\msjetol1.dll -> [Ver = | Size = 355112 bytes | Modified Date = 3/25/2008 12:50:40 AM | Attr = ] COH_Mon.cat -> %SystemRoot%\System32\drivers\COH_Mon.cat -> [Ver = | Size = 10537 bytes | Modified Date = 3/6/2008 9:32:09 PM | Attr = ] COH_Mon.inf -> %SystemRoot%\System32\drivers\COH_Mon.inf -> [Ver = | Size = 706 bytes | Modified Date = 3/6/2008 9:32:09 PM | Attr = ] COH_Mon.sys -> %SystemRoot%\System32\drivers\COH_Mon.sys -> Symantec Corporation [Ver = 6,1,4,10 | Size = 23904 bytes | Modified Date = 3/6/2008 9:32:09 PM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 5/18/2008 10:29:54 AM | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 27 bytes | Modified Date = 5/18/2008 10:29:54 AM | Attr = ] kss.sys -> %SystemRoot%\System32\drivers\kss.sys -> [Ver = | Size = 0 bytes | Modified Date = 5/13/2008 9:35:44 PM | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [Ver = | Size = 15864 bytes | Modified Date = 5/5/2008 8:46:32 PM | Attr = ] mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys -> [Ver = | Size = 27048 bytes | Modified Date = 5/5/2008 8:46:36 PM | Attr = ] Partizan.sys -> %SystemRoot%\System32\drivers\Partizan.sys -> Greatis Software [Ver = 1, 0, 0, 3 | Size = 30946 bytes | Modified Date = 5/16/2008 6:28:12 PM | Attr = ] SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [Ver = | Size = 10740 bytes | Modified Date = 5/14/2008 6:53:47 PM | Attr = ] SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [Ver = | Size = 805 bytes | Modified Date = 5/14/2008 6:53:47 PM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.2.1 | Size = 123952 bytes | Modified Date = 5/14/2008 6:53:47 PM | Attr = ] AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [Ver = | Size = 1688 bytes | Modified Date = 5/16/2008 6:27:31 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 5/18/2008 10:37:48 AM | Attr = ] 4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 5/18/2008 10:27:48 AM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 5/16/2008 6:27:31 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 5/14/2008 8:59:58 PM | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 5/18/2008 10:38:51 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 260640 bytes | Modified Date = 4/17/2008 8:41:49 PM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 135168 bytes | Modified Date = 3/25/2008 1:28:39 AM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 69632 bytes | Modified Date = 3/25/2008 2:37:01 AM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 135168 bytes | Modified Date = 3/25/2008 1:28:43 AM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 139264 bytes | Modified Date = 3/25/2008 2:37:01 AM | Attr = ] msjetoledb40.dll -> %SystemRoot%\System32\msjetoledb40.dll -> [Ver = | Size = 355112 bytes | Modified Date = 3/25/2008 12:50:40 AM | Attr = ] Partizan.exe -> %SystemRoot%\System32\Partizan.exe -> Greatis Software [Ver = 1, 0, 0, 2 | Size = 25088 bytes | Modified Date = 5/16/2008 6:28:12 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 37964 bytes | Modified Date = 5/13/2008 9:27:37 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 305648 bytes | Modified Date = 5/13/2008 9:27:37 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 347092 bytes | Modified Date = 5/13/2008 9:27:37 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 5/14/2008 7:08:22 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 12.5.2.2 | Size = 60800 bytes | Modified Date = 5/14/2008 6:53:47 PM | Attr = ] Thumbs.db -> %SystemRoot%\System32\Thumbs.db -> [Ver = | Size = 7168 bytes | Modified Date = 3/2/2008 10:05:45 PM | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\System32\Thumbs.db:encryptable tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 4162 bytes | Modified Date = 5/14/2008 3:01:18 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 5/18/2008 10:31:19 AM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 5/14/2008 