[code] OTS logfile created on: 11/28/2009 3:24:18 PM - Run 1 OTS by OldTimer - Version 3.1.7.0 Folder = C:\Documents and Settings\Owner\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1022.48 Mb Total Physical Memory | 661.37 Mb Available Physical Memory | 64.68% Memory free 2.40 Gb Paging File | 1.99 Gb Available in Paging File | 82.86% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.52 Gb Total Space | 33.00 Gb Free Space | 44.29% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-CB34E5069C Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/11/27 16:59:35 | 00,526,848 | ---- | M] (OldTimer Tools) ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) jqs.exe -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/06/16 21:42:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) fws.exe -> C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe -> [2009/02/27 21:51:18 | 00,363,248 | ---- | M] (Rogers) rogersservicepointagent.exe -> C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe -> [2009/02/27 13:13:52 | 03,228,912 | ---- | M] (Rogers) mdnsresponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) nmapp.exe -> C:\Program Files\Pure Networks\Network Magic\nmapp.exe -> [2008/05/21 16:26:10 | 00,451,896 | ---- | M] (Pure Networks, Inc.) nmsrvc.exe -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) nmsrvc.exe -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) nmsrvc.exe -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) nmsrvc.exe -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) nmctxth.exe -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) pdagent.exe -> C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -> [2008/04/28 06:23:28 | 00,414,984 | ---- | M] (Raxco Software, Inc.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) qbupdate.exe -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> [2007/11/06 19:40:54 | 00,815,104 | ---- | M] (Intuit Inc.) syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> [2007/09/15 01:27:20 | 01,015,808 | ---- | M] (Synaptics, Inc.) apdproxy.exe -> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> [2007/03/09 10:09:58 | 00,063,712 | ---- | M] (Adobe Systems Incorporated) msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2006/11/03 18:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) msmpeng.exe -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) wmpnscfg.exe -> C:\Program Files\Windows Media Player\wmpnscfg.exe -> [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2006/07/04 22:26:02 | 00,180,269 | ---- | M] (RealNetworks, Inc.) realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2006/07/04 22:26:02 | 00,180,269 | ---- | M] (RealNetworks, Inc.) ati2evxx.exe -> C:\WINDOWS\system32\ati2evxx.exe -> [2005/08/03 20:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) ati2evxx.exe -> C:\WINDOWS\system32\ati2evxx.exe -> [2005/08/03 20:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) wcescomm.exe -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe -> [2005/01/04 10:50:52 | 00,405,583 | ---- | M] (Microsoft Corporation) hp wireless assistant.exe -> C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe -> [2004/12/08 16:23:22 | 00,790,528 | ---- | M] (Hewlett-Packard Company) eabservr.exe -> C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe -> [2004/12/03 13:24:20 | 00,290,816 | ---- | M] (Hewlett-Packard ) hpqwmi.exe -> C:\Program Files\HPQ\shared\hpqwmi.exe -> [2004/11/17 23:32:56 | 00,098,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) fpdisp5a.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe -> [2004/08/25 11:26:46 | 00,442,368 | ---- | M] (FinePrint Software, LLC) kodak software updater.exe -> C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe -> [2004/02/13 14:12:08 | 00,016,423 | ---- | M] () hpgs2wnf.exe -> C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnf.exe -> [2001/07/03 09:17:04 | 00,065,536 | ---- | M] () vscvol.exe -> C:\Program Files\Roland\VSC32\vscvol.exe -> [2000/02/08 22:19:48 | 00,036,864 | ---- | M] (Roland) vsc32cnf.exe -> C:\Program Files\Roland\VSC32\Vsc32Cnf.exe -> [2000/02/07 02:02:44 | 00,036,864 | ---- | M] (Roland) [Modules - Safe List] ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/11/27 16:59:35 | 00,526,848 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll -> [2008/04/13 19:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) framedyn.dll -> C:\WINDOWS\system32\wbem\framedyn.dll -> [2008/04/13 19:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) iadhide5.dll -> C:\Documents and Settings\Owner\Local Settings\Temp\IadHide5.dll -> [2004/02/11 16:58:16 | 00,024,613 | ---- | M] (BackWeb) vscapi.dll -> C:\WINDOWS\system32\vscapi.dll -> [2001/03/13 10:15:22 | 00,118,876 | ---- | M] (Roland) [Win32 Services - Safe List] (Akamai) Akamai [Auto | Running] -> c:\Program Files\Common Files\Akamai\rswin_3612.dll -> [2009/11/16 16:33:11 | 02,309,520 | ---- | M] () (iPod Service) iPod Service [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) (JavaQuickStarterService) Java Quick Starter [Auto | Running] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/06/16 21:42:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) (Radialpoint Security Services) Rogers Online Protection [On_Demand | Stopped] -> C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe -> [2009/02/27 21:52:04 | 00,097,520 | ---- | M] (Rogers) (RP_FWS) Rogers Online Protection Firewall [Auto | Running] -> C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe -> [2009/02/27 21:51:18 | 00,363,248 | ---- | M] (Rogers) (Bonjour Service) Bonjour Service [Auto | Running] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [On_Demand | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) (idsvc) Windows CardSpace [Unknown | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) (NetTcpPortSharing) Net.Tcp Port Sharing Service [Disabled | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) (aspnet_state) ASP.NET State Service [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) (nmraapache) Pure Networks Net2Go Service [On_Demand | Stopped] -> C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -> [2008/05/21 16:25:30 | 00,012,800 | ---- | M] (Pure Networks, Inc.) (nmservice) Pure Networks Platform Service [Auto | Running] -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) (PDEngine) PDEngine [On_Demand | Stopped] -> C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -> [2008/04/28 06:23:36 | 00,738,568 | ---- | M] (Raxco Software, Inc.) (PDAgent) PDAgent [Auto | Running] -> C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -> [2008/04/28 06:23:28 | 00,414,984 | ---- | M] (Raxco Software, Inc.) (helpsvc) Help and Support [Auto | Running] -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -> [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Auto | Running] -> C:\Program Files\Windows Media Player\WMPNetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) (usnsvc) Messenger Sharing USN Journal Reader service [On_Demand | Stopped] -> C:\Program Files\MSN Messenger\usnsvc.dll -> [2006/07/29 18:34:38 | 00,117,544 | ---- | M] (Microsoft Corporation) (Adobe LM Service) Adobe LM Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2005/10/27 09:34:44 | 00,069,632 | ---- | M] (Adobe Systems) (Ati HotKey Poller) Ati HotKey Poller [Auto | Running] -> C:\WINDOWS\system32\ati2evxx.exe -> [2005/08/03 20:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) (hpqwmi) HP WMI Interface [On_Demand | Running] -> C:\Program Files\HPQ\shared\hpqwmi.exe -> [2004/11/17 23:32:56 | 00,098,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (Pcouffin) Low level access layer for CD devices [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Pcouffin.sys -> [2009/11/02 22:21:31 | 00,047,360 | ---- | M] (VSO Software) (Lbd) Lbd [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\Lbd.sys -> [2009/09/23 07:55:23 | 00,064,288 | ---- | M] (Lavasoft AB) (GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -> [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) (RTL8023xp) Realtek 10/100/1000 PCI NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtnicxp.sys -> [2009/03/25 05:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2009/02/25 04:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2009/02/25 04:00:00 | 00,101,936 | ---- | M] (Symantec Corporation) (SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SYMEVENT.SYS -> [2009/01/05 19:07:27 | 00,124,464 | ---- | M] (Symantec Corporation) (BCM43XX) Broadcom 802.11 Network Adapter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2008/10/23 00:58:36 | 01,391,104 | ---- | M] (Broadcom Corporation) (KLIF) KLIF [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\klif.sys -> [2008/09/08 11:35:58 | 00,196,368 | ---- | M] (Kaspersky Lab) (KL1) KL1 [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\kl1.sys -> [2008/06/26 12:23:14 | 00,112,144 | ---- | M] (Kaspersky Lab) (pnarp) Pure Networks Device Discovery Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\pnarp.sys -> [2008/05/16 05:10:32 | 00,023,992 | ---- | M] (Pure Networks, Inc.) (purendis) Pure Networks Wireless Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\purendis.sys -> [2008/05/16 05:10:30 | 00,025,272 | ---- | M] (Pure Networks, Inc.) (DefragFS) DefragFS [File_System | Boot | Running] -> C:\WINDOWS\system32\drivers\DefragFs.sys -> [2008/04/25 05:38:22 | 00,071,184 | ---- | M] (Raxco Software, Inc.) (RPSKT) Security Services Driver (x86) [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rp_skt32.sys -> [2008/04/24 13:02:36 | 00,053,192 | ---- | M] (Radialpoint Inc.) (mf) mf [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mf.sys -> [2008/04/13 13:36:41 | 00,063,744 | ---- | M] (Microsoft Corporation) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SynTP.sys -> [2007/09/15 01:09:44 | 00,213,696 | ---- | M] (Synaptics, Inc.) (RPPKT) Radialpoint Filter (x86) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rp_pkt32.sys -> [2007/04/19 10:36:50 | 00,048,384 | ---- | M] (Radialpoint, Inc.) (StarOpen) StarOpen [File_System | System | Running] -> C:\WINDOWS\system32\drivers\StarOpen.sys -> [2007/02/20 12:07:56 | 00,005,632 | ---- | M] () (AmdK8) AMD Processor Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\AmdK8.sys -> [2006/06/18 23:37:34 | 00,036,864 | ---- | M] (Advanced Micro Devices) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2005/11/03 03:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2005/08/03 20:10:18 | 01,273,344 | ---- | M] (ATI Technologies Inc.) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\mdmxsdk.sys -> [2005/03/22 13:39:54 | 00,013,059 | ---- | M] (Conexant) (HSFHWATI) HSFHWATI [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWATI.sys -> [2005/03/22 13:39:44 | 00,200,192 | ---- | M] (Conexant Systems, Inc.) (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DP.sys -> [2005/03/22 13:39:42 | 01,038,208 | ---- | M] (Conexant Systems, Inc.) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2005/03/22 13:39:40 | 00,703,232 | ---- | M] (Conexant Systems, Inc.) (wceusbsh) Windows CE USB Serial Host Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wceusbsh.sys -> [2004/12/06 13:07:32 | 00,104,064 | ---- | M] (Microsoft Corporation) (CAMCHALA) CAMCHALA [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\camchal.sys -> [2004/11/23 12:57:56 | 00,280,192 | ---- | M] (Conexant Systems Inc.) (CAMCAUD) Conexant AMC Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\camcaud.sys -> [2004/11/23 12:56:40 | 00,034,048 | ---- | M] (Conexant Systems Inc.) (tifm21) tifm21 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\tifm21.sys -> [2004/11/16 13:30:40 | 00,147,840 | ---- | M] (Texas Instruments) (AFS2K) AFS2K [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\AFS2K.SYS -> [2004/10/07 20:16:04 | 00,035,840 | ---- | M] (Oak Technology Inc.) