[code] OTScanIt logfile created on: 01/08/2008 20:23:20 OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Documents and Settings\Robert Edwards\Desktop\OTScanIt Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.46% Memory free 3.85 Gb Paging File | 3.45 Gb Available in Paging File | 89.67% Paging File free Paging file location(s): G:\pagefile.sys 0 0; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.27 Gb Total Space | 15.48 Gb Free Space | 41.52% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 186.30 Gb Total Space | 17.57 Gb Free Space | 9.43% Space Free | Partition Type: NTFS Drive H: | 298.09 Gb Total Space | 11.72 Gb Free Space | 3.93% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: SOLID1 Current User Name: Robert Edwards Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4132 | Size = 413696 bytes | Modified Date = 03/05/2006 17:43:46 | Attr = ] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4132 | Size = 413696 bytes | Modified Date = 03/05/2006 17:43:46 | Attr = ] a2service.exe -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.471 | Size = 380536 bytes | Modified Date = 26/07/2008 03:11:17 | Attr = ] avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 231192 bytes | Modified Date = 01/08/2008 19:29:35 | Attr = ] ctsvccda.exe -> %SystemRoot%\system32\CTsvcCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13/12/1999 01:01:00 | Attr = ] dkservice.exe -> %ProgramFiles%\Executive Software\Diskeeper\DkService.exe -> Executive Software International, Inc. [Ver = 9.0.532.0 | Size = 606316 bytes | Modified Date = 26/07/2005 18:51:22 | Attr = ] speakerguard.exe -> %SystemDrive%\speakerguard\SpeakerGuard.exe -> Snarksoft [Ver = 1.0.0.0 | Size = 459264 bytes | Modified Date = 28/09/2002 22:49:24 | Attr = ] foldersizesvc.exe -> %ProgramFiles%\FolderSize\FolderSizeSvc.exe -> Brio [Ver = 1, 3, 0, 0 | Size = 98304 bytes | Modified Date = 24/03/2006 23:23:22 | Attr = ] mcsacore.exe -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [Ver = | Size = 206112 bytes | Modified Date = 23/07/2008 18:52:06 | Attr = ] avgtray.exe -> %ProgramFiles%\AVG\AVG8\avgtray.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 1232152 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] riomsc.exe -> %SystemRoot%\system32\RioMSC.exe -> Digital Networks North America, Inc. [Ver = 2.92 build 2 | Size = 282624 bytes | Modified Date = 22/09/2004 09:49:34 | Attr = ] cacheman.exe -> %ProgramFiles%\Cacheman\Cacheman.exe -> Outer Technologies [Ver = 5.5.0.30 | Size = 1290752 bytes | Modified Date = 31/07/2003 15:13:42 | Attr = ] usbsafelyremove.exe -> %ProgramFiles%\USB Safely Remove\USBSafelyRemove.exe -> [Ver = 4.0.4.695 | Size = 1181184 bytes | Modified Date = 14/07/2008 19:07:18 | Attr = ] clocx.exe -> %ProgramFiles%\ClocX\ClocX.exe -> BonSoft [Ver = 1, 5, 1, 1 | Size = 270336 bytes | Modified Date = 26/01/2005 10:04:50 | Attr = ] screensavercontrol.exe -> %ProgramFiles%\Screensaver Control\ScreensaverControl.exe -> Neuhaus13 Software [Ver = 1.0.10.6 | Size = 215040 bytes | Modified Date = 04/11/2006 18:19:17 | Attr = ] avgrsx.exe -> %ProgramFiles%\AVG\AVG8\avgrsx.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 287000 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] qaccess.exe -> %ProgramFiles%\Uniblue\ProcessLibrary\qaccess.exe -> Uniblue Systems Ltd [Ver = 1.2.1.0 | Size = 225280 bytes | Modified Date = 14/09/2006 11:15:42 | Attr = ] avgemc.exe -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] avant.exe -> %ProgramFiles%\Avant Browser\avant.exe -> Avant Force [Ver = 11.6.0.20 | Size = 1438208 bytes | Modified Date = 23/06/2008 10:04:24 | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 12/07/2008 09:29:54 | Attr = ] [Win32 Services - Non-Microsoft Only] (a2free) a-squared Free Service [Win32_Own | Auto | Running] -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.471 | Size = 380536 bytes | Modified Date = 26/07/2008 03:11:17 | Attr = ] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4132 | Size = 413696 bytes | Modified Date = 03/05/2006 17:43:46 | Attr = ] (ATI Smart) ATI Smart [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 03/05/2006 12:57:00 | Attr = ] (avg8emc) AVG Free8 E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] (avg8wd) AVG Free8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 231192 bytes | Modified Date = 01/08/2008 19:29:35 | Attr = ] (Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %SystemRoot%\system32\CTsvcCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13/12/1999 01:01:00 | Attr = ] (Diskeeper) Diskeeper [Win32_Own | Auto | Running] -> %ProgramFiles%\Executive Software\Diskeeper\DkService.exe -> Executive Software International, Inc. [Ver = 9.0.532.0 | Size = 606316 bytes | Modified Date = 26/07/2005 18:51:22 | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 05:56:50 | Attr = ] (FolderSize) Folder Size [Win32_Own | Auto | Running] -> %ProgramFiles%\FolderSize\FolderSizeSvc.exe -> Brio [Ver = 1, 3, 0, 0 | Size = 98304 bytes | Modified Date = 24/03/2006 23:23:22 | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 04/01/2007 02:40:21 | Attr = ] (McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [Ver = | Size = 206112 bytes | Modified Date = 23/07/2008 18:52:06 | Attr = ] (RioMSC) Rio MSC Manager [Win32_Own | Auto | Running] -> %SystemRoot%\system32\RioMSC.exe -> Digital Networks North America, Inc. [Ver = 2.92 build 2 | Size = 282624 bytes | Modified Date = 22/09/2004 09:49:34 | Attr = ] (ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 7, 0, 8, 0 | Size = 430592 bytes | Modified Date = 07/04/2008 09:17:30 | Attr = ] (TuneUp.Defrag) TuneUp Drive Defrag Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 07/07/2008 20:32:07 | Attr = ] (TUWinStylerThemeSvc) TuneUp WinStyler Theme Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\TuneUp Utilities 2006\WinStylerThemeSvc.exe -> File not found [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AVG8_TRAY -> %ProgramFiles%\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 1232152 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] DVD43 -> %ProgramFiles%\DVDIdle Pro\DVDIdlePro.exe [C:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe /hidden] -> Fengtao Software Inc. [Ver = 5, 9, 8, 63 | Size = 259072 bytes | Modified Date = 03/08/2006 18:38:00 | Attr = ] StartupDelayer -> %ProgramFiles%\r2 Studios\Startup Delayer\Startup Launcher GUI.exe ["C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe"] -> r2 studios [Ver = 2.03.0115 | Size = 31744 bytes | Modified Date = 16/03/2007 02:16:58 | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Cacheman -> %ProgramFiles%\Cacheman\Cacheman.exe [C:\PROGRA~1\Cacheman\Cacheman.exe] -> Outer Technologies [Ver = 5.5.0.30 | Size = 1290752 bytes | Modified Date = 31/07/2003 15:13:42 | Attr = ] USB Safely Remove -> %ProgramFiles%\USB Safely Remove\USBSafelyRemove.exe [C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup] -> [Ver = 4.0.4.695 | Size = 1181184 bytes | Modified Date = 14/07/2008 19:07:18 | Attr = ] < Run [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Cacheman -> %ProgramFiles%\Cacheman\Cacheman.exe [C:\PROGRA~1\Cacheman\Cacheman.exe] -> Outer Technologies [Ver = 5.5.0.30 | Size = 1290752 bytes | Modified Date = 31/07/2003 15:13:42 | Attr = ] USB Safely Remove -> %ProgramFiles%\USB Safely Remove\USBSafelyRemove.exe [C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup] -> [Ver = 4.0.4.695 | Size = 1181184 bytes | Modified Date = 14/07/2008 19:07:18 | Attr = ] < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> avgrsstx.dll -> %SystemRoot%\system32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 01/08/2008 19:29:51 | Attr = ] *MultiFile Done* -> -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1012 | Size = 77824 bytes | Modified Date = 13/05/2008 10:13:36 | Attr = ] {7E6B5923-3D2D-46DF-8B07-84F48BFB55EC} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found {93994DE8-8239-4655-B1D1-5F4E91300429} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\DVDIdle Pro\DVDShell.dll [] -> Fengtao Software Inc. [Ver = 5, 5, 0, 6 | Size = 49152 bytes | Modified Date = 09/10/2004 15:18:02 | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 13/06/2007 11:23:07 | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 04/08/2004 05:56:58 | Attr = ] *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe -> %AllUsersProfile%\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5594112 bytes | Modified Date = 09/07/2008 15:14:12 | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 26/10/2007 04:34:01 | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 04/08/2004 05:56:58 | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 19/04/2007 13:41:36 | Attr = ] AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4132 | Size = 61440 bytes | Modified Date = 03/05/2006 17:44:55 | Attr = ] WgaLogon -> -> File not found < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 94 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 144 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoAdminPage -> 1 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 144 -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoAdminPage -> 1 -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 04/08/2004 03:59:54 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 0 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomPIONEER_DVD-RW__DVR-115D________________1.18____\48_044453050323334305733204c202020202020 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> IDE\CdRomSAMSUNG_DVD-ROM_SD-616E_________________F504____\5&2dfcc752&1&0.1.0 -> < Drives - Autoruns > -> -> AutoFix.exe [MZ | ] -> G:\AutoFix.exe [ NTFS ] -> Microsoft Corporation [Ver = 5.2.3790.67 built by: srv03_qfe(wmbla) | Size = 78160 bytes | Modified Date = 02/05/2007 16:54:16 | Attr = ] < HOSTS File > (262601 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Bar -> http://home.microsoft.com/search/lobby/search.asp -> HKEY_CURRENT_USER\: Main\\Search Page -> http://home.microsoft.com/access/allinone.asp -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.co.uk/ -> HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\] > -> -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\: Main\\Search Bar -> http://home.microsoft.com/search/lobby/search.asp -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\: Main\\Search Page -> http://home.microsoft.com/access/allinone.asp -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\: Main\\Start Page -> http://www.google.co.uk/ -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4704 domain(s) found. -> 42 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7016 domain(s) found. -> 47 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4720 