6:46:18 PM | Attr = H ] 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> $NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 2/23/2008 6:35:20 PM | Attr = H ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 5/18/2008 10:29:33 AM | Attr = S] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 5/16/2008 8:42:33 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 5/18/2008 10:07:50 AM | Attr = S] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 5/18/2008 10:27:12 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 5/14/2008 9:00:03 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 5/18/2008 10:01:09 AM | Attr = HS] iTouch.ini -> %SystemRoot%\iTouch.ini -> [Ver = | Size = 51 bytes | Modified Date = 5/13/2008 12:33:15 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 5/14/2008 2:04:26 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 5/14/2008 6:41:16 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 5/18/2008 11:36:27 AM | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 5/14/2008 6:36:50 PM | Attr = ] ShellNew -> %SystemRoot%\ShellNew -> [Folder | Modified Date = 2/23/2008 6:35:30 PM | Attr = ] shkguidr -> %SystemRoot%\shkguidr -> [Folder | Modified Date = 3/2/2008 12:40:52 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 4/27/2008 7:13:26 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 5/18/2008 10:30:23 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 5/18/2008 11:31:29 AM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 4/17/2008 3:46:56 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 5/18/2008 10:38:47 AM | Attr = ] Thumbs.db -> %SystemRoot%\Thumbs.db -> [Ver = | Size = 35328 bytes | Modified Date = 4/16/2008 12:15:53 AM | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable Web -> %SystemRoot%\Web -> [Folder | Modified Date = 2/23/2008 6:35:34 PM | Attr = R ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 941 bytes | Modified Date = 5/13/2008 7:43:59 PM | Attr = ] winstart.bat -> %SystemRoot%\winstart.bat -> [Ver = | Size = 2 bytes | Modified Date = 5/16/2008 6:27:31 PM | Attr = RHS] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 4/27/2008 8:24:11 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 5/18/2008 10:29:51 AM | Attr = H ] C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help -> [Folder | Modified Date = 5/14/2007 12:51:29 PM | Attr = ] hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 8124 bytes | Modified Date = 5/14/2007 12:51:29 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Games\Zone.com Deluxe Games\Mozaki Blocks Deluxe\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Games\Zone.com Deluxe Games\Mozaki Blocks Deluxe -> [Folder | Modified Date = 9/7/2004 6:43:03 AM | Attr = ] 0000.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Games\Zone.com Deluxe Games\Mozaki Blocks Deluxe\0000.dat -> [Ver = | Size = 12152 bytes | Modified Date = 9/7/2004 7:11:57 AM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache -> [Folder | Modified Date = 6/9/2004 9:35:01 AM | Attr = ] about.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\about.dat -> [Ver = | Size = 1528 bytes | Modified Date = 6/18/2003 4:00:00 PM | Attr = ] college.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\college.dat -> [Ver = | Size = 327746 bytes | Modified Date = 6/18/2003 4:00:00 PM | Attr = ] moreinfo.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\moreinfo.dat -> [Ver = | Size = 102 bytes | Modified Date = 6/18/2003 4:00:00 PM | Attr = ] ylpgscat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ylpgscat.dat -> [Ver = | Size = 12283223 bytes | Modified Date = 6/18/2003 4:00:00 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 8/14/2003 9:18:15 PM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 5524 bytes | Modified Date = 5/18/2008 10:32:54 AM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5524 bytes | Modified Date = 5/18/2008 10:32:51 AM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [Folder | Modified Date = 2/21/2007 8:06:22 PM | Attr = ] CalMRU.