[code]
OTScanIt2 logfile created on: 4/23/2009 3:37:36 PM - Run 1
OTScanIt2 by OldTimer - Version 1.0.14.0     Folder = S:\SGILL\ot SCAN IT\OTScanIt2
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.50 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 64.88% Memory free
3.35 Gb Paging File | 2.94 Gb Available in Paging File | 87.55% Paging File free
Paging file location(s): e:\pagefile.sys 2046 4092;
 
%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
C: Drive not present or media not loaded
Drive D: | 586.62 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 28.63 Gb Total Space | 11.63 Gb Free Space | 40.63% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive S: | 219.81 Gb Total Space | 209.28 Gb Free Space | 95.21% Space Free | Partition Type: NTFS
 
Computer Name: SUN-8N5ZSNKLVUZ
Current User Name: msilverman
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe -> [2005/06/06 23:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated)
btnman.exe -> %ProgramFiles%\SHARP\Button Manager G\btnman.exe -> [2004/09/14 03:13:12 | 00,176,128 | ---- | M] (SHARP CORPORATION)
cfd.exe -> %ProgramFiles%\BroadJump\Client Foundation\CFD.exe -> [2002/08/02 12:33:20 | 00,368,720 | ---- | M] ()
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
hppusg.exe -> %ProgramFiles%\HP\HP UT\bin\hppusg.exe -> [2005/09/07 03:25:00 | 00,036,864 | ---- | M] ( )
hptlbxfx.exe -> %ProgramFiles%\HP\ToolBoxFX\bin\HPTLBXFX.exe -> [2006/02/02 08:12:30 | 00,045,056 | ---- | M] (HP)
hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> [2004/09/13 15:49:00 | 00,049,152 | ---- | M] (Hewlett-Packard Company)
hpzipm12.exe -> %SystemRoot%\system32\HPZipm12.exe -> [2005/10/22 20:47:00 | 00,069,632 | ---- | M] (HP)
indexer.exe -> %ProgramFiles%\Sharp\Sharpdesk\Indexer.exe -> [2004/10/01 06:07:38 | 00,184,320 | ---- | M] (SHARP CORPORATION)
indextray.exe -> %ProgramFiles%\Sharp\Sharpdesk\IndexTray.exe -> [2004/10/01 06:06:48 | 00,106,496 | ---- | M] (SHARP CORPORATION)
jqs.exe -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> %ProgramFiles%\Java\jre6\bin\jusched.exe -> [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.)
khalmnpr.exe -> %CommonProgramFiles%\Logitech\KHAL\KHALMNPR.EXE -> [2005/05/25 03:40:00 | 00,028,160 | ---- | M] (Logitech Inc.)
logitechdesktopmessenger.exe -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> [2007/10/30 07:21:07 | 00,067,128 | ---- | M] (Logitech Inc.)
mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7Debug\mdm.exe -> [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
mm_tray.exe -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe -> [2005/05/03 10:10:48 | 00,135,168 | ---- | M] (Musicmatch, Inc.)
mmtask.exe -> %ProgramFiles%\Musicmatch\Musicmatch Jukebox\mmtask.exe -> [2005/05/03 10:10:48 | 00,053,248 | ---- | M] (Musicmatch Inc.)
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2003/10/06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation)
otscanit2.exe -> S:\SGILL\ot SCAN IT\OTScanIt2\OTScanIt2.exe -> [2009/04/11 16:32:52 | 00,494,080 | ---- | M] (OldTimer Tools)
pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe -> [2007/01/22 23:26:26 | 03,429,904 | ---- | M] (Trend Micro Inc.)
pcctlcom.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcCtlCom.exe -> [2007/01/22 23:27:16 | 01,922,576 | ---- | M] (Trend Micro Inc.)
pcscnsrv.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcScnSrv.exe -> [2006/12/28 23:53:14 | 00,214,544 | ---- | M] (Trend Micro Inc.)
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> [2004/04/22 16:12:09 | 00,077,824 | ---- | M] (Apple Computer, Inc.)
setpoint.exe -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> [2005/05/25 03:40:00 | 00,450,560 | ---- | M] (Logitech Inc.)
sharptray.exe -> %ProgramFiles%\Sharp\Sharpdesk\SharpTray.exe -> [2004/10/01 06:14:50 | 00,032,768 | ---- | M] (SHARP CORPORATION)
tmpfw.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\TmPfw.exe -> [2006/12/28 23:53:06 | 00,943,696 | ---- | M] (Trend Micro Inc.)
tmproxy.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\tmproxy.exe -> [2006/12/28 23:53:10 | 00,566,872 | ---- | M] (Trend Micro Inc.)
wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2009/02/06 03:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation)
wzqkpick.exe -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> [2003/02/11 08:10:00 | 00,106,560 | ---- | M] (WinZip Computing, Inc.)
 
[Win32 Services - Safe List]
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
(MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7Debug\mdm.exe -> [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2003/10/06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcCtlCom.exe -> [2007/01/22 23:27:16 | 01,922,576 | ---- | M] (Trend Micro Inc.)
(PcScnSrv) Trend Micro Protection Against Spyware  [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcScnSrv.exe -> [2006/12/28 23:53:14 | 00,214,544 | ---- | M] (Trend Micro Inc.)
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\HPZipm12.exe -> [2005/10/22 20:47:00 | 00,069,632 | ---- | M] (HP)
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 2007\Tmntsrv.exe -> [2006/12/28 23:53:14 | 00,480,784 | ---- | M] (Trend Micro Inc.)
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\TmPfw.exe -> [2006/12/28 23:53:06 | 00,943,696 | ---- | M] (Trend Micro Inc.)
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\tmproxy.exe -> [2006/12/28 23:53:10 | 00,566,872 | ---- | M] (Trend Micro Inc.)