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 79 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4720 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 79 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4180 domain(s) found. -> 31 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4180 domain(s) found. -> 31 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7016 domain(s) found. -> 47 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Real\RealOne Player\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> RealPlayer [Ver = 1.0.0.522 | Size = 370296 bytes | Modified Date = 17/11/2007 21:06:27 | Attr = ] {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.136 | Size = 455960 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 07/07/2008 09:41:58 | Attr = ] {5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.07b | Size = 110644 bytes | Modified Date = 10/03/2004 02:04:00 | Attr = ] {724d43a9-0d85-11d4-9908-00400523e39a} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboForm.dll [Reg Error: Value does not exist or could not be read.] -> Siber Systems [Ver = 6-1-3 | Size = 3743744 bytes | Modified Date = 13/11/2004 14:28:56 | Attr = ] {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [Ver = | Size = 120608 bytes | Modified Date = 23/07/2008 12:21:20 | Attr = ] < Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {0BF43445-2F28-4351-9252-17FE6E806AA0} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [Ver = | Size = 120608 bytes | Modified Date = 23/07/2008 12:21:20 | Attr = ] {724d43a0-0d85-11d4-9908-00400523e39a} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboForm.dll [&RoboForm] -> Siber Systems [Ver = 6-1-3 | Size = 3743744 bytes | Modified Date = 13/11/2004 14:28:56 | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found ShellBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboForm.dll [&RoboForm] -> Siber Systems [Ver = 6-1-3 | Size = 3743744 bytes | Modified Date = 13/11/2004 14:28:56 | Attr = ] WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboForm.dll [&RoboForm] -> Siber Systems [Ver = 6-1-3 | Size = 3743744 bytes | Modified Date = 13/11/2004 14:28:56 | Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found ShellBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboForm.dll [&RoboForm] -> Siber Systems [Ver = 6-1-3 | Size = 3743744 bytes | Modified Date = 13/11/2004 14:28:56 | Attr = ] WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboForm.dll [&RoboForm] -> Siber Systems [Ver = 6-1-3 | Size = 3743744 bytes | Modified Date = 13/11/2004 14:28:56 | Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 10/06/2008 04:27:02 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 10/06/2008 04:27:02 | Attr = ] {320AF880-6646-11D3-ABEE-C5DBF3571F46}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Fill Forms] -> File not found {320AF880-6646-11D3-ABEE-C5DBF3571F49}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Save] -> File not found {724d43aa-0d85-11d4-9908-00400523e39a}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [RoboForm] -> File not found {C2A80015-C447-4dc4-82DD-AED83D6ED57E}:Exec -> %SystemDrive%\Microgaming\Poker\ladbrokesMPP\MPPoker.exe [Ladbrokes Poker] -> Microgaming [Ver = 2, 40, 0, 2 | Size = 18432 bytes | Modified Date = 03/07/2008 16:07:24 | Attr = ] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 07/07/2008 09:41:58 | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{320AF880-6646-11D3-ABEE-C5DBF3571F46} [HKEY_LOCAL_MACHINE] -> [Fill Forms] -> File not found CmdMapping\\{320AF880-6646-11D3-ABEE-C5DBF3571F49} [HKEY_LOCAL_MACHINE] -> [Save] -> File not found CmdMapping\\{724d43aa-0d85-11d4-9908-00400523e39a} [HKEY_LOCAL_MACHINE] -> [RoboForm] -> File not found CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{9455301C-CF6B-11D3-A266-00C04F689C50} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{A75C6120-9B36-11d4-A3F0-009027427750} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{C2A80015-C447-4dc4-82DD-AED83D6ED57E} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\Microgaming\Poker\ladbrokesMPP\MPPoker.exe [Ladbrokes Poker] -> Microgaming [Ver = 2, 40, 0, 2 | Size = 18432 bytes | Modified Date = 03/07/2008 16:07:24 | Attr = ] CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 07/07/2008 09:41:58 | Attr = ] CmdMapping\\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to AD Black List -> Reg Error: Value does not exist or could not be read. -> File not found Block All Images from the Same Server -> Reg Error: Value does not exist or could not be read. -> File not found Customize Menu &4 -> -> File not found Easy-WebPrint Add To Print List -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Easy-WebPrint High Speed Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Easy-WebPrint Preview -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Easy-WebPrint Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Fill Forms &] -> -> File not found Highlight -> Reg Error: Value does not exist or could not be read. -> File not found Open All Links in This Page... -> Reg Error: Value does not exist or could not be read. -> File not found Open In New Avant Browser -> Reg Error: Value does not exist or could not be read. -> File not found RoboForm &2 -> -> File not found Save Forms &[ -> -> File not found Search -> Reg Error: Value does not exist or could not be read. -> File not found < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{320AF880-6646-11D3-ABEE-C5DBF3571F46} [HKEY_LOCAL_MACHINE] -> [Fill Forms] -> File not found CmdMapping\\{320AF880-6646-11D3-ABEE-C5DBF3571F49} [HKEY_LOCAL_MACHINE] -> [Save] -> File not found CmdMapping\\{724d43aa-0d85-11d4-9908-00400523e39a} [HKEY_LOCAL_MACHINE] -> [RoboForm] -> File not found CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{9455301C-CF6B-11D3-A266-00C04F689C50} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{A75C6120-9B36-11d4-A3F0-009027427750} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{C2A80015-C447-4dc4-82DD-AED83D6ED57E} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\Microgaming\Poker\ladbrokesMPP\MPPoker.exe [Ladbrokes Poker] -> Microgaming [Ver = 2, 40, 0, 2 | Size = 18432 bytes | Modified Date = 03/07/2008 16:07:24 | Attr = ] CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 07/07/2008 09:41:58 | Attr = ] CmdMapping\\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\] > -> HKEY_USERS\S-1-5-21-1123561945-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to AD Black List -> Reg Error: Value does not exist or could not be read. -> File not found Block All Images from the Same Server -> Reg Error: Value does not exist or could not be read. -> File not found Customize Menu &4 -> -> File not found Easy-WebPrint Add To Print List -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Easy-WebPrint High Speed Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Easy-WebPrint Preview -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Easy-WebPrint Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll -> [Ver = 2, 5, 0, 25 | Size = 200704 bytes | Modified Date = 16/04/2004 19:42:08 | Attr = ] Fill Forms &] -> -> File not found Highlight -> Reg Error: Value does not exist or could not be read. -> File not found Open All Links in This Page... -> Reg Error: Value does not exist or could not be read. -> File not found Open In New Avant Browser -> Reg Error: Value does not exist or could not be read. -> File not found RoboForm &2 -> -> File not found Save Forms &[ -> -> File not found Search -> Reg Error: Value does not exist or could not be read. -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> Avant Browser -> IEAK -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {CB2B7A7F-7796-4698-81DE-050A98FBA389} -> (Winbond W89C940-Based Ethernet Adapter (Generic)) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> AVG Technologies CZ, s.r.o. [Ver = | Size = 79128 bytes | Modified Date = 01/08/2008 19:29:52 | Attr = ] msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll[McAfee SACore Protocol Handler] -> [Ver = | Size = 120608 bytes | Modified Date = 23/07/2008 12:21:20 | Attr = ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}[HKEY_LOCAL_MACHINE] -> http://www.apple.com/qtactivex/qtplugin.cab[QuickTime Object] -> {166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {20A60F0D-9AFA-4515-A0FD-83BD84642501}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[Checkers Class] -> {215B8138-A3CF-44C5-803F-8226143CFC0A}[HKEY_LOCAL_MACHINE] -> http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[Trend Micro ActiveX Scan Agent 6.6] -> {2917297F-F02B-4B9D-81DF-494B6333150B}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab[Minesweeper Flags Class] -> {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll[Installation Support] -> {67DABFBF-D0AB-41FA-9C46-CC0F21721616}[HKEY_LOCAL_MACHINE] -> http://go.divx.com/plugin/DivXBrowserPlugin.cab[DivXBrowserPlugin Object] -> {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab[MessengerStatsClient Class] -> {A90A5822-F108-45AD-8482-9BC8B12DD539}[HKEY_LOCAL_MACHINE] -> http://www.crucial.com/controls/cpcScanner.cab[Crucial cpcScan] -> {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}[HKEY_LOCAL_MACHINE] -> http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab[MsnMessengerSetupDownloadControl Class] -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[MessengerStatsClient Class] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Reg Error: Value does not exist or could not be read.] -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Reg Error: Value does not exist or could not be read.] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Reg Error: Key does not exist or could not be opened.] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> {D8089245-3211-40F6-819B-9E5E92CD61A2}[HKEY_LOCAL_MACHINE] -> https://flashcasino.ladbrokes.com/instant-play-en/FlashAX.cab[FlashXControl Object] -> {E8F628B5-259A-4734-97EE-BA914D7BE941}[HKEY_LOCAL_MACHINE] -> http://driveragent.com/files/driveragent.cab[Driver Agent ActiveX Control] -> {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab[Minesweeper Flags Class] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/MineSweeper.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/MineSweeper.dll\\.Owner -> {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/MineSweeper.dll\\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/cpcScan.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/cpcScan.dll\\.Owner -> {A90A5822-F108-45AD-8482-9BC8B12DD539} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/cpcScan.dll\\{A90A5822-F108-45AD-8482-9BC8B12DD539} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/driveragent.inf\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/driveragent.inf\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/driveragent.inf\\{E8F628B5-259A-4734-97EE-BA914D7BE941} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/driveragent.