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RTL8139.sys -> [2004/08/03 17:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) (eabfiltr) eabfiltr [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\eabfiltr.sys -> [2004/04/14 07:36:50 | 00,007,432 | ---- | M] (Hewlett-Packard Company) (Pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\pfc.sys -> [2003/09/19 00:47:00 | 00,010,368 | ---- | M] (Padus, Inc.) (Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\iviaspi.sys -> [2003/09/10 22:36:54 | 00,021,060 | ---- | M] (InterVideo, Inc.) (eabusb) eabusb [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\EabUsb.sys -> [2003/06/06 11:46:16 | 00,005,220 | ---- | M] (Hewlett-Packard Company) (BrSerWDM) Brother Serial driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrSerWdm.sys -> [2001/08/17 13:12:20 | 00,060,416 | ---- | M] (Brother Industries Ltd.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrUsbMdm.sys -> [2001/08/17 13:12:20 | 00,011,008 | ---- | M] (Brother Industries Ltd.) (brfilt) Brother MFC Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrFilt.sys -> [2001/08/17 13:12:12 | 00,002,944 | ---- | M] (Brother Industries Ltd.) (BrUsbScn) Brother MFC USB Scanner driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrUsbScn.sys -> [2001/08/17 12:12:22 | 00,010,368 | ---- | M] (Brother Industries Ltd.) (vsc32) Virtual Sound Canvas 3.2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\vsc.sys -> [2001/04/16 08:16:58 | 00,951,284 | ---- | M] (Roland) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"Default_Search_URL" -> http://ie.search.msn.com -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"Page_Transitions" -> 1 -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"Search Page" -> http://ie.search.msn.com -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"SearchMigratedDefaultName" -> Live Search -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"SearchMigratedDefaultURL" -> http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"Secondary Start Pages" -> [Binary data over 100 bytes] -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: Main\\"Start Page" -> http://www.barrie-homes.com/ -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\: "ProxyEnable" -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\extensions -> -> HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com -> C:\Program Files\Java\jre6\lib\deploy\jqs\ff [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/06/16 21:42:24 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/07/16 21:33:34 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/06/16 21:47:28 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org -> [2009/06/16 21:47:28 | 00,000,000 | ---D | M] < HOSTS File > (306675 bytes and 10601 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> First 25 entries... Reset Hosts 127.0.0.1 localhost 127.0.0.1 www.pacimedia.com 127.0.0.1 www.pacimedia.com 127.0.0.1 www.pacimedia.com 127.0.0.1 www.pacimedia.com 127.0.0.1 www.pacimedia.com 127.0.0.1 as.adwave.com 127.0.0.1 sr.adwave.com 127.0.0.1 www.adwave.com 127.0.0.1 adwave.com 127.0.0.1 www.pacimedia.com 127.0.0.1 www.igetnet.com 127.0.0.1 code.ignphrases.com 127.0.0.1 clear-search.com 127.0.0.1 r1.clrsch.com 127.0.0.1 sds.clrsch.com 127.0.0.1 status.clrsch.com 127.0.0.1 www.clrsch.com 127.0.0.1 clr-sch.com 127.0.0.1 sds-qckads.com 127.0.0.1 status.qckads.com 127.0.0.1 www.qoolaid.com 127.0.0.1 www.qoologic.com 127.0.0.1 www.CLKPrecision.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 12:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated) {2F85D76C-0569-466F-A488-493E6BD0E955} [HKLM] -> C:\Program Files\Windows Desktop Search\dsWebAllow.dll [dsWebAllowBHO Class] -> [2006/03/26 21:44:10 | 00,265,432 | ---- | M] (Microsoft Corporation) {3C060EA2-E6A9-4E49-A530-D4657B8C449A} [HKLM] -> C:\Program Files\Rogers Online Protection\Rogers Online Protection\pkR.dll [PopKill Class] -> [2009/02/27 21:51:34 | 00,055,536 | ---- | M] (Rogers) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 14:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2009/06/16 21:42:21 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2006/07/07 11:29:52 | 00,324,416 | ---- | M] (Microsoft Corporation) {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar Helper] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/06/16 21:42:17 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.) {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/06/16 21:42:24 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe ARM" -> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/09/04 11:08:30 | 00,935,288 | R--- | M] (Adobe Systems Incorporated) "Adobe Photo Downloader" -> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe ["C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"] -> [2007/03/09 10:09:58 | 00,063,712 | ---- | M] (Adobe Systems Incorporated) "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/10/03 03:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) "eabconfg.cpl" -> C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start] -> [2004/12/03 13:24:20 | 00,290,816 | ---- | M] (Hewlett-Packard ) "FinePrint Dispatcher v5" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe] -> [2004/08/25 11:26:46 | 00,442,368 | ---- | M] (FinePrint Software, LLC) "hpWirelessAssistant" -> C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe [C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe] -> [2004/12/08 16:23:22 | 00,790,528 | ---- | M] (Hewlett-Packard Company) "IMJPMIG8.1" -> C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] -> [2004/08/04 07:00:00 | 00,208,952 | ---- | M] (Microsoft Corporation) "iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) "Malwarebytes Anti-Malware (reboot)" -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe ["C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript] -> [2009/09/10 14:53:56 | 01,312,080 | ---- | M] (Malwarebytes Corporation) "nmapp" -> C:\Program Files\Pure Networks\Network Magic\nmapp.exe ["C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash] -> [2008/05/21 16:26:10 | 00,451,896 | ---- | M] (Pure Networks, Inc.) "nmctxth" -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe ["C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"] -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) "OPSE reminder" -> C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe ["C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini"] -> [2003/07/07 10:29:30 | 00,729,088 | R--- | M] (ScanSoft, Inc.) "QuickTime Task" -> C:\Program Files\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.) "RogersServicepointAgent.exe" -> C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe ["C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe" /AUTORUN] -> [2009/02/27 13:13:52 | 03,228,912 | ---- | M] (Rogers) "SynTPEnh" -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2007/09/15 01:27:20 | 01,015,808 | ---- | M] (Synaptics, Inc.) "SynTPLpr" -> C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] -> [2005/02/02 12:12:22 | 00,102,492 | ---- | M] (Synaptics, Inc.) "SynTPStart" -> C:\Program Files\Synaptics\SynTP\SynTPStart.exe [C:\Program Files\Synaptics\SynTP\SynTPStart.exe] -> [2007/09/15 01:29:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2006/07/04 22:26:02 | 00,180,269 | ---- | M] (RealNetworks, Inc.) "vsc32cnf.exe" -> C:\Program Files\Roland\VSC32\Vsc32Cnf.exe [C:\Program Files\Roland\VSC32\vsc32cnf.exe] -> [2000/02/07 02:02:44 | 00,036,864 | ---- | M] (Roland) "vscvol.exe" -> C:\Program Files\Roland\VSC32\vscvol.exe [C:\Program Files\Roland\VSC32\vscvol.exe] -> [2000/02/08 22:19:48 | 00,036,864 | ---- | M] (Roland) "Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe ["C:\Program Files\Windows Defender\MSASCui.exe" -hide] -> [2006/11/03 18:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "IndexCleaner" -> C:\Program Files\Rogers Online Protection\Rogers Online Protection\IdxClnR.exe ["C:\Program Files\Rogers Online Protection\Rogers Online Protection\IdxClnR.exe"] -> [2009/02/27 21:51:20 | 00,066,288 | ---- | M] (Rogers) < Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DWQueuedReporting" -> C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE ["C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t] -> [2007/03/22 18:29:28 | 00,039,264 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DWQueuedReporting" -> C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE ["C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t] -> [2007/03/22 18:29:28 | 00,039,264 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "H/PC Connection Agent" -> C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE ["C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"] -> [2005/01/04 10:50:52 | 00,405,583 | ---- | M] (Microsoft Corporation) "SpybotSD TeaTimer" -> C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2009/03/05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) "WMPNSCFG" -> C:\Program Files\Windows Media Player\wmpnscfg.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "IndexCleaner" -> C:\Program Files\Rogers Online Protection\Rogers Online Protection\IdxClnR.exe ["C:\Program Files\Rogers Online Protection\Rogers Online Protection\IdxClnR.exe"] -> [2009/02/27 21:51:20 | 00,066,288 | ---- | M] (Rogers) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk -> C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe -> [2004/02/13 14:12:08 | 00,016,423 | ---- | M] () C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> [2007/11/06 19:40:54 | 00,815,104 | ---- | M] (Intuit Inc.) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found \\"NoCDBurning" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"PromptOnSecureDesktop" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableRegistryTools" -> [0] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Outlook\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MI05E6~1\OFFICE11\EXCEL.EXE/3000] -> [2009/10/08 13:44:42 | 10,352,448 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Outlook\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MI05E6~1\OFFICE11\EXCEL.EXE/3000] -> [2009/10/08 13:44:42 | 10,352,448 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> &Windows Live Search -> C:\Program Files\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Outlook\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MI05E6~1\OFFICE11\EXCEL.EXE/3000] -> [2009/10/08 13:44:42 | 10,352,448 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\inetrepl.dll [Button: Create Mobile Favorite] -> [2005/01/04 10:49:36 | 00,131,151 | ---- | M] (Microsoft Corporation) {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\inetrepl.dll [Menu: Create Mobile Favorite...] -> [2005/01/04 10:49:36 | 00,131,151 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Outlook\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 14:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited) {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) {FB858B22-55E2-413f-87F5-30ADC5552151}:Exec [HKLM] -> C:\Program Files\PlotSoft\PDFill\\DownloadPDF.exe [Button: PDFill PDF Editor] -> [2006/02/23 19:26:38 | 00,172,032 | ---- | M] () < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{4B30061A-5B39-11D3-80F8-0090276F843F}" [HKLM] -> [Reg Error: Key error.] -> File not found CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{4B30061A-5B39-11D3-80F8-0090276F843F}" [HKLM] -> [Reg Error: Key error.] -> File not found CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\inetrepl.dll [Create Mobile Favorite] -> [2005/01/04 10:49:36 | 00,131,151 | ---- | M] (Microsoft Corporation) CmdMapping\\"{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\inetrepl.dll [Create Mobile Favorite...] -> [2005/01/04 10:49:36 | 00,131,151 | ---- | M] (Microsoft Corporation) CmdMapping\\"{4B30061A-5B39-11D3-80F8-0090276F843F}" [HKLM] -> [Reg Error: Key error.] -> File not found CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> C:\Program Files\Microsoft Outlook\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5476 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5485 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5485 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1204 domain(s) found. -> 65 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 27 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1204 domain(s) found. -> 65 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 27 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5488 domain(s) found. -> Interealty.com .