[code]
OTScanIt logfile created on: 7/21/2008 1:19:23 AM
OTScanIt by OldTimer - Version 1.0.16.2     Folder = C:\Documents and Settings\Compaq_Owner\Desktop\OTScanIt
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
191.48 Mb Total Physical Memory | 80.79 Mb Available Physical Memory | 42.19% Memory free
466.62 Mb Paging File | 262.78 Mb Available in Paging File | 56.32% Paging File free
Paging file location(s): C:\pagefile.sys 288 576;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 51.71 Gb Total Space | 20.35 Gb Free Space | 39.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 4.18 Gb Total Space | 0.99 Gb Free Space | 23.59% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-C44D19AF4E
Current User Name: Compaq_Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users

[Processes - Non-Microsoft Only]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 6/10/2008 4:27:04 AM | Attr =    ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 7/12/2008 9:29:54 AM | Attr =    ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple Inc. [Ver = 2.0.28.0 | Size = 116040 bytes | Modified Date = 7/10/2008 9:47:18 AM | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple Inc. [Ver = 2.0.28.0 | Size = 116040 bytes | Modified Date = 7/10/2008 9:47:18 AM | Attr =    ]
(avg8wd) AVG Free8 WatchDog [Win32_Own | Auto | Stopped] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 231192 bytes | Modified Date = 7/14/2008 7:49:24 PM | Attr =    ]
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr =    ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.2.824.5515.beta | Size = 138680 bytes | Modified Date = 3/17/2008 12:27:47 AM | Attr =    ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.7.0.43 | Size = 532264 bytes | Modified Date = 7/10/2008 10:51:22 AM | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
AppleSyncNotifier -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe] -> Apple Inc. [Ver = 1, 0, 0, 9 | Size = 116040 bytes | Modified Date = 7/10/2008 9:47:28 AM | Attr =    ]
AVG8_TRAY -> %ProgramFiles%\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 1232152 bytes | Modified Date = 7/14/2008 7:49:25 PM | Attr =    ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Inc. [Ver = 7.7.0.43 | Size = 289064 bytes | Modified Date = 7/10/2008 10:51:32 AM | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> Apple Inc. [Ver = 7.5 (861) | Size = 413696 bytes | Modified Date = 5/27/2008 10:50:30 AM | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 6/10/2008 4:27:04 AM | Attr =    ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> 
IMAIL-> Installed = 1 -> 
MAPI-> Installed = 1 -> 
MSFS-> Installed = 1 -> 
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe ["C:\Program Files\BitTorrent\bittorrent.exe"] ->  [Ver =  | Size = 587568 bytes | Modified Date = 4/17/2008 1:47:53 PM | Attr =    ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 3/17/2008 12:29:06 AM | Attr =    ]
< Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
MySpaceIM -> %ProgramFiles%\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe] ->  [Ver = 1.0.739.0 | Size = 8720384 bytes | Modified Date = 12/7/2007 3:33:26 AM | Attr =    ]
< Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
MySpaceIM -> %ProgramFiles%\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe] ->  [Ver = 1.0.739.0 | Size = 8720384 bytes | Modified Date = 12/7/2007 3:33:26 AM | Attr =    ]
< Run [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\] > -> HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe ["C:\Program Files\BitTorrent\bittorrent.exe"] ->  [Ver =  | Size = 587568 bytes | Modified Date = 4/17/2008 1:47:53 PM | Attr =    ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 3/17/2008 12:29:06 AM | Attr =    ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Compaq Connections.lnk -> %ProgramFiles%\Compaq Connections\6750491\Program\Compaq Connections.exe -> Hewlett-Packard [Ver = 6,3, 2, 1 | Size = 45056 bytes | Modified Date = 10/26/2004 10:46:37 PM | Attr =    ]
< Compaq_Owner Startup Folder > -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup -> 
< Debra1 Startup Folder > -> C:\Documents and Settings\Debra1\Start Menu\Programs\Startup -> 
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
avgrsstx.dll -> %SystemRoot%\system32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 7/14/2008 7:49:51 PM | Attr =    ]
*MultiFile Done* -> -> 
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 6/13/2007 6:23:07 AM | Attr =    ]
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr =    ]
*MultiFile Done* -> -> 
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> 
logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 514560 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr =    ]
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248) | Size = 8454656 bytes | Modified Date = 10/25/2007 11:36:51 PM | Attr =    ]
Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr =    ]
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008] > -> HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> %SystemRoot%\system32\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.3889 | Size = 344064 bytes | Modified Date = 8/21/2004 1:50:54 AM | Attr =    ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLegacyLogonScripts -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLogoffScripts -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunLogonScriptSync -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunStartupScriptSync -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideStartupScripts -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008] > -> HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> 