(UMWdf) Windows User Mode Driver Framework [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\wdfmgr.exe -> [2004/09/22 18:46:10 | 00,038,912 | ---- | M] (Microsoft Corporation)
 
[Driver Services - Safe List]
(basic2) basic2 [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\basic2.sys -> [2001/07/15 21:17:30 | 00,076,610 | R--- | M] (Conexant Systems)
(cmuda) C-Media WDM Audio Interface [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\cmuda.sys -> [2006/06/09 22:58:22 | 01,373,120 | ---- | M] (C-Media Inc)
(Cnxtdiag) Cnxtdiag [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\cnxtdiag.sys -> [2001/07/03 03:42:30 | 00,017,776 | R--- | M] (Conexant Systems)
(Fallback) Fallback [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\fallback.sys -> [2001/06/24 03:13:56 | 00,308,403 | R--- | M] (Conexant)
(Fsks) Fsks [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\fsksnt.sys -> [2001/06/24 03:16:08 | 00,124,189 | R--- | M] (Conexant)
(HPFXBULK) HPFXBULK [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hpfxbulk.sys -> [2005/09/20 09:22:37 | 00,009,344 | R--- | M] (Hewlett Packard)
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HPZid412.sys -> [2005/10/21 19:58:52 | 00,049,920 | ---- | M] (HP)
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HPZipr12.sys -> [2005/10/21 18:58:58 | 00,016,496 | ---- | M] (HP)
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HPZius12.sys -> [2005/10/21 18:52:48 | 00,021,568 | ---- | M] (HP)
(hsf_msft) hsf_msft [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\HSF_MSFT.sys -> [2001/08/17 13:28:10 | 00,542,879 | ---- | M] (Conexant)
(K56) K56 [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\k56nt.sys -> [2001/06/24 03:16:36 | 00,427,215 | R--- | M] (Conexant)
(L8042Kbd) Logitech SetPoint Keyboard Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\L8042Kbd.sys -> [2005/05/20 16:00:36 | 00,013,056 | ---- | M] (Logitech, Inc.)
(L8042mou) Logitech SetPoint PS/2 Mouse Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\L8042mou.Sys -> [2005/05/20 16:00:48 | 00,054,528 | ---- | M] (Logitech, Inc.)
(LMouKE) Logitech SetPoint Mouse Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LMouKE.Sys -> [2005/05/20 16:01:26 | 00,068,352 | ---- | M] (Logitech, Inc.)
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\nv4_mini.sys -> [2003/10/06 14:16:00 | 01,550,043 | ---- | M] (NVIDIA Corporation)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\ptilink.sys -> [2006/02/28 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2005/05/03 10:10:22 | 00,020,576 | ---- | M] (Sonic Solutions)
(Rksample) Rksample [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\rksample.sys -> [2001/07/15 04:05:54 | 00,067,222 | R--- | M] (Conexant Systems)
(SE4BLPT) SE4BLPT [Kernel | Auto | Running] -> %SystemRoot%\system32\SE4BLPT.SYS -> [2004/04/26 00:06:14 | 00,054,488 | ---- | M] (Sharp Corporation)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\secdrv.sys -> [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SiS7012) Service for AC'97 Sample Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sis7012.sys -> [2002/11/04 00:39:58 | 00,814,277 | R--- | M] (Silicon Integrated Systems Corporation)
(sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> %SystemRoot%\System32\DRIVERS\sisagp.sys -> [2008/04/13 11:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(SISNIC) SiS PCI Fast Ethernet Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\sisnic.sys -> [2004/08/03 22:31:34 | 00,032,768 | ---- | M] (SiS Corporation)
(SoftFax) SoftFax [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\faxnt.sys -> [2001/06/24 03:15:20 | 00,215,195 | R--- | M] (Conexant)
(tmcfw) Trend Micro Common Firewall Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\TM_CFW.sys -> [2006/12/28 23:53:52 | 00,288,848 | ---- | M] (Trend Micro Inc.)
(tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmcomm.sys -> [2007/12/24 17:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.)
(tmmbd) Trend Micro MBD Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tm_mbd_c.sys -> [2006/12/28 23:53:52 | 00,111,888 | ---- | M] (Trend Micro Inc.)
(tmpreflt) tmpreflt [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmpreflt.sys -> [2008/07/18 19:08:32 | 00,036,368 | ---- | M] (Trend Micro Inc.)
(tmtdi) Trend Micro TDI Driver [Kernel | System | Running] -> %SystemRoot%\system32\DRIVERS\tmtdi.sys -> [2006/12/28 23:53:52 | 00,075,088 | ---- | M] (Trend Micro Incorporated.)
(tmxpflt) tmxpflt [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmxpflt.sys -> [2008/07/18 19:08:38 | 00,205,328 | ---- | M] (Trend Micro Inc.)
(Tones) Tones [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\tonesnt.sys -> [2001/06/24 03:14:18 | 00,059,375 | R--- | M] (Conexant)
(uty3nde4) AVZ Kernel Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\Drivers\uty3nde4.sys -> [2009/04/23 08:19:46 | 00,007,168 | ---- | M] ()
(V124) V124 [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\v124nt.sys -> [2001/07/15 21:16:58 | 00,539,917 | R--- | M] (Conexant Systems)
(vsapint) vsapint [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\vsapint.sys -> [2008/07/18 18:51:32 | 01,195,448 | ---- | M] (Trend Micro Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\HSF_CNXT.sys -> [2001/07/29 20:34:28 | 00,585,840 | R--- | M] (Conexant Systems)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomSearch" -> http://rd.yahoo.com/customize/sbcydsl/defaults/cs/*http://www.yahoo.com/search/ie.html -> 
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\] > -> -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\: Main\\"Page_Transitions" -> Reg Error: Invalid data type. -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\: Main\\"Start Page" -> http://www.yahoo.com/ -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\: SearchURL\\"provider" ->  -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\: "ProxyEnable" -> 0 -> 
< FireFox Settings [Prefs.js] > -> E:\Documents and Settings\msilverman\Application Data\Mozilla\FireFox\Profiles\oa8e0pgh.default\prefs.js -> 
browser.startup.homepage -> "http://www.google.com/" ->
extensions.enabledItems -> piclens@cooliris.com:1.10 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 ->
extensions.enabledItems -> jqs@sun.com:1.0 ->
extensions.enabledItems -> {dc572301-7619-498c-a57d-39143191b318}:0.3.7.3 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.9 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions ->  -> 
HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com -> %ProgramFiles%\JAVA\JRE6\LIB\DEPLOY\JQS\FF [E:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2008/11/26 08:46:34 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components -> %ProgramFiles%\MOZILLA FIREFOX\COMPONENTS [E:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/04/22 12:45:20 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins -> %ProgramFiles%\MOZILLA FIREFOX\PLUGINS [E:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/04/22 12:45:20 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
 -> E:\Documents and Settings\msilverman\Application Data\mozilla\Extensions -> [2008/08/28 12:05:26 | 00,000,000 | ---D | M]
 -> E:\Documents and Settings\msilverman\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2008/08/28 12:05:26 | 00,000,000 | ---D | M]
 -> E:\Documents and Settings\msilverman\Application Data\mozilla\Firefox\Profiles\oa8e0pgh.default\extensions -> [2009/04/23 13:49:23 | 00,096,610 | ---- | M] ()
 -> E:\Documents and Settings\msilverman\Application Data\mozilla\Firefox\Profiles\oa8e0pgh.default\extensions\{dc572301-7619-498c-a57d-39143191b318} -> [2009/04/23 13:49:23 | 00,096,610 | ---- | M] ()
 -> E:\Documents and Settings\msilverman\Application Data\mozilla\Firefox\Profiles\oa8e0pgh.default\extensions\piclens@cooliris.com -> [2009/04/23 13:49:23 | 00,096,610 | ---- | M] ()
 -> E:\Documents and Settings\msilverman\Application Data\mozilla\Firefox\Profiles\oa8e0pgh.default\extensions\piclens@cooliris.com-trash -> [2009/04/23 13:49:23 | 00,096,610 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
 -> E:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -> [2009/04/22 12:45:20 | 09,758,200 | ---- | M] (Mozilla Foundation)
< FireFox Components [Program Folders] > -> 
E:\PROGRAM FILES\MOZILLA FIREFOX\components\ -> E:\PROGRAM FILES\MOZILLA FIREFOX\components -> [2009/04/22 12:45:20 | 00,000,000 | ---D | M]
browserdirprovider.dll -> E:\PROGRAM FILES\MOZILLA FIREFOX\components\browserdirprovider.dll -> [2009/04/22 12:45:17 | 00,023,032 | ---- | M] (Mozilla Foundation)
brwsrcmp.dll -> E:\PROGRAM FILES\MOZILLA FIREFOX\components\brwsrcmp.dll -> [2009/04/22 12:45:17 | 00,134,648 | ---- | M] (Mozilla Foundation)
< FireFox Plugins [Program Folders] > -> 
E:\PROGRAM FILES\MOZILLA FIREFOX\plugins\ -> E:\PROGRAM FILES\MOZILLA FIREFOX\plugins -> [2009/04/22 12:45:20 | 00,000,000 | ---D | M]
npdeploytk.dll -> E:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdeploytk.dll -> [2009/03/09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.)
npnul32.dll -> E:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npnul32.dll -> [2009/04/22 12:45:17 | 00,065,528 | ---- | M] (mozilla.org)
NPOFFICE.DLL -> E:\PROGRAM FILES\MOZILLA FIREFOX\plugins\NPOFFICE.DLL -> [2003/07/14 22:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation)
nppdf32.dll -> E:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nppdf32.dll -> [2006/12/18 04:18:30 | 00,077,824 | ---- | M] (Adobe Systems Inc.)
< FireFox SearchPlugins [Program Folders] > -> 
E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\ -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins -> [2008/11/13 16:40:20 | 00,000,000 | ---D | M]
amazondotcom.xml -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\amazondotcom.xml -> [2008/08/28 12:05:12 | 00,001,394 | ---- | M] ()
answers.xml -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\answers.xml -> [2008/08/28 12:05:12 | 00,002,193 | ---- | M] ()
creativecommons.xml -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\creativecommons.xml -> [2008/08/28 12:05:12 | 00,001,534 | ---- | M] ()
eBay.xml -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\eBay.xml -> [2008/11/13 16:40:17 | 00,002,343 | ---- | M] ()
google.xml -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\google.xml -> [2008/08/28 12:05:12 | 00,001,706 | ---- | M] ()
wikipedia.xml -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\wikipedia.xml -> [2008/08/28 12:05:12 | 00,001,178 | ---- | M] ()
yahoo.xml -> E:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\yahoo.xml -> [2008/08/28 12:05:12 | 00,000,792 | ---- | M] ()
< HOSTS File > (734 bytes and 19 lines) -> E:\WINDOWS\System32\drivers\etc\Hosts -> 
Reset Hosts
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/03/09 05:18:50 | 00,035,840 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/03/09 05:18:52 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Adobe Photo Downloader" -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe ["E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"] -> [2005/06/06 23:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated)
"BJCFD" -> %ProgramFiles%\BroadJump\Client Foundation\CFD.exe [E:\Program Files\BroadJump\Client Foundation\CFD.exe] -> [2002/08/02 12:33:20 | 00,368,720 | ---- | M] ()
"Cmaudio" ->  [RunDll32 cmicnfg.cpl,CMICtrlWnd] -> File not found
"HP Software Update" -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe ["E:\Program Files\HP\HP Software Update\HPWuSchd2.exe"] -> [2004/09/13 15:49:00 | 00,049,152 | ---- | M] (Hewlett-Packard Company)
"HPUsageTracking" -> %ProgramFiles%\HP\HP UT\bin\hppusg.exe [E:\Program Files\HP\HP UT\bin\hppusg.exe "E:\Program Files\HP\HP UT\"] -> [2005/09/07 03:25:00 | 00,036,864 | ---- | M] ( )
"Indexer" -> %ProgramFiles%\Sharp\Sharpdesk\Indexer.exe ["E:\Program Files\Sharp\Sharpdesk\Indexer.exe"] -> [2004/10/01 06:07:38 | 00,184,320 | ---- | M] (SHARP CORPORATION)
"IndexTray" -> %ProgramFiles%\Sharp\Sharpdesk\IndexTray.exe ["E:\Program Files\Sharp\Sharpdesk\IndexTray.exe"] -> [2004/10/01 06:06:48 | 00,106,496 | ---- | M] (SHARP CORPORATION)
"mmtask" -> %ProgramFiles%\Musicmatch\Musicmatch Jukebox\mmtask.exe ["E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"] -> [2005/05/03 10:10:48 | 00,053,248 | ---- | M] (Musicmatch Inc.)
"MMTray" -> %ProgramFiles%\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe [E:\PROGRA~1\MUSICM~1\MUSICM~2\mm_tray.exe] -> [2005/05/03 10:10:48 | 00,135,168 | ---- | M] (Musicmatch, Inc.)
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2003/10/06 14:16:00 | 05,058,560 | ---- | M] (NVIDIA Corporation)
"nwiz" -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> [2003/10/06 14:16:00 | 00,741,376 | ---- | M] (NVIDIA Corporation)
"pccguide.exe" -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe ["E:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"] -> [2007/01/22 23:26:26 | 03,429,904 | ---- | M] (Trend Micro Inc.)
"QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["E:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2004/04/22 16:12:09 | 00,077,824 | ---- | M] (Apple Computer, Inc.)