[*] -> Out of zone range - ( 5 ) -> MLXchange.com .[*] -> Out of zone range - ( 5 ) -> barrie_MLXchange.com [http] -> Trusted sites -> www_topproducer8i.com [https] -> Trusted sites -> 50 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> http://office.microsoft.com/templates/ieawsdc.cab [Microsoft Office Template and Media Control] -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [HKLM] -> http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab [Office Genuine Advantage Validation Tool] -> {0742B9EF-8C83-41CA-BFBA-830A59E23533} [HKLM] -> https://support.microsoft.com/OAS/ActiveX/MSDcode.cab [Microsoft Data Collection Control] -> {0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Facebook Photo Uploader 5 Control] -> {0D859AF0-C75E-11D4-B760-00E0B81077E8} [HKLM] -> http://barrie.mlxchange.com/Control/FileCruiser.cab [FileCruiser Class] -> {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} [HKLM] -> http://www.musicnotes.com/download/mnviewer.cab [Musicnotes Viewer] -> {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> {16FD824B-8E7B-11D2-9855-00802962956C} [HKLM] -> http://barrie.mlxchange.com/Control/Specfile.cab [Specfile Control] -> {17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab [Windows Genuine Advantage Validation Tool] -> {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} [HKLM] -> http://protect.microsoft.com/security/protect/wsa/shared/CAB/x86/msSecAdv.cab?1134095294843 [MSSecurityAdvisor Class] -> {284DAE3C-A691-11D3-AD58-00E0B8107A24} [HKLM] -> http://barrie.mlxchange.com/Control/SISC.cab [SISCtrl Class] -> {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} [HKLM] -> http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.0.5.cab [DownloadManager Control] -> {3BB1D69B-A780-4BE1-876E-F3D488877135} [HKLM] -> http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab [SentinelProxy Class] -> {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [HKLM] -> http://office.microsoft.com/officeupdate/content/opuc3.cab [Office Update Installation Engine] -> {49232000-16E4-426C-A231-62846947304B} [HKLM] -> https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab [SysData Class] -> {4989312D-58CF-11D5-A7D7-00E02911103E} [HKLM] -> http://barrie.mlxchange.com/Control/MultiSelectComboBox.cab [Interealty MultiSelect] -> {4EC8E993-32C1-47F5-A07A-5B0574655AD4} [HKLM] -> http://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab [WXcom Class] -> {5ED80217-570B-4DA9-BF44-BE107C0EC166} [HKLM] -> https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab [Windows Live Safety Center Base Module] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136857542687 [MUWebControl Class] -> {6F15128C-E66A-490C-B848-5000B5ABEEAC} [HKLM] -> https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab [HP Download Manager] -> {6FD482A3-7B57-438B-B040-52CAA30147EE} [HKLM] -> http://barrie.mlxchange.com/Control/MLXClientUtils.cab [MLXchange Client Utils] -> {74D05D43-3236-11D4-BDCD-00C04F9A3B61} [HKLM] -> http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab [HouseCall Control] -> {78523E50-56EB-11D3-B739-CAA1986A452F} [HKLM] -> http://barrie.mlxchange.com/Control/LiteGrid.cab [LiteGridCtl Class] -> {7A7537FC-5988-11D3-8B33-00104B9E5A4A} [HKLM] -> http://barrie.mlxchange.com/Control/IRCWebPrint.cab [IRCWwwPrint Class] -> {7F8C8173-AD80-4807-AA75-5672F22B4582} [HKLM] -> http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37390.cab [ICSScanner Class] -> {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} [HKLM] -> http://barrie.mlxchange.com/5.0.05.46/Control/IRCSharc.cab [GeacRevw Control] -> {8569D715-FF88-44BA-8D1D-AD3E59543DDE} [HKLM] -> https://www.topproduceronline.com/Downloads/arview2.cab [ActiveReports Viewer2] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} [HKLM] -> Reg Error: Value error. [Reg Error: Key error.] -> {B198A72B-B4C3-42B5-B8DA-B364E76429AA} [HKLM] -> http://barrie.mlxchange.com/Control/WebDog.cab [Cerebus Class] -> {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} [HKLM] -> http://office.microsoft.com/officeupdate/content/opuc4.cab [Office Update Installation Engine] -> {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab [Java Plug-in 1.5.0] -> {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab [Java Plug-in 1.5.0_04] -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> {F060A272-A18A-11D3-B75B-00E0B81077E8} [HKLM] -> http://barrie.mlxchange.com/Control/AspCustomCtrls.cab [DropList Class] -> {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} [HKLM] -> http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.0.cab [DLM Control] -> Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] -> PUFLITE [HKLM] -> http://www.barrie-homes.com/Office/ColpaControls/Photo/Control/PUFLITE.CAB [Reg Error: Key error.] -> TruePass EPF 7,0,100,730 [HKLM] -> https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab [Reg Error: Key error.] -> TruePass EPF 7,0,100,739 [HKLM] -> https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab [Reg Error: Key error.] -> WebConnect Pro 6.5.12 [HKLM] -> http://wc.harryfox.com:2080/WebConnectDU.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 64.71.255.198 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {7F35D987-0EE4-468B-A151-8F7F9F5EF097}\\DhcpNameServer -> 64.71.255.198 (Broadcom 802.11b/g WLAN) -> {FB9A4220-855E-4C5E-A40E-D9BA38D4E2DC}\\DhcpNameServer -> 64.71.255.198 (Realtek RTL8139/810x Family Fast Ethernet NIC) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> C:\WINDOWS\System32\ati2evxx.dll -> [2005/08/03 20:04:18 | 00,046,080 | ---- | M] (ATI Technologies Inc.) wzcnotif -> C:\WINDOWS\System32\wzcdlg.dll -> [2008/04/13 19:12:11 | 00,383,488 | ---- | M] (Microsoft Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" [HKLM] -> C:\Program Files\Windows Defender\MpShHook.dll [Microsoft AntiMalware ShellExecuteHook] -> [2006/11/03 18:20:00 | 00,083,224 | ---- | M] (Microsoft Corporation) "{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [] -> [2006/03/13 12:11:14 | 00,233,472 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\MSN Messenger\msncall.exe" -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> [2006/07/29 17:16:08 | 01,002,280 | ---- | M] (Microsoft Corporation) "C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0] -> [2006/07/29 18:34:04 | 05,354,792 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe" -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service] -> [2008/05/16 05:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) "C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" -> C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe [C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager] -> [2005/10/20 10:54:16 | 00,126,976 | ---- | M] (Intuit, Inc.) "C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2009/11/12 16:33:04 | 10,358,048 | ---- | M] (Apple Inc.) "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" -> C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare] -> [2006/06/14 23:11:40 | 00,180,224 | ---- | M] () "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" -> C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater] -> [2004/02/13 14:12:08 | 00,016,423 | ---- | M] () "C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2009/05/22 09:57:15 | 00,139,776 | ---- | M] (Lime Wire, LLC) "C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager] -> [2005/01/04 10:50:52 | 00,405,583 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application] -> [2005/01/04 10:49:52 | 00,962,638 | ---- | M] (Microsoft Corporation) "C:\Program Files\MSN Messenger\msncall.exe" -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> [2006/07/29 17:16:08 | 01,002,280 | ---- | M] (Microsoft Corporation) "C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0] -> [2006/07/29 18:34:04 | 05,354,792 | ---- | M] (Microsoft Corporation) "C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2006/10/13 17:20:08 | 20,058,152 | ---- | M] () "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" -> C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player ] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2005/09/28 12:20:48 | 00,000,050 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{187564bc-cc2f-11db-bece-00904bea1133} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{187564bc-cc2f-11db-bece-00904bea1133}\Shell \{187564bc-cc2f-11db-bece-00904bea1133}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{187564bc-cc2f-11db-bece-00904bea1133}\Shell\AutoRun \{187564bc-cc2f-11db-bece-00904bea1133}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{187564bc-cc2f-11db-bece-00904bea1133}\Shell\AutoRun\command \{187564bc-cc2f-11db-bece-00904bea1133}\Shell\AutoRun\command\\"" -> E:\LaunchU3.exe [E:\LaunchU3.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Documents and Settings^Owner^Start Menu^Programs^Startup^SmartUI.lnk -> C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe -> File not found < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Adobe Photo Downloader hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> [2007/03/09 10:09:58 | 00,063,712 | ---- | M] (Adobe Systems Incorporated) ATIPTA hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [2004/12/21 20:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) CXMon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe -> [2001/08/27 10:52:58 | 00,045,056 | ---- | M] (Hewlett-Packard Company) DeviceDiscovery hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> [2002/12/02 19:56:10 | 00,040,960 | ---- | M] (Hewlett-Packard) iTunesHelper hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) PrintServer Diagnostic hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Print Server\PTP\PSDiagnostic.exe -> [2004/11/24 17:09:40 | 00,266,240 | ---- | M] () QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\QuickTime\qttask.exe -> [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.) Share-to-Web Namespace Daemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe -> [2001/07/03 09:11:52 | 00,057,344 | ---- | M] (Hewlett-Packard) SunJavaUpdateSched hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe -> [2005/11/10 12:03:52 | 00,036,975 | ---- | M] (Sun Microsystems, Inc.) TkBellExe hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2006/07/04 22:26:02 | 00,180,269 | ---- | M] (RealNetworks, Inc.) UpdateManager hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe -> [2003/08/19 00:01:00 | 00,110,592 | ---- | M] (Sonic Solutions) WatchDog hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2004/12/08 17:44:36 | 00,184,320 | ---- | M] (InterVideo Inc.) < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 0 -> "services" -> 0 -> "startup" -> 2 -> "system.ini" -> 0 -> "win.ini" -> 0 -> < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "MIDI1" -> C:\WINDOWS\System32\vscapi.dll [vscapi.dll] -> [2001/03/13 10:15:22 | 00,118,876 | ---- | M] (Roland) "MSACM.CEGSM" -> C:\WINDOWS\System32\mobileV.acm [mobilev.acm] -> [2005/01/04 10:37:36 | 00,057,422 | ---- | M] () "msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008/04/13 19:12:42 | 00,199,680 | ---- | M] (Intel Corporation) "msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2008/04/13 19:09:57 | 00,290,816 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.siren" -> C:\WINDOWS\System32\sirenacm.dll [sirenacm.dll] -> [2006/07/29 18:32:50 | 00,048,936 | ---- | M] (Microsoft