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/driveragent.ocx\\.Owner -> {E8F628B5-259A-4734-97EE-BA914D7BE941} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/driveragent.ocx\\{E8F628B5-259A-4734-97EE-BA914D7BE941} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/Housecall_ActiveX.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/Housecall_ActiveX.dll\\.Owner -> {6E5A37BF-FD42-463A-877C-4EB7002E68AE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/Housecall_ActiveX.dll\\{6E5A37BF-FD42-463A-877C-4EB7002E68AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LSSupCtl.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LSSupCtl.dll\\.Owner -> {1F2F4C9E-6F09-47BC-970D-3C54734667FE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LSSupCtl.dll\\{1F2F4C9E-6F09-47BC-970D-3C54734667FE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/messengerstatsclient.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/messengerstatsclient.dll\\.Owner -> {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/messengerstatsclient.dll\\{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\.Owner -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/minesweeper.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/minesweeper.dll\\.Owner -> {2917297F-F02B-4B9D-81DF-494B6333150B} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/minesweeper.dll\\{2917297F-F02B-4B9D-81DF-494B6333150B} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/msgrchkr.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/msgrchkr.dll\\.Owner -> {00B71CFB-6864-4346-A978-C0A14556272C} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnMessengerSetupDownloader.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnMessengerSetupDownloader.ocx\\.Owner -> {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnMessengerSetupDownloader.ocx\\{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan8.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan8.ocx\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan8.ocx\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravllio.vxd\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravllio.vxd\\.Owner -> {A3009861-330C-4E10-822B-39D16EC8829D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravllio.vxd\\{A3009861-330C-4E10-822B-39D16EC8829D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravonline.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravonline.dll\\.Owner -> {A3009861-330C-4E10-822B-39D16EC8829D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravonline.dll\\{A3009861-330C-4E10-822B-39D16EC8829D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravscan.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravscan.dll\\.Owner -> {A3009861-330C-4E10-822B-39D16EC8829D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravscan.dll\\{A3009861-330C-4E10-822B-39D16EC8829D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravupdt.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravupdt.dll\\.Owner -> {A3009861-330C-4E10-822B-39D16EC8829D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravupdt.dll\\{A3009861-330C-4E10-822B-39D16EC8829D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravupdt.ini\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravupdt.ini\\.Owner -> {A3009861-330C-4E10-822B-39D16EC8829D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ravupdt.ini\\{A3009861-330C-4E10-822B-39D16EC8829D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/rufsi.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/rufsi.dll\\.Owner -> {644E432F-49D3-41A1-8DD5-E099162EEEC5} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/rufsi.dll\\{644E432F-49D3-41A1-8DD5-E099162EEEC5} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sdclicense.txt\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sdclicense.txt\\.Owner -> {01010E00-5E80-11D8-9E86-0007E96C65AE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sdclicense.txt\\{01010E00-5E80-11D8-9E86-0007E96C65AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymAData.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymAData.dll\\.Owner -> {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymAData.dll\\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsi.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsi.dll\\.Owner -> {01010E00-5E80-11D8-9E86-0007E96C65AE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsi.dll\\{01010E00-5E80-11D8-9E86-0007E96C65AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\\.Owner -> {01012101-5E80-11D8-9E86-0007E96C65AE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\\{01012101-5E80-11D8-9E86-0007E96C65AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/danim.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/danim.dll\\{418b7744-c11f-d211-b14b-00a00a0b0c0d} -> {418b7744-c11f-d211-b14b-00a00a0b0c0d} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/danim.dll\\.Owner -> {418b7744-c11f-d211-b14b-00a00a0b0c0d} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ddrawex.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ddrawex.dll\\{418b7744-c11f-d211-b14b-00a00a0b0c0d} -> {418b7744-c11f-d211-b14b-00a00a0b0c0d} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ddrawex.dll\\.Owner -> {418b7744-c11f-d211-b14b-00a00a0b0c0d} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{6E5A37BF-FD42-463A-877C-4EB7002E68AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/mfc42.dll\\{215B8138-A3CF-44C5-803F-8226143CFC0A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcp60.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcp60.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcp60.dll\\{215B8138-A3CF-44C5-803F-8226143CFC0A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{6E5A37BF-FD42-463A-877C-4EB7002E68AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcrt.dll\\{215B8138-A3CF-44C5-803F-8226143CFC0A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{6E5A37BF-FD42-463A-877C-4EB7002E68AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/olepro32.dll\\{215B8138-A3CF-44C5-803F-8226143CFC0A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/quartz.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/quartz.dll\\{418b7744-c11f-d211-b14b-00a00a0b0c0d} -> {418b7744-c11f-d211-b14b-00a00a0b0c0d} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/quartz.dll\\.Owner -> {418b7744-c11f-d211-b14b-00a00a0b0c0d} -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableRemoteConnect -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 04/08/2004 05:56:44 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 15/06/2005 18:49:30 | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 04/08/2004 05:56:44 | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 25/04/2007 15:21:15 | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 24/03/2006 05:37:50 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 688 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 04/08/2004 05:56:46 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 04/08/2004 05:56:46 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 9F 70 16 DD FE 80 93 EB C6 3B C3 20 1F F6 82 52 65 33 62 64 62 65 33 31 00 FD 07 00 C8 47 00 00 34 FA 07 00 56 82 7C 75 20 FA 07 00 40 FD 07 00 4C FD 07 00 5C F5 87 49 48 15 BD F4 CF 8C 21 E3 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> 1D 97 DE 86 5A 33 76 AA 10 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> 68 34 5A 8C 04 B2 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> %SystemRoot%\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 23/08/2001 13:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> 5B D0 6F FC 35 42 98 AB 76 85 FA E1 AA D2 F4 93 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 80 2B E0 89 56 2A C5 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 CE 2E 70 DF 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 CE 2E 70 DF 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 CE 2E 70 DF 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 04/08/2004 05:56:58 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 50568 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 04/08/2004 05:56:44 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 04/08/2004 05:56:58 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 13:44:50 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 12:34:02 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> %ProgramFiles%\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 18:18:24 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 12:34:02 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Avant Browser\avant.exe -> %ProgramFiles%\Avant Browser\avant.exe [C:\Program Files\Avant Browser\avant.exe:*:Enabled:Avant Browser] -> Avant Force [Ver = 11.6.0.20 | Size = 1438208 bytes | Modified Date = 23/06/2008 10:04:24 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AM-DeadLink\deadlink.exe -> %ProgramFiles%\AM-DeadLink\deadlink.exe [C:\Program Files\AM-DeadLink\deadlink.exe:*:Enabled:AM-DeadLink] -> [Ver = 3.0.1.1 | Size = 797776 bytes | Modified Date = 11/04/2007 10:33:30 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Any Video Converter\VideoConverter.exe -> %ProgramFiles%\Any Video Converter\VideoConverter.exe [C:\Program Files\Any Video Converter\VideoConverter.exe:*:Enabled:Any Video Converter] -> Any-Video-Converter.com [Ver = 2, 5, 2, 1 | Size = 1323008 bytes | Modified Date = 21/12/2007 12:34:38 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Audible\Bin\adhelper.exe -> %ProgramFiles%\Audible\Bin\adhelper.exe [C:\Program Files\Audible\Bin\adhelper.exe:*:Enabled:Audible Download Manager] -> Audible [Ver = 4.6.1.4 | Size = 307200 bytes | Modified Date = 23/03/2005 17:56:06 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Audible\Bin\Manager.exe -> %ProgramFiles%\Audible\Bin\Manager.exe [C:\Program Files\Audible\Bin\Manager.exe:*:Enabled:AudibleManager] -> Audible Inc. [Ver = 4, 0, 0, 0 | Size = 1679360 bytes | Modified Date = 14/06/2005 12:26:46 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Goland\Audio DVD Creator\AudioDVD.exe -> %ProgramFiles%\Goland\Audio DVD Creator\AudioDVD.exe [C:\Program Files\Goland\Audio DVD Creator\AudioDVD.exe:*:Enabled:Audio DVD Creator] -> Goland Tech Ltd. [Ver = 1, 9, 1, 0 | Size = 1064448 bytes | Modified Date = 03/03/2005 14:05:32 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Anti-Rootkit Free\avgarkt.exe -> %ProgramFiles%\Grisoft\AVG Anti-Rootkit Free\avgarkt.exe [C:\Program Files\Grisoft\AVG