"SharpTray" -> %ProgramFiles%\Sharp\Sharpdesk\SharpTray.exe ["E:\Program Files\Sharp\Sharpdesk\SharpTray.exe"] -> [2004/10/01 06:14:50 | 00,032,768 | ---- | M] (SHARP CORPORATION)
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre6\bin\jusched.exe ["E:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.)
"ToolBoxFX" ->  ["E:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on] -> File not found
"TypeRegChecker" -> %ProgramFiles%\Sharp\Sharpdesk\TypeRegChecker.exe ["E:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe"] -> [2004/10/01 06:08:08 | 00,057,344 | ---- | M] (SHARP CORPORATION)
< Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"NvMediaCenter" -> %SystemRoot%\system32\NVMCTRAY.DLL [RUNDLL32.EXE E:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit] -> [2003/10/06 14:16:00 | 00,049,152 | ---- | M] (NVIDIA Corporation)
< RunOnce [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"tscuninstall" -> %SystemRoot%\system32\tscupgrd.exe [%systemroot%\system32\tscupgrd.exe] -> [2004/08/03 22:59:27 | 00,044,544 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"NvMediaCenter" -> %SystemRoot%\system32\NVMCTRAY.DLL [RUNDLL32.EXE E:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit] -> [2003/10/06 14:16:00 | 00,049,152 | ---- | M] (NVIDIA Corporation)
< RunOnce [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"tscuninstall" -> %SystemRoot%\system32\tscupgrd.exe [%systemroot%\system32\tscupgrd.exe] -> [2004/08/03 22:59:27 | 00,044,544 | ---- | M] (Microsoft Corporation)
< Administrator Startup Folder > -> E:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> 
< Administrator.SDI Startup Folder > -> E:\Documents and Settings\Administrator.SDI\Start Menu\Programs\Startup -> 
< All Users Startup Folder > -> E:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2005/09/23 22:05:26 | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
%AllUsersProfile%\Start Menu\Programs\Startup\Button Manager G.lnk -> %ProgramFiles%\SHARP\Button Manager G\btnman.exe -> [2004/09/14 03:13:12 | 00,176,128 | ---- | M] (SHARP CORPORATION)
%AllUsersProfile%\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> [2007/10/30 07:21:07 | 00,067,128 | ---- | M] (Logitech Inc.)
%AllUsersProfile%\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> [2005/05/25 03:40:00 | 00,450,560 | ---- | M] (Logitech Inc.)
%AllUsersProfile%\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> [2003/02/11 08:10:00 | 00,106,560 | ---- | M] (WinZip Computing, Inc.)
< Default User Startup Folder > -> E:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< msilverman Startup Folder > -> E:\Documents and Settings\msilverman\Start Menu\Programs\Startup -> 
< sgill Startup Folder > -> E:\Documents and Settings\sgill\Start Menu\Programs\Startup -> 
< SUN DEEP INC Startup Folder > -> E:\Documents and Settings\SUN DEEP INC\Start Menu\Programs\Startup -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"DisableCAD" ->  [1] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120] > -> HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120] > -> HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableRegistryTools" ->  [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\] > -> HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2005/05/27 01:06:54 | 10,095,808 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{4528BBE0-4E08-11D5-AD55-00010333D0AD}:{4C171D40-8277-11D5-AD55-00010333D0AD} [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes.dll [Button: Messenger] -> [2002/08/19 14:48:38 | 00,286,791 | ---- | M] (Yahoo! Inc.)
{4528BBE0-4E08-11D5-AD55-00010333D0AD}:{4C171D40-8277-11D5-AD55-00010333D0AD} [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes.dll [Menu: Yahoo! Messenger] -> [2002/08/19 14:48:38 | 00,286,791 | ---- | M] (Yahoo! Inc.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2003/07/14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{4528BBE0-4E08-11D5-AD55-00010333D0AD}" [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes.dll [&Yahoo! Messenger] -> [2002/08/19 14:48:38 | 00,286,791 | ---- | M] (Yahoo! Inc.)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2003/07/14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{4528BBE0-4E08-11D5-AD55-00010333D0AD}" [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes.dll [&Yahoo! Messenger] -> [2002/08/19 14:48:38 | 00,286,791 | ---- | M] (Yahoo! Inc.)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2003/07/14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\] > -> HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{4528BBE0-4E08-11D5-AD55-00010333D0AD}" [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes.dll [&Yahoo! Messenger] -> [2002/08/19 14:48:38 | 00,286,791 | ---- | M] (Yahoo! Inc.)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2003/07/14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\] > -> HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\] > -> HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-977108202-470009910-1411518027-1120\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> http://office.microsoft.com/templates/ieawsdc.cab [Microsoft Office Template and Media Control] -> 
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://www.apple.com/qtactivex/qtplugin.cab [QuickTime Object] -> 
{04E214E5-63AF-4236-83C6-A7ADCBF9BD02} [HKLM] -> http://housecall60.trendmicro.com/housecall/xscan60.cab [HouseCall Control] -> 
{6B75345B-AA36-438A-BBE6-4078B4C6984D} [HKLM] -> http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab [HpProductDetection Class] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> 
{9F1C11AA-197B-4942-BA54-47A8489BB47F} [HKLM] -> http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38001.5912037037 [Reg Error: Key error.] -> 
{A17E30C4-A9BA-11D4-8673-60DB54C10000} [HKLM] -> http://download.yahoo.com/dl/installs/ymail/ymmapi.dll [Reg Error: Key error.] -> 
{A90A5822-F108-45AD-8482-9BC8B12DD539} [HKLM] -> http://www.crucial.com/controls/cpcScanner.cab [Crucial cpcScan] -> 
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Reg Error: Key error.] -> 
{E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} [HKLM] -> http://download.abacast.com/download/files/abasetup132.cab [Reg Error: Key error.] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
Domain -> SDI.local -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{3FADCCBA-7338-443A-B2F2-760496B80CCD} ->    (1394 Net Adapter) -> 
{76EE5619-A292-4BCA-B7CF-2D2A7CBA09AE} -> 192.168.0.1   (SiS 900-Based PCI Fast Ethernet Adapter) -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> %SystemRoot%\Explorer.exe -> [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> E:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> E:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -> E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger] -> [2007/10/30 07:21:07 | 00,067,128 | ---- | M] (Logitech Inc.)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> E:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> E:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -> E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger] -> [2007/10/30 07:21:07 | 00,067,128 | ---- | M] (Logitech Inc.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\System32\DRIVERS\cdrom.sys [System32\DRIVERS\cdrom.sys] -> [2008/04/13 11:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
D:\AUTORUN.INF [[AutoRun] | open=setup.exe | icon=setup.exe,0 |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  | ] -> D:\AUTORUN.INF [ CDFS ] -> [2006/02/28 05:00:00 | 00,000,110 | R--- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
 
[Registry - Additional Scans - Safe List]
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 4/23/2009 5:50:57 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. 