SCSI miniport ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr =    ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> 
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> 
NEC     MBR-7    ->  -> File not found
NEC     MBR-7.4  ->  -> File not found
PIONEER CHANGR DRM-1804X ->  -> File not found
PIONEER CD-ROM DRM-6324X ->  -> File not found
PIONEER CD-ROM DRM-624X  ->  -> File not found
TORiSAN CD-ROM CDR_C36 ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomASUS_CRW-4832AX_________________________0.50____\5&22ac9df0&0&0.0.0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 1 -> 
< Drives - Autoruns > ->  -> 
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] ->  [Ver =  | Size = 0 bytes | Modified Date = 10/26/2004 9:00:03 PM | Attr =    ]
AUTOEXEC.BAT [] -> E:\AUTOEXEC.BAT [ FAT32 ] ->  [Ver =  | Size = 0 bytes | Modified Date = 7/28/2001 6:07:38 AM | Attr =  HS]
Autorun.inf [[AUTORUN] | ShellExecute=Info.exe protect.ed 480 480 | ] -> E:\Autorun.inf [ FAT32 ] ->  [Ver =  | Size = 53 bytes | Modified Date = 4/30/2004 10:01:14 PM | Attr =  HS]
< HOSTS File > (231388 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com/ -> 
HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
HKEY_CURRENT_USER\: ProxyOverride -> *.local -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\] > -> -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\: Main\\Default_Search_URL -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\: Main\\Start Page -> http://www.google.com/ -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\: ProxyEnable -> 0 -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\: ProxyOverride -> *.local -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4289 domain(s) found. -> 
33 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4288 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4288 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4288 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4177 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4177 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\] > -> HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4288 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\] > -> HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 11:08:42 PM | Attr =    ]
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr =    ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1602, 1060 | Size = 2554944 bytes | Modified Date = 3/17/2008 12:31:53 AM | Attr = R  ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 3, 0, 1225, 9868 | Size = 734704 bytes | Modified Date = 4/21/2008 9:55:24 AM | Attr =    ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1602, 1060 | Size = 2554944 bytes | Modified Date = 3/17/2008 12:31:53 AM | Attr = R  ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1602, 1060 | Size = 2554944 bytes | Modified Date = 3/17/2008 12:31:53 AM | Attr = R  ]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\] > -> HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1602, 1060 | Size = 2554944 bytes | Modified Date = 3/17/2008 12:31:53 AM | Attr = R  ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr =    ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr =    ]
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr =    ]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr =    ]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\] > -> HKEY_USERS\S-1-5-21-1294622080-3148829192-363808158-1008\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr =    ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{29430A9D-A42A-4BEE-8236-6DF68EE9D992} ->    (VIA Rhine II Fast Ethernet Adapter) -> 
{92C9EFC8-16B0-42FA-A011-4346B3328D32} ->    (1394 Net Adapter) -> 
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Inc. [Ver = 1,0,4,12 | Size = 147456 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr =    ]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
cetihpz:{CF184AD3-CDCB-4168-A3F7-8E447D129300} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll[CZipHandler Object] -> Hewlett-Packard Company [Ver = 2.1.4 | Size = 81920 bytes | Modified Date = 12/22/2003 9:38:40 AM | Attr =    ]
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{1A1F56AA-3401-46F9-B277-D57F3421F821}[HKEY_LOCAL_MACHINE] -> http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab[Reg Error: Key does not exist or could not be opened.] -> 
{48DD0448-9209-4F81-9F6D-D83562940134}[HKEY_LOCAL_MACHINE] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab[Reg Error: Key does not exist or could not be opened.] -> 
{4CCA4E80-9259-11D9-AC6E-444553544200}[HKEY_LOCAL_MACHINE] -> http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_6.cab[FixController Control] -> 
{615F158E-D5CA-422F-A8E7-F6A5EED7063B}[HKEY_LOCAL_MACHINE] -> http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab[Reg Error: Key does not exist or could not be opened.] -> 
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}[HKEY_LOCAL_MACHINE] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1187462776000[MUWebControl Class] -> 
