[code] OTScanIt logfile created on: 22/08/2008 02:49:43 OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Users\User\Desktop\OTScanIt Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 77.80% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys; %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 456.92 Gb Total Space | 337.80 Gb Free Space | 73.93% Space Free | Partition Type: NTFS Drive D: | 8.84 Gb Total Space | 1.01 Gb Free Space | 11.42% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-PC Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] lvprcsrv.exe -> %CommonProgramFiles%\logishrd\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 13:19:22 | Attr = ] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19/07/2008 07:25:06 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19/07/2008 07:38:28 | Attr = ] applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple Inc. [Ver = 2.1.29.0 | Size = 116040 bytes | Modified Date = 22/07/2008 20:42:12 | Attr = ] aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.2.0.68 | Size = 554352 bytes | Modified Date = 12/09/2007 19:27:24 | Attr = ] mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 24/07/2007 15:17:08 | Attr = ] lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.142.1 | Size = 61440 bytes | Modified Date = 17/01/2007 11:20:10 | Attr = ] pifsvc.exe -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 29/01/2008 18:38:31 | Attr = ] lvcomser.exe -> %CommonProgramFiles%\logishrd\LVCOMSER\LVComSer.exe -> Logitech Inc. [Ver = 1.0.5.1158 | Size = 186904 bytes | Modified Date = 19/10/2007 13:17:28 | Attr = ] washersvc.exe -> %ProgramFiles%\Webroot\Washer\WasherSvc.exe -> Webroot Software, Inc. [Ver = 6,5,5,155 | Size = 598856 bytes | Modified Date = 26/11/2007 15:47:40 | Attr = ] xaudio.exe -> %SystemRoot%\System32\drivers\XAudio.exe -> Conexant Systems, Inc. [Ver = 1.00.15.00 | Size = 386560 bytes | Modified Date = 18/10/2007 15:37:04 | Attr = ] ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23/07/2008 07:25:45 | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19/07/2008 07:38:04 | Attr = ] lvcomser.exe -> %CommonProgramFiles%\logishrd\LVCOMSER\LVComSer.exe -> Logitech Inc. [Ver = 1.0.5.1158 | Size = 186904 bytes | Modified Date = 19/10/2007 13:17:28 | Attr = ] hpsysdrv.exe -> %SystemDrive%\hp\support\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 2, 0, 0, 0 | Size = 65536 bytes | Modified Date = 28/09/2006 06:42:24 | Attr = ] osd.exe -> %ProgramFiles%\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe -> OsdMaestro [Ver = 1, 0, 0, 5 | Size = 118784 bytes | Modified Date = 15/02/2007 03:59:00 | Attr = ] rthdvcpl.exe -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 128 | Size = 4874240 bytes | Modified Date = 15/01/2008 11:26:18 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 10/06/2008 04:27:04 | Attr = ] pifsvc.exe -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 29/01/2008 18:38:31 | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19/07/2008 07:38:34 | Attr = ] hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe -> Hewlett-Packard [Ver = 80, 1, 0, 0 | Size = 54840 bytes | Modified Date = 08/05/2007 16:24:20 | Attr = ] communications_helper.exe -> %CommonProgramFiles%\logishrd\LComMgr\Communications_Helper.exe -> [Ver = | Size = 563984 bytes | Modified Date = 25/10/2007 16:33:22 | Attr = ] quickcam.exe -> %ProgramFiles%\Logitech\QuickCam\Quickcam.exe -> [Ver = | Size = 2178832 bytes | Modified Date = 25/10/2007 16:37:32 | Attr = ] ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.7.1.11 | Size = 289064 bytes | Modified Date = 30/07/2008 10:47:56 | Attr = ] wwdisp.exe -> %ProgramFiles%\Webroot\Washer\wwDisp.exe -> Webroot Software, Inc. [Ver = 6,5,5,155 | Size = 1206600 bytes | Modified Date = 26/11/2007 15:47:30 | Attr = ] daemon.exe -> %ProgramFiles%\DAEMON Tools Lite\daemon.exe -> DT Soft Ltd [Ver = 4.12.2.0 | Size = 486856 bytes | Modified Date = 14/03/2008 04:55:54 | Attr = ] gammatray.exe -> %ProgramFiles%\MagicTune Premium\GammaTray.exe -> [Ver = 1, 0, 0, 1 | Size = 36864 bytes | Modified Date = 15/01/2007 16:18:00 | Attr = ] wzqkpick.exe -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing, S.L. [Ver = 1.0 (32-bit) | Size = 415072 bytes | Modified Date = 28/04/2008 11:20:00 | Attr = R ] yahoowidgets.exe -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 11/12/2007 15:34:48 | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.7.1.11 | Size = 532264 bytes | Modified Date = 30/07/2008 10:47:48 | Attr = ] yahoowidgets.exe -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 11/12/2007 15:34:48 | Attr = ] magictuneengine.exe -> %ProgramFiles%\MagicTune Premium\MagicTuneEngine.exe -> [Ver = | Size = 69632 bytes | Modified Date = 06/02/2008 10:52:12 | Attr = ] lastfm.exe -> %ProgramFiles%\Last.fm\LastFM.exe -> Last.fm [Ver = 1.5.1.29527 | Size = 1138688 bytes | Modified Date = 23/05/2008 11:52:44 | Attr = ] magictune.exe -> %ProgramFiles%\MagicTune Premium\MagicTune.exe -> SEC [Ver = 1, 0, 0, 1 | Size = 2490368 bytes | Modified Date = 06/02/2008 10:54:30 | Attr = ] cocimanager.exe -> %CommonProgramFiles%\logishrd\LQCVFX\COCIManager.exe -> Logitech Inc. [Ver = 11.5.0.1169 | Size = 407824 bytes | Modified Date = 25/10/2007 16:32:58 | Attr = ] yahoowidgets.exe -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 11/12/2007 15:34:48 | Attr = ] yahoowidgets.exe -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 11/12/2007 15:34:48 | Attr = ] yahoowidgets.exe -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 11/12/2007 15:34:48 | Attr = ] kbd.exe -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.2.20205 | Size = 61440 bytes | Modified Date = 02/02/2005 09:44:24 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.9.0.1 | Size = 307712 bytes | Modified Date = 16/07/2008 20:19:23 | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 12/07/2008 09:29:54 | Attr = ] [Win32 Services - Non-Microsoft Only] (Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple Inc. [Ver = 2.1.29.0 | Size = 116040 bytes | Modified Date = 22/07/2008 20:42:12 | Attr = ] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19/07/2008 07:25:06 | Attr = ] (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.2.0.68 | Size = 554352 bytes | Modified Date = 12/09/2007 19:27:24 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19/07/2008 07:38:28 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19/07/2008 07:38:04 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23/07/2008 07:25:45 | Attr = ] (Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 24/07/2007 15:17:08 | Attr = ] (CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] -> %SystemRoot%\system32\svchost.exe -> File not found (FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 12/01/2008 14:59:29 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 01:41:10 | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> File not found (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.7.1.11 | Size = 532264 bytes | Modified Date = 30/07/2008 10:47:48 | Attr = ] (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.142.1 | Size = 61440 bytes | Modified Date = 17/01/2007 11:20:10 | Attr = ] (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_2.EXE -> Symantec Corporation [Ver = 3.2.0.68 | Size = 2999664 bytes | Modified Date = 12/09/2007 19:27:24 | Attr = ] (LiveUpdate Notice Ex) LiveUpdate Notice Service Ex [Win32_Shared | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> File not found (LiveUpdate Notice Service) LiveUpdate Notice Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 29/01/2008 18:38:31 | Attr = ] (LVCOMSer) LVCOMSer [Win32_Own | Auto | Running] -> %CommonProgramFiles%\logishrd\LVCOMSER\LVComSer.exe -> Logitech Inc. [Ver = 1.0.5.1158 | Size = 186904 bytes | Modified Date = 19/10/2007 13:17:28 | Attr = ] (LVPrcSrv) Process Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\logishrd\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 13:19:22 | Attr = ] (LVSrvLauncher) LVSrvLauncher [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\logishrd\SrvLnch\SrvLnch.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 13:21:16 | Attr = ] (MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> %SystemRoot%\System32\msdtc.exe -> File not found (RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> Sonic Solutions [Ver = 9.0.6.0 | Size = 887544 bytes | Modified Date = 26/03/2007 13:21:20 | Attr = ] (Schedule) Task Scheduler [Win32_Shared | Unknown | Running] -> %systemroot%\system32\svchost.exe -> File not found (SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.560 | Size = 74656 bytes | Modified Date = 08/03/2007 18:54:46 | Attr = R ] (TrustedInstaller) Windows Modules Installer [Win32_Own | Unknown | Stopped] -> %SystemRoot%\servicing\TrustedInstaller.exe -> File not found (WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\System32\svchost.exe -> File not found (WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] -> %SystemRoot%\System32\svchost.exe -> File not found (wwEngineSvc) Window Washer Engine [Win32_Own | Auto | Running] -> %ProgramFiles%\Webroot\Washer\WasherSvc.exe -> Webroot Software, Inc. [Ver = 6,5,5,155 | Size = 598856 bytes | Modified Date = 26/11/2007 15:47:40 | Attr = ] (XAudioService) XAudioService [Win32_Own | Auto | Running] -> %SystemRoot%\System32\drivers\XAudio.exe -> Conexant Systems, Inc. [Ver = 1.00.15.00 | Size = 386560 bytes | Modified Date = 18/10/2007 15:37:04 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 11/01/2008 23:16:38 | Attr = ] AppleSyncNotifier -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe] -> Apple Inc. [Ver = 1, 0, 0, 9 | Size = 116040 bytes | Modified Date = 10/07/2008 09:47:28 | Attr = ] avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19/07/2008 07:38:34 | Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] -> Hewlett-Packard [Ver = 80, 1, 0, 0 | Size = 54840 bytes | Modified Date = 08/05/2007 16:24:20 | Attr = ] hpsysdrv -> %SystemDrive%\hp\support\hpsysdrv.exe [c:\hp\support\hpsysdrv.exe] -> Hewlett-Packard Company [Ver = 2, 0, 0, 0 | Size = 65536 bytes | Modified Date = 28/09/2006 06:42:24 | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Inc. [Ver = 7.7.1.11 | Size = 289064 bytes | Modified Date = 30/07/2008 10:47:56 | Attr = ] KBD -> %SystemDrive%\hp\KBD\KbdStub.exe [C:\HP\KBD\KbdStub.EXE] -> [Ver = | Size = 65536 bytes | Modified Date = 08/12/2006 09:16:56 | Attr = ] LogitechCommunicationsManager -> %CommonProgramFiles%\logishrd\LComMgr\Communications_Helper.exe ["C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"] -> [Ver = | Size = 563984 bytes | Modified Date = 25/10/2007 16:33:22 | Attr = ] LogitechQuickCamRibbon -> %ProgramFiles%\Logitech\QuickCam\Quickcam.exe ["C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide] -> [Ver = | Size = 2178832 bytes | Modified Date = 25/10/2007 16:37:32 | Attr = ] MagicTuneEngine -> %ProgramFiles%\MagicTune Premium\MagicTuneEngine.exe [C:\Program Files\MagicTune Premium\MagicTuneEngine.exe] -> [Ver = | Size = 69632 bytes | Modified Date = 06/02/2008 10:52:12 | Attr = ] NvCplDaemon -> %SystemRoot%\System32\nvcpl.dll [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 7.15.11.6928 | Size = 8530464 bytes | Modified Date = 18/12/2007 20:55:00 | Attr = ] NvMediaCenter -> %SystemRoot%\System32\nvmctray.dll [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 7.15.11.6928 | Size = 81920 bytes | Modified Date = 18/12/2007 20:55:00 | Attr = ] NvSvc -> %SystemRoot%\System32\nvsvc.dll [RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart] -> NVIDIA Corporation [Ver = 7.15.11.6928 | Size = 86016 bytes | Modified Date = 18/12/2007 20:55:00 | Attr = ] OsdMaestro -> %ProgramFiles%\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe ["C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"] -> OsdMaestro [Ver = 1, 0, 0, 5 | Size = 118784 bytes | Modified Date = 15/02/2007 03:59:00 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> Apple Inc. [Ver = 7.5 (861) | Size = 413696 bytes | Modified Date = 27/05/2008 10:50:30 | Attr = ] RtHDVCpl -> %SystemRoot%\RtHDVCpl.exe [RtHDVCpl.exe] -> Realtek Semiconductor [Ver = 1, 0, 0, 128 | Size = 4874240 bytes | Modified Date = 15/01/2008 11:26:18 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 10/06/2008 04:27:04 | Attr = ] Symantec PIF AlertEng -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe ["C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"] -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 29/01/2008 18:38:31 | Attr = ] < RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> Launcher -> %SystemRoot%\SMINST\Launcher.exe [%WINDIR%\SMINST\launcher.exe] -> soft thinks [Ver = 1, 0, 0, 10 | Size = 44168 bytes | Modified Date = 07/03/2007 11:09:52 | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> DAEMON Tools Lite -> %ProgramFiles%\DAEMON Tools Lite\daemon.exe ["C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun] -> DT Soft Ltd [Ver = 4.12.2.0 | Size = 486856 bytes | Modified Date = 14/03/2008 04:55:54 | Attr = ] HPADVISOR -> %ProgramFiles%\Hewlett-Packard\HP Advisor\HPAdvisor.exe [C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun] -> File not found Window Washer -> %ProgramFiles%\Webroot\Washer\wwDisp.exe [C:\Program Files\Webroot\Washer\wwDisp.exe] -> Webroot Software, Inc. [Ver = 6,5,5,155 | Size = 1206600 bytes | Modified Date = 26/11/2007 15:47:30 | Attr = ] < Run [HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\] > -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> DAEMON Tools Lite -> %ProgramFiles%\DAEMON Tools Lite\daemon.exe ["C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun] -> DT Soft Ltd [Ver = 4.12.2.0 | Size = 486856 bytes | Modified Date = 14/03/2008 04:55:54 | Attr = ] HPADVISOR -> %ProgramFiles%\Hewlett-Packard\HP Advisor\HPAdvisor.exe [C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun] -> File not found Window Washer -> %ProgramFiles%\Webroot\Washer\wwDisp.exe [C:\Program Files\Webroot\Washer\wwDisp.exe] -> Webroot Software, Inc. [Ver = 6,5,5,155 | Size = 1206600 bytes | Modified Date = 26/11/2007 15:47:30 | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 2927104 bytes | Modified Date = 18/01/2008 23:33:12 | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> %SystemRoot%\System32\userinit.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 25088 bytes | Modified Date = 18/01/2008 23:33:34 | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\System32\shell32.dll -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 11580416 bytes | Modified Date = 23/04/2008 21:58:20 | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\System32\sysdm.cpl -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 242688 bytes | Modified Date = 18/01/2008 23:32:58 | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000] > -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableUIADesktopToggle -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> Reg Error: Key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ not found. -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> Reg Error: Key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ not found. -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000] > -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\ -> -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> TORiSAN CD-ROM CDR_C36 -> -> File not found NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\System32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 67072 bytes | Modified Date = 18/01/2008 21:49:52 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> SCSI\CdRom&Ven_ATAPI&Prod_DVD_A__DH16A1L\4&e6fb24c&0&010100 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> SCSI\CdRom&Ven_IM9358O&Prod_GME053C&Rev_1.01\5&36e5972&0&000000 -> < Drives - Autoruns > -> -> autoexec.bat [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [Ver = | Size = 74 bytes | Modified Date = 21/08/2007 14:30:59 | Attr = ] < HOSTS File > (251630 bytes) -> C:\Windows\System32\drivers\etc\Hosts -> ::1 localhost -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.ca/ -> HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\] > -> -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\: Main\\Start Page -> http://www.google.ca/ -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\: ProxyEnable -> 0 -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4622 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4622 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4622 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4622 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\] > -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4622 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\] > -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-3809555736-1308859046-19287129-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 23/10/2006 00:08:42 | Attr = ] {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30/05/2008 15:54:16 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 10/06/2008 04:27:02 | Attr = ] {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 10/06/2008 04:27:02 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 10/06/2008 04:27:02 | Attr = ] {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30/05/2008 15:54:16 | Attr = ] {d9288080-1baa-4bc4-9cf8-a92d743db949}:Exec -> %AppData%\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk [Run IMVU] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {FCB267F2-7AB8-4EA5-9763-8563732E01B6} -> (NVIDIA nForce Networking Controller) -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Inc. [Ver = 1,0,4,12 | Size = 147456 bytes | Modified Date = 24/07/2007 15:17:08 | Attr = ] < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 29, 0 | Size = 1942864 bytes | Modified Date = 30/05/2008 15:54:14 | Attr = R ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1215992613701&h=d201cf939de872d2b57ae3e2d183a5e7/&filename=jinstall-6u7-windows-i586-jc.cab[Java Plug-in 1.6.0_07] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->