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\CalMRU.dat -> [Ver = | Size = 12 bytes | Modified Date = 2/6/2004 8:10:17 PM | Attr = ] wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [Ver = | Size = 16384 bytes | Modified Date = 12/15/2003 9:00:45 AM | Attr = ] wklntnts.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntnts.dat -> [Ver = | Size = 515952 bytes | Modified Date = 12/23/2003 12:20:20 PM | Attr = ] wklntsk.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk.dat -> [Ver = | Size = 515952 bytes | Modified Date = 12/23/2003 12:20:20 PM | Attr = ] C:\Documents and Settings\Karen\Local Settings\Temp\ -> C:\Documents and Settings\Karen\Local Settings\Temp -> [Folder | Modified Date = 5/18/2008 10:38:50 AM | Attr = ] bwgo00018c4d.exe -> C:\Documents and Settings\Karen\Local Settings\Temp\bwgo00018c4d.exe -> [Ver = | Size = 16384 bytes | Modified Date = 2/9/2005 6:47:49 AM | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Modified Date = 5/7/2008 9:40:19 PM | Attr = ] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Modified Date = 4/27/2008 7:13:13 PM | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Modified Date = 5/14/2008 2:33:51 AM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Modified Date = 5/14/2008 1:01:39 PM | Attr = ] Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Modified Date = 5/13/2008 5:46:13 PM | Attr = ] Symantec -> %AllUsersProfile%\Application Data\Symantec -> [Folder | Modified Date = 5/16/2008 10:03:54 AM | Attr = ] Viewpoint -> %AllUsersProfile%\Application Data\Viewpoint -> [Folder | Modified Date = 5/16/2008 10:47:00 AM | Attr = ] AdobeUM -> %AppData%\AdobeUM -> [Folder | Modified Date = 5/10/2008 11:50:25 AM | Attr = ] AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [Folder | Modified Date = 4/27/2008 8:25:58 PM | Attr = ] install.ini -> %AppData%\install.ini -> [Ver = | Size = 33 bytes | Modified Date = 5/13/2008 3:43:21 PM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Modified Date = 5/14/2008 1:01:49 PM | Attr = ] Symantec -> %AppData%\Symantec -> [Folder | Modified Date = 5/14/2008 10:53:25 AM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 184320 bytes | Modified Date = 4/18/2008 11:41:16 PM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 76720 bytes | Modified Date = 4/27/2008 6:58:00 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 3224962 bytes | Modified Date = 5/13/2008 10:25:53 PM | Attr = H ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 5/14/2008 3:09:27 PM | Attr = ] WMTools Downloaded Files -> %UserProfile%\Local Settings\Application Data\WMTools Downloaded Files -> [Folder | Modified Date = 4/18/2008 11:53:36 PM | Attr = ] Symantec -> %AllUsersProfile%\Documents\Symantec -> [Folder | Modified Date = 2/27/2008 9:31:46 AM | Attr = ] HJTInstall.exe -> %UserProfile%\My Documents\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Modified Date = 5/13/2008 5:15:28 PM | Attr = ] LimeWire -> %UserProfile%\My Documents\LimeWire -> [Folder | Modified Date = 3/27/2008 12:10:32 PM | Attr = ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 4/29/2008 5:26:33 AM | Attr = R ] My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Modified Date = 4/18/2008 11:53:34 PM | Attr = R ] RegRun2 -> %UserProfile%\My Documents\RegRun2 -> [Folder | Modified Date = 5/16/2008 6:27:27 PM | Attr = ] Robert -> %UserProfile%\My Documents\Robert -> [Folder | Modified Date = 5/16/2008 10:53:13 AM | Attr = ] Ad-Aware 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Aware 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 5/14/2008 2:32:09 AM | Attr = ] Ad-Watch 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Watch 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 5/14/2008 2:32:04 AM | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 