{8A94C905-FF9D-43B6-8708-F0F22D22B1CB}[HKEY_LOCAL_MACHINE] -> http://www.worldwinner.com/games/shared/wwlaunch.cab[Reg Error: Key does not exist or could not be opened.] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> 
{A91FB93D-7561-4524-8484-5C27C8FA8D42}[HKEY_LOCAL_MACHINE] -> http://www.worldwinner.com/games/v49/luxor/luxor.cab[Reg Error: Key does not exist or could not be opened.] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bejeweled.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bejeweled.ocx\\.Owner -> {615F158E-D5CA-422F-A8E7-F6A5EED7063B} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bejeweled.ocx\\{615F158E-D5CA-422F-A8E7-F6A5EED7063B} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fixengine.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fixengine.dll\\.Owner -> {4CCA4E80-9259-11D9-AC6E-444553544200} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fixengine.dll\\{4CCA4E80-9259-11D9-AC6E-444553544200} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FunGamesLoader.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FunGamesLoader.dll\\.Owner -> {1A1F56AA-3401-46F9-B277-D57F3421F821} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FunGamesLoader.dll\\{1A1F56AA-3401-46F9-B277-D57F3421F821} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/InternetUtil2.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/InternetUtil2.dll\\.Owner -> {4CCA4E80-9259-11D9-AC6E-444553544200} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/InternetUtil2.dll\\{4CCA4E80-9259-11D9-AC6E-444553544200} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/luxor.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/luxor.ocx\\.Owner -> {A91FB93D-7561-4524-8484-5C27C8FA8D42} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/luxor.ocx\\{A91FB93D-7561-4524-8484-5C27C8FA8D42} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MySpaceUploader.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MySpaceUploader.ocx\\.Owner -> {48DD0448-9209-4F81-9F6D-D83562940134} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MySpaceUploader.ocx\\{48DD0448-9209-4F81-9F6D-D83562940134} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/wwlaunch.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/wwlaunch.ocx\\.Owner -> {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/wwlaunch.ocx\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{615F158E-D5CA-422F-A8E7-F6A5EED7063B} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{1A1F56AA-3401-46F9-B277-D57F3421F821} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{A91FB93D-7561-4524-8484-5C27C8FA8D42} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{615F158E-D5CA-422F-A8E7-F6A5EED7063B} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{1A1F56AA-3401-46F9-B277-D57F3421F821} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{A91FB93D-7561-4524-8484-5C27C8FA8D42} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/muweb.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/muweb.dll\\.Owner -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/muweb.dll\\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{615F158E-D5CA-422F-A8E7-F6A5EED7063B} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{1A1F56AA-3401-46F9-B277-D57F3421F821} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{A91FB93D-7561-4524-8484-5C27C8FA8D42} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/unicows.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/unicows.dll\\.Owner -> {48DD0448-9209-4F81-9F6D-D83562940134} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/unicows.dll\\{48DD0448-9209-4F81-9F6D-D83562940134} ->  -> 


[Registry - Additional Scans - Non-Microsoft Only]
< Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> 
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKEY_LOCAL_MACHINE] ->  [Display Panning CPL Extension] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Shell extensions for file compression] -> File not found
{7F67036B-66F1-411A-AD85-759FB9C5B0DB} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\ShellvRTF.dll [SampleView] -> XSS [Ver = 1, 0, 0, 1 | Size = 122880 bytes | Modified Date = 9/21/2002 1:42:28 AM | Attr =    ]
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr =    ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgse.dll [AVG8 Shell Extension] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 99608 bytes | Modified Date = 7/14/2008 7:49:28 PM | Attr =    ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [AVG8 Find Extension] -> File not found
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] ->  [Ver =  | Size = 129024 bytes | Modified Date = 9/20/2007 7:34:58 PM | Attr =    ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Inc. [Ver = 7.7.0.43 | Size = 132392 bytes | Modified Date = 7/10/2008 10:51:34 AM | Attr =    ]
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Sonic RecordNow!\shlext.dll [RecordNow! SendToExt] ->  [Ver = 7.0.0.0 | Size = 73728 bytes | Modified Date = 9/9/2004 5:02:00 PM | Attr =    ]
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 
0 -> [Key] -> 
0 -> FriendlyName = My Current Home Page -> 
0 -> Source = About:Home -> 
0 -> SubscribedURL = About:Home -> 
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> 
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/23/2005 10:05:26 PM | Attr =    ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk -> %SystemDrive%\PROGRA~1\Google\GOOGLE~3\GOOGLE~1.EXE -> File not found
< Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> 
Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 1/11/2008 10:16:38 PM | Attr =    ]
AGRSMMSG hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.41.10 2.1.41.10 06/29/2004 09:06:35 | Size = 88363 bytes | Modified Date = 6/29/2004 8:06:38 PM | Attr =    ]
AlcxMonitor hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %SystemRoot%\ALCXMNTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.5 | Size = 57344 bytes | Modified Date = 9/7/2004 11:47:52 PM | Attr =    ]
BitTorrent hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\BitTorrent\bittorrent.exe ->  [Ver =  | Size = 587568 bytes | Modified Date = 4/17/2008 1:47:53 PM | Attr =    ]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.bat [@ = batfile] ->  -> File not found
.cmd [@ = cmdfile] ->  -> File not found
.com [@ = ComFile] ->  -> File not found
.exe [@ = exefile] ->  -> File not found
.pif [@ = piffile] ->  -> File not found
.scr [@ = scrfile] ->  -> File not found


[Files/Folders - Created Within 90 days]
$AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ ->  [Folder | Created Date = 6/27/2008 7:26:31 PM | Attr =  H ]
ComboFix -> %SystemDrive%\ComboFix ->  [Folder | Created Date = 7/11/2008 7:48:03 PM | Attr =    ]
Deckard -> %SystemDrive%\Deckard ->  [Folder | Created Date = 7/5/2008 4:06:14 PM | Attr =    ]
QooBox -> %SystemDrive%\QooBox ->  [Folder | Created Date = 7/11/2008 7:45:54 PM | Attr =    ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Created Date = 7/11/2008 7:59:20 PM | Attr =  HS]
_OTMoveIt -> %SystemDrive%\_OTMoveIt ->  [Folder | Created Date = 7/8/2008 5:05:29 PM | Attr =    ]
Avg -> %SystemRoot%\System32\drivers\Avg ->  [Folder | Created Date = 7/14/2008 7:49:29 PM | Attr =    ]
avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg ->  [Ver =  | Size = 6061540 bytes | Created Date = 7/14/2008 7:49:29 PM | Attr =    ]
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm ->  [Ver =  | Size = 25610663 bytes | Created Date = 7/14/2008 7:49:32 PM | Attr =    ]
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg ->  [Ver =  | Size = 56504 bytes | Created Date = 7/14/2008 7:49:32 PM | Attr =    ]
miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg ->  [Ver =  | Size = 162021 bytes | Created Date = 7/14/2008 7:49:31 PM | Attr =    ]
avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Created Date = 7/14/2008 7:49:40 PM | Attr =    ]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Created Date = 7/14/2008 7:49:38 PM | Attr =    ]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Created Date = 7/8/2008 5:07:41 PM | Attr =    ]
mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys ->  [Ver =  | Size = 34296 bytes | Created Date = 7/8/2008 5:07:40 PM | Attr =    ]
avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Created Date = 7/14/2008 7:49:51 PM | Attr =    ]
avgrsstx.dll.old -> %SystemRoot%\System32\avgrsstx.dll.old -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Created Date = 6/27/2008 6:58:48 PM | Attr =    ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 7/8/2008 4:53:06 PM | Attr =    ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 73728 bytes | Created Date = 7/8/2008 4:53:06 PM | Attr =    ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 7/8/2008 4:53:06 PM | Attr =    ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 139264 bytes | Created Date = 7/8/2008 4:53:06 PM | Attr =    ]
QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.5 (861) | Size = 57344 bytes | Created Date = 5/27/2008 10:50:34 AM | Attr =    ]
QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.5 (861) | Size = 90112 bytes | Created Date = 5/27/2008 10:50:34 AM | Attr =    ]
avisplitter.INI -> %SystemRoot%\avisplitter.INI ->  [Ver =  | Size = 38 bytes | Created Date = 5/21/2008 11:56:54 PM | Attr =    ]
checkip.dat -> %SystemRoot%\checkip.dat ->  [Ver =  | Size = 1088 bytes | Created Date = 6/4/2008 6:20:11 PM | Attr =    ]
ERDNT -> %SystemRoot%\ERDNT ->  [Folder | Created Date = 7/5/2008 4:06:58 PM | Attr =    ]
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
fdsv.exe -> %SystemRoot%\fdsv.exe -> Smallfrogs Studio [Ver = 1, 2, 0, 22 | Size = 89504 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
grep.exe -> %SystemRoot%\grep.exe ->  [Ver =  | Size = 80412 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
ipconfig.dat -> %SystemRoot%\ipconfig.dat ->  [Ver =  | Size = 1226 bytes | Created Date = 6/4/2008 6:17:49 PM | Attr =    ]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1160 bytes | Created Date = 5/7/2008 1:21:19 PM | Attr =    ]
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.10 | Size = 28672 bytes | Created Date = 7/11/2008 7:48:06 PM | Attr =    ]
PIF -> %SystemRoot%\PIF ->  [Folder | Created Date = 5/29/2008 7:04:22 PM | Attr =  H ]
sed.exe -> %SystemRoot%\sed.exe ->  [Ver =  | Size = 98816 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
swreg.exe -> %SystemRoot%\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
swsc.exe -> %SystemRoot%\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
swxcacls.exe -> %SystemRoot%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Created Date = 7/11/2008 7:58:55 PM | Attr =    ]
VFind.exe -> %SystemRoot%\VFind.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