Anti-Rootkit Free\avgarkt.exe:*:Enabled:AVG Anti-Rootkit Free] -> Grisoft [Ver = 1, 1, 0, 42 | Size = 2318336 bytes | Modified Date = 31/01/2007 14:33:56 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgw.exe -> %ProgramFiles%\Grisoft\AVG7\avgw.exe [C:\Program Files\Grisoft\AVG7\avgw.exe:*:Enabled:AVG Test Center] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgvv.exe -> %ProgramFiles%\Grisoft\AVG7\avgvv.exe [C:\Program Files\Grisoft\AVG7\avgvv.exe:*:Enabled:AVG Virus Vault] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\CCleaner\ccleaner.exe -> %ProgramFiles%\CCleaner\ccleaner.exe [C:\Program Files\CCleaner\ccleaner.exe:*:Enabled:CCleaner] -> Piriform Ltd [Ver = 2, 10, 0, 618 | Size = 1213680 bytes | Modified Date = 29/07/2008 14:41:52 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\CDCheck\CDCheck.exe -> %ProgramFiles%\CDCheck\CDCheck.exe [C:\Program Files\CDCheck\CDCheck.exe:*:Enabled:CDCheck] -> Fusion [Ver = 3.1.13.0 | Size = 2463744 bytes | Modified Date = 12/04/2007 17:14:49 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Canon\CD-LabelPrint\CDLabelPrint.exe -> %ProgramFiles%\Canon\CD-LabelPrint\CDLabelPrint.exe [C:\Program Files\Canon\CD-LabelPrint\CDLabelPrint.exe:*:Enabled:CD-LabelPrint] -> Media Navigation,Inc/Monolith Corp. [Ver = 1.0.2.0 | Size = 2272256 bytes | Modified Date = 30/04/2004 02:02:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\ClocX\ClocX.exe -> %ProgramFiles%\ClocX\ClocX.exe [C:\Program Files\ClocX\ClocX.exe:*:Enabled:ClocX] -> BonSoft [Ver = 1, 5, 1, 1 | Size = 270336 bytes | Modified Date = 26/01/2005 10:04:50 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\JetAudio\JetAudio.exe -> %ProgramFiles%\JetAudio\JetAudio.exe [C:\Program Files\JetAudio\JetAudio.exe:*:Enabled:COWON Media Center - jetAudio] -> COWON America, Inc. [Ver = 7, 1, 1, 3101 | Size = 2748484 bytes | Modified Date = 27/05/2008 16:42:26 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Creative\SBLive\PlayCenter2\CTPlay2.exe -> %ProgramFiles%\Creative\SBLive\PlayCenter2\CTPlay2.exe [C:\Program Files\Creative\SBLive\PlayCenter2\CTPlay2.exe:*:Enabled:Creative PlayCenter] -> Creative Technology Ltd. [Ver = 3.01.29.0 | Size = 638976 bytes | Modified Date = 17/06/2002 03:01:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DVD Shrink\DVD Shrink 3.2.exe -> %ProgramFiles%\DVD Shrink\DVD Shrink 3.2.exe [C:\Program Files\DVD Shrink\DVD Shrink 3.2.exe:*:Enabled:DVD Shrink 3.2] -> DVD Shrink [Ver = 3.2.0.15 | Size = 598086 bytes | Modified Date = 26/07/2004 04:16:20 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DVDIdle Pro\DVDIdlePro.exe -> %ProgramFiles%\DVDIdle Pro\DVDIdlePro.exe [C:\Program Files\DVDIdle Pro\DVDIdlePro.exe:*:Enabled:DVDIdle Pro] -> Fengtao Software Inc. [Ver = 5, 9, 8, 63 | Size = 259072 bytes | Modified Date = 03/08/2006 18:38:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Full Tilt Poker\FullTiltPoker.exe -> %ProgramFiles%\Full Tilt Poker\FullTiltPoker.exe [C:\Program Files\Full Tilt Poker\FullTiltPoker.exe:*:Enabled:Full Tilt Poker] -> Full Tilt Poker [Ver = 4, 14, 34, 6 | Size = 3710976 bytes | Modified Date = 09/07/2008 03:42:05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\GRETECH\GomPlayer\GOM.exe -> %ProgramFiles%\GRETECH\GomPlayer\GOM.exe [C:\Program Files\GRETECH\GomPlayer\GOM.exe:*:Enabled:GOM Player] -> Gretech Corp. [Ver = 2, 1, 9, 3754 | Size = 2602552 bytes | Modified Date = 25/03/2008 05:23:12 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Trend Micro\HijackThis\HijackThis.exe -> %ProgramFiles%\Trend Micro\HijackThis\HijackThis.exe [C:\Program Files\Trend Micro\HijackThis\HijackThis.exe:*:Enabled:HijackThis] -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 396288 bytes | Modified Date = 27/09/2007 17:22:54 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Ahead\Nero\nero.exe -> %ProgramFiles%\Ahead\Nero\nero.exe [C:\Program Files\Ahead\Nero\nero.exe:*:Enabled:Nero Burning ROM] -> Ahead Software AG [Ver = 6, 6, 1, 15 | Size = 16855108 bytes | Modified Date = 13/12/2006 13:51:46 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Outlook Express\msimn.exe -> %ProgramFiles%\Outlook Express\msimn.exe [C:\Program Files\Outlook Express\msimn.exe:*:Enabled:Outlook Express] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60416 bytes | Modified Date = 04/08/2004 05:56:54 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\ladbrokesMPP\MPPoker.exe -> %ProgramFiles%\ladbrokesMPP\MPPoker.exe [C:\Program Files\ladbrokesMPP\MPPoker.exe:*:Enabled:Play Poker!] -> Microgaming [Ver = 2, 40, 0, 2 | Size = 18432 bytes | Modified Date = 27/07/2008 23:58:44 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Sonic\RecordNow! Deluxe\RecordNow.exe -> %ProgramFiles%\Sonic\RecordNow! Deluxe\RecordNow.exe [C:\Program Files\Sonic\RecordNow! Deluxe\RecordNow.exe:*:Enabled:RecordNow! Deluxe] -> [Ver = 7.00.27a | Size = 1884160 bytes | Modified Date = 01/03/2004 09:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\VS Revo Group\Revo Uninstaller\revouninstaller.exe -> %ProgramFiles%\VS Revo Group\Revo Uninstaller\revouninstaller.exe [C:\Program Files\VS Revo Group\Revo Uninstaller\revouninstaller.exe:*:Enabled:Revo Uninstaller] -> VS Revo Group [Ver = 1, 7, 1, 0 | Size = 428544 bytes | Modified Date = 17/06/2008 08:23:42 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Spam Manager\SpamMgrPersonal.exe -> %ProgramFiles%\Spam Manager\SpamMgrPersonal.exe [C:\Program Files\Spam Manager\SpamMgrPersonal.exe:*:Enabled:Spam Manager] -> eon Technologies [Ver = 0, 1, 1, 8 | Size = 360448 bytes | Modified Date = 03/01/2005 11:00:58 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe -> %ProgramFiles%\Spybot - Search & Destroy\SpybotSD.exe [C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe:*:Enabled:Spybot - Search & Destroy] -> Safer Networking Limited [Ver = 1, 6, 0, 30 | Size = 4891472 bytes | Modified Date = 07/07/2008 09:42:04 | Attr = RHS] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SpywareBlaster\spywareblaster.exe -> %ProgramFiles%\SpywareBlaster\spywareblaster.exe [C:\Program Files\SpywareBlaster\spywareblaster.exe:*:Enabled:SpywareBlaster] -> [Ver = 4.01 | Size = 1320464 bytes | Modified Date = 11/06/2008 01:58:50 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe:*:Enabled:SUPERAntiSpyware Free Edition] -> SUPERAntiSpyware.com [Ver = 4, 15, 0, 1000 | Size = 1506544 bytes | Modified Date = 03/06/2008 23:14:51 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\TuneUp Utilities 2007\Integrator.exe -> %ProgramFiles%\TuneUp Utilities 2007\Integrator.exe [C:\Program Files\TuneUp Utilities 2007\Integrator.exe:*:Enabled:TuneUp Utilities 2007] -> TuneUp Software GmbH [Ver = 6.0.2200.230 | Size = 462856 bytes | Modified Date = 26/04/2007 21:50:48 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\WinRAR\WinRAR.exe -> %ProgramFiles%\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe:*:Enabled:WinRAR] -> [Ver = | Size = 823296 bytes | Modified Date = 29/07/2003 13:27:26 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe -> %ProgramFiles%\Spybot - Search & Destroy\SDUpdate.exe [C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe:*:Enabled:Update Spybot-S&D] -> Safer Networking Limited [Ver = 1.6.0.8 | Size = 1429840 bytes | Modified Date = 07/07/2008 09:42:00 | Attr = RHS] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Real\RealOne Player\realplay.exe -> %ProgramFiles%\Real\RealOne Player\realplay.exe [C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealPlayer] -> RealNetworks, Inc. [Ver = 11.0.0.372 | Size = 214560 bytes | Modified Date = 17/11/2007 21:06:07 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DNA\btdna.exe -> %ProgramFiles%\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> BitTorrent, Inc. [Ver = 2.0.1.9795 | Size = 289088 bytes | Modified Date = 03/06/2008 19:54:23 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BitTorrent\bittorrent.exe -> %ProgramFiles%\BitTorrent\bittorrent.exe [C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [Ver = | Size = 587568 bytes | Modified Date = 29/04/2008 18:51:26 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\G:\DC++\DCPlusPlus.exe -> G:\DC++\DCPlusPlus.exe [G:\DC++\DCPlusPlus.exe:*:Enabled:DC++] -> [Ver = 0, 7, 0, 7 | Size = 5571584 bytes | Modified Date = 22/06/2008 09:52:38 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgemc.exe -> %ProgramFiles%\AVG\AVG8\avgemc.exe [C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgupd.exe -> %ProgramFiles%\AVG\AVG8\avgupd.exe [C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 640280 bytes | Modified Date = 01/08/2008 19:29:38 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %SystemRoot%\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 04/08/2004 05:56:58 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> %SystemRoot%\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 04/08/2004 05:56:48 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 26/07/2005 05:39:49 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 04/08/2004 05:56:58 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 E0 AD 08 00 01 00 00 00 E8 03 00 00 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> %SystemRoot%\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 04/08/2004 05:56:46 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> %SystemRoot%\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 04/08/2004 05:56:58 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 26/07/2005 05:39:49 | Attr = ] TCPIP -> -> File not found NTLMSSP -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> [Files/Folders - Created Within 90 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 01/08/2008 18:31:05 | Attr = ] drmHeader.bin -> %SystemDrive%\drmHeader.bin -> [Ver = | Size = 3532 bytes | Created Date = 10/06/2008 16:02:17 | Attr = ] MWASPI -> %SystemDrive%\MWASPI -> [Folder | Created Date = 30/05/2008 17:51:01 | Attr = ] Team17 -> %SystemDrive%\Team17 -> [Folder | Created Date = 16/06/2008 19:03:48 | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 14/05/2008 15:53:55 | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 01/08/2008 20:17:52 | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Created Date = 01/08/2008 19:29:52 | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 6061540 bytes | Created Date = 01/08/2008 19:29:52 | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 25971466 bytes | Created Date = 01/08/2008 19:29:52 | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 110978 bytes | Created Date = 01/08/2008 19:29:52 | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 162021 bytes | Created Date = 01/08/2008 19:29:52 | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Created Date = 01/08/2008 19:29:58 | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Created Date = 01/08/2008 19:29:56 | Attr = ] avgtdix.sys -> %SystemRoot%\System32\drivers\avgtdix.