Corp.) "msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/13 19:10:50 | 00,086,016 | ---- | M] (Sipro Lab Telecom Inc.) "msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2004/08/04 07:00:00 | 00,008,192 | ---- | M] (DSP GROUP, INC.) "vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008/04/13 19:11:54 | 00,080,384 | ---- | M] (Radius Inc.) "vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 07:00:00 | 00,199,168 | ---- | M] () "vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 07:00:00 | 00,199,168 | ---- | M] () "vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/13 19:12:42 | 00,848,384 | ---- | M] (Intel Corporation) "vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008/04/13 19:11:55 | 00,755,200 | ---- | M] (Intel Corporation) "WAVE1" -> C:\WINDOWS\System32\vscapi.dll [vscapi.dll] -> [2001/03/13 10:15:22 | 00,118,876 | ---- | M] (Roland) < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .html [@ = htmlfile] -> C:\Program Files\Internet Explorer\IEXPLORE.EXE -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Classes\\ -> .hta [@ = htafile] -> Reg Error: Key error. -> File not found .url [@ = InternetShortcut] -> Reg Error: Key error. -> File not found < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> [] -> AppMgmt -> C:\WINDOWS\System32\appmgmts.dll [C:\WINDOWS\System32\appmgmts.dll] -> File not found HidServ -> C:\WINDOWS\System32\hidserv.dll [C:\WINDOWS\System32\hidserv.dll] -> File not found Ias -> [] -> Iprip -> [] -> Irmon -> [] -> NWCWorkstation -> [] -> Nwsapagent -> [] -> Wmi -> [] -> WmdmPmSp -> [] -> helpsvc -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll] -> [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -> [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) Lavasoft Ad-Aware Service -> Service PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver System Bus Extender -> Driver Group vds -> Service vga.sys -> Driver WinDefend -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -> [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) Lavasoft Ad-Aware Service -> Service NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group vga.sys -> Driver vsmon -> Service WinDefend -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> htmlfile [edit] -> "C:\Program Files\Microsoft Outlook\OFFICE11\msohtmed.exe" %1 -> [2007/04/19 13:07:38 | 00,061,280 | ---- | M] (Microsoft Corporation) htmlfile [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files\Microsoft Outlook\OFFICE11\msohtmed.exe" /p %1 -> [2007/04/19 13:07:38 | 00,061,280 | ---- | M] (Microsoft Corporation) http [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) https [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/04/13 19:12:41 | 00,135,168 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [ACDBrowse] -> "C:\PROGRA~1\ACDSYS~1\ACDSee\ACDSee.exe" "%1" -> [2001/07/06 14:10:12 | 01,441,792 | ---- | M] (ACD Systems, Ltd.) Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} -> Notifier {01B93B3A-283F-411B-A648-69CABCACC986} -> Canon MF Drivers {02E89EFC-7B07-4D5A-AA03-9EC0902914EE} -> VC 9.0 Runtime {07287123-B8AC-41CE-8346-3D777245C35B} -> Bonjour {073F22CE-9A5B-4A40-A604-C7270AC6BF34} -> ESSSONIC {09DA4F91-2A09-4232-AB8C-6BC740096DE3} -> Sonic Update Manager {0BEDBD4E-2D34-47B5-9973-57E62B29307C} -> ATI Control Panel {132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E} -> Canon MF Toolbox 4.7.0.0.mf04 {1451DE6B-ABE1-4F62-BE9A-B363A17588A2} -> QuickTime {14D4ED84-6A9A-45A0-96F6-1753768C3CB5} -> ESSPCD {154508C0-07C5-4659-A7A0-E49968750D21} -> HLPPDOCK {1B1B3FC3-5D41-42B6-85B1-27223246E438} -> RPS Zip {1E04F83B-2AB9-4301-9EF7-E86307F79C72} -> Google Earth {212F5777-1190-4DEF-8E4D-6B2F313B45E7} -> PerfectDisk {22B3CC30-77B8-419C-AA4B-F571FDF5D66D} -> Windows Live Sign-in Assistant {22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71} -> QuickTax 2007 {26A24AE4-039D-4CA4-87B4-2F83216011FF} -> Java(TM) 6 Update 11 {2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F} -> essvatgt {2D87E961-577B-492B-AD54-1368680FB9A7} -> Bing Maps 3D {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} -> Rhapsody Player Engine {2F1074A4-B6D4-4C4D-A728-C1EADDB188D9} -> RPS Security Cleanup {2FCE4FC5-6930-40E7-A4F1-F862207424EF} -> InterVideo WinDVD Creator {316CDA1E-4760-4772-94B0-0FFC56D85700} -> RPS CRT {3248F0A8-6813-11D6-A77B-00B0D0150000} -> J2SE Runtime Environment 5.0 {3248F0A8-6813-11D6-A77B-00B0D0150040} -> J2SE Runtime Environment 5.0 Update 4 {3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6 {341201D4-4F61-4ADB-987E-9CCE4D83A58D} -> Windows Live Toolbar Extension (Windows Live Toolbar) {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {37E31FCE-A048-4D8C-B167-31891BCF6585} -> muvee autoProducer 3.5 - SE {388E4B09-3E71-4649-8921-F44A3A2954A7} -> Microsoft Visual Studio 2005 Tools for Office Runtime {3AB59D99-F209-4705-96A0-304C53D88958} -> RPS RpsCore {3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353} -> OTtBPSDK {3FA365DF-2D68-45ED-8F83-8C8A33E65143} -> Apple Application Support {426B3380-B8F7-4A69-9838-B1A8237F0B00} -> RPS Burn {4302B2DD-D958-40E3-BAF3-B07FFE1978CE} -> HP Wireless Assistant {432C3720-37BF-4BD7-8E49-F38E090246D0} -> CR2 {47FBF7F9-FBD3-43EF-823B-7684D56C1962} -> Tabbed Browsing (Windows Live Toolbar) {50120000-1105-0000-0000-0000000FF1CE} -> Microsoft Office 2007 Primary Interop Assemblies {54C8FE84-89C4-40E8-976C-439EB0729BD6} -> CardRd81 {578B6EF9-119B-4FB8-8377-7DAFA9588B97} -> Network Magic {5D97A4A7-C274-4B63-86D9-07A33435F505} -> InterVideo DVD Check {605A4E39-613C-4A12-B56F-DEFBE6757237} -> SHASTA {63569CE9-FA00-469C-AF5C-E5D4D93ACF91} -> Windows Genuine Advantage v1.3.0254.0 {643EAE81-920C-4931-9F0B-4B343B225CA6} -> ESSBrwr {6709A989-F0AC-43E5-9DE8-4100A85715BD} -> RPS Ad Blocker {68F129E0-EF23-4CCE-A03F-B2C1A6DC9013} -> Rogers Online Protection {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update {69B02159-7622-4DBB-B9EE-F933039830AD} -> QuickBooks Pro 2006 {6B350CA4-0031-0002-3131-34999AD85AEC} -> InterVideo WinDVD Creator {6D8D64BE-F500-55B6-705D-DFD08AFE0624} -> Acrobat.com {6F5F989B-D61A-48BF-B860-3EB95600155F} -> RPS Firewall {72A28FB5-718C-41EC-8956-7A4FEB850A73} -> Top Producer Outlook Connector 2.0 {748F4870-8350-11D3-B0BF-080009FB4A19} -> HP Share-to-Web {78AD4938-7EE6-4DC0-A5BC-3AF82750A617} -> QuickTax Tracker {79D5997E-BF79-48BB-8B41-9BE59C15C2D7} -> OmniPage SE 2.0 {87843A41-7808-4F2E-B13F-25C1E67CF2FD} -> ESShelp {8784867F-AA3D-4258-837C-0DC6EBAFDB5E} -> RPS Ksdk {8943CE61-53BD-475E-90E1-A580869E98A2} -> staticcr {8A502E38-29C9-49FA-BCFA-D727CA062589} -> ESSTOOLS {8E92D746-CD9F-4B90-9668-42B74C14F765} -> ESSini {90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system {91120409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Standard Edition 2003 {91490409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office 2003 Primary Interop Assemblies {91517631-A9F3-4B7C-B482-43E0068FD55A} -> ESSgui {91810AFC-A4F8-4EBA-A5AA-B198BBC81144} -> InterVideo WinDVD {9242140C-E909-45B4-8315-2A3CC0786FB0} -> PDFill PDF Editor 4.1 with Writer and Tools (Unicode) {94570A74-CA05-43A7-9B1E-38142CDDE93B} -> RPS AntiVirus {94FB906A-CF42-4128-A509-D353026A607E} -> REALTEK Gigabit and Fast Ethernet NIC Driver {95120000-0038-0409-0000-0000000FF1CE} -> Time Zone Data Update Tool for Microsoft Office Outlook {9541FED0-327F-4DF0-8B96-EF57EF622F19} -> Sonic RecordNow! {97355297-21C8-40CD-96D3-48E58037A9B8} -> TI1620/1520 {9743AF47-B746-4324-B4C4-512E67D04370} -> Symantec Technical Support Web Controls {97F7C9CE-5C2A-4095-9BC5-3AA6A49F191B} -> RPS Performance Tool {999D43F4-9709-4887-9B1A-83EBB15A8370} -> VPRINTOL {9D8FEE90-0377-49A9-AEFB-525BDE549BA4} -> ESScore {A040AC77-C1AA-4CC9-8931-9F648AF178F6} -> VC 9.0 Runtime {A06275F4-324B-4E85-95E6-87B2CD729401} -> Windows Defender {A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2 {A5CC2A09-E9D3-49EC-923D-03874BBD4C2C} -> Windows Defender Signatures {A654A805-41D9-40C7-AA46-4AF04F044D61} -> Adobe® Photoshop® Album Starter Edition 3.2 {A6FDF86A-F541-4E7B-AEA0-8849A2A700D5} -> iTunes {A93C4E94-1005-489D-BEAA-B873C1AA6CFC} -> HP Help and Support {AA0D2D5F-612B-45D3-8759-DA87206E5CC9} -> QuickTax 2008 {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} -> Apple Mobile Device Support {AC76BA86-7AD7-1033-7B44-A92000000001} -> Adobe Reader 9.2 {AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} -> ESSCDBK {AE68FB75-1887-48E8-95D9-6A2571CBC2EF} -> RPS ParentalControl {AEF2D1F3-0696-11D5-8E6A-00C04F7FA234} -> PaperPort 8.0 SE {B1102A25-3AA3-446B-AA0F-A699B07A02FD} -> Garmin USB Drivers {B162D0A6-9A1D-4B7C-91A5-88FB48113C45} -> OfotoXMI {B376402D-58EA-45EA-BD50-DD924EB67A70} -> HP Memories Disc {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy {B46A290A-AA40-4428-8C80-E4A2E74AEC9D} -> MLX Professional Synchronization Tool {B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} -> CCScore {B6EC7388-E277-4A5B-8C8F-71067A41BA64} -> TextPad 5 {B8D0BC3E-67DF-48A3-ACC9-EEAA8DBFBF29} -> QuickTax 2005 {B997C2A0-4383-41BF-B76E-9B8B7ECFB267} -> KSU {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2 {C3F058C0-A21C-452D-8D99-95B1A45F417D} -> InterVideo DiscLabel {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F} -> HP Update {C9507D0D-1A9C-486E-91D6-33A71CCA55F2} -> Pure Networks Platform {C96AA12B-D119-4093-95B3-8AC44D38BED8} -> RPS Privacy Manager {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1 {CEB326EC-8F40-47B2-BA22-BB092565D66F} -> Quick Launch Buttons 5.10 B5 {CFAC9887-F0FA-408D-BACE-8009A16C2E0D} -> RPS AntiSpyware {D1973749-F5E7-40EB-B528-F2B78685B9FF} -> essvcpt {D32470A1-B10C-4059-BA53-CF0486F68EBC} -> Kodak EasyShare software {D5520D44-B1D7-4D38-A9FF-23B0137CC71E} -> RPS AntiFraud {D5A145FC-D00C-4F1A-9119-EB4D9D659750} -> Windows Live Toolbar {D71AC256-FA83-45EA-9F14-1B20BB5105C9} -> TIxx21/x515 {DB02F716-6275-42E9-B8D2-83BA2BF5100B} -> SFR {DD188FB1-263D-4602-9608-7CABFEA6E25F} -> RPS Backup {DE39E9CB-637B-45B4-B7D6-4842F3988871} -> RPS App Detector {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware {E0783143-EAE2-4047-A8D6-E155523C594C} -> Garmin WebUpdater {E0828692-FD9D-459F-9312-C645C3CA6650} -> HP Photo and Imaging 2.0 - Deskjet Series {E15329B7-99DB-4A2E-A6FC-68699A957264} -> RPS Diagnostic Utility {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} -> Windows Media Encoder 9 Series {EA52A1AC-D35D-4D25-8686-9466FE2C5CE5} -> Presto! PageManager 7.15.11 {F084395C-40FB-4DB3-981C-B51E74E1E83D} -> Smart Menus (Windows Live Toolbar) {F22C222C-3CE2-4A4B-A83F-AF4681371ABE} -> kgcbase {F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729) {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01 {F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} -> SKINXSDK {F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} -> OTtBP {F88B38F4-1A34-4F7F-B2F7-9CA78F209BB0} -> RPS PopupBlocker {F9593CFB-D836-49BC-BFF1-0E669A411D9F} -> WIRELESS {FAFDA89B-1031-4BDB-8619-DE20CBDEDF32} -> QuickTax 2006 {FCDB1C92-03C6-4C76-8625-371224256091} -> ESSPDock {FCE50DB8-C610-4C42-BE5C-193F46C6F812} -> Windows Live Messenger {FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} -> HighMAT Extension to Microsoft Windows XP CD Writing Wizard {FDF9943A-3D5C-46B3-9679-586BD237DDEE} -> SKIN0001 1Click DVD Copy_is1 -> 1Click DVD Copy 4.2.9.2 45A7283175C62FAC673F913C1F532C5361F97841 -> Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) 53F13DB4D9611FD63BE580F06F0729BF236ABE68 -> Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) ACDSee -> ACDSee Ad-Aware -> Ad-Aware Adobe AIR -> Adobe AIR Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Adobe SVG Viewer -> Adobe SVG Viewer 3.0 Adobe® Photoshop® Album Starter Edition 3.2 -> Adobe® Photoshop® Album Starter Edition 3.2 AFPL Ghostscript 8.53 -> AFPL Ghostscript 8.53 AFPL Ghostscript Fonts -> AFPL Ghostscript Fonts All ATI Software -> ATI - Software Uninstall Utility ATI Display Driver -> ATI Display Driver BB_is1 -> Band-in-a-Box Font Update Broadcom 802.11b