zip.exe -> %SystemRoot%\zip.exe ->  [Ver =  | Size = 68096 bytes | Created Date = 7/11/2008 7:45:51 PM | Attr =    ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
avg8 -> %AllUsersProfile%\Application Data\avg8 ->  [Folder | Created Date = 6/27/2008 6:58:15 PM | Attr =    ]
FunGames -> %AllUsersProfile%\Application Data\FunGames ->  [Folder | Created Date = 6/10/2008 12:12:08 AM | Attr =    ]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes ->  [Folder | Created Date = 7/8/2008 5:07:41 PM | Attr =    ]
Malwarebytes -> %AppData%\Malwarebytes ->  [Folder | Created Date = 7/8/2008 5:08:04 PM | Attr =    ]
prvlcl.dat -> %UserProfile%\Local Settings\Application Data\prvlcl.dat ->  [Ver =  | Size = 0 bytes | Created Date = 7/10/2008 4:18:25 PM | Attr =    ]
WorldWinner.com -> %UserProfile%\Local Settings\Application Data\WorldWinner.com ->  [Folder | Created Date = 6/9/2008 11:59:55 PM | Attr =    ]
AdbeRdrUpd811_all_i386.dmg -> %UserProfile%\My Documents\AdbeRdrUpd811_all_i386.dmg ->  [Ver =  | Size = 1032628 bytes | Created Date = 6/18/2008 4:58:39 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\My Documents\AdbeRdrUpd811_all_i386.dmg:Zone.Identifier
AVG Free 8.0.lnk -> %AllUsersProfile%\Desktop\AVG Free 8.0.lnk ->  [Ver =  | Size = 1515 bytes | Created Date = 7/14/2008 7:49:53 PM | Attr =    ]
iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk ->  [Ver =  | Size = 1804 bytes | Created Date = 7/12/2008 4:41:26 PM | Attr =    ]
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk ->  [Ver =  | Size = 704 bytes | Created Date = 7/8/2008 5:07:43 PM | Attr =    ]
QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk ->  [Ver =  | Size = 1612 bytes | Created Date = 7/12/2008 4:37:08 PM | Attr =    ]
ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe ->  [Ver =  | Size = 2611847 bytes | Created Date = 7/11/2008 7:42:57 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ComboFix.exe:Zone.Identifier
dss.exe -> %UserProfile%\Desktop\dss.exe ->  [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Created Date = 7/5/2008 4:05:48 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier
FW_befw11s4_v4_v1.50.13_ETSI_000_code -> %UserProfile%\Desktop\FW_befw11s4_v4_v1.50.13_ETSI_000_code ->  [Folder | Created Date = 6/10/2008 5:20:21 PM | Attr =    ]
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk ->  [Ver =  | Size = 1742 bytes | Created Date = 6/27/2008 9:28:07 PM | Attr =    ]
OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.3 | Size = 291840 bytes | Created Date = 7/8/2008 5:04:39 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier
OTScanIt -> %UserProfile%\Desktop\OTScanIt ->  [Folder | Created Date = 7/21/2008 1:18:11 AM | Attr =    ]
Compaq Connections.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Compaq Connections.lnk ->  [Ver =  | Size = 1918 bytes | Created Date = 7/14/2008 7:31:17 PM | Attr =    ]
Download Manager -> %CommonProgramFiles%\Download Manager ->  [Folder | Created Date = 6/27/2008 9:01:55 PM | Attr =    ]
Apple Software Update -> %ProgramFiles%\Apple Software Update ->  [Folder | Created Date = 5/14/2008 9:18:14 PM | Attr =    ]
AVG -> %ProgramFiles%\AVG ->  [Folder | Created Date = 6/27/2008 6:58:16 PM | Attr =    ]
Bonjour -> %ProgramFiles%\Bonjour ->  [Folder | Created Date = 7/12/2008 4:38:14 PM | Attr =    ]
iPod -> %ProgramFiles%\iPod ->  [Folder | Created Date = 7/12/2008 4:40:52 PM | Attr =    ]
iTunes -> %ProgramFiles%\iTunes ->  [Folder | Created Date = 5/14/2008 9:26:43 PM | Attr =    ]
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware ->  [Folder | Created Date = 7/8/2008 5:07:39 PM | Attr =    ]
Safari -> %ProgramFiles%\Safari ->  [Folder | Created Date = 7/12/2008 4:27:26 PM | Attr =    ]
Trend Micro -> %ProgramFiles%\Trend Micro ->  [Folder | Created Date = 6/27/2008 9:28:04 PM | Attr =    ]

[Files/Folders - Modified Within 90 days]
$AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ ->  [Folder | Modified Date = 7/16/2008 9:55:58 AM | Attr =  H ]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 281 bytes | Modified Date = 7/8/2008 7:39:57 PM | Attr = RHS]
ComboFix -> %SystemDrive%\ComboFix ->  [Folder | Modified Date = 7/11/2008 7:59:09 PM | Attr =    ]
Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Modified Date = 7/14/2008 7:49:05 PM | Attr =  H ]
Deckard -> %SystemDrive%\Deckard ->  [Folder | Modified Date = 7/5/2008 4:06:14 PM | Attr =    ]
Documents and Settings -> %SystemDrive%\Documents and Settings ->  [Folder | Modified Date = 7/14/2008 7:25:07 PM | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 200855552 bytes | Modified Date = 7/20/2008 3:25:38 PM | Attr =  HS]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 7/12/2008 4:40:52 PM | Attr = R  ]
QooBox -> %SystemDrive%\QooBox ->  [Folder | Modified Date = 7/11/2008 7:58:44 PM | Attr =    ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Modified Date = 7/14/2008 7:27:18 PM | Attr =  HS]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 7/20/2008 6:04:31 AM | Attr =    ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt ->  [Folder | Modified Date = 7/8/2008 5:05:29 PM | Attr =    ]
quartz.dll -> %SystemRoot%\System32\dllcache\quartz.dll ->  [Ver =  | Size = 1287680 bytes | Modified Date = 5/7/2008 1:18:48 AM | Attr =    ]
Avg -> %SystemRoot%\System32\drivers\Avg ->  [Folder | Modified Date = 7/21/2008 12:10:00 AM | Attr =    ]
avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg ->  [Ver =  | Size = 6061540 bytes | Modified Date = 7/14/2008 7:49:31 PM | Attr =    ]