Application [ Error ] 4/23/2009 5:50:58 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = AutoEnrollment | ID = 15 -> Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.    Enrollment will not be performed.
Application [ Error ] 4/23/2009 6:01:10 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Trend Realtime Service | ID = 3 -> Description = 
Application [ Error ] 4/23/2009 6:01:22 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Trend Realtime Service | ID = 3 -> Description = 
Application [ Error ] 4/23/2009 6:01:37 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. 
Application [ Error ] 4/23/2009 6:01:52 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. 
Application [ Error ] 4/23/2009 6:01:59 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = AutoEnrollment | ID = 15 -> Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.    Enrollment will not be performed.
Application [ Error ] 4/23/2009 6:16:09 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Trend Realtime Service | ID = 3 -> Description = 
Application [ Error ] 4/23/2009 6:16:35 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. 
Application [ Error ] 4/23/2009 6:16:50 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. 
System [ Error ] 2/18/2009 11:18:33 AM Computer Name = SUN-8N5ZSNKLVUZ | Source = NETLOGON | ID = 5719 -> Description = No Domain Controller is available for domain SDI due to the following:   %%1311.    Make sure that the computer is connected to the network and try  again. If the problem persists, please contact your domain administrator.
System [ Error ] 2/18/2009 2:01:35 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = SideBySide | ID = 16842784 -> Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.  
System [ Error ] 2/18/2009 2:01:35 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = SideBySide | ID = 16842811 -> Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.  Reference error message: The referenced assembly is not installed on your system.  .
System [ Error ] 2/18/2009 2:01:35 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = SideBySide | ID = 16842811 -> Description = Generate Activation Context failed for E:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\MFC80U.DLL.  Reference error message: The operation completed successfully.  .
System [ Error ] 2/18/2009 4:36:45 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = NETLOGON | ID = 5719 -> Description = No Domain Controller is available for domain SDI due to the following:   %%1311.    Make sure that the computer is connected to the network and try  again. If the problem persists, please contact your domain administrator.
System [ Error ] 2/19/2009 11:29:11 AM Computer Name = SUN-8N5ZSNKLVUZ | Source = Print | ID = 23 -> Description = Printer SHARP AL-1000 Series failed to initialize because a suitable SHARP AL-1000 Series driver could not be found.
System [ Error ] 2/19/2009 11:29:25 AM Computer Name = SUN-8N5ZSNKLVUZ | Source = NETLOGON | ID = 5719 -> Description = No Domain Controller is available for domain SDI due to the following:   %%1311.    Make sure that the computer is connected to the network and try  again. If the problem persists, please contact your domain administrator.
System [ Error ] 2/19/2009 4:52:25 PM Computer Name = SUN-8N5ZSNKLVUZ | Source = NETLOGON | ID = 5719 -> Description = No Domain Controller is available for domain SDI due to the following:   %%1311.    Make sure that the computer is connected to the network and try  again. If the problem persists, please contact your domain administrator.
System [ Error ] 2/20/2009 11:24:36 AM Computer Name = SUN-8N5ZSNKLVUZ | Source = Print | ID = 23 -> Description = Printer SHARP AL-1000 Series failed to initialize because a suitable SHARP AL-1000 Series driver could not be found.
System [ Error ] 2/20/2009 11:24:50 AM Computer Name = SUN-8N5ZSNKLVUZ | Source = NETLOGON | ID = 5719 -> Description = No Domain Controller is available for domain SDI due to the following:   %%1311.    Make sure that the computer is connected to the network and try  again. If the problem persists, please contact your domain administrator.
 
[Files/Folders - Created Within 30 Days]
registry-backup-4-23-09.reg -> %UserProfile%\Desktop\registry-backup-4-23-09.reg -> [2009/04/23 15:21:29 | 18,668,464 | ---- | C] ()
32788R22FWJFW -> %SystemDrive%\32788R22FWJFW -> [2009/04/23 13:50:00 | 00,000,000 | ---D | C]
johnmasters (1).pdf -> %UserProfile%\Desktop\johnmasters (1).pdf -> [2009/04/23 11:07:52 | 00,106,829 | ---- | C] ()
uty3nde4.sys -> %SystemRoot%\System32\drivers\uty3nde4.sys -> [2009/04/22 15:30:09 | 00,007,168 | ---- | C] ()
MSDS - AVALON DEODORANT SPRAY.pdf -> %UserProfile%\Desktop\MSDS - AVALON DEODORANT SPRAY.pdf -> [2009/04/22 08:32:48 | 00,109,354 | ---- | C] ()
avalon-3-4-09.pdf -> %UserProfile%\Desktop\avalon-3-4-09.pdf -> [2009/04/22 08:07:42 | 00,464,519 | ---- | C] ()
Logitech Desktop Messenger.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk -> [2009/04/21 12:16:32 | 00,002,076 | ---- | C] ()
Adobe Reader Speed Launch.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> [2009/04/21 12:16:32 | 00,001,757 | ---- | C] ()
Logitech SetPoint.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> [2009/04/21 12:16:32 | 00,001,687 | ---- | C] ()
WinZip Quick Pick.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> [2009/04/21 12:16:32 | 00,001,518 | ---- | C] ()
Button Manager G.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Button Manager G.lnk -> [2009/04/21 12:16:32 | 00,000,822 | ---- | C] ()