696 bytes | Modified Date = 5/14/2008 1:01:40 PM | Attr = ] Norton 360.lnk -> %AllUsersProfile%\Desktop\Norton 360.lnk -> [Ver = | Size = 1632 bytes | Modified Date = 5/13/2008 9:22:54 PM | Attr = ] CCleaner.lnk -> %UserProfile%\Desktop\CCleaner.lnk -> [Ver = | Size = 1548 bytes | Modified Date = 5/14/2008 2:04:07 PM | Attr = ] ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [Ver = | Size = 1916951 bytes | Modified Date = 5/18/2008 10:22:22 AM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 5/13/2008 5:25:04 PM | Attr = ] Incomplete -> %UserProfile%\Desktop\Incomplete -> [Folder | Modified Date = 5/10/2008 11:42:33 PM | Attr = ] Internet Downloads -> %UserProfile%\Desktop\Internet Downloads -> [Folder | Modified Date = 3/2/2008 10:14:25 PM | Attr = ] LimeWire 4.16.6.lnk -> %UserProfile%\Desktop\LimeWire 4.16.6.lnk -> [Ver = | Size = 1580 bytes | Modified Date = 3/27/2008 12:09:31 PM | Attr = ] media -> %UserProfile%\Desktop\media -> [Folder | Modified Date = 5/10/2008 11:27:35 PM | Attr = ] My Pictures -> %UserProfile%\Desktop\My Pictures -> [Folder | Modified Date = 4/27/2008 9:22:14 PM | Attr = R ] New Folder -> %UserProfile%\Desktop\New Folder -> [Folder | Modified Date = 3/2/2008 10:13:54 PM | Attr = ] Notepad.lnk -> %UserProfile%\Desktop\Notepad.lnk -> [Ver = | Size = 1519 bytes | Modified Date = 5/18/2008 11:33:37 AM | Attr = ] OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.2 | Size = 291328 bytes | Modified Date = 5/18/2008 9:18:40 AM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 5/18/2008 11:36:02 AM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 543023 bytes | Modified Date = 5/18/2008 11:21:28 AM | Attr = ] reanimator -> %UserProfile%\Desktop\reanimator -> [Folder | Modified Date = 5/16/2008 6:37:01 PM | Attr = ] Remove Spyware.lnk -> %UserProfile%\Desktop\Remove Spyware.lnk -> [Ver = | Size = 1756 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] SmitfraudFix -> %UserProfile%\Desktop\SmitfraudFix -> [Folder | Modified Date = 5/14/2008 3:05:13 PM | Attr = ] SmitfraudFix.exe -> %UserProfile%\Desktop\SmitfraudFix.exe -> [Ver = | Size = 1390255 bytes | Modified Date = 5/13/2008 4:13:46 PM | Attr = ] Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [Ver = | Size = 933 bytes | Modified Date = 5/13/2008 5:44:39 PM | Attr = ] Today's BufferThis Newsletter.lnk -> %UserProfile%\Desktop\Today's BufferThis Newsletter.lnk -> [Ver = | Size = 2170 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] Today's FunFunPages Newsletter.lnk -> %UserProfile%\Desktop\Today's FunFunPages Newsletter.lnk -> [Ver = | Size = 2194 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] Today's Funnies Newsletter.lnk -> %UserProfile%\Desktop\Today's Funnies Newsletter.lnk -> [Ver = | Size = 2146 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] Today's GoodCleanVideos Newsletter.lnk -> %UserProfile%\Desktop\Today's GoodCleanVideos Newsletter.lnk -> [Ver = | Size = 2210 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] Today's NewFunPages Newsletter.lnk -> %UserProfile%\Desktop\Today's NewFunPages Newsletter.lnk -> [Ver = | Size = 2178 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] Today's PositiveThoughts Newsletter.lnk -> %UserProfile%\Desktop\Today's PositiveThoughts Newsletter.lnk -> [Ver = | Size = 2218 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] Today's ThisSiteRocks Newsletter.lnk -> %UserProfile%\Desktop\Today's ThisSiteRocks Newsletter.lnk -> [Ver = | Size = 2194 bytes | Modified Date = 5/13/2008 3:51:23 PM | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Modified Date = 5/18/2008 10:00:05 AM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 4/27/2008 8:24:11 PM | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 5/18/2008 10:36:26 AM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 5/14/2008 2:30:29 AM | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]