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm ->  [Ver =  | Size = 25610663 bytes | Modified Date = 7/21/2008 12:09:43 AM | Attr =    ]
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg ->  [Ver =  | Size = 56504 bytes | Modified Date = 7/21/2008 12:09:43 AM | Attr =    ]
miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg ->  [Ver =  | Size = 162021 bytes | Modified Date = 7/16/2008 8:43:04 AM | Attr =    ]
avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Modified Date = 7/14/2008 7:49:40 PM | Attr =    ]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Modified Date = 7/14/2008 7:49:38 PM | Attr =    ]
etc -> %SystemRoot%\System32\drivers\etc ->  [Folder | Modified Date = 4/23/2008 12:02:47 PM | Attr =    ]
hosts -> %SystemRoot%\System32\drivers\etc\hosts ->  [Ver =  | Size = 231388 bytes | Modified Date = 4/23/2008 12:02:47 PM | Attr = R  ]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Modified Date = 7/7/2008 5:35:30 PM | Attr =    ]
mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys ->  [Ver =  | Size = 34296 bytes | Modified Date = 7/7/2008 5:35:36 PM | Attr =    ]
avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 7/14/2008 7:49:51 PM | Attr =    ]
avgrsstx.dll.old -> %SystemRoot%\System32\avgrsstx.dll.old -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Modified Date = 6/27/2008 6:58:48 PM | Attr =    ]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Modified Date = 7/14/2008 7:37:19 PM | Attr =    ]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Modified Date = 7/9/2008 2:04:21 AM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Modified Date = 7/14/2008 7:49:40 PM | Attr =    ]
DRVSTORE -> %SystemRoot%\System32\DRVSTORE ->  [Folder | Modified Date = 7/12/2008 4:34:01 PM | Attr =    ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Modified Date = 6/10/2008 1:21:01 AM | Attr =    ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 73728 bytes | Modified Date = 6/10/2008 2:32:34 AM | Attr =    ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Modified Date = 6/10/2008 1:21:04 AM | Attr =    ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 139264 bytes | Modified Date = 6/10/2008 2:32:34 AM | Attr =    ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat ->  [Ver =  | Size = 53436 bytes | Modified Date = 6/27/2008 9:05:40 PM | Attr =    ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat ->  [Ver =  | Size = 381692 bytes | Modified Date = 6/27/2008 9:05:40 PM | Attr =    ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 441626 bytes | Modified Date = 6/27/2008 9:05:37 PM | Attr =    ]
quartz.dll -> %SystemRoot%\System32\quartz.dll ->  [Ver =  | Size = 1287680 bytes | Modified Date = 5/7/2008 1:18:48 AM | Attr =    ]
QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.5 (861) | Size = 57344 bytes | Modified Date = 5/27/2008 10:50:34 AM | Attr =    ]
QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.5 (861) | Size = 90112 bytes | Modified Date = 5/27/2008 10:50:34 AM | Attr =    ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 1158 bytes | Modified Date = 7/15/2008 5:17:49 PM | Attr =    ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 7/9/2008 1:43:32 AM | Attr =  H ]
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
avisplitter.INI -> %SystemRoot%\avisplitter.INI ->  [Ver =  | Size = 38 bytes | Modified Date = 5/21/2008 11:58:11 PM | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 7/20/2008 3:25:40 PM | Attr =   S]
checkip.dat -> %SystemRoot%\checkip.dat ->  [Ver =  | Size = 1088 bytes | Modified Date = 6/4/2008 6:21:08 PM | Attr =    ]
Debug -> %SystemRoot%\Debug ->  [Folder | Modified Date = 7/9/2008 4:33:45 PM | Attr =    ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 7/11/2008 7:48:58 PM | Attr =   S]
ERDNT -> %SystemRoot%\ERDNT ->  [Folder | Modified Date = 7/11/2008 7:46:25 PM | Attr =    ]
ie7updates -> %SystemRoot%\ie7updates ->  [Folder | Modified Date = 6/10/2008 11:21:16 PM | Attr =    ]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 7/12/2008 4:34:01 PM | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 7/14/2008 7:49:14 PM | Attr =  HS]
ipconfig.dat -> %SystemRoot%\ipconfig.dat ->  [Ver =  | Size = 1226 bytes | Modified Date = 6/4/2008 6:17:50 PM | Attr =    ]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1160 bytes | Modified Date = 5/7/2008 1:21:22 PM | Attr =    ]
PIF -> %SystemRoot%\PIF ->  [Folder | Modified Date = 5/29/2008 7:04:22 PM | Attr =  H ]
popcinfo.dat -> %SystemRoot%\popcinfo.dat ->  [Ver =  | Size = 58 bytes | Modified Date = 4/23/2008 7:38:08 PM | Attr =    ]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 7/21/2008 1:18:34 AM | Attr =    ]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 273 bytes | Modified Date = 7/11/2008 7:54:04 PM | Attr =    ]
system32 -> %SystemRoot%\system32 ->  [Folder | Modified Date = 7/14/2008 7:53:19 PM | Attr =    ]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 6/27/2008 7:22:35 PM | Attr =   S]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Modified Date = 7/21/2008 1:17:17 AM | Attr =    ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 660 bytes | Modified Date = 7/8/2008 7:39:57 PM | Attr =    ]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 6/27/2008 6:57:44 PM | Attr =    ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job ->  [Ver =  | Size = 284 bytes | Modified Date = 7/17/2008 6:49:00 PM | Attr =    ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 7/20/2008 3:25:52 PM | Attr =  H ]
Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job ->  [Ver =  | Size = 378 bytes | Modified Date = 7/21/2008 1:17:36 AM | Attr =    ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Games\Zone.com Deluxe Games\Mozaki Blocks Deluxe\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Games\Zone.com Deluxe Games\Mozaki Blocks Deluxe ->  [Folder | Modified Date = 6/4/2005 8:56:51 PM | Attr =    ]
0000.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Games\Zone.com Deluxe Games\Mozaki Blocks Deluxe\0000.dat ->  [Ver =  | Size = 12516 bytes | Modified Date = 6/4/2005 9:36:49 PM | Attr =    ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader ->  [Folder | Modified Date = 10/26/2004 9:49:00 PM | Attr =    ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 5522 bytes | Modified Date = 7/20/2008 3:27:39 PM | Attr =    ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 5522 bytes | Modified Date = 7/20/2008 3:27:39 PM | Attr =    ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works ->  [Folder | Modified Date = 10/26/2004 10:34:07 PM | Attr =    ]
wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 5/19/2005 2:49:26 PM | Attr =    ]
wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat ->  [Ver =  | Size = 162451 bytes | Modified Date = 5/19/2005 2:52:26 PM | Attr =    ]
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp ->  [Folder | Modified Date = 7/20/2008 10:12:31 PM | Attr =    ]
GLB1A2B.EXE -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\GLB1A2B.EXE ->  [Ver =  | Size = 164864 bytes | Modified Date = 9/28/2001 6:00:28 PM | Attr =    ]
MCCCleanup.exe -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\MCCCleanup.exe -> Motive Communications, Inc. [Ver = 04.07.03.4.driven.mcc-uninst.20020808_203000 | Size = 118784 bytes | Modified Date = 11/3/2003 3:43:06 PM | Attr =    ]
4 C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp -> 
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp ->  [Folder | Modified Date = 7/20/2008 10:12:31 PM | Attr =    ]
IadHide5.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IadHide5.dll -> BackWeb [Ver = Version 6.3.2 (Build 62R) | Size = 24613 bytes | Modified Date = 10/26/2004 10:46:37 PM | Attr =    ]
4 C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp -> 
C:\WINDOWS\Temp\Cookies\ -> C:\WINDOWS\TEMP\Cookies ->  [Folder | Modified Date = 7/17/2008 6:50:30 PM | Attr =  HS]
index.dat -> C:\WINDOWS\TEMP\Cookies\index.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 7/17/2008 6:49:05 PM | Attr =  HS]
C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\ ->  [Folder | Modified Date = 7/17/2008 6:50:31 PM | Attr =  HS]
index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 7/17/2008 6:49:05 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ ->  [Folder | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
index.dat -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\index.dat ->  [Ver =  | Size = 32768 bytes | Modified Date = 7/17/2008 6:49:05 PM | Attr =  HS]
C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\ ->  [Folder | Modified Date = 7/17/2008 6:50:31 PM | Attr =  HS]
desktop.ini -> C:\WINDOWS\Temp\History\History.IE5\desktop.ini ->  [Ver =  | Size = 145 bytes | Modified Date = 7/17/2008 6:50:42 PM | Attr =    ]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ ->  [Folder | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
desktop.ini -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 7/17/2008 6:50:17 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\EDACP1YY\ -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\EDACP1YY ->  [Folder | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
desktop.ini -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\EDACP1YY\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MTLI2PJL\ -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\MTLI2PJL ->  [Folder | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
desktop.ini -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\MTLI2PJL\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 7/17/2008 6:50:20 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\NV9509WY\ -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\NV9509WY ->  [Folder | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
desktop.ini -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\NV9509WY\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\UJUS1H7R\ -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\UJUS1H7R ->  [Folder | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
desktop.ini -> C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\UJUS1H7R\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 7/17/2008 6:50:19 PM | Attr =  HS]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
avg8 -> %AllUsersProfile%\Application Data\avg8 ->  [Folder | Modified Date = 7/14/2008 7:47:07 PM | Attr =    ]
FunGames -> %AllUsersProfile%\Application Data\FunGames ->  [Folder | Modified Date = 6/10/2008 12:12:08 AM | Attr =    ]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes ->  [Folder | Modified Date = 7/8/2008 5:07:41 PM | Attr =    ]
Microsoft -> %AllUsersProfile%\Application Data\Microsoft ->  [Folder | Modified Date = 6/27/2008 7:22:53 PM | Attr =   S]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy ->  [Folder | Modified Date = 7/11/2008 7:58:52 PM | Attr =    ]