cmd.execf -> %SystemRoot%\System32\cmd.execf -> [2009/04/21 12:07:12 | 00,389,120 | ---- | C] (Microsoft Corporation)
2008 spf batches.xls -> %UserProfile%\Desktop\2008 spf batches.xls -> [2009/04/16 12:48:44 | 00,023,040 | ---- | C] ()
lsasrv.dll -> %SystemRoot%\System32\dllcache\lsasrv.dll -> [2009/04/15 12:30:23 | 00,729,088 | ---- | C] (Microsoft Corporation)
advapi32.dll -> %SystemRoot%\System32\dllcache\advapi32.dll -> [2009/04/15 12:30:23 | 00,617,472 | ---- | C] (Microsoft Corporation)
fastprox.dll -> %SystemRoot%\System32\dllcache\fastprox.dll -> [2009/04/15 12:30:23 | 00,473,600 | ---- | C] (Microsoft Corporation)
wmiprvsd.dll -> %SystemRoot%\System32\dllcache\wmiprvsd.dll -> [2009/04/15 12:30:23 | 00,453,120 | ---- | C] (Microsoft Corporation)
rpcss.dll -> %SystemRoot%\System32\dllcache\rpcss.dll -> [2009/04/15 12:30:23 | 00,401,408 | ---- | C] (Microsoft Corporation)
pdh.dll -> %SystemRoot%\System32\dllcache\pdh.dll -> [2009/04/15 12:30:23 | 00,284,160 | ---- | C] (Microsoft Corporation)
wmiprvse.exe -> %SystemRoot%\System32\dllcache\wmiprvse.exe -> [2009/04/15 12:30:23 | 00,227,840 | ---- | C] (Microsoft Corporation)
services.exe -> %SystemRoot%\System32\dllcache\services.exe -> [2009/04/15 12:30:23 | 00,110,592 | ---- | C] (Microsoft Corporation)
ntdll.dll -> %SystemRoot%\System32\dllcache\ntdll.dll -> [2009/04/15 12:30:22 | 00,714,752 | ---- | C] (Microsoft Corporation)
sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb -> [2009/04/15 12:29:49 | 01,203,922 | ---- | C] ()
xpsp4res.dll -> %SystemRoot%\System32\xpsp4res.dll -> [2009/04/15 12:29:49 | 00,002,560 | ---- | C] (Microsoft Corporation)
wordpad.exe -> %SystemRoot%\System32\dllcache\wordpad.exe -> [2009/04/15 12:29:48 | 00,215,552 | ---- | C] (Microsoft Corporation)
Prod_RMLUsedBT_Single.rtf -> %UserProfile%\My Documents\Prod_RMLUsedBT_Single.rtf -> [2009/04/01 08:19:10 | 00,001,802 | ---- | C] ()
Rainforest -> %UserProfile%\Desktop\Rainforest -> [2009/03/31 10:47:34 | 00,000,000 | ---D | C]
iltwain.ini -> %SystemRoot%\iltwain.ini -> [2008/05/30 12:59:38 | 00,000,036 | ---- | C] ()
Addrfixr.ini -> %SystemRoot%\Addrfixr.ini -> [2008/05/30 12:59:32 | 00,000,056 | ---- | C] ()
dymourl.ini -> %SystemRoot%\System32\dymourl.ini -> [2008/05/30 12:59:08 | 00,009,391 | ---- | C] ()
DYMOCFG.DLL -> %SystemRoot%\System32\DYMOCFG.DLL -> [2008/05/30 12:56:37 | 00,061,440 | ---- | C] ()
lmmonres.dll -> %SystemRoot%\System32\lmmonres.dll -> [2008/05/30 12:56:36 | 00,004,096 | ---- | C] ()
pccillin.ini -> %SystemRoot%\pccillin.ini -> [2008/02/29 17:54:03 | 00,000,021 | ---- | C] ()
Primomonnt.dll -> %SystemRoot%\System32\Primomonnt.dll -> [2007/11/27 15:11:39 | 00,176,235 | ---- | C] ()
HPPAPR01.DLL -> %SystemRoot%\System32\HPPAPR01.DLL -> [2007/07/05 11:21:51 | 00,208,896 | ---- | C] ()
hpbvspst.ini -> %SystemRoot%\hpbvspst.ini -> [2007/03/15 16:28:52 | 00,000,344 | ---- | C] ()
hpbvnstp.ini -> %SystemRoot%\hpbvnstp.ini -> [2007/03/15 16:28:41 | 00,000,714 | ---- | C] ()
primopdf.ini -> %SystemRoot%\primopdf.ini -> [2006/11/06 15:49:36 | 00,000,310 | ---- | C] ()
_isusr32.dll -> %SystemRoot%\_isusr32.dll -> [2005/10/10 12:48:06 | 00,159,744 | ---- | C] ()
_isusr2k.dll -> %SystemRoot%\System32\_isusr2k.dll -> [2005/10/10 12:47:39 | 00,045,056 | ---- | C] ()
use4b.dll -> %SystemRoot%\System32\use4b.dll -> [2005/10/10 12:47:38 | 00,122,880 | ---- | C] ()
RMAgentOutput.dll -> %SystemRoot%\RMAgentOutput.dll -> [2005/05/03 11:44:44 | 00,025,157 | ---- | C] ()
dllTSCLIBMT.dll -> %SystemRoot%\dllTSCLIBMT.dll -> [2005/05/03 11:43:44 | 00,126,976 | ---- | C] ()
aucfg.ini -> %SystemRoot%\aucfg.ini -> [2005/03/03 16:16:42 | 00,000,256 | ---- | C] ()
IMPLODE.DLL -> %SystemRoot%\System32\IMPLODE.DLL -> [2004/12/15 10:41:26 | 00,017,920 | ---- | C] ()
HCExtOutput.dll -> %SystemRoot%\HCExtOutput.dll -> [2004/07/26 09:47:44 | 00,071,749 | ---- | C] ()
TSC.ini -> %SystemRoot%\TSC.ini -> [2004/07/26 09:47:44 | 00,000,679 | ---- | C] ()
GetServer.ini -> %SystemRoot%\GetServer.ini -> [2004/07/26 09:46:56 | 00,000,170 | ---- | C] ()
OPPRIN~1.INI -> %SystemRoot%\OPPRIN~1.INI -> [2004/01/08 17:10:13 | 00,000,000 | ---- | C] ()
nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> [2003/10/06 14:16:00 | 00,027,136 | ---- | C] ()
spipcl4a.ini -> %SystemRoot%\spipcl4a.ini -> [2003/06/13 12:17:36 | 00,000,308 | ---- | C] ()
SHSFTSET.INI -> %SystemRoot%\SHSFTSET.INI -> [2003/06/13 12:17:36 | 00,000,063 | ---- | C] ()
YCRWin32.dll -> %SystemRoot%\System32\YCRWin32.dll -> [2003/06/13 11:04:23 | 00,065,536 | ---- | C] ()
ODBC.INI -> %SystemRoot%\ODBC.INI -> [2003/06/10 11:40:34 | 00,000,376 | ---- | C] ()
cmirmdrv.dll -> %SystemRoot%\System32\cmirmdrv.dll -> [2003/02/19 01:26:28 | 00,028,672 | ---- | C] ()
OUTLPERF.INI -> %SystemRoot%\System32\OUTLPERF.INI -> [2003/01/07 15:05:08 | 00,002,695 | ---- | C] ()
tmupdate.ini -> %SystemRoot%\tmupdate.ini -> [2002/07/04 15:05:34 | 00,000,269 | ---- | C] ()
patchw32.dll -> %SystemRoot%\patchw32.dll -> [2001/12/14 13:34:46 | 00,164,864 | ---- | C] ()
win.ini -> %SystemRoot%\win.ini -> [2001/08/30 03:30:00 | 00,000,686 | ---- | C] ()
system.ini -> %SystemRoot%\system.ini -> [2001/08/30 03:30:00 | 00,000,227 | ---- | C] ()
hppcap.ini -> %SystemRoot%\hppcap.ini -> [2001/03/29 02:37:14 | 00,000,033 | ---- | C] ()
AuHCcup1.ini -> %SystemRoot%\AuHCcup1.ini -> [1999/07/23 13:46:48 | 00,000,116 | ---- | C] ()
AuHCcup1.dll -> %SystemRoot%\AuHCcup1.dll -> [1999/07/23 10:53:20 | 00,129,536 | ---- | C] ()
 