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 76040 bytes | Created Date = 01/08/2008 19:30:05 | Attr = ] ccdcmb.sys -> %SystemRoot%\System32\drivers\ccdcmb.sys -> Nokia [Ver = 6.86.4.5 | Size = 16896 bytes | Created Date = 16/05/2008 11:35:28 | Attr = ] ccdcmbo.sys -> %SystemRoot%\System32\drivers\ccdcmbo.sys -> Nokia [Ver = 6.86.4.5 | Size = 19328 bytes | Created Date = 16/05/2008 11:35:29 | Attr = ] MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [Ver = | Size = 0 bytes | Created Date = 16/05/2008 11:38:23 | Attr = H ] Msft_Kernel_ccdcmb_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf -> [Ver = | Size = 0 bytes | Created Date = 16/05/2008 11:38:24 | Attr = H ] pccsmcfd.sys -> %SystemRoot%\System32\drivers\pccsmcfd.sys -> Nokia [Ver = 6.85.3.0 | Size = 21632 bytes | Created Date = 16/05/2008 11:35:49 | Attr = ] scdemu.sys -> %SystemRoot%\System32\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 4, 2, 0, 0 | Size = 56108 bytes | Created Date = 07/07/2008 08:40:49 | Attr = ] tmcomm.sys -> %SystemRoot%\System32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.6.0.1059 | Size = 102664 bytes | Created Date = 29/07/2008 13:25:49 | Attr = ] usbser_lowerflt.sys -> %SystemRoot%\System32\drivers\usbser_lowerflt.sys -> Windows (R) Codename Longhorn DDK provider [Ver = 6.0.6000.16386 built by: WinDDK | Size = 8064 bytes | Created Date = 16/05/2008 11:35:31 | Attr = ] usbser_lowerfltj.sys -> %SystemRoot%\System32\drivers\usbser_lowerfltj.sys -> Windows (R) Codename Longhorn DDK provider [Ver = 6.0.6000.16386 built by: WinDDK | Size = 8064 bytes | Created Date = 16/05/2008 11:35:31 | Attr = ] VC4CB104.SYS -> %SystemRoot%\System32\drivers\VC4CB104.SYS -> FUJI PHOTO FILM CO.,LTD. [Ver = 3, 0, 0, 0 | Size = 81924 bytes | Created Date = 30/05/2008 17:47:52 | Attr = ] ac3filter.acm -> %SystemRoot%\System32\ac3filter.acm -> [Ver = | Size = 380928 bytes | Created Date = 04/05/2008 19:49:04 | Attr = ] AudioGenie2.dll -> %SystemRoot%\System32\AudioGenie2.dll -> Stefan Toengi [Ver = 1, 0, 4, 0 | Size = 323584 bytes | Created Date = 23/05/2008 14:12:58 | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Created Date = 01/08/2008 19:29:51 | Attr = ] cook3260.dll -> %SystemRoot%\System32\cook3260.dll -> RealNetworks, Inc. [Ver = 10.0.0.1625 | Size = 65602 bytes | Created Date = 26/07/2008 02:32:14 | Attr = ] dcjqssio.ini -> %SystemRoot%\System32\dcjqssio.ini -> [Ver = | Size = 1806744 bytes | Created Date = 08/07/2008 01:47:05 | Attr = HS] drv23260.dll -> %SystemRoot%\System32\drv23260.dll -> RealNetworks, Inc. [Ver = 6.0.7.3928 | Size = 176165 bytes | Created Date = 26/07/2008 02:32:14 | Attr = ] drv33260.dll -> %SystemRoot%\System32\drv33260.dll -> RealNetworks, Inc. [Ver = 6.0.7.4085 | Size = 208935 bytes | Created Date = 26/07/2008 02:32:14 | Attr = ] drv43260.dll -> %SystemRoot%\System32\drv43260.dll -> RealNetworks, Inc. [Ver = 6.0.7.2389 | Size = 217127 bytes | Created Date = 26/07/2008 02:32:14 | Attr = ] eKSvyccf.ini -> %SystemRoot%\System32\eKSvyccf.ini -> [Ver = | Size = 1261 bytes | Created Date = 07/07/2008 20:35:37 | Attr = HS] FCLKBTN.DLL -> %SystemRoot%\System32\FCLKBTN.DLL -> FUJIFILM [Ver = 3, 0, 0, 0 | Size = 45056 bytes | Created Date = 30/05/2008 17:47:48 | Attr = ] FE05DA0D.dll -> %SystemRoot%\System32\FE05DA0D.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 3, 0, 0, 28 | Size = 299008 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05DA0D.FCL -> %SystemRoot%\System32\FE05DA0D.FCL -> [Ver = | Size = 20724 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05DA0D.FCP -> %SystemRoot%\System32\FE05DA0D.FCP -> [Ver = | Size = 333748 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05EFED.dll -> %SystemRoot%\System32\FE05EFED.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 4, 0, 0, 39 | Size = 401408 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05EFED.FCL -> %SystemRoot%\System32\FE05EFED.FCL -> [Ver = | Size = 20724 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05EFED.FCP -> %SystemRoot%\System32\FE05EFED.FCP -> [Ver = | Size = 383010 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F051.dll -> %SystemRoot%\System32\FE05F051.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 3, 0, 0, 32 | Size = 299008 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05F051.FCL -> %SystemRoot%\System32\FE05F051.FCL -> [Ver = | Size = 20724 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F051.FCP -> %SystemRoot%\System32\FE05F051.FCP -> [Ver = | Size = 380050 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F17D.dll -> %SystemRoot%\System32\FE05F17D.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 4, 6, 3, 0 | Size = 409600 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05F17D.FCL -> %SystemRoot%\System32\FE05F17D.FCL -> [Ver = | Size = 20724 bytes | Created Date = 30/05/2008 17:49:09 | Attr = ] FE05F17D.FCP -> %SystemRoot%\System32\FE05F17D.FCP -> [Ver = | Size = 403546 bytes | Created Date = 30/05/2008 17:49:09 | Attr = ] FE05F3D5.dll -> %SystemRoot%\System32\FE05F3D5.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 3, 0, 0, 29 | Size = 299008 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05F3D5.FCL -> %SystemRoot%\System32\FE05F3D5.FCL -> [Ver = | Size = 20724 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F3D5.FCP -> %SystemRoot%\System32\FE05F3D5.FCP -> [Ver = | Size = 621660 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F3D6.dll -> %SystemRoot%\System32\FE05F3D6.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 4, 0, 0, 53 | Size = 401408 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05F3D6.FCL -> %SystemRoot%\System32\FE05F3D6.FCL -> [Ver = | Size = 20724 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F3D6.FCP -> %SystemRoot%\System32\FE05F3D6.FCP -> [Ver = | Size = 645428 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F3D7.dll -> %SystemRoot%\System32\FE05F3D7.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 4, 5, 6, 0 | Size = 380928 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FE05F3D7.FCL -> %SystemRoot%\System32\FE05F3D7.FCL -> [Ver = | Size = 20724 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FE05F3D7.FCP -> %SystemRoot%\System32\FE05F3D7.FCP -> [Ver = | Size = 626962 bytes | Created Date = 30/05/2008 17:49:08 | Attr = ] FFRAFLIB.DLL -> %SystemRoot%\System32\FFRAFLIB.DLL -> FUJI PHOTO FILM CO., LTD. [Ver = 1, 0, 3, 3 | Size = 159744 bytes | Created Date = 30/05/2008 17:48:28 | Attr = ] FFTIFF16.dll -> %SystemRoot%\System32\FFTIFF16.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 1, 0, 0, 2 | Size = 274432 bytes | Created Date = 30/05/2008 17:48:27 | Attr = ] FINFCHECK.dll -> %SystemRoot%\System32\FINFCHECK.dll -> FUJIFILM [Ver = 3, 0, 0, 0 | Size = 65536 bytes | Created Date = 30/05/2008 17:47:50 | Attr = ] FINFCOPY.dll -> %SystemRoot%\System32\FINFCOPY.dll -> FUJIFILM [Ver = 1, 0, 0, 0 | Size = 45056 bytes | Created Date = 30/05/2008 17:47:50 | Attr = ] FPXS2Pro.dll -> %SystemRoot%\System32\FPXS2Pro.dll -> FUJI PHOTO FILM CO., LTD. [Ver = 1, 0, 0, 1 | Size = 106496 bytes | Created Date = 30/05/2008 17:49:07 | Attr = ] FREGSHEX.DLL -> %SystemRoot%\System32\FREGSHEX.DLL -> FUJIFILM [Ver = 3, 0, 0, 4 | Size = 69632 bytes | Created Date = 30/05/2008 17:47:48 | Attr = ] initdebug.nfo -> %SystemRoot%\System32\initdebug.nfo -> [Ver = | Size = 45 bytes | Created Date = 22/06/2008 19:00:18 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 01/08/2008 20:08:47 | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 01/08/2008 20:08:47 | Attr = ] nmwcdcocls.dll -> %SystemRoot%\System32\nmwcdcocls.dll -> Nokia [Ver = 6.86.4.5 | Size = 95744 bytes | Created Date = 16/05/2008 11:35:28 | Attr = ] NormalizeDSP.dll -> %SystemRoot%\System32\NormalizeDSP.dll -> [Ver = | Size = 61440 bytes | Created Date = 28/05/2008 00:16:44 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Created Date = 07/07/2008 20:32:07 | Attr = ] vp7vfw.dll -> %SystemRoot%\System32\vp7vfw.dll -> On2.com [Ver = 7,0,8,0 | Size = 626688 bytes | Created Date = 26/07/2008 02:32:13 | Attr = ] ATIMMC.INI -> %SystemRoot%\ATIMMC.INI -> [Ver = | Size = 0 bytes | Created Date = 16/06/2008 19:06:17 | Attr = ] BM4f1e5dd8.xml -> %SystemRoot%\BM4f1e5dd8.xml -> [Ver = | Size = 110419 bytes | Created Date = 07/07/2008 20:37:03 | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 01/08/2008 18:31:38 | Attr = ] Icons -> %SystemRoot%\Icons -> [Folder | Created Date = 07/07/2008 20:38:46 | Attr = ] msfsetup.ini -> %SystemRoot%\msfsetup.ini -> [Ver = | Size = 133 bytes | Created Date = 30/05/2008 17:51:01 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 21/05/2008 19:53:37 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 21/05/2008 19:53:37 | Attr = H ] [Files Created - Additional Folder Scans - Non-Microsoft Only] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Created Date = 01/08/2008 19:29:32 | Attr = ] Installations -> %AllUsersProfile%\Application Data\Installations -> [Folder | Created Date = 16/05/2008 11:34:00 | Attr = ] McAfee -> %AllUsersProfile%\Application Data\McAfee -> [Folder | Created Date = 07/07/2008 19:35:37 | Attr = ] PC Suite -> %AllUsersProfile%\Application Data\PC Suite -> [Folder | Created Date = 16/05/2008 11:36:53 | Attr = ] SiteAdvisor -> %AllUsersProfile%\Application Data\SiteAdvisor -> [Folder | Created Date = 07/07/2008 19:35:37 | Attr = ] Trymedia -> %AllUsersProfile%\Application Data\Trymedia -> [Folder | Created Date = 03/07/2008 20:35:21 | Attr = ] {CFAB4006-0AE0-414D-866A-DCB2C46553CF} -> %AllUsersProfile%\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF} -> [Folder | Created Date = 05/07/2008 23:14:08 | Attr = ] {EEFA5AD6-80AE-44E9-B1E7-3005A085ADF7} -> %AllUsersProfile%\Application Data\{EEFA5AD6-80AE-44E9-B1E7-3005A085ADF7} -> [Folder | Created Date = 22/06/2008 18:59:15 | Attr = H ] Audacity -> %AppData%\Audacity -> [Folder | Created Date = 18/05/2008 15:28:43 | Attr = ] BitTorrent -> %AppData%\BitTorrent -> [Folder | Created Date = 03/06/2008 19:57:31 | Attr = ] DNA -> %AppData%\DNA -> [Folder | Created Date = 03/06/2008 19:54:22 | Attr = ] FUJIFILM -> %AppData%\FUJIFILM -> [Folder | Created Date = 30/05/2008 17:56:45 | Attr = ] HouseCall 6.6 -> %AppData%\HouseCall 6.6 -> [Folder | Created Date = 31/07/2008 01:35:49 | Attr = ] Hyperionics -> %AppData%\Hyperionics -> [Folder | Created Date = 22/06/2008 18:59:20 | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Created Date = 30/05/2008 14:08:52 | Attr = ] NMM-MetaData.db -> %AppData%\NMM-MetaData.db -> [Ver = | Size = 20472 bytes | Created Date = 16/05/2008 11:44:57 | Attr = ] Nokia -> %AppData%\Nokia -> [Folder | Created