Network Adapter -> Broadcom 802.11 Wireless LAN Adapter CCleaner -> CCleaner (remove only) CleanUp! -> CleanUp! CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C -> Data Fax SoftModem with SmartCP com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com Conexant PCI Audio -> Conexant AC-Link Audio Cute CD DVD Burner V6.0 -> Cute CD DVD Burner V6.0 ERUNT_is1 -> ERUNT 1.1j ExpressRip -> Express Rip FinePrint -> FinePrint Free DVD Decrypter_is1 -> Free DVD Decrypter version 1.3 HijackThis -> HijackThis 1.99.1 HP Photo Imaging Software -> HP Photo Imaging Software HP Photo Printing Software -> HP Photo Printing Software hp print screen utility -> hp print screen utility IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ie7 -> Windows Internet Explorer 7 ie8 -> Windows Internet Explorer 8 InstallShield_{78AD4938-7EE6-4DC0-A5BC-3AF82750A617} -> QuickTax Tracker InstallShield_{97355297-21C8-40CD-96D3-48E58037A9B8} -> PCI 1620 Cardbus Controller and Software InstallShield_{D71AC256-FA83-45EA-9F14-1B20BB5105C9} -> Texas Instruments PCIxx21/x515 drivers. LimeWire -> LimeWire 5.1.3 Linksys Bi-Admin -> Linksys Bi-Admin Macromedia Shockwave Player -> Macromedia Shockwave Player Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Metacafe -> Metacafe Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1 Microsoft Visual Studio 2005 Tools for Office Runtime -> Visual Studio 2005 Tools for Office Second Edition Runtime MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP MSNINST -> MSN MSPUB4 -> Microsoft Publisher 97 Multiple Offers1.0 -> OREA Multiple Offers Net2Phone_10_0 -> Net2Phone/Net2Fax Network MagicUninstall -> Network Magic NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs Office8.0 -> Microsoft Office 97, Professional Edition OREA_Courses_Catalog -> OREA Real Estate College Courses Catalog 4.0 PDFill PDF Writer -> PDFill PDF Writer Pixillion -> Pixillion Image Converter Print Server Driver -> Print Server Driver Prism -> Prism Video Converter QVP -> Quick View Plus RadialpointClientGateway_is1 -> Rogers Servicepoint Agent 2.0.21 Real Estate Encyclopedia -> Real Estate Encyclopedia RealPlayer 6.0 -> RealPlayer Rogers Yahoo! Applications -> Rogers Yahoo! Applications Skype_is1 -> Skype 2.5 SlowBlast! -> SlowBlast! Snapshot Viewer -> Snapshot Viewer Spybot - Search & Destroy_is1 -> Spybot - Search & Destroy 1.5.2.20 Switch -> Switch SynTPDeinstKey -> Synaptics Pointing Device Driver Textbook Edition -> Textbook Edition ToolBox -> NCH Toolbox TOP PRODUCER 7i Data Transfer Wizard -> TOP PRODUCER 7i Data Transfer Wizard TOP PRODUCER Data Transfer Wizard -> TOP PRODUCER Data Transfer Wizard Top Producer Editor_is1 -> Top Producer Editor Uninstall_is1 -> Uninstall 1.0.0.1 VSC32 -> Virtual Sound Canvas 3.2 WavePad -> WavePad Sound Editor WIC -> Windows Imaging Component Windows CE Services -> Microsoft ActiveSync 3.8 Windows Live Safety scanner -> Windows Live Safety scanner Windows Live Toolbar -> Windows Live Toolbar Windows Media Encoder 9 -> Windows Media Encoder 9 Series Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 Windows XP Service Pack -> Windows XP Service Pack 3 wm8eutil -> Windows Media 8 Encoding Utility WMCSetup -> Windows Media Connect WMFDist11 -> Windows Media Format 11 runtime wmp11 -> Windows Media Player 11 Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 ZoneAlarmSB Uninstall -> ZoneAlarm Spy Blocker < Uninstall List [HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\] > -> HKEY_USERS\S-1-5-21-2025429265-920026266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> GoToMeeting -> GoToMeeting 4.0.0.320 Quicken Deluxe 99 -> Quicken Deluxe 99 < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 11/25/2009 10:50:45 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:45 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:45 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:45 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:45 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:45 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:46 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:46 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:46 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] Application [ Error ] 11/25/2009 10:50:46 AM Computer Name = USER-CB34E5069C | Source = VSC32 | ID = 327806 -> Description = This format is not supported by VSC WAVE device. [This is illegal frequency] System [ Error ] 11/25/2009 9:53:25 AM Computer Name = USER-CB34E5069C | Source = DCOM | ID = 10010 -> Description = The server {222F1C6D-F430-4B76-B3F1-1FE92E214AD3} did not register with DCOM within the required timeout. System [ Error ] 11/26/2009 10:37:03 AM Computer Name = USER-CB34E5069C | Source = Print | ID = 23 -> Description = Printer PageManager PDF Writer,0 failed to initialize because a suitable PageManager PDF Writer driver could not be found. System [ Error ] 11/26/2009 10:38:08 AM Computer Name = USER-CB34E5069C | Source = Service Control Manager | ID = 7023 -> Description = The Human Interface Device Access service terminated with the following error: %%126 System [ Error ] 11/26/2009 10:41:27 AM Computer Name = USER-CB34E5069C | Source = DCOM | ID = 10010 -> Description = The server {222F1C6D-F430-4B76-B3F1-1FE92E214AD3} did not register with DCOM within the required timeout. System [ Error ] 11/27/2009 1:28:08 PM Computer Name = USER-CB34E5069C | Source = Print | ID = 23 -> Description = Printer PageManager PDF Writer,0 failed to initialize because a suitable PageManager PDF Writer driver could not be found. System [ Error ] 11/27/2009 1:29:15 PM Computer Name = USER-CB34E5069C | Source = Service Control Manager | ID = 7023 -> Description = The Human Interface Device Access service terminated with the following error: %%126 System [ Error ] 11/27/2009 1:33:08 PM Computer Name = USER-CB34E5069C | Source = DCOM | ID = 10010 -> Description = The server {222F1C6D-F430-4B76-B3F1-1FE92E214AD3} did not register with DCOM within the required timeout. System [ Error ] 11/28/2009 11:01:32 AM Computer Name = USER-CB34E5069C | Source = Print | ID = 23 -> Description = Printer PageManager PDF Writer,0 failed to initialize because a suitable PageManager PDF Writer driver could not be found. System [ Error ] 11/28/2009 11:02:50 AM Computer Name = USER-CB34E5069C | Source = Service Control Manager | ID = 7023 -> Description = The Human Interface Device Access service terminated with the following error: %%126 System [ Error ] 11/28/2009 11:06:47 AM Computer Name = USER-CB34E5069C | Source = DCOM | ID = 10010 -> Description = The server {222F1C6D-F430-4B76-B3F1-1FE92E214AD3} did not register with DCOM within the required timeout. [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/11/27 16:58:33 | 00,526,848 | ---- | C] (OldTimer Tools) Garmin -> C:\Program Files\Garmin -> [2009/11/27 00:15:47 | 00,000,000 | ---D | C] Garmin -> C:\Garmin -> [2009/11/27 00:08:55 | 00,000,000 | ---D | C] Magellan_Maestro_4700_2_06_Rel2 -> C:\Documents and Settings\Owner\Desktop\Magellan_Maestro_4700_2_06_Rel2 -> [2009/11/20 23:03:02 | 00,000,000 | ---D | C] GEARAspi.dll -> C:\WINDOWS\System32\GEARAspi.dll -> [2009/11/19 21:38:49 | 00,107,368 | ---- | C] (GEAR Software Inc.) GEARAspiWDM.sys -> C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -> [2009/11/19 21:38:48 | 00,026,600 | ---- | C] (GEAR Software Inc.) iPod -> C:\Program Files\iPod -> [2009/11/19 21:37:22 | 00,000,000 | ---D | C] iTunes -> C:\Program Files\iTunes -> [2009/11/19 21:37:00 | 00,000,000 | ---D | C] {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/11/19 21:37:00 | 00,000,000 | ---D | C] Bonjour -> C:\Program Files\Bonjour -> [2009/11/19 21:34:06 | 00,000,000 | ---D | C] OTL.exe -> C:\Documents and Settings\Owner\Desktop\OTL.exe -> [2009/11/14 05:06:23 | 00,529,408 | ---- | C] (OldTimer Tools) RootRepeal.exe -> C:\Documents and Settings\Owner\Desktop\RootRepeal.exe -> [2009/11/14 05:03:43 | 00,472,064 | ---- | C] ( ) Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2009/11/14 04:09:39 | 00,000,000 | ---D | C] mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/11/14 04:09:11 | 00,038,224 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/11/14 04:08:58 | 00,000,000 | ---D | C] mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/11/14 04:08:53 | 00,019,160 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2009/11/14 04:08:47 | 00,000,000 | ---D | C] mbam-setup.exe -> C:\Documents and Settings\Owner\Desktop\mbam-setup.exe -> [2009/11/14 04:07:03 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) ERDNT -> C:\WINDOWS\ERDNT -> [2009/11/14 04:04:13 | 00,000,000 | ---D | C] ERUNT -> C:\Program Files\ERUNT -> [2009/11/14 04:03:04 | 00,000,000 | ---D | C] erunt_setup.exe -> C:\Documents and Settings\Owner\Desktop\erunt_setup.exe -> [2009/11/14 03:59:58 | 00,791,393 | ---- | C] (Lars Hederer ) SysRestorePoint.exe -> C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe -> [2009/11/14 03:57:12 | 00,021,504 | ---- | C] (Doug Knox) TFC.exe -> C:\Documents and Settings\Owner\Desktop\TFC.exe -> [2009/11/14 03:44:48 | 00,339,456 | ---- | C] (OldTimer Tools) QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2009/11/10 23:08:24 | 00,094,208 | ---- | C] (Apple Inc.) QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2009/11/10 23:08:24 | 00,069,632 | ---- | C] (Apple Inc.) PrivacIE -> C:\Documents and Settings\Owner\PrivacIE -> [2009/11/05 12:53:44 | 00,000,000 | -HSD | C] IETldCache -> C:\Documents and Settings\Owner\IETldCache -> [2009/11/05 12:49:44 | 00,000,000 | -HSD | C] ie8updates -> C:\WINDOWS\ie8updates -> [2009/11/05 12:45:14 | 00,000,000 | ---D | C] ie8 -> C:\WINDOWS\ie8 -> [2009/11/05 12:36:20 | 00,000,000 | -H-D | C] iecompat.dll -> C:\WINDOWS\System32\dllcache\iecompat.dll -> [2009/11/05 12:32:35 | 00,092,160 | ---- | C] (Microsoft Corporation) xpshims.dll -> C:\WINDOWS\System32\dllcache\xpshims.dll -> [2009/11/05 12:32:28 | 00,012,800 | ---- | C] (Microsoft Corporation) ieproxy.dll -> C:\WINDOWS\System32\dllcache\ieproxy.dll -> [2009/11/05 12:32:26 | 00,246,272 | ---- | C] (Microsoft Corporation) CopyToDvd -> C:\Documents and Settings\Owner\Application Data\CopyToDvd -> [2009/11/02 22:58:48 | 00,000,000 | ---D | C] DVDVideoSoft -> C:\Documents and Settings\Owner\My Documents\DVDVideoSoft -> [2009/11/02 22:43:40 | 00,000,000 | ---D | C] DVDVideoSoft -> C:\Program Files\Common Files\DVDVideoSoft -> [2009/11/02 22:43:31 | 00,000,000 | ---D | C] DVDVideoSoft -> C:\Program Files\DVDVideoSoft -> [2009/11/02 22:43:30 | 00,000,000 | ---D | C] 1ClickDVDCopy -> C:\Documents and Settings\Owner\Application Data\1ClickDVDCopy -> [2009/11/02 22:37:22 | 00,000,000 | ---D | C] Pcouffin.sys -> C:\WINDOWS\System32\drivers\Pcouffin.sys -> [2009/11/02 22:21:31 | 00,047,360 | ---- | C] (VSO Software) PcSetup -> C:\Documents and Settings\Owner\My Documents\PcSetup -> [2009/11/02 22:21:30 | 00,000,000 | ---D | C] LG Software Innovations -> C:\Program Files\LG Software Innovations -> [2009/11/02 22:21:22 | 00,000,000 | ---D | C] Cute CD DVD Burner -> C:\Program Files\Cute CD DVD Burner -> [2009/11/02 22:15:49 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] fidbox.dat -> C:\WINDOWS\System32\drivers\fidbox.dat -> [2009/11/28 15:21:52 | 32,428,064 | -HS- | M] () fidbox2.dat -> C:\WINDOWS\System32\drivers\fidbox2.dat -> [2009/11/28 15:21:36 | 01,515,040 | -HS- | M] () outlook.pst -> C:\WINDOWS\outlook.pst -> [2009/11/28 15:19:13 | 75,984,1792 | ---- | M] () User_Feed_Synchronization-{E9834806-95AE-4C9A-BE89-2033424A5102}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{E9834806-95AE-4C9A-BE89-2033424A5102}.job -> [2009/11/28 10:28:30 | 00,000,392 | -H-- | M] () MP Scheduled Scan.job -> C:\WINDOWS\tasks\MP Scheduled Scan.job -> [2009/11/28 10:05:57 | 00,000,330 | -H-- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/11/28 10:01:15 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/11/28 10:01:01 | 00,002,048 