TEMP -> %AllUsersProfile%\Application Data\TEMP ->  [Folder | Modified Date = 6/27/2008 9:21:15 PM | Attr =    ]
@Alternate Data Stream - 125 bytes -> %AllUsersProfile%\Application Data\TEMP:083D3EEE
@Alternate Data Stream - 116 bytes -> %AllUsersProfile%\Application Data\TEMP:B623B5B8
@Alternate Data Stream - 106 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2
Adobe -> %AppData%\Adobe ->  [Folder | Modified Date = 5/7/2008 1:21:27 PM | Attr =    ]
BitTorrent -> %AppData%\BitTorrent ->  [Folder | Modified Date = 7/20/2008 3:33:40 PM | Attr =    ]
Lavasoft -> %AppData%\Lavasoft ->  [Folder | Modified Date = 6/27/2008 6:41:10 PM | Attr =    ]
Malwarebytes -> %AppData%\Malwarebytes ->  [Folder | Modified Date = 7/8/2008 5:08:04 PM | Attr =    ]
Microsoft -> %AppData%\Microsoft ->  [Folder | Modified Date = 7/14/2008 7:47:22 PM | Attr =   S]
Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer ->  [Folder | Modified Date = 7/12/2008 5:32:28 PM | Attr =    ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ->  [Ver =  | Size = 16896 bytes | Modified Date = 7/20/2008 4:00:21 AM | Attr =    ]
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db ->  [Ver =  | Size = 0 bytes | Modified Date = 7/20/2008 3:24:01 PM | Attr =  H ]
Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft ->  [Folder | Modified Date = 7/14/2008 7:47:22 PM | Attr =    ]
prvlcl.dat -> %UserProfile%\Local Settings\Application Data\prvlcl.dat ->  [Ver =  | Size = 0 bytes | Modified Date = 7/10/2008 4:49:07 PM | Attr =    ]
WorldWinner.com -> %UserProfile%\Local Settings\Application Data\WorldWinner.com ->  [Folder | Modified Date = 6/9/2008 11:59:55 PM | Attr =    ]
AdbeRdrUpd811_all_i386.dmg -> %UserProfile%\My Documents\AdbeRdrUpd811_all_i386.dmg ->  [Ver =  | Size = 1032628 bytes | Modified Date = 6/18/2008 4:58:42 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\My Documents\AdbeRdrUpd811_all_i386.dmg:Zone.Identifier
My Pictures -> %UserProfile%\My Documents\My Pictures ->  [Folder | Modified Date = 7/10/2008 11:52:11 AM | Attr = R  ]
My Videos -> %UserProfile%\My Documents\My Videos ->  [Folder | Modified Date = 7/6/2008 7:30:03 PM | Attr = R  ]
MySpaceIM Pics -> %UserProfile%\My Documents\MySpaceIM Pics ->  [Folder | Modified Date = 6/5/2008 12:15:02 PM | Attr =    ]
AVG Free 8.0.lnk -> %AllUsersProfile%\Desktop\AVG Free 8.0.lnk ->  [Ver =  | Size = 1515 bytes | Modified Date = 7/14/2008 7:49:53 PM | Attr =    ]
iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk ->  [Ver =  | Size = 1804 bytes | Modified Date = 7/12/2008 4:41:26 PM | Attr =    ]
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk ->  [Ver =  | Size = 704 bytes | Modified Date = 7/8/2008 5:07:43 PM | Attr =    ]
QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk ->  [Ver =  | Size = 1612 bytes | Modified Date = 7/12/2008 4:37:09 PM | Attr =    ]
ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe ->  [Ver =  | Size = 2611847 bytes | Modified Date = 7/11/2008 7:43:06 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ComboFix.exe:Zone.Identifier
dss.exe -> %UserProfile%\Desktop\dss.exe ->  [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Modified Date = 7/5/2008 4:05:56 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier
FW_befw11s4_v4_v1.50.13_ETSI_000_code -> %UserProfile%\Desktop\FW_befw11s4_v4_v1.50.13_ETSI_000_code ->  [Folder | Modified Date = 6/10/2008 5:20:21 PM | Attr =    ]
Gmail.url -> %UserProfile%\Desktop\Gmail.url ->  [Ver =  | Size = 541 bytes | Modified Date = 5/21/2008 9:13:02 PM | Attr =    ]
@Alternate Data Stream - 1406 bytes -> %UserProfile%\Desktop\Gmail.url:favicon
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk ->  [Ver =  | Size = 1742 bytes | Modified Date = 6/27/2008 9:28:08 PM | Attr =    ]
Mininova  The ultimate BitTorrent source!.url -> %UserProfile%\Desktop\Mininova  The ultimate BitTorrent source!.url ->  [Ver =  | Size = 7516 bytes | Modified Date = 7/19/2008 11:05:16 PM | Attr =    ]
@Alternate Data Stream - 318 bytes -> %UserProfile%\Desktop\Mininova  The ultimate BitTorrent source!.url:favicon
MySpace.url -> %UserProfile%\Desktop\MySpace.url ->  [Ver =  | Size = 41187 bytes | Modified Date = 7/20/2008 10:00:22 PM | Attr =    ]
@Alternate Data Stream - 1406 bytes -> %UserProfile%\Desktop\MySpace.url:favicon
OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.3 | Size = 291840 bytes | Modified Date = 7/8/2008 5:04:42 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier
OTScanIt -> %UserProfile%\Desktop\OTScanIt ->  [Folder | Modified Date = 7/21/2008 1:18:11 AM | Attr =    ]
Torrent files -> %UserProfile%\Desktop\Torrent files ->  [Folder | Modified Date = 7/20/2008 2:50:59 PM | Attr =    ]
YAHOO.url -> %UserProfile%\Desktop\YAHOO.url ->  [Ver =  | Size = 208 bytes | Modified Date = 6/6/2008 3:02:16 PM | Attr =    ]
@Alternate Data Stream - 1150 bytes -> %UserProfile%\Desktop\YAHOO.url:favicon
Compaq Connections.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Compaq Connections.lnk ->  [Ver =  | Size = 1918 bytes | Modified Date = 7/14/2008 7:31:19 PM | Attr =    ]
Download Manager -> %CommonProgramFiles%\Download Manager ->  [Folder | Modified Date = 6/27/2008 9:01:55 PM | Attr =    ]
Symantec Shared -> %CommonProgramFiles%\Symantec Shared ->  [Folder | Modified Date = 5/7/2008 9:28:37 AM | Attr =    ]

< End of report >
[/code]