Date = 16/05/2008 11:36:33 | Attr = ] Nokia Multimedia Player -> %AppData%\Nokia Multimedia Player -> [Folder | Created Date = 13/06/2008 20:56:06 | Attr = ] PC Suite -> %AppData%\PC Suite -> [Folder | Created Date = 16/05/2008 11:36:54 | Attr = ] TweakNow WinSecret -> %AppData%\TweakNow WinSecret -> [Folder | Created Date = 09/07/2008 04:04:52 | Attr = ] USBSafelyRemove -> %AppData%\USBSafelyRemove -> [Folder | Created Date = 10/07/2008 13:03:50 | Attr = ] VideoReDo-TVSuite -> %AppData%\VideoReDo-TVSuite -> [Folder | Created Date = 19/05/2008 17:24:46 | Attr = ] vso_ts_preview.xml -> %AppData%\vso_ts_preview.xml -> [Ver = | Size = 668 bytes | Created Date = 26/07/2008 02:32:43 | Attr = ] AnVir -> %UserProfile%\Local Settings\Application Data\AnVir -> [Folder | Created Date = 27/07/2008 12:38:01 | Attr = ] DNA -> %UserProfile%\Local Settings\Application Data\DNA -> [Folder | Created Date = 03/06/2008 19:54:25 | Attr = ] Seven Zip -> %UserProfile%\Local Settings\Application Data\Seven Zip -> [Folder | Created Date = 22/06/2008 22:30:49 | Attr = ] Any Video Converter -> %UserProfile%\My Documents\Any Video Converter -> [Folder | Created Date = 06/07/2008 00:54:09 | Attr = ] BananaSplitsntsc.cld -> %UserProfile%\My Documents\BananaSplitsntsc.cld -> [Ver = | Size = 223232 bytes | Created Date = 05/05/2008 12:55:13 | Attr = ] ConvertXtoDVD -> %UserProfile%\My Documents\ConvertXtoDVD -> [Folder | Created Date = 26/07/2008 02:35:11 | Attr = ] Downloads -> %UserProfile%\My Documents\Downloads -> [Folder | Created Date = 03/06/2008 19:58:32 | Attr = ] Drake&Joshseries1.cld -> %UserProfile%\My Documents\Drake&Joshseries1.cld -> [Ver = | Size = 18432 bytes | Created Date = 02/07/2008 16:18:00 | Attr = ] euro - pounds.xls -> %UserProfile%\My Documents\euro - pounds.xls -> [Ver = | Size = 16896 bytes | Created Date = 10/07/2008 20:26:26 | Attr = ] Learnfromthepro's.cld -> %UserProfile%\My Documents\Learnfromthepro's.cld -> [Ver = | Size = 13312 bytes | Created Date = 05/07/2008 17:04:31 | Attr = ] media leaflet.pub -> %UserProfile%\My Documents\media leaflet.pub -> [Ver = | Size = 62976 bytes | Created Date = 24/06/2008 18:20:07 | Attr = ] My Widgets -> %UserProfile%\My Documents\My Widgets -> [Folder | Created Date = 28/07/2008 21:28:52 | Attr = ] PcSetup -> %UserProfile%\My Documents\PcSetup -> [Folder | Created Date = 26/07/2008 02:32:22 | Attr = ] PTGarage.cld -> %UserProfile%\My Documents\PTGarage.cld -> [Ver = | Size = 18944 bytes | Created Date = 30/06/2008 20:16:48 | Attr = ] TellyPrompter -> %UserProfile%\My Documents\TellyPrompter -> [Folder | Created Date = 07/07/2008 19:50:42 | Attr = ] erunt-setup.exe -> %UserProfile%\Desktop\erunt-setup.exe -> Lars Hederer [Ver = | Size = 791393 bytes | Created Date = 01/08/2008 20:11:42 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\erunt-setup.exe:Zone.Identifier ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [Ver = | Size = 592 bytes | Created Date = 01/08/2008 20:12:17 | Attr = ] fix.bat -> %UserProfile%\Desktop\fix.bat -> [Ver = | Size = 55 bytes | Created Date = 01/08/2008 20:16:13 | Attr = ] fix.reg -> %UserProfile%\Desktop\fix.reg -> [Ver = | Size = 127 bytes | Created Date = 01/08/2008 20:14:58 | Attr = ] Ladbrokes Poker.lnk -> %UserProfile%\Desktop\Ladbrokes Poker.lnk -> [Ver = | Size = 789 bytes | Created Date = 28/06/2008 21:22:56 | Attr = ] NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [Ver = | Size = 611 bytes | Created Date = 01/08/2008 20:12:19 | Attr = ] OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.3 | Size = 291840 bytes | Created Date = 01/08/2008 20:16:50 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 01/08/2008 20:21:53 | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568477 bytes | Created Date = 01/08/2008 20:21:17 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier Samsung D..Drive.lnk -> %UserProfile%\Desktop\Samsung D..Drive.lnk -> [Ver = | Size = 129 bytes | Created Date = 09/05/2008 19:07:35 | Attr = ] McAfee -> %CommonProgramFiles%\McAfee -> [Folder | Created Date = 26/07/2008 19:34:51 | Attr = ] Nokia -> %CommonProgramFiles%\Nokia -> [Folder | Created Date = 16/05/2008 11:36:05 | Attr = ] PCSuite -> %CommonProgramFiles%\PCSuite -> [Folder | Created Date = 16/05/2008 11:36:06 | Attr = ] Sony Shared -> %CommonProgramFiles%\Sony Shared -> [Folder | Created Date = 10/07/2008 12:50:30 | Attr = ] AC3Filter -> %ProgramFiles%\AC3Filter -> [Folder | Created Date = 04/05/2008 19:49:02 | Attr = ] AnVir Task Manager -> %ProgramFiles%\AnVir Task Manager -> [Folder | Created Date = 27/07/2008 12:38:21 | Attr = ] AOL Games -> %ProgramFiles%\AOL Games -> [Folder | Created Date = 03/07/2008 20:35:09 | Attr = ] Audacity 1.3 Beta (Unicode) -> %ProgramFiles%\Audacity 1.3 Beta (Unicode) -> [Folder | Created Date = 18/05/2008 15:28:39 | Attr = ] AVG -> %ProgramFiles%\AVG -> [Folder | Created Date = 01/08/2008 19:29:33 | Attr = ] AVI DivX to DVD SVCD VCD Converter -> %ProgramFiles%\AVI DivX to DVD SVCD VCD Converter -> [Folder | Created Date = 04/07/2008 21:39:23 | Attr = ] BitTorrent -> %ProgramFiles%\BitTorrent -> [Folder | Created Date = 03/06/2008 19:54:22 | Attr = ] Blaze Media Pro -> %ProgramFiles%\Blaze Media Pro -> [Folder | Created Date = 05/07/2008 23:14:23 | Attr = ] CD Recovery Toolbox Free -> %ProgramFiles%\CD Recovery Toolbox Free -> [Folder | Created Date = 22/06/2008 18:54:31 | Attr = ] DNA -> %ProgramFiles%\DNA -> [Folder | Created Date = 03/06/2008 19:54:22 | Attr = ] ERUNT -> %ProgramFiles%\ERUNT -> [Folder | Created Date = 01/08/2008 20:12:12 | Attr = ] FinePixViewer -> %ProgramFiles%\FinePixViewer -> [Folder | Created Date = 30/05/2008 17:48:18 | Attr = ] GNU -> %ProgramFiles%\GNU -> [Folder | Created Date = 30/06/2008 19:36:10 | Attr = ] Java -> %ProgramFiles%\Java -> [Folder | Created Date = 01/08/2008 20:08:03 | Attr = ] McAfee -> %ProgramFiles%\McAfee -> [Folder | Created Date = 26/07/2008 19:34:08 | Attr = ] Nokia -> %ProgramFiles%\Nokia -> [Folder | Created Date = 16/05/2008 11:35:23 | Attr = ] PC Connectivity Solution -> %ProgramFiles%\PC Connectivity Solution -> [Folder | Created Date = 16/05/2008 11:35:36 | Attr = ] PIXELA -> %ProgramFiles%\PIXELA -> [Folder | Created Date = 30/05/2008 17:49:27 | Attr = ] PowerISO -> %ProgramFiles%\PowerISO -> [Folder | Created Date = 14/06/2008 15:05:03 | Attr = ] Recover Keys -> %ProgramFiles%\Recover Keys -> [Folder | Created Date = 24/06/2008 11:40:12 | Attr = ] REGSHAVE -> %ProgramFiles%\REGSHAVE -> [Folder | Created Date = 30/05/2008 17:47:50 | Attr = ] ShrinkTo5Basic -> %ProgramFiles%\ShrinkTo5Basic -> [Folder | Created Date = 02/07/2008 23:56:35 | Attr = ] Sony -> %ProgramFiles%\Sony -> [Folder | Created Date = 10/07/2008 12:50:59 | Attr = ] SpeedFan -> %ProgramFiles%\SpeedFan -> [Folder | Created Date = 22/06/2008 19:00:20 | Attr = ] TellyPrompter -> %ProgramFiles%\TellyPrompter -> [Folder | Created Date = 07/07/2008 19:50:24 | Attr = ] TNT Screen Capture -> %ProgramFiles%\TNT Screen Capture -> [Folder | Created Date = 07/05/2008 14:52:08 | Attr = ] TweakNow RegCleaner Std -> %ProgramFiles%\TweakNow RegCleaner Std -> [Folder | Created Date = 09/07/2008 04:03:13 | Attr = ] TweakNow WinSecret -> %ProgramFiles%\TweakNow WinSecret -> [Folder | Created Date = 09/07/2008 04:04:52 | Attr = ] USB Safely Remove -> %ProgramFiles%\USB Safely Remove -> [Folder | Created Date = 10/07/2008 13:03:37 | Attr = ] VideoReDoTVSuite -> %ProgramFiles%\VideoReDoTVSuite -> [Folder | Created Date = 19/05/2008 17:24:46 | Attr = ] VSO -> %ProgramFiles%\VSO -> [Folder | Created Date = 26/07/2008 02:32:10 | Attr = ] [Files/Folders - Modified Within 90 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 389 bytes | Modified Date = 09/07/2008 15:13:48 | Attr = RHS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 01/08/2008 20:08:51 | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 01/08/2008 18:31:05 | Attr = ] drmHeader.bin -> %SystemDrive%\drmHeader.bin -> [Ver = | Size = 3532 bytes | Modified Date = 14/06/2008 15:28:49 | Attr = ] Microgaming -> %SystemDrive%\Microgaming -> [Folder | Modified Date = 28/06/2008 21:22:29 | Attr = ] MWASPI -> %SystemDrive%\MWASPI -> [Folder | Modified Date = 30/05/2008 17:51:06 | Attr = ] My Music -> %SystemDrive%\My Music -> [Folder | Modified Date = 10/07/2008 12:25:24 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 01/08/2008 20:12:12 | Attr = ] Team17 -> %SystemDrive%\Team17 -> [Folder | Modified Date = 22/06/2008 18:13:12 | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 08/07/2008 13:24:31 | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 01/08/2008 19:28:17 | Attr = R ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 01/08/2008 20:17:52 | Attr = ] quartz.dll -> %SystemRoot%\System32\dllcache\quartz.dll -> [Ver = | Size = 1287680 bytes | Modified Date = 07/05/2008 06:18:48 | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Modified Date = 01/08/2008 19:31:28 | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 6061540 bytes | Modified Date = 01/08/2008 19:29:52 | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 25971466 bytes | Modified Date = 01/08/2008 19:31:22 | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 110978 bytes | Modified Date = 01/08/2008 19:31:01 | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 162021 bytes | Modified Date = 01/08/2008 19:31:01 | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Modified Date = 01/08/2008 19:29:58 | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Modified Date = 01/08/2008 19:29:56 | Attr = ] avgtdix.sys -> %SystemRoot%\System32\drivers\avgtdix.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 76040 bytes | Modified Date = 01/08/2008 19:30:05 | Attr = ] Dvd43.sys -> %SystemRoot%\System32\drivers\Dvd43.sys -> Fengtao Software Inc. [Ver = 2, 6, 0, 28 | Size = 35296 bytes | Modified Date = 31/07/2008 01:29:39 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 29/07/2008 13:36:57 | Attr = ] HOSTS -> %SystemRoot%\System32\drivers\etc\HOSTS -> [Ver = | Size = 262601 bytes | Modified Date = 26/07/2008 03:07:26 | Attr = ] hosts.20080517-231327.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080517-231327.backup -> [Ver = | Size = 237228 bytes | Modified Date = 14/05/2008 16:18:52 | Attr = R ] hosts.20080523-192715.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080523-192715.backup -> [Ver = | Size = 245915 bytes | Modified Date = 17/05/2008 23:13:27 | Attr = R ] hosts.20080530-135523.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080530-135523.backup -> [Ver = | Size = 250225 bytes | Modified Date = 23/05/2008 19:27:15 | Attr = R ] hosts.20080623-233913.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080623-233913.backup -> [Ver = | Size = 251483 bytes | Modified Date = 30/05/2008 13:55:23 | Attr = R ] hosts.20080702-181559.