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2009/11/28 10:00:55 | 10,722,22208 | -HS- | M] () fidbox2.idx -> C:\WINDOWS\System32\drivers\fidbox2.idx -> [2009/11/27 22:32:18 | 00,142,676 | -HS- | M] () fidbox.idx -> C:\WINDOWS\System32\drivers\fidbox.idx -> [2009/11/27 22:32:17 | 00,434,804 | -HS- | M] () ntuser.ini -> C:\Documents and Settings\Owner\ntuser.ini -> [2009/11/27 22:31:43 | 00,000,278 | -HS- | M] () NTUSER.DAT -> C:\Documents and Settings\Owner\NTUSER.DAT -> [2009/11/27 22:31:42 | 11,272,192 | -H-- | M] () OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/11/27 16:59:35 | 00,526,848 | ---- | M] (OldTimer Tools) {DD9841C2-FF71-4992-9C78-E4A2079B987D}_USER-CB34E5069C_Owner.job -> C:\WINDOWS\tasks\{DD9841C2-FF71-4992-9C78-E4A2079B987D}_USER-CB34E5069C_Owner.job -> [2009/11/27 16:00:01 | 00,000,408 | -H-- | M] () {0871E114-9034-457F-B776-6F8FB1FB2657}_USER-CB34E5069C_Owner.job -> C:\WINDOWS\tasks\{0871E114-9034-457F-B776-6F8FB1FB2657}_USER-CB34E5069C_Owner.job -> [2009/11/27 16:00:01 | 00,000,408 | -H-- | M] () QUICKEN.INI -> C:\WINDOWS\QUICKEN.INI -> [2009/11/27 13:25:29 | 00,001,979 | ---- | M] () {480D9EB6-B594-4880-AF41-CA8CF972227D}_USER-CB34E5069C_Owner.job -> C:\WINDOWS\tasks\{480D9EB6-B594-4880-AF41-CA8CF972227D}_USER-CB34E5069C_Owner.job -> [2009/11/25 09:00:05 | 00,000,408 | -H-- | M] () imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2009/11/24 22:08:25 | 00,001,393 | ---- | M] () 6258 6 Sunnidale Property.pdf -> C:\Documents and Settings\Owner\Desktop\6258 6 Sunnidale Property.pdf -> [2009/11/23 09:23:03 | 00,338,903 | ---- | M] () 6258 6 Sunnidale Map.pdf -> C:\Documents and Settings\Owner\Desktop\6258 6 Sunnidale Map.pdf -> [2009/11/23 09:05:40 | 00,439,957 | ---- | M] () 6258 6 Sunnidale.xps -> C:\Documents and Settings\Owner\Desktop\6258 6 Sunnidale.xps -> [2009/11/23 09:03:42 | 00,185,293 | ---- | M] () Windows Explorer.lnk -> C:\Documents and Settings\Owner\Desktop\Windows Explorer.lnk -> [2009/11/23 09:02:40 | 00,001,475 | ---- | M] () BRMFBIDI.INI -> C:\WINDOWS\BRMFBIDI.INI -> [2009/11/21 19:57:54 | 00,002,653 | ---- | M] () iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2009/11/19 21:39:09 | 00,001,804 | ---- | M] () QuickTime Player.lnk -> C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk -> [2009/11/19 21:32:36 | 00,001,604 | ---- | M] () AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2009/11/19 21:26:46 | 00,000,284 | ---- | M] () QTSBandwidthCache -> C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache -> [2009/11/19 21:08:01 | 00,001,751 | ---- | M] () QTFont.qfn -> C:\WINDOWS\QTFont.qfn -> [2009/11/19 20:48:49 | 00,054,156 | -H-- | M] () OTL.exe -> C:\Documents and Settings\Owner\Desktop\OTL.exe -> [2009/11/14 05:06:27 | 00,529,408 | ---- | M] (OldTimer Tools) settings.dat -> C:\Documents and Settings\Owner\Desktop\settings.dat -> [2009/11/14 05:04:01 | 00,000,000 | ---- | M] () RootRepeal.exe -> C:\Documents and Settings\Owner\Desktop\RootRepeal.exe -> [2009/11/14 05:03:50 | 00,472,064 | ---- | M] ( ) Ad-Aware.lnk -> C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk -> [2009/11/14 05:01:21 | 00,000,872 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/11/14 04:09:21 | 00,000,696 | ---- | M] () mbam-setup.exe -> C:\Documents and Settings\Owner\Desktop\mbam-setup.exe -> [2009/11/14 04:07:44 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) NTREGOPT.lnk -> C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk -> [2009/11/14 04:03:09 | 00,000,611 | ---- | M] () ERUNT.lnk -> C:\Documents and Settings\Owner\Desktop\ERUNT.lnk -> [2009/11/14 04:03:09 | 00,000,592 | ---- | M] () erunt_setup.exe -> C:\Documents and Settings\Owner\Desktop\erunt_setup.exe -> [2009/11/14 04:00:10 | 00,791,393 | ---- | M] (Lars Hederer ) perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2009/11/14 03:57:32 | 00,444,596 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2009/11/14 03:57:31 | 00,072,306 | ---- | M] () PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2009/11/14 03:57:28 | 00,526,678 | ---- | M] () SysRestorePoint.exe -> C:\Documents and Settings\Owner\Desktop\SysRestorePoint.exe -> [2009/11/14 03:57:13 | 00,021,504 | ---- | M] (Doug Knox) TFC.exe -> C:\Documents and Settings\Owner\Desktop\TFC.exe -> [2009/11/14 03:44:51 | 00,339,456 | ---- | M] (OldTimer Tools) BBW_INFO.INI -> C:\WINDOWS\BBW_INFO.INI -> [2009/11/13 23:36:19 | 00,000,066 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009/11/12 06:12:19 | 00,529,696 | ---- | M] () win.ini -> C:\WINDOWS\win.ini -> [2009/11/11 22:29:38 | 00,002,395 | ---- | M] () QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2009/11/10 23:08:24 | 00,094,208 | ---- | M] (Apple Inc.) QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2009/11/10 23:08:24 | 00,069,632 | ---- | M] (Apple Inc.) wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/11/07 17:20:34 | 00,002,206 | ---- | M] () all_statements2009-04-01.zip -> C:\Documents and Settings\Owner\Desktop\all_statements2009-04-01.zip -> [2009/11/05 15:01:22 | 00,160,861 | ---- | M] () MRT.exe -> C:\WINDOWS\System32\MRT.exe -> [2009/11/05 12:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) Release Notes for Internet Explorer 8.doc -> C:\Documents and Settings\Owner\Desktop\Release Notes for Internet Explorer 8.doc -> [2009/11/05 11:19:21 | 00,064,512 | ---- | M] () DVDVideoSoft Free Studio.lnk -> C:\Documents and Settings\Owner\Desktop\DVDVideoSoft Free Studio.lnk -> [2009/11/02 22:43:40 | 00,000,892 | ---- | M] () Pcouffin.sys -> C:\WINDOWS\System32\drivers\Pcouffin.sys -> [2009/11/02 22:21:31 | 00,047,360 | ---- | M] (VSO Software) 1Click DVD Copy 4.2.lnk -> C:\Documents and Settings\Owner\Desktop\1Click DVD Copy 4.2.lnk -> [2009/11/02 22:21:29 | 00,001,000 | ---- | M] () Cute CD DVD Burner.lnk -> C:\Documents and Settings\Owner\Desktop\Cute CD DVD Burner.lnk -> [2009/11/02 22:16:07 | 00,000,730 | ---- | M] () MpSigStub.exe -> C:\WINDOWS\System32\MpSigStub.exe -> [2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) 2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> [Files - No Company Name] 6258 6 Sunnidale Property.pdf -> C:\Documents and Settings\Owner\Desktop\6258 6 Sunnidale Property.pdf -> [2009/11/23 09:23:04 | 00,338,903 | ---- | C] () 6258 6 Sunnidale Map.pdf -> C:\Documents and Settings\Owner\Desktop\6258 6 Sunnidale Map.pdf -> [2009/11/23 09:05:41 | 00,439,957 | ---- | C] () 6258 6 Sunnidale.xps -> C:\Documents and Settings\Owner\Desktop\6258 6 Sunnidale.xps -> [2009/11/23 09:03:39 | 00,185,293 | ---- | C] () iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2009/11/19 21:39:09 | 00,001,804 | ---- | C] () QuickTime Player.lnk -> C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk -> [2009/11/19 21:32:36 | 00,001,604 | ---- | C] () AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2009/11/19 21:26:45 | 00,000,284 | ---- | C] () settings.dat -> C:\Documents and Settings\Owner\Desktop\settings.dat -> [2009/11/14 05:04:01 | 00,000,000 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/11/14 04:09:21 | 00,000,696 | ---- | C] () NTREGOPT.lnk -> C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk -> [2009/11/14 04:03:09 | 00,000,611 | ---- | C] () ERUNT.lnk -> C:\Documents and Settings\Owner\Desktop\ERUNT.lnk -> [2009/11/14 04:03:09 | 00,000,592 | ---- | C] () all_statements2009-04-01.zip -> C:\Documents and Settings\Owner\Desktop\all_statements2009-04-01.zip -> [2009/11/05 15:01:14 | 00,160,861 | ---- | C] () User_Feed_Synchronization-{E9834806-95AE-4C9A-BE89-2033424A5102}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{E9834806-95AE-4C9A-BE89-2033424A5102}.job -> [2009/11/05 12:49:53 | 00,000,392 | -H-- | C] () Release Notes for Internet Explorer 8.doc -> C:\Documents and Settings\Owner\Desktop\Release Notes for Internet Explorer 8.doc -> [2009/11/05 11:19:20 | 00,064,512 | ---- | C] () DVDVideoSoft Free Studio.lnk -> C:\Documents and Settings\Owner\Desktop\DVDVideoSoft Free Studio.lnk -> [2009/11/02 22:43:40 | 00,000,892 | ---- | C] () 1Click DVD Copy 4.2.lnk -> C:\Documents and Settings\Owner\Desktop\1Click DVD Copy 4.2.lnk -> [2009/11/02 22:21:29 | 00,001,000 | ---- | C] () Cute CD DVD Burner.lnk -> C:\Documents and Settings\Owner\Desktop\Cute CD DVD Burner.lnk -> [2009/11/02 22:16:07 | 00,000,730 | ---- | C] () WIN.INI -> C:\WINDOWS\System32\WIN.INI -> [2009/05/29 11:26:48 | 00,000,000 | ---- | C] () SYSTEM.INI -> C:\WINDOWS\System32\SYSTEM.INI -> [2009/05/29 11:26:48 | 00,000,000 | ---- | C] () RtNicProp32.dll -> C:\WINDOWS\System32\RtNicProp32.dll -> [2009/03/03 11:18:04 | 00,073,728 | ---- | C] () INTUIT.INI -> C:\WINDOWS\INTUIT.INI -> [2008/04/28 00:36:51 | 00,000,059 | ---- | C] () LiveUpdate.INI -> C:\WINDOWS\LiveUpdate.INI -> [2008/03/08 15:13:25 | 00,000,056 | ---- | C] () ldf252.dll -> C:\WINDOWS\System32\ldf252.dll -> [2008/01/30 21:29:18 | 00,335,872 | ---- | C] () MAXLINK.INI -> C:\WINDOWS\MAXLINK.INI -> [2007/12/28 13:57:50 | 00,000,532 | ---- | C] () CNCMFP12.INI -> C:\WINDOWS\System32\CNCMFP12.INI -> [2007/12/28 13:06:11 | 00,000,367 | ---- | C] () CNCMFP21.INI -> C:\WINDOWS\System32\CNCMFP21.INI -> [2007/12/25 12:33:16 | 00,000,332 | ---- | C] () IPPCPUID.DLL -> C:\WINDOWS\System32\IPPCPUID.DLL -> [2007/12/25 12:20:22 | 00,040,960 | ---- | C] () pmsbfn32.dll -> C:\WINDOWS\System32\pmsbfn32.dll -> [2007/12/25 12:18:47 | 00,011,776 | ---- | C] () custmon2k.dll -> C:\WINDOWS\System32\custmon2k.dll -> [2007/07/12 20:24:31 | 00,090,112 | ---- | C] () WS_FTP.INI -> C:\WINDOWS\WS_FTP.INI -> [2007/06/08 16:27:47 | 00,000,022 | ---- | C] () OGACheckControl.DLL -> C:\WINDOWS\System32\OGACheckControl.DLL -> [2007/03/05 12:34:28 | 00,676,224 | ---- | C] () StarOpen.sys -> C:\WINDOWS\System32\drivers\StarOpen.sys -> [2007/02/20 12:07:56 | 00,005,632 | ---- | C] () Common.ini -> C:\WINDOWS\Common.ini -> [2007/01/07 21:15:57 | 00,000,865 | ---- | C] () YCRWin32.dll -> C:\WINDOWS\System32\YCRWin32.dll -> [2006/09/15 15:29:21 | 00,065,536 | ---- | C] () mlcrs0ft.dll -> C:\WINDOWS\System32\mlcrs0ft.dll -> [2006/07/11 22:05:32 | 00,000,004 | ---- | C] () BBW_INFO.INI -> C:\WINDOWS\BBW_INFO.INI -> [2006/04/10 11:17:26 | 00,000,066 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2006/04/10 10:58:16 | 00,000,041 | ---- | C] () muveeapp.INI -> C:\WINDOWS\muveeapp.INI -> [2006/02/13 23:29:54 | 00,000,000 | ---- | C] () qfnonl.ini -> C:\WINDOWS\qfnonl.ini -> [2006/01/16 08:58:20 | 00,000,024 | ---- | C] () ICOA.INI -> C:\WINDOWS\ICOA.INI -> [2006/01/16 08:57:21 | 00,000,028 | ---- | C] () QFN.ini -> C:\WINDOWS\QFN.ini -> [2006/01/16 08:57:10 | 00,000,000 | ---- | C] () QDQICK.ini -> C:\WINDOWS\QDQICK.ini -> [2006/01/16 08:57:10 | 00,000,000 | ---- | C] () thxcfg.ini -> C:\WINDOWS\thxcfg.ini -> [2006/01/11 22:29:43 | 00,000,032 | ---- | C] () TPDataTransfer.ini -> C:\WINDOWS\TPDataTransfer.ini -> [2006/01/05 18:51:21 | 00,000,050 | ---- | C] () Gif89.dll -> C:\WINDOWS\System32\Gif89.dll -> [2006/01/05 18:51:09 | 00,061,440 | ---- | C] () MSVCRT10.DLL -> C:\WINDOWS\System32\MSVCRT10.DLL -> [2005/12/28 10:31:23 | 00,210,944 | ---- | C] () kpcms.ini -> C:\WINDOWS\kpcms.ini -> [2005/12/28 10:31:23 | 00,000,036 | ---- | C] () libeay32.dll -> C:\WINDOWS\libeay32.dll -> [2005/11/09 13:03:09 | 00,684,032 | ---- | C] () ssleay32.dll -> C:\WINDOWS\ssleay32.dll -> [2005/11/09 13:03:09 | 00,155,648 | ---- | C] () hcextoutput.dll -> C:\WINDOWS\hcextoutput.dll -> [2005/11/09 06:49:18 | 00,071,749 | ---- | C] () tsc.ini -> C:\WINDOWS\tsc.ini -> [2005/11/09 06:49:18 | 00,000,823 | ---- | C] () GetServer.ini -> C:\WINDOWS\GetServer.ini -> [2005/11/09 06:48:27 | 00,000,170 | ---- | C] () BRMFBIDI.INI -> C:\WINDOWS\BRMFBIDI.INI -> [2005/11/06 22:17:32 | 00,002,653 | ---- | C] () hpdj3600.ini -> C:\WINDOWS\hpdj3600.ini -> [2005/10/05 14:33:57 | 00,004,419 | ---- | C] () QUICKEN.INI -> C:\WINDOWS\QUICKEN.INI -> [2005/09/30 15:25:48 | 00,001,979 | ---- | C] () intuprof.ini -> C:\WINDOWS\intuprof.ini -> [2005/09/30 15:25:46 | 00,001,065 | ---- | C] () ADDRBOOK.INI -> C:\WINDOWS\ADDRBOOK.INI -> [2005/09/30 15:25:45 | 00,000,252 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2005/09/30 13:43:33 | 00,000,737 | ---- | C] () N2PUtil.dll -> C:\WINDOWS\System32\N2PUtil.dll -> [2005/09/30 11:05:10 | 00,102,400 | ---- | C] () qvphook.dll -> C:\WINDOWS\qvphook.dll -> [2005/09/30 11:04:15 | 00,041,472 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2005/09/28 12:18:44 | 00,028,510 | ---- | C] () IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2005/09/28 12:16:26 | 00,204,800 | ---- | C] () IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2005/09/28 12:16:26 | 00,200,704 | ---- | C] () IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2005/09/28 12:16:26 | 00,192,512 | ---- | C] () IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2005/09/28 12:16:26 | 00,192,512 | ---- | C] () IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2005/09/28 12:16:26 | 00,188,416 | ---- | C] () IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2005/09/28 12:16:26 | 00,020,480 | ---- | C] () pibdpub.dll -> C:\WINDOWS\System32\pibdpub.dll -> [2005/09/28 12:02:56 | 00,033,795 | ---- | C] () hhmepro.dll -> C:\WINDOWS\System32\hhmepro.dll -> [2005/09/28 12:02:56 | 00,031,747 | ---- | C] () ineyuni.dll -> C:\WINDOWS\System32\ineyuni.dll -> [2005/09/28 12:02:56 | 00,026,626 | ---- | C] () elxsinh.dll -> C:\WINDOWS\System32\elxsinh.dll -> [2005/09/28 12:02:56 | 00,020,482 | ---- | C] () control.ini -> C:\WINDOWS\control.ini -> [2005/09/28 11:54:26 | 00,000,000 | ---- | C] () vbaddin.ini -> C:\WINDOWS\vbaddin.ini -> [2005/09/28 11:50:47 | 00,000,037 | ---- | C] () vb.ini -> C:\WINDOWS\vb.ini -> [2005/09/28 11:50:47 | 00,000,036 | ---- | C] () tslabels.ini -> C:\WINDOWS\System32\tslabels.ini -> [2005/09/28 11:49:38 | 00,013,223 | ---- | C] () msdtcprf.ini -> C:\WINDOWS\System32\msdtcprf.ini -> [2005/09/28 11:49:37 | 00,001,931 | ---- | C] () PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2005/09/28 07:41:17 | 00,526,678 | ---- | C] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2005/09/28 07:41:16 | 00,004,348 | ---- | C] () px.ini -> C:\WINDOWS\System32\px.ini -> [2004/10/26 12:30:14 | 00,000,000 | ---- | C] () missouri.dll -> C:\WINDOWS\System32\missouri.dll -> [2004/08/11 16:37:04 | 00,217,088 | ---- | C] () quartz.dll -> C:\WINDOWS\System32\quartz.dll -> [2004/08/04 07:00:00 | 01,291,264 | ---- | C] () esentprf.ini -> C:\WINDOWS\System32\esentprf.ini -> [2004/08/04 07:00:00 | 01,015,477 | ---- | C] () qedwipes.dll -> C:\WINDOWS\System32\qedwipes.dll -> [2004/08/04 07:00:00 | 00,733,696 | ---- | C] () qedit.dll -> C:\WINDOWS\System32\qedit.dll -> [2004/08/04 07:00:00 | 00,562,176 | ---- | C] () dxmasf.dll -> C:\WINDOWS\System32\dxmasf.dll -> [2004/08/04 07:00:00 | 00,498,742 | ---- | C] () qdvd.dll -> C:\WINDOWS\System32\qdvd.dll -> [2004/08/04 07:00:00 | 00,386,048 | ---- | C] () msjetoledb40.dll -> C:\WINDOWS\System32\msjetoledb40.dll -> [2004/08/04 07:00:00 | 00,355,112 | ---- | C] () qdv.dll -> C:\WINDOWS\System32\qdv.dll -> [2004/08/04 07:00:00 | 00,279,040 | ---- | C] () sbe.dll -> C:\WINDOWS\System32\sbe.dll -> [2004/08/04 07:00:00 | 00,270,848 | ---- | C] () compatui.dll -> C:\WINDOWS\System32\compatui.dll -> [2004/08/04 07:00:00 | 00,252,928 | ---- | C] () _004571_.tmp.dll -> C:\WINDOWS\System32\_004571_.tmp.dll -> [2004/08/04 07:00:00 | 00,249,270 | ---- | C] () ir32_32.dll -> C:\WINDOWS\System32\ir32_32.dll -> [2004/08/04 07:00:00 | 00,199,168 | ---- | C] () qcap.dll -> C:\WINDOWS\System32\qcap.dll -> [2004/08/04 07:00:00 | 00,192,512 | ---- | C] () encdec.dll -> C:\WINDOWS\System32\encdec.dll -> [2004/08/04 07:00:00 | 00,186,880 | ---- | C] () msencode.dll -> C:\WINDOWS\System32\msencode.dll -> [2004/08/04 07:00:00 | 00,094,282 | ---- | C] () amstream.dll -> C:\WINDOWS\System32\amstream.dll -> [2004/08/04 07:00:00 | 00,070,656 | ---- | C] () devenum.dll -> C:\WINDOWS\System32\devenum.dll -> [2004/08/04 07:00:00 | 00,059,904 | ---- | C] () tcpmon.ini -> C:\WINDOWS\System32\tcpmon.ini -> [2004/08/04 07:00:00 | 00,053,478 | ---- | C] () key01.sys -> C:\WINDOWS\System32\key01.sys -> [2004/08/04 07:00:00 | 00,042,809 | ---- | C] () keyboard.sys -> C:\WINDOWS\System32\keyboard.sys -> [2004/08/04 07:00:00 | 00,042,537 | ---- | C] () ntio411.sys -> C:\WINDOWS\System32\ntio411.sys -> [2004/08/04 07:00:00 | 00,035,648 | ---- | C] () ntio412.sys -> C:\WINDOWS\System32\ntio412.sys -> [2004/08/04 07:00:00 | 00,035,424 | ---- | C] () mciqtz32.dll -> C:\WINDOWS\System32\mciqtz32.dll -> [2004/08/04 07:00:00 | 00,035,328 | ---- | C] () ntio804.sys -> C:\WINDOWS\System32\ntio804.sys -> [2004/08/04 07:00:00 | 00,034,560 | ---- | C] () ntio404.sys -> C:\WINDOWS\System32\ntio404.sys -> [2004/08/04 07:00:00 | 00,034,560 | ---- | C] () ntio.sys -> C:\WINDOWS\System32\ntio.sys -> [2004/08/04 07:00:00 | 00,033,840 | ---- | C] () ntdos411.sys -> C:\WINDOWS\System32\ntdos411.sys -> [2004/08/04 07:00:00 | 00,029,370 | ---- | C] () ntdos412.sys -> C:\WINDOWS\System32\ntdos412.sys -> [2004/08/04 07:00:00 | 00,029,274 | ---- | C] () ntdos804.sys -> C:\WINDOWS\System32\ntdos804.sys -> [2004/08/04 07:00:00 | 00,029,146 | ---- | C] () ntdos404.sys -> C:\WINDOWS\System32\ntdos404.sys -> [2004/08/04 07:00:00 | 00,029,146 | ---- | C] () ntdos.sys -> C:\WINDOWS\System32\ntdos.sys -> [2004/08/04 07:00:00 | 00,027,866 | ---- | C] () country.sys -> C:\WINDOWS\System32\country.sys -> [2004/08/04 07:00:00 | 00,027,097 | ---- | C] () _004539_.tmp.dll -> C:\WINDOWS\System32\_004539_.tmp.dll -> [2004/08/04 07:00:00 | 00,022,040 | ---- | C] () tsd32.dll -> C:\WINDOWS\System32\tsd32.dll -> [2004/08/04 07:00:00 | 00,015,360 | ---- | C] () msdmo.dll -> C:\WINDOWS\System32\msdmo.dll -> [2004/08/04 07:00:00 | 00,014,336 | ---- | C] () win87em.dll -> C:\WINDOWS\System32\win87em.dll -> [2004/08/04 07:00:00 | 00,013,312 | ---- | C] () rsvp.ini -> C:\WINDOWS\System32\rsvp.ini -> [2004/08/04 07:00:00 | 00,012,082 | ---- | C] () ansi.sys -> C:\WINDOWS\System32\ansi.sys -> [2004/08/04 07:00:00 | 00,009,029 | ---- | C] () pschdprf.ini -> C:\WINDOWS\System32\pschdprf.ini -> [2004/08/04 07:00:00 | 00,006,877 | ---- | C] () himem.sys -> C:\WINDOWS\System32\himem.sys -> [2004/08/04 07:00:00 | 00,004,768 | ---- | C] () msdxmlc.dll -> C:\WINDOWS\System32\msdxmlc.dll -> [2004/08/04 07:00:00 | 00,004,126 | ---- | C] () rasctrs.ini -> C:\WINDOWS\System32\rasctrs.ini -> [2004/08/04 07:00:00 | 00,003,458 | ---- | C] () perfci.ini -> C:\WINDOWS\System32\perfci.ini -> [2004/08/04 07:00:00 | 00,002,891 | ---- | C] () perfwci.ini -> C:\WINDOWS\System32\perfwci.ini -> [2004/08/04 07:00:00 | 00,002,732 | ---- | C] () win.ini -> C:\WINDOWS\win.ini -> [2004/08/04 07:00:00 | 00,002,395 | ---- | C] () msdfmap.ini -> C:\WINDOWS\msdfmap.ini -> [2004/08/04 07:00:00 | 00,001,405 | ---- | C] () perffilt.ini -> C:\WINDOWS\System32\perffilt.ini -> [2004/08/04 07:00:00 | 00,001,152 | ---- | C] () prodspec.ini -> C:\WINDOWS\System32\prodspec.ini -> [2004/08/04 07:00:00 | 00,000,343 | ---- | C] () system.ini -> C:\WINDOWS\system.ini -> [2004/08/04 07:00:00 | 00,000,227 | ---- | C] () tifmicon.dll -> C:\WINDOWS\System32\tifmicon.dll -> [2004/01/12 21:46:34 | 00,172,032 | ---- | C] () dev.ini -> C:\WINDOWS\dev.ini -> [2003/01/14 15:12:10 | 00,000,304 | ---- | C] () OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 15:05:08 | 00,002,695 | ---- | C] () streamhlp.dll -> C:\WINDOWS\streamhlp.dll -> [2002/12/05 18:51:00 | 00,059,392 | R--- | C] () aucfg.ini -> C:\WINDOWS\aucfg.ini -> [2002/11/01 16:17:50 | 00,000,256 | ---- | C] () Welsof32.dll -> C:\WINDOWS\System32\Welsof32.dll -> [2002/08/12 09:19:42 | 00,101,376 | ---- | C] () pandoras.dll -> C:\WINDOWS\System32\pandoras.dll -> [2002/08/09 06:18:44 | 00,036,864 | ---- | C] () tmupdate.ini -> C:\WINDOWS\tmupdate.ini -> [2002/07/04 15:05:34 | 00,000,269 | ---- | C] () Jpeg32.dll -> C:\WINDOWS\System32\Jpeg32.dll -> [2002/01/08 16:57:34 | 00,110,592 | ---- | C] () patchw32.dll -> C:\WINDOWS\patchw32.dll -> [2001/12/14 13:34:46 | 00,164,864 | ---- | C] () paqsp.dll -> C:\WINDOWS\System32\paqsp.dll -> [2001/08/17 17:36:28 | 00,157,696 | ---- | C] () KodakOneTouch.dll -> C:\WINDOWS\System32\KodakOneTouch.dll -> [2000/09/08 17:53:50 | 00,073,839 | ---- | C] () AuHCcup1.ini -> C:\WINDOWS\AuHCcup1.ini -> [1999/07/23 13:46:48 | 00,000,116 | ---- | C] () AuHCcup1.dll -> C:\WINDOWS\AuHCcup1.dll -> [1999/07/23 10:53:20 | 00,129,536 | ---- | C] () ODBCSTF.DLL -> C:\WINDOWS\System32\ODBCSTF.DLL -> [1997/07/10 23:00:00 | 00,036,864 | ---- | C] () DOCOBJ.DLL -> C:\WINDOWS\System32\DOCOBJ.DLL -> [1997/07/10 23:00:00 | 00,036,864 | ---- | C] () HLINKPRX.DLL -> C:\WINDOWS\System32\HLINKPRX.DLL -> [1997/07/10 23:00:00 | 00,032,768 | ---- | C] () [File - Lop Check] Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [2009/10/22 23:09:08 | 00,000,000 | ---D | M] Adobe Systems -> C:\Documents and Settings\All Users\Application Data\Adobe Systems -> [2005/10/27 09:34:48 | 00,000,000 | ---D | M] Apple -> C:\Documents and Settings\All Users\Application Data\Apple -> [2007/10/13 17:40:10 | 00,000,000 | ---D | M] Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [2007/10/13 17:48:07 | 00,000,000 | ---D | M] CA-SupportBridge -> C:\Documents and Settings\All Users\Application Data\CA-SupportBridge -> [2009/07/21 16:43:13 | 00,000,000 | ---D | M] desktop.ini -> C:\Documents and Settings\All Users\Application Data\desktop.ini -> [2005/09/28 07:38:30 | 00,000,062 | -HS- | M] () hpqwmi -> C:\Documents and Settings\All Users\Application Data\hpqwmi -> [2005/09/28 12:31:48 | 00,000,000 | ---D | M] InstallShield -> C:\Documents and Settings\All Users\Application Data\InstallShield -> [2006/07/11 07:37:02 | 00,000,000 | ---D | M] Intuit -> C:\Documents and Settings\All Users\Application Data\Intuit -> [2007/12/13 20:13:20 | 00,000,000 | ---D | M] Intuit Canada -> C:\Documents and Settings\All Users\Application Data\Intuit Canada -> [2009/04/30 21:48:28 | 00,000,000 | ---D | M] Kodak -> C:\Documents and Settings\All Users\Application Data\Kodak -> [2006/12/18 15:47:19 | 00,000,000 | ---D | M] Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2009/10/17 12:36:00 | 00,000,000 | ---D | M] ListGrabber Standard 2008 -> C:\Documents and Settings\All Users\Application Data\ListGrabber Standard 2008 -> [2009/05/29 08:41:53 | 00,000,000 | ---D | M] MailFrontier -> C:\Documents and Settings\All Users\Application Data\MailFrontier -> [2007/09/25 06:37:21 | 00,000,000 | ---D | M] Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/11/14 04:08:58 | 00,000,000 | ---D | M] Metacafe -> C:\Documents and Settings\All Users\Application Data\Metacafe -> [2008/12/20 19:50:28 | 00,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [2006/12/14 16:56:26 | 00,000,000 | --SD | M] Microsoft Corporation -> C:\Documents and Settings\All Users\Application Data\Microsoft Corporation -> [2007/03/17 01:52:11 | 00,000,000 | ---D | M] muvee Technologies -> C:\Documents and Settings\All Users\Application Data\muvee Technologies -> [2005/09/28 12:20:35 | 00,000,000 | ---D | M] MySpell -> C:\Documents and Settings\All Users\Application Data\MySpell -> [2008/07/08 13:13:27 | 00,000,000 | ---D | M] NCH Software -> C:\Documents and Settings\All Users\Application Data\NCH Software -> [2009/10/08 18:53:26 | 00,000,000 | ---D | M] NCH Swift Sound -> C:\Documents and Settings\All Users\Application Data\NCH Swift Sound -> [2009/06/20 20:05:34 | 00,000,000 | ---D | M] NOS -> C:\Documents and Settings\All Users\Application Data\NOS -> [2009/09/17 08:12:39 | 00,000,000 | ---D | M] Office Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage -> [2007/05/20 07:03:25 | 00,000,000 | ---D | M] Pure Networks -> C:\Documents and Settings\All Users\Application Data\Pure Networks -> [2007/12/01 16:16:26 | 00,000,000 | ---D | M] QTSBandwidthCache -> C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache -> [2009/11/19 21:08:01 | 00,001,751 | ---- | M] () QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime -> [2006/04/30 19:20:43 | 00,000,000 | ---D | M] Raxco -> C:\Documents and Settings\All Users\Application Data\Raxco -> [2009/06/01 23:28:40 | 00,000,000 | ---D | M] Rogers Online Protection -> C:\Documents and Settings\All Users\Application Data\Rogers Online Protection -> [2009/06/01 23:27:12 | 00,000,000 | ---D | M] ScanSoft -> C:\Documents and Settings\All Users\Application Data\ScanSoft -> [2007/12/28 13:59:18 | 00,000,000 | ---D | M] Skype -> C:\Documents and Settings\All Users\Application Data\Skype -> [2006/05/15 21:55:09 | 00,000,000 | ---D | M] Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [2009/04/20 07:27:32 | 00,000,000 | ---D | M] SSScanAppDataDir -> C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir -> [2008/07/04 00:52:26 | 00,000,000 | ---D | M] SSScanWizard -> C:\Documents and Settings\All Users\Application Data\SSScanWizard -> [2008/07/04 00:54:20 | 00,000,000 | ---D | M] SUIIMAGE -> C:\Documents and Settings\All Users\Application Data\SUIIMAGE -> [2007/01/05 23:43:17 | 00,000,000 | ---D | M] Symantec -> C:\Documents and Settings\All Users\Application Data\Symantec -> [2009/06/01 23:19:24 | 00,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2009/11/02 21:56:24 | 00,000,000 | ---D | M] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [2005/09/28 19:24:46 | 00,000,000 | ---D | M] Windows Live Toolbar -> C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar -> [2006/08/25 10:56:58 | 00,000,000 | ---D | M] Yahoo! -> C:\Documents and Settings\All Users\Application Data\Yahoo! -> [2006/09/15 15:48:01 | 00,000,000 | ---D | M] {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/11/19 21:38:44 | 00,000,000 | ---D | M] {CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> [2009/10/17 12:37:24 | 00,000,000 | -H-D | M] desktop.ini -> C:\Documents and Settings\Default User\Application Data\desktop.ini -> [2005/09/28 07:38:30 | 00,000,062 | -HS- | M] () Macromedia -> C:\Documents and Settings\Default User\Application Data\Macromedia -> [2009/09/16 08:22:22 | 00,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\Default User\Application Data\Microsoft -> [2005/09/28 11:54:18 | 00,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2007/02/04 11:24:27 | 00,000,000 | --SD | M] Webroot -> C:\Documents and Settings\LocalService\Application Data\Webroot -> [2005/11/09 13:03:47 | 00,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2006/12/19 13:02:57 | 00,000,000 | --SD | M] Symantec -> C:\Documents and Settings\NetworkService\Application Data\Symantec -> [2005/09/28 18:17:32 | 00,000,000 | ---D | M] 1ClickDVDCopy -> C:\Documents and Settings\Owner\Application Data\1ClickDVDCopy -> [2009/11/02 22:37:22 | 00,000,000 | ---D | M] 4Team -> C:\Documents and Settings\Owner\Application Data\4Team -> [2008/02/06 12:27:32 | 00,000,000 | ---D | M] Adobe -> C:\Documents and Settings\Owner\Application Data\Adobe -> [2009/09/16 08:22:22 | 00,000,000 | ---D | M] AdobeUM -> C:\Documents and Settings\Owner\Application Data\AdobeUM -> [2007/01/11 10:02:25 | 00,000,000 | ---D | M] Apple Computer -> C:\Documents and Settings\Owner\Application Data\Apple Computer -> [2007/06/08 12:04:33 | 00,000,000 | ---D | M] Canon -> C:\Documents and Settings\Owner\Application Data\Canon -> [2009/11/05 23:25:21 | 00,000,000 | ---D | M] ceorea -> C:\Documents and Settings\Owner\Application Data\ceorea -> [2006/08/02 19:11:17 | 00,000,000 | ---D | M] com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2009/09/30 16:11:31 | 00,000,000 | ---D | M] Comma Separated Values (Windows).ADR -> C:\Documents and Settings\Owner\Application Data\Comma Separated Values (Windows).ADR -> [2007/10/18 11:35:36 | 00,023,405 | ---- | M] () CopyToDvd -> C:\Documents and Settings\Owner\Application Data\CopyToDvd -> [2009/11/02 23:16:26 | 00,000,000 | ---D | M] Corel -> C:\Documents and Settings\Owner\Application Data\Corel -> [2009/05/29 08:51:22 | 00,000,000 | ---D | M] desktop.ini -> C:\Documents and Settings\Owner\Application Data\desktop.ini -> [2005/09/28 07:38:30 | 00,000,062 | -HS- | M] () Download Manager -> C:\Documents and Settings\Owner\Application Data\Download Manager -> [2007/12/13 20:01:36 | 00,000,000 | ---D | M] dvdcss -> C:\Documents and Settings\Owner\Application Data\dvdcss -> [2009/02/15 09:19:41 | 00,000,000 | ---D | M] Google -> C:\Documents and Settings\Owner\Application Data\Google -> [2006/10/04 14:43:48 | 00,000,000 | ---D | M] Helios -> C:\Documents and Settings\Owner\Application Data\Helios -> [2007/06/08 17:00:27 | 00,000,000 | ---D | M] Help -> C:\Documents and Settings\Owner\Application Data\Help -> [2005/09/30 14:56:35 | 00,000,000 | ---D | M] Hewlett-Packard -> C:\Documents and Settings\Owner\Application Data\Hewlett-Packard -> [2006/01/01 17:53:42 | 00,000,000 | ---D | M] Identities -> C:\Documents and Settings\Owner\Application Data\Identities -> [2005/09/28 11:58:55 | 00,000,000 | ---D | M] InterVideo -> C:\Documents and Settings\Owner\Application Data\InterVideo -> [2005/12/28 07:55:28 | 00,000,000 | ---D | M] Intuit Canada -> C:\Documents and Settings\Owner\Application Data\Intuit Canada -> [2009/04/30 21:50:16 | 00,000,000 | ---D | M] Lavasoft -> C:\Documents and Settings\Owner\Application Data\Lavasoft -> [2008/03/14 21:46:59 | 00,000,000 | ---D | M] Leadertech -> C:\Documents and Settings\Owner\Application Data\Leadertech -> [2005/11/22 12:20:35 | 00,000,000 | ---D | M] Macromedia -> C:\Documents and Settings\Owner\Application Data\Macromedia -> [2006/07/29 17:13:09 | 00,000,000 | ---D | M] Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2009/11/14 04:09:39 | 00,000,000 | ---D | M] Metacafe -> C:\Documents and Settings\Owner\Application Data\Metacafe -> [2008/12/20 19:50:28 | 00,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\Owner\Application Data\Microsoft -> [2008/04/13 15:35:54 | 00,000,000 | --SD | M] Microsoft Corporation -> C:\Documents and Settings\Owner\Application Data\Microsoft Corporation -> [2006/12/16 08:32:00 | 00,000,000 | ---D | M] Microsoft Excel.ADR -> C:\Documents and Settings\Owner\Application Data\Microsoft Excel.ADR -> [2007/10/18 11:26:17 | 00,021,942 | ---- | M] () MLX Professional Synchronization Tool -> C:\Documents and Settings\Owner\Application Data\MLX Professional Synchronization Tool -> [2008/12/26 07:38:59 | 00,000,000 | ---D | M] Mozilla -> C:\Documents and Settings\Owner\Application Data\Mozilla -> [2009/06/16 21:47:28 | 00,000,000 | ---D | M] MSNInstaller -> C:\Documents and Settings\Owner\Application Data\MSNInstaller -> [2006/07/27 16:46:17 | 00,000,000 | ---D | M] NCH Swift Sound -> C:\Documents and Settings\Owner\Application Data\NCH Swift Sound -> [2009/06/16 22:34:49 | 00,000,000 | ---D | M] NewSoft -> C:\Documents and Settings\Owner\Application Data\NewSoft -> [2007/12/27 10:04:21 | 00,000,000 | ---D | M] OfficeUpdate12 -> C:\Documents and Settings\Owner\Application Data\OfficeUpdate12 -> [2006/12/16 11:56:35 | 00,000,000 | ---D | M] PDFill -> C:\Documents and Settings\Owner\Application Data\PDFill -> [2007/07/12 20:33:00 | 00,000,000 | ---D | M] PFP100JCM.{PB -> C:\Documents and Settings\Owner\Application Data\PFP100JCM.{PB -> [2007/02/13 19:26:42 | 00,012,358 | ---- | M] () PFP100JPR.{PB -> C:\Documents and Settings\Owner\Application Data\PFP100JPR.{PB -> [2007/02/13 19:26:42 | 00,061,678 | ---- | M] () PPIMAGES -> C:\Documents and Settings\Owner\Application Data\PPIMAGES -> [2006/11/24 07:51:25 | 00,000,000 | ---D | M] Real -> C:\Documents and Settings\Owner\Application Data\Real -> [2008/04/29 17:34:28 | 00,000,000 | ---D | M] Rogers Online Protection -> C:\Documents and Settings\Owner\Application Data\Rogers Online Protection -> [2009/06/02 00:06:51 | 00,000,000 | ---D | M] ScanSoft -> C:\Documents and Settings\Owner\Application Data\ScanSoft -> [2007/12/28 13:57:57 | 00,000,000 | ---D | M] Share-to-Web Upload Folder -> C:\Documents and Settings\Owner\Application Data\Share-to-Web Upload Folder -> [2008/01/30 21:27:10 | 00,000,000 | ---D | M] Skype -> C:\Documents and Settings\Owner\Application Data\Skype -> [2007/01/29 11:23:43 | 00,000,000 | ---D | M] Sonic -> C:\Documents and Settings\Owner\Application Data\Sonic -> [2005/11/22 12:22:18 | 00,000,000 | ---D | M] Sun -> C:\Documents and Settings\Owner\Application Data\Sun -> [2005/10/05 15:42:11 | 00,000,000 | ---D | M] Symantec -> C:\Documents and Settings\Owner\Application Data\Symantec -> [2005/09/28 18:01:10 | 00,000,000 | ---D | M] U3 -> C:\Documents and Settings\Owner\Application Data\U3 -> [2009/11/07 22:20:13 | 00,000,000 | ---D | M] Windows Desktop Search -> C:\Documents and Settings\Owner\Application Data\Windows Desktop Search -> [2006/08/25 10:58:27 | 00,000,000 | ---D | M] AppleSoftwareUpdate.job -> C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -> [2009/11/19 21:26:46 | 00,000,284 | ---- | M] () desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2004/08/04 07:00:00 | 00,000,065 | RH-- | M] () MP Scheduled Scan.job -> C:\WINDOWS\Tasks\MP Scheduled Scan.job -> [2009/11/28 10:05:57 | 00,000,330 | -H-- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2009/11/28 10:01:15 | 00,000,006 | -H-- | M] () User_Feed_Synchronization-{E9834806-95AE-4C9A-BE89-2033424A5102}.job -> C:\WINDOWS\Tasks\User_Feed_Synchronization-{E9834806-95AE-4C9A-BE89-2033424A5102}.job -> [2009/11/28 10:28:30 | 00,000,392 | -H-- | M] () {0871E114-9034-457F-B776-6F8FB1FB2657}_USER-CB34E5069C_Owner.job -> C:\WINDOWS\Tasks\{0871E114-9034-457F-B776-6F8FB1FB2657}_USER-CB34E5069C_Owner.job -> [2009/11/27 16:00:01 | 00,000,408 | -H-- | M] () {480D9EB6-B594-4880-AF41-CA8CF972227D}_USER-CB34E5069C_Owner.job -> C:\WINDOWS\Tasks\{480D9EB6-B594-4880-AF41-CA8CF972227D}_USER-CB34E5069C_Owner.job -> [2009/11/25 09:00:05 | 00,000,408 | -H-- | M] () {DD9841C2-FF71-4992-9C78-E4A2079B987D}_USER-CB34E5069C_Owner.job -> C:\WINDOWS\Tasks\{DD9841C2-FF71-4992-9C78-E4A2079B987D}_USER-CB34E5069C_Owner.job -> [2009/11/27 16:00:01 | 00,000,408 | -H-- | M] () [File - Purity Scan] [Custom Scans] < %SYSTEMDRIVE%\*.exe > StubInstaller.exe -> C:\StubInstaller.exe -> [2005/10/31 10:56:00 | 00,700,416 | ---- | M] (LimeWire) < %SYSTEMDRIVE%\eventlog.dll /s /md5 > eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll -> [2004/08/04 07:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\ServicePackFiles\i386\eventlog.dll -> [2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\system32\eventlog.dll -> [2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\scecli.dll /s /md5 > scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll -> [2004/08/04 07:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\ServicePackFiles\i386\scecli.dll -> [2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\system32\scecli.dll -> [2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\netlogon.dll /s /md5 > netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll -> [2004/08/04 07:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\ServicePackFiles\i386\netlogon.dll -> [2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\system32\netlogon.dll -> [2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > < %SYSTEMDRIVE%\atapi.sys /s /md5 > atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys -> [2004/08/04 07:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\ServicePackFiles\i386\atapi.sys -> [2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\system32\drivers\atapi.sys -> [2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 > agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\ServicePackFiles\i386\agp440.sys -> [2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\system32\drivers\agp440.sys -> [2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > < %SYSTEMDRIVE%\nvatabus.sys /s /md5 > < %SYSTEMDRIVE%\viamraid.sys /s /md5 > < %SYSTEMDRIVE%\nvata.sys /s /md5 > < %SYSTEMDRIVE%\nvgts.sys /s /md5 > < %SYSTEMDRIVE%\iastorv.sys /s /md5 > < %SYSTEMDRIVE%\ViPrt.sys /s /md5 > < %SYSTEMDRIVE%\eNetHook.dll /s /md5 > [Alternate Data Streams] @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E3D07DE < End of report > [/code]