[Files/Folders - Modified Within 30 Days]
2 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> 
13 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> 
54 E:\Documents and Settings\msilverman\Local Settings\Temp\*.tmp files -> E:\Documents and Settings\msilverman\Local Settings\Temp\*.tmp -> 
54 E:\Documents and Settings\msilverman\Local Settings\Temp\*.tmp files -> E:\Documents and Settings\msilverman\Local Settings\Temp\*.tmp -> 
54 E:\Documents and Settings\msilverman\Local Settings\Temp\*.tmp files -> E:\Documents and Settings\msilverman\Local Settings\Temp\*.tmp -> 
1572 E:\WINDOWS\Temp\*.tmp files -> E:\WINDOWS\Temp\*.tmp -> 
1572 E:\WINDOWS\Temp\*.tmp files -> E:\WINDOWS\Temp\*.tmp -> 
tmvsthfud.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfud.bin -> [2009/04/23 15:38:01 | 00,000,734 | ---- | M] ()
tmvsthfss.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfss.bin -> [2009/04/23 15:37:55 | 00,000,734 | ---- | M] ()
registry-backup-4-23-09.reg -> %UserProfile%\Desktop\registry-backup-4-23-09.reg -> [2009/04/23 15:21:40 | 18,668,464 | ---- | M] ()
registry-backup-12-5-08.reg -> %UserProfile%\Desktop\registry-backup-12-5-08.reg -> [2009/04/23 15:19:09 | 66,341,792 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/04/23 15:17:00 | 00,013,224 | ---- | M] ()
Perflib_Perfdata_704.dat -> %SystemRoot%\Temp\Perflib_Perfdata_704.dat -> [2009/04/23 15:16:11 | 00,016,384 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/04/23 15:15:59 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/04/23 15:15:57 | 00,002,048 | --S- | M] ()
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/04/23 15:06:34 | 03,670,016 | -H-- | M] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/04/23 15:06:27 | 00,000,278 | -HS- | M] ()
johnmasters (1).pdf -> %UserProfile%\Desktop\johnmasters (1).pdf -> [2009/04/23 11:07:51 | 00,106,829 | ---- | M] ()
MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [2009/04/23 08:21:26 | 16,101,70368 | ---- | M] ()
uty3nde4.sys -> %SystemRoot%\System32\drivers\uty3nde4.sys -> [2009/04/23 08:19:46 | 00,007,168 | ---- | M] ()
m2dsulyv.dll -> %UserProfile%\Local Settings\Temp\m2dsulyv.dll -> [2009/04/23 07:42:04 | 00,015,872 | ---- | M] ( )
hd2ymkg8.dll -> %UserProfile%\Local Settings\Temp\hd2ymkg8.dll -> [2009/04/23 07:42:04 | 00,015,872 | ---- | M] ( )
hd2ymkg8.cmdline -> %UserProfile%\Local Settings\Temp\hd2ymkg8.cmdline -> [2009/04/23 07:42:02 | 00,000,354 | ---- | M] ()
m2dsulyv.cmdline -> %UserProfile%\Local Settings\Temp\m2dsulyv.cmdline -> [2009/04/23 07:41:57 | 00,000,350 | ---- | M] ()
Perflib_Perfdata_720.dat -> %SystemRoot%\Temp\Perflib_Perfdata_720.dat -> [2009/04/22 16:00:50 | 00,016,384 | ---- | M] ()
Inv_StockDeliveryList_Batch.xls -> %UserProfile%\My Documents\Inv_StockDeliveryList_Batch.xls -> [2009/04/22 10:04:44 | 00,006,144 | ---- | M] ()
MSDS - AVALON DEODORANT SPRAY.pdf -> %UserProfile%\Desktop\MSDS - AVALON DEODORANT SPRAY.pdf -> [2009/04/22 08:32:48 | 00,109,354 | ---- | M] ()
avalon-3-4-09.pdf -> %UserProfile%\Desktop\avalon-3-4-09.pdf -> [2009/04/22 08:07:42 | 00,464,519 | ---- | M] ()
cmd.execf -> %SystemRoot%\System32\cmd.execf -> [2009/04/21 12:35:19 | 00,389,120 | ---- | M] (Microsoft Corporation)
win.ini -> %SystemRoot%\win.ini -> [2009/04/21 12:16:03 | 00,000,686 | ---- | M] ()
system.ini -> %SystemRoot%\system.ini -> [2009/04/21 12:16:03 | 00,000,227 | ---- | M] ()
Perflib_Perfdata_70c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_70c.dat -> [2009/04/21 11:43:47 | 00,016,384 | ---- | M] ()
2008 spf batches.xls -> %UserProfile%\Desktop\2008 spf batches.xls -> [2009/04/16 12:48:44 | 00,023,040 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/04/16 07:26:45 | 00,481,850 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/04/16 07:26:45 | 00,409,232 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/04/16 07:26:45 | 00,064,372 | ---- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009/04/15 16:45:19 | 00,001,374 | ---- | M] ()
Prod_SingleBOMTickets_PackagingUsed.xls -> %UserProfile%\My Documents\Prod_SingleBOMTickets_PackagingUsed.xls -> [2009/04/15 14:23:58 | 00,005,632 | ---- | M] ()
Prod_Product_Summary.xls -> %UserProfile%\My Documents\Prod_Product_Summary.xls -> [2009/04/15 13:33:52 | 00,011,249 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/04/15 12:30:47 | 00,005,833 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/04/15 12:30:47 | 00,005,419 | ---- | M] ()
SHIPPING DOCUMENTS.lnk -> %UserProfile%\Desktop\SHIPPING DOCUMENTS.lnk -> [2009/04/14 07:35:51 | 00,000,395 | ---- | M] ()
Inv_PackagesReceived.xls -> %UserProfile%\My Documents\Inv_PackagesReceived.xls -> [2009/04/13 13:17:15 | 00,010,752 | ---- | M] ()
MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009/04/06 07:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation)
Prod_RMLUsedBT_Single.rtf -> %UserProfile%\My Documents\Prod_RMLUsedBT_Single.rtf -> [2009/04/01 08:19:10 | 00,001,802 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/03/27 07:17:20 | 00,320,336 | ---- | M] ()
sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb -> [2009/03/26 23:58:38 | 01,203,922 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/03/26 11:30:24 | 00,081,376 | ---- | M] ()
BOM_Ticket.xls -> %UserProfile%\My Documents\BOM_Ticket.xls -> [2009/03/26 10:51:52 | 00,010,752 | ---- | M] ()
jre-6u13-windows-i586-p-iftw.exe -> %UserProfile%\Local Settings\Temp\jre-6u13-windows-i586-p-iftw.exe -> [2009/03/25 00:02:45 | 00,607,640 | ---- | M] (Sun Microsystems, Inc.)