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080702-181559.backup -> [Ver = | Size = 257277 bytes | Modified Date = 23/06/2008 23:39:13 | Attr = R ] hosts.20080707-232832.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080707-232832.backup -> [Ver = | Size = 258059 bytes | Modified Date = 02/07/2008 18:15:59 | Attr = R ] hosts.20080709-133503.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080709-133503.backup -> [Ver = | Size = 258059 bytes | Modified Date = 07/07/2008 23:28:32 | Attr = R ] hosts.20080709-144813.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080709-144813.backup -> [Ver = | Size = 258445 bytes | Modified Date = 09/07/2008 13:35:03 | Attr = R ] hosts.20080726-030726.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080726-030726.backup -> [Ver = | Size = 258445 bytes | Modified Date = 09/07/2008 14:48:13 | Attr = R ] MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 16/05/2008 11:38:23 | Attr = H ] Msft_Kernel_ccdcmb_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 16/05/2008 11:38:24 | Attr = H ] scdemu.sys -> %SystemRoot%\System32\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 4, 2, 0, 0 | Size = 56108 bytes | Modified Date = 07/07/2008 08:40:49 | Attr = ] umdf -> %SystemRoot%\System32\drivers\umdf -> [Folder | Modified Date = 16/05/2008 11:40:01 | Attr = ] MsftWdf_user_01_05_00.Wdf -> %SystemRoot%\System32\drivers\umdf\MsftWdf_user_01_05_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 16/05/2008 11:39:55 | Attr = H ] Msft_User_PCCSWpdDriver_01_05_00.Wdf -> %SystemRoot%\System32\drivers\umdf\Msft_User_PCCSWpdDriver_01_05_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 16/05/2008 11:40:01 | Attr = H ] AudioGenie2.dll -> %SystemRoot%\System32\AudioGenie2.dll -> Stefan Toengi [Ver = 1, 0, 4, 0 | Size = 323584 bytes | Modified Date = 23/05/2008 14:12:58 | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 01/08/2008 19:29:51 | Attr = ] BMXBkpCtrlState-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> %SystemRoot%\System32\BMXBkpCtrlState-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> [Ver = | Size = 28692 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] BMXCtrlState-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> %SystemRoot%\System32\BMXCtrlState-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> [Ver = | Size = 28692 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] BMXState-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> %SystemRoot%\System32\BMXState-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> [Ver = | Size = 16916 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] BMXStateBkp-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> %SystemRoot%\System32\BMXStateBkp-{00000000-00000000-00000009-00001102-00000002-00201102}.rfx -> [Ver = | Size = 16916 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 16/05/2008 11:37:28 | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 01/08/2008 18:32:58 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 08/07/2008 01:40:57 | Attr = ] dcjqssio.ini -> %SystemRoot%\System32\dcjqssio.ini -> [Ver = | Size = 1806744 bytes | Modified Date = 08/07/2008 07:36:45 | Attr = HS] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 09/07/2008 12:11:44 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 01/08/2008 19:30:05 | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 16/05/2008 11:36:30 | Attr = ] DVCState-{00000000-00000000-00000009-00001102-00000002-00201102}.dat -> %SystemRoot%\System32\DVCState-{00000000-00000000-00000009-00001102-00000002-00201102}.dat -> [Ver = | Size = 24 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] DVCStateBkp-{00000000-00000000-00000009-00001102-00000002-00201102}.dat -> %SystemRoot%\System32\DVCStateBkp-{00000000-00000000-00000009-00001102-00000002-00201102}.dat -> [Ver = | Size = 24 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] eKSvyccf.ini -> %SystemRoot%\System32\eKSvyccf.ini -> [Ver = | Size = 1261 bytes | Modified Date = 08/07/2008 01:47:24 | Attr = HS] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 345808 bytes | Modified Date = 11/06/2008 12:17:39 | Attr = ] initdebug.nfo -> %SystemRoot%\System32\initdebug.nfo -> [Ver = | Size = 45 bytes | Modified Date = 22/06/2008 19:00:20 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Modified Date = 10/06/2008 01:21:01 | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 73728 bytes | Modified Date = 10/06/2008 02:32:34 | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Modified Date = 10/06/2008 01:21:04 | Attr = ] NormalizeDSP.dll -> %SystemRoot%\System32\NormalizeDSP.dll -> [Ver = | Size = 61440 bytes | Modified Date = 28/05/2008 00:16:44 | Attr = ] quartz.dll -> %SystemRoot%\System32\quartz.dll -> [Ver = | Size = 1287680 bytes | Modified Date = 07/05/2008 06:18:48 | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.5 (861) | Size = 57344 bytes | Modified Date = 27/05/2008 10:50:34 | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.5 (861) | Size = 90112 bytes | Modified Date = 27/05/2008 10:50:34 | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 05/07/2008 21:56:18 | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 01/08/2008 19:52:59 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 07/07/2008 20:32:07 | Attr = ] uxtuneup.dll -> %SystemRoot%\System32\uxtuneup.dll -> TuneUp Software GmbH [Ver = 2.0.0.12 | Size = 28416 bytes | Modified Date = 29/05/2008 09:28:54 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 08/07/2008 01:40:20 | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2228 bytes | Modified Date = 01/08/2008 08:16:04 | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 09/07/2008 10:05:26 | Attr = H ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 09/07/2008 14:40:57 | Attr = R S] ATIMMC.INI -> %SystemRoot%\ATIMMC.INI -> [Ver = | Size = 0 bytes | Modified Date = 16/06/2008 19:06:17 | Attr = ] BM4f1e5dd8.xml -> %SystemRoot%\BM4f1e5dd8.xml -> [Ver = | Size = 110419 bytes | Modified Date = 08/07/2008 01:46:49 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 01/08/2008 19:54:11 | Attr = S] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 09/07/2008 16:23:04 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 01/08/2008 18:33:06 | Attr = S] DVDIdlePro.INI -> %SystemRoot%\DVDIdlePro.INI -> [Ver = | Size = 102 bytes | Modified Date = 31/07/2008 01:29:41 | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 01/08/2008 20:13:02 | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 29/06/2008 16:46:45 | Attr = R S] goldwave.ini -> %SystemRoot%\goldwave.ini -> [Ver = | Size = 1121 bytes | Modified Date = 16/05/2008 12:25:38 | Attr = ] Icons -> %SystemRoot%\Icons -> [Folder | Modified Date = 08/07/2008 01:40:00 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 27/07/2008 15:42:42 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 01/08/2008 20:08:03 | Attr = HS] msfsetup.ini -> %SystemRoot%\msfsetup.ini -> [Ver = | Size = 133 bytes | Modified Date = 30/05/2008 17:51:01 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 202 bytes | Modified Date = 22/06/2008 19:04:15 | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 05/07/2008 09:32:28 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 01/08/2008 20:17:14 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 21/05/2008 19:53:37 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 05/06/2008 12:13:22 | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 08/07/2008 01:40:20 | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 07/07/2008 21:13:14 | Attr = ] spidersam@ntlworld.com -> %SystemRoot%\spidersam@ntlworld.com -> [Ver = | Size = 304 bytes | Modified Date = 18/05/2008 15:27:49 | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 01/08/2008 19:18:37 | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 01/08/2008 20:17:52 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 07/07/2008 21:19:09 | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 01/08/2008 20:16:58 | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 01/08/2008 19:29:18 | Attr = ] {00000000-00000000-00000009-00001102-00000002-00201102}.CDF -> %SystemRoot%\{00000000-00000000-00000009-00001102-00000002-00201102}.CDF -> [Ver = | Size = 3373917 bytes | Modified Date = 08/07/2008 21:06:59 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 01/08/2008 19:54:15 | Attr = H ] C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help -> [Folder | Modified Date = 24/03/2005 15:21:34 | Attr = ] hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 9046 bytes | Modified Date = 27/03/2007 21:17:16 | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 16/03/2005 19:36:48 | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6770 bytes | Modified Date = 01/08/2008 19:56:26 | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 6770 bytes | Modified Date = 01/08/2008 19:56:26 | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 23/10/2006 21:23:19 | Attr = ] data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\data.dat -> [Ver = | Size = 1372 bytes | Modified Date = 23/04/2006 19:08:38 | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 8206 bytes | Modified Date = 16/03/2005 19:26:28 | Attr = ] C:\Documents and Settings\Robert Edwards\Local Settings\Temp\$.ficn$\index\ -> C:\Documents and Settings\Robert Edwards\Local Settings\Temp\$.ficn$\index -> [Folder | Modified Date = 01/08/2008 20:10:39 | Attr = ] index.dat -> C:\Documents and Settings\Robert Edwards\Local Settings\Temp\$.ficn$\index\index.dat -> [Ver = | Size = 25 bytes | Modified Date = 01/08/2008 20:10:39 | Attr = ] C:\Documents and Settings\Robert Edwards\Local Settings\Temp\$.ficn$\index\ -> C:\Documents and Settings\Robert Edwards\Local Settings\Temp\$.ficn$\index -> [Folder | Modified Date = 01/08/2008 20:10:39 | Attr = ] www.geekstogo.com.ini -> C:\Documents and Settings\Robert Edwards\Local Settings\Temp\$.ficn$\index\www.geekstogo.com.ini -> [Ver = | Size = 25 bytes | Modified Date = 01/08/2008 20:10:39 | Attr = ] C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 01/08/2008 20:20:44 | Attr = ] Perflib_Perfdata_10c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_10c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 01/08/2008 19:54:49 | Attr = ] Perflib_Perfdata_190.