jre-6u11-windows-i586-p-iftw.exe -> %UserProfile%\Local Settings\Temp\jre-6u11-windows-i586-p-iftw.exe -> [2008/11/25 20:49:07 | 00,607,640 | ---- | M] (Sun Microsystems, Inc.)
Perflib_Perfdata_84c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_84c.dat -> [2007/10/16 16:55:27 | 00,016,384 | ---- | M] ()
LaserJet3050.exe -> %SystemRoot%\Temp\LaserJet3050.exe -> [2007/07/03 16:13:31 | 01,827,069 | ---- | M] (Hewlett-Packard)
Perflib_Perfdata_398.dat -> %SystemRoot%\Temp\Perflib_Perfdata_398.dat -> [2007/05/29 14:36:37 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7cc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7cc.dat -> [2007/05/29 14:07:17 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_a88.dat -> %SystemRoot%\Temp\Perflib_Perfdata_a88.dat -> [2007/05/29 09:06:05 | 00,016,384 | ---- | M] ()
opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\Office\Data\opa11.dat -> [2007/05/25 10:13:14 | 00,011,064 | ---- | M] ()
index.dat -> %SystemRoot%\Temp\Temporary Internet Files\Content.IE5\index.dat -> [2007/02/19 08:19:41 | 00,032,768 | ---- | M] ()
index.dat -> %SystemRoot%\Temp\History\History.IE5\index.dat -> [2007/02/19 08:19:41 | 00,032,768 | ---- | M] ()
index.dat -> %SystemRoot%\Temp\Cookies\index.dat -> [2007/02/19 08:19:41 | 00,016,384 | ---- | M] ()
data.dat -> %AllUsersProfile%\Application Data\Microsoft\Office\Data\data.dat -> [2007/02/14 14:45:22 | 00,004,208 | ---- | M] ()
instopts.dat -> %SystemRoot%\Temp\instopts.dat -> [2004/05/06 08:18:24 | 00,001,292 | ---- | M] ()
run.exe -> %SystemRoot%\Temp\run.exe -> [2002/10/06 09:33:52 | 00,042,532 | ---- | M] (HiddenSoft)
 
[File - Lop Check]
Application Data -> E:\Documents and Settings\Administrator\Application Data -> [2009/04/21 12:15:25 | 00,000,000 | RH-D | M]
Application Data -> E:\Documents and Settings\Administrator.SDI\Application Data -> [2002/01/07 13:21:20 | 00,000,000 | RH-D | M]
Application Data -> E:\Documents and Settings\All Users\Application Data -> [2007/06/01 10:40:48 | 00,000,000 | RH-D | M]
MSN6 -> E:\Documents and Settings\All Users\Application Data\MSN6 -> [2004/04/09 06:38:16 | 00,000,000 | ---D | M]
Sharpdesk -> E:\Documents and Settings\All Users\Application Data\Sharpdesk -> [2005/10/10 12:55:34 | 00,000,000 | ---D | M]
Viewpoint -> E:\Documents and Settings\All Users\Application Data\Viewpoint -> [2008/05/22 16:32:54 | 00,000,000 | ---D | M]
Application Data -> E:\Documents and Settings\Default User\Application Data -> [2002/01/07 13:21:20 | 00,000,000 | RH-D | M]
Application Data -> E:\Documents and Settings\LocalService\Application Data -> [2005/03/22 17:44:45 | 00,000,000 | ---D | M]
Application Data -> E:\Documents and Settings\msilverman\Application Data -> [2008/08/21 11:02:17 | 00,000,000 | RH-D | M]
Leadertech -> E:\Documents and Settings\msilverman\Application Data\Leadertech -> [2007/10/29 08:45:02 | 00,000,000 | ---D | M]
Viewpoint -> E:\Documents and Settings\msilverman\Application Data\Viewpoint -> [2008/05/22 16:32:55 | 00,000,000 | ---D | M]
Application Data -> E:\Documents and Settings\NetworkService\Application Data -> [2003/06/10 11:14:34 | 00,000,000 | ---D | M]
Application Data -> E:\Documents and Settings\sgill\Application Data -> [2007/12/28 10:41:57 | 00,000,000 | RH-D | M]
E:\WINDOWS\Tasks\ -> E:\WINDOWS\Tasks -> [2009/03/11 07:59:58 | 00,000,000 | --SD | M]
desktop.ini -> E:\WINDOWS\Tasks\desktop.ini -> [2001/08/30 03:30:00 | 00,000,065 | RH-- | M] ()
SA.DAT -> E:\WINDOWS\Tasks\SA.DAT -> [2009/04/23 15:15:59 | 00,000,006 | -H-- | M] ()
 
[File - Purity Scan]
 
[CatchMe Rootkit Scan by GMER]
Rootkit scan error - could not find scan log
Rootkit scan error - could not find scan log
 
 
[Alternate Data Streams]
@Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
< End of report >
[/code]