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_190.dat -> [Ver = | Size = 16384 bytes | Modified Date = 01/08/2008 18:26:32 | Attr = ] Perflib_Perfdata_ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_ec.dat -> [Ver = | Size = 16384 bytes | Modified Date = 01/08/2008 19:22:54 | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] ATI MMC -> %AllUsersProfile%\Application Data\ATI MMC -> [Folder | Modified Date = 16/06/2008 19:06:10 | Attr = ] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Modified Date = 01/08/2008 19:29:33 | Attr = ] DVD Shrink -> %AllUsersProfile%\Application Data\DVD Shrink -> [Folder | Modified Date = 27/07/2008 19:09:35 | Attr = ] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Modified Date = 01/08/2008 19:18:06 | Attr = ] Installations -> %AllUsersProfile%\Application Data\Installations -> [Folder | Modified Date = 16/05/2008 11:34:00 | Attr = ] McAfee -> %AllUsersProfile%\Application Data\McAfee -> [Folder | Modified Date = 26/07/2008 19:34:53 | Attr = ] PC Suite -> %AllUsersProfile%\Application Data\PC Suite -> [Folder | Modified Date = 16/05/2008 11:39:05 | Attr = ] SecTaskMan -> %AllUsersProfile%\Application Data\SecTaskMan -> [Folder | Modified Date = 28/07/2008 22:48:53 | Attr = ] SiteAdvisor -> %AllUsersProfile%\Application Data\SiteAdvisor -> [Folder | Modified Date = 26/07/2008 19:35:02 | Attr = ] Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Modified Date = 28/07/2008 18:13:42 | Attr = ] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Modified Date = 26/07/2008 03:13:21 | Attr = ] @Alternate Data Stream - 233 bytes -> %AllUsersProfile%\Application Data\TEMP:0888F409 @Alternate Data Stream - 116 bytes -> %AllUsersProfile%\Application Data\TEMP:4B7BEAFF @Alternate Data Stream - 120 bytes -> %AllUsersProfile%\Application Data\TEMP:5C321E34 @Alternate Data Stream - 211 bytes -> %AllUsersProfile%\Application Data\TEMP:66633281 Trymedia -> %AllUsersProfile%\Application Data\Trymedia -> [Folder | Modified Date = 03/07/2008 20:35:21 | Attr = ] {CFAB4006-0AE0-414D-866A-DCB2C46553CF} -> %AllUsersProfile%\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF} -> [Folder | Modified Date = 05/07/2008 23:14:44 | Attr = ] {EEFA5AD6-80AE-44E9-B1E7-3005A085ADF7} -> %AllUsersProfile%\Application Data\{EEFA5AD6-80AE-44E9-B1E7-3005A085ADF7} -> [Folder | Modified Date = 22/06/2008 18:59:15 | Attr = H ] Ashampoo -> %AppData%\Ashampoo -> [Folder | Modified Date = 01/07/2008 22:32:28 | Attr = ] Audacity -> %AppData%\Audacity -> [Folder | Modified Date = 04/07/2008 17:50:16 | Attr = ] BitTorrent -> %AppData%\BitTorrent -> [Folder | Modified Date = 01/08/2008 09:40:37 | Attr = ] DNA -> %AppData%\DNA -> [Folder | Modified Date = 22/06/2008 18:16:20 | Attr = ] FUJIFILM -> %AppData%\FUJIFILM -> [Folder | Modified Date = 30/05/2008 17:56:45 | Attr = ] HouseCall 6.6 -> %AppData%\HouseCall 6.6 -> [Folder | Modified Date = 31/07/2008 15:59:45 | Attr = ] Hyperionics -> %AppData%\Hyperionics -> [Folder | Modified Date = 22/06/2008 18:59:20 | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Modified Date = 30/05/2008 14:08:52 | Attr = ] Microgaming -> %AppData%\Microgaming -> [Folder | Modified Date = 31/07/2008 00:24:30 | Attr = ] NMM-MetaData.db -> %AppData%\NMM-MetaData.db -> [Ver = | Size = 20472 bytes | Modified Date = 16/05/2008 11:49:12 | Attr = ] Nokia -> %AppData%\Nokia -> [Folder | Modified Date = 16/05/2008 11:44:57 | Attr = ] Nokia Multimedia Player -> %AppData%\Nokia Multimedia Player -> [Folder | Modified Date = 13/06/2008 20:56:06 | Attr = ] PC Suite -> %AppData%\PC Suite -> [Folder | Modified Date = 16/05/2008 11:39:23 | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 20/05/2008 19:04:59 | Attr = ] TweakNow WinSecret -> %AppData%\TweakNow WinSecret -> [Folder | Modified Date = 09/07/2008 04:04:52 | Attr = ] USBSafelyRemove -> %AppData%\USBSafelyRemove -> [Folder | Modified Date = 10/07/2008 13:03:50 | Attr = ] VideoReDo-TVSuite -> %AppData%\VideoReDo-TVSuite -> [Folder | Modified Date = 07/07/2008 17:05:03 | Attr = ] VideoReDoPlus -> %AppData%\VideoReDoPlus -> [Folder | Modified Date = 17/05/2008 20:08:43 | Attr = ] Vso -> %AppData%\Vso -> [Folder | Modified Date = 26/07/2008 03:31:56 | Attr = ] vso_ts_preview.xml -> %AppData%\vso_ts_preview.xml -> [Ver = | Size = 668 bytes | Modified Date = 26/07/2008 03:31:55 | Attr = ] AnVir -> %UserProfile%\Local Settings\Application Data\AnVir -> [Folder | Modified Date = 27/07/2008 12:43:54 | Attr = ] Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer -> [Folder | Modified Date = 17/06/2008 21:04:51 | Attr = ] DNA -> %UserProfile%\Local Settings\Application Data\DNA -> [Folder | Modified Date = 03/06/2008 19:54:25 | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 109024 bytes | Modified Date = 10/06/2008 16:25:29 | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 5312148 bytes | Modified Date = 05/07/2008 09:42:39 | Attr = H ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 07/06/2008 19:39:07 | Attr = ] Paint.NET -> %UserProfile%\Local Settings\Application Data\Paint.NET -> [Folder | Modified Date = 09/07/2008 14:39:23 | Attr = ] Seven Zip -> %UserProfile%\Local Settings\Application Data\Seven Zip -> [Folder | Modified Date = 22/06/2008 22:30:49 | Attr = ] Any Video Converter -> %UserProfile%\My Documents\Any Video Converter -> [Folder | Modified Date = 06/07/2008 00:55:07 | Attr = ] BananaSplitsntsc.cld -> %UserProfile%\My Documents\BananaSplitsntsc.cld -> [Ver = | Size = 223232 bytes | Modified Date = 08/05/2008 17:13:17 | Attr = ] Benjamin -> %UserProfile%\My Documents\Benjamin -> [Folder | Modified Date = 14/05/2008 20:49:49 | Attr = ] ConvertXtoDVD -> %UserProfile%\My Documents\ConvertXtoDVD -> [Folder | Modified Date = 26/07/2008 02:35:51 | Attr = ] Downloads -> %UserProfile%\My Documents\Downloads -> [Folder | Modified Date = 28/07/2008 14:05:03 | Attr = ] Drake&Joshseries1.cld -> %UserProfile%\My Documents\Drake&Joshseries1.cld -> [Ver = | Size = 18432 bytes | Modified Date = 27/07/2008 18:18:01 | Attr = ] euro - pounds.xls -> %UserProfile%\My Documents\euro - pounds.xls -> [Ver = | Size = 16896 bytes | Modified Date = 10/07/2008 20:26:26 | Attr = ] FullTilt.cld -> %UserProfile%\My Documents\FullTilt.cld -> [Ver = | Size = 11776 bytes | Modified Date = 03/06/2008 19:51:24 | Attr = ] HighStakesPokerBestOf2.cld -> %UserProfile%\My Documents\HighStakesPokerBestOf2.cld -> [Ver = | Size = 13824 bytes | Modified Date = 31/07/2008 23:22:45 | Attr = ] HSP.cld -> %UserProfile%\My Documents\HSP.cld -> [Ver = | Size = 12288 bytes | Modified Date = 31/07/2008 23:13:46 | Attr = ] JohnPatrick.cld -> %UserProfile%\My Documents\JohnPatrick.cld -> [Ver = | Size = 11776 bytes | Modified Date = 04/06/2008 13:32:12 | Attr = ] Learnfromthepro's.cld -> %UserProfile%\My Documents\Learnfromthepro's.cld -> [Ver = | Size = 13312 bytes | Modified Date = 05/07/2008 17:04:31 | Attr = ] media leaflet.pub -> %UserProfile%\My Documents\media leaflet.pub -> [Ver = | Size = 62976 bytes | Modified Date = 24/06/2008 18:55:19 | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 16/05/2008 11:40:31 | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 09/07/2008 15:10:54 | Attr = R ] My PSP8 Files -> %UserProfile%\My Documents\My PSP8 Files -> [Folder | Modified Date = 11/06/2008 19:54:18 | Attr = ] My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [Ver = | Size = 586 bytes | Modified Date = 01/08/2008 13:56:30 | Attr = ] My Widgets -> %UserProfile%\My Documents\My Widgets -> [Folder | Modified Date = 28/07/2008 22:35:57 | Attr = ] OliverPokerRecord.xls -> %UserProfile%\My Documents\OliverPokerRecord.xls -> [Ver = | Size = 39424 bytes | Modified Date = 22/06/2008 21:16:08 | Attr = ] PcSetup -> %UserProfile%\My Documents\PcSetup -> [Folder | Modified Date = 26/07/2008 02:32:22 | Attr = ] pe work 2.pub -> %UserProfile%\My Documents\pe work 2.pub -> [Ver = | Size = 72192 bytes | Modified Date = 11/05/2008 19:43:40 | Attr = ] PTGarage.cld -> %UserProfile%\My Documents\PTGarage.cld -> [Ver = | Size = 18944 bytes | Modified Date = 30/06/2008 20:16:49 | Attr = ] TellyPrompter -> %UserProfile%\My Documents\TellyPrompter -> [Folder | Modified Date = 25/07/2008 20:22:31 | Attr = ] WPT.cld -> %UserProfile%\My Documents\WPT.cld -> [Ver = | Size = 11264 bytes | Modified Date = 28/07/2008 13:48:59 | Attr = ] Audio & Video -> %UserProfile%\Desktop\Audio & Video -> [Folder | Modified Date = 26/07/2008 02:42:54 | Attr = R ] erunt-setup.exe -> %UserProfile%\Desktop\erunt-setup.exe -> Lars Hederer [Ver = | Size = 791393 bytes | Modified Date = 01/08/2008 20:11:47 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\erunt-setup.exe:Zone.Identifier ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [Ver = | Size = 592 bytes | Modified Date = 01/08/2008 20:12:17 | Attr = ] fix.bat -> %UserProfile%\Desktop\fix.bat -> [Ver = | Size = 55 bytes | Modified Date = 01/08/2008 20:16:13 | Attr = ] fix.reg -> %UserProfile%\Desktop\fix.reg -> [Ver = | Size = 127 bytes | Modified Date = 01/08/2008 20:14:58 | Attr = ] Ladbrokes Poker.lnk -> %UserProfile%\Desktop\Ladbrokes Poker.lnk -> [Ver = | Size = 789 bytes | Modified Date = 28/06/2008 21:22:56 | Attr = ] NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [Ver = | Size = 611 bytes | Modified Date = 01/08/2008 20:12:19 | Attr = ] Office & Graphics -> %UserProfile%\Desktop\Office & Graphics -> [Folder | Modified Date = 28/07/2008 18:17:21 | Attr = R ] OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.3 | Size = 291840 bytes | Modified Date = 01/08/2008 20:16:50 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 01/08/2008 20:21:53 | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568477 bytes | Modified Date = 01/08/2008 20:21:21 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier Pioneer E..Drive.lnk -> %UserProfile%\Desktop\Pioneer E..Drive.lnk -> [Ver = | Size = 129 bytes | Modified Date = 09/05/2008 19:11:31 | Attr = ] SAM -> %UserProfile%\Desktop\SAM -> [Folder | Modified Date = 30/07/2008 18:57:27 | Attr = R ] Samsung D..Drive.lnk -> %UserProfile%\Desktop\Samsung D..Drive.lnk -> [Ver = | Size = 129 bytes | Modified Date = 09/05/2008 19:07:35 | Attr = ] Security -> %UserProfile%\Desktop\Security -> [Folder | Modified Date = 01/08/2008 19:35:07 | Attr = R ] Sues MP3's -> %UserProfile%\Desktop\Sues MP3's -> [Folder | Modified Date = 10/07/2008 18:19:33 | Attr = R ] Utilities -> %UserProfile%\Desktop\Utilities -> [Folder | Modified Date = 28/07/2008 22:49:36 | Attr = R ] COWON -> %CommonProgramFiles%\COWON -> [Folder | Modified Date = 30/05/2008 14:09:56 | Attr = ] McAfee -> %CommonProgramFiles%\McAfee -> [Folder | Modified Date = 26/07/2008 19:34:51 | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 01/08/2008 19:29:18 | Attr = ] Nokia -> %CommonProgramFiles%\Nokia -> [Folder | Modified Date = 16/05/2008 11:36:07 | Attr = ] PCSuite -> %CommonProgramFiles%\PCSuite -> [Folder | Modified Date = 16/05/2008 11:36:06 | Attr = ] Sony Shared -> %CommonProgramFiles%\Sony Shared -> [Folder | Modified Date = 10/07/2008 12:50:30 | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 09/07/2008 15:05:52 | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]