[code] OTS logfile created on: 8/7/2010 5:31:14 PM - Run 1 OTS by OldTimer - Version 3.1.34.0 Folder = C:\Documents and Settings\Bill\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 572.00 Mb Available Physical Memory | 56.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free Paging file location(s): D:\pagefile.sys 3000 3000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 108.59 Gb Total Space | 87.24 Gb Free Space | 80.34% Space Free | Partition Type: NTFS Drive D: | 37.05 Gb Total Space | 34.05 Gb Free Space | 91.89% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BR-95QW6B1 Current User Name: Bill Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\Bill\Desktop\OTS.exe -> [2010/08/07 17:27:19 | 000,641,536 | ---- | M] (OldTimer Tools) avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2010/06/28 16:57:18 | 002,837,864 | ---- | M] (AVAST Software) avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) sqlservr.exe -> C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -> [2008/12/18 10:47:08 | 009,158,656 | ---- | M] (Microsoft Corporation) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) wusb54gc.exe -> C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe -> [2006/08/29 03:23:44 | 005,527,040 | ---- | M] (Linksys) wcescomm.exe -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe -> [2005/11/15 19:44:14 | 001,200,128 | ---- | M] (Microsoft Corporation) rapimgr.exe -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe -> [2005/11/15 19:42:22 | 000,180,224 | ---- | M] (Microsoft Corporation) dlactrlw.exe -> C:\WINDOWS\system32\DLA\DLACTRLW.EXE -> [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) wlservice.exe -> C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe -> [2005/07/04 16:46:04 | 000,053,307 | ---- | M] (GEMTEKS) issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> [2005/06/10 10:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) sqlmangr.exe -> C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe -> [2005/05/03 22:07:32 | 000,081,920 | ---- | M] (Microsoft Corporation) aolacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Modules - Safe List] ots.exe -> C:\Documents and Settings\Bill\Desktop\OTS.exe -> [2010/08/07 17:27:19 | 000,641,536 | ---- | M] (OldTimer Tools) msscript.ocx -> C:\WINDOWS\system32\msscript.ocx -> [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (WUSB54GCSVC) WUSB54GCSVC [Auto | Running] -> C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe WUSB54GC.exe -> File not found (HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found (avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) (avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) (avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) (MSSQL$MICROSOFTSMLBIZ) MSSQL$MICROSOFTSMLBIZ [Auto | Running] -> C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -> [2008/12/18 10:47:08 | 009,158,656 | ---- | M] (Microsoft Corporation) (DSBrokerService) DSBrokerService [On_Demand | Stopped] -> C:\Program Files\DellSupport\brkrsvc.exe -> [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () (SQLAgent$MICROSOFTSMLBIZ) SQLAgent$MICROSOFTSMLBIZ [On_Demand | Stopped] -> C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -> [2005/05/03 21:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) (AOL ACS) AOL Connectivity Service [Auto | Running] -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Driver Services - Safe List] (catchme) catchme [Kernel | On_Demand | Stopped] -> C:\DOCUME~1\Bill\LOCALS~1\Temp\catchme.sys -> File not found (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) (aswSP) aswSP [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) (aswRdr) aswRdr [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2010/06/28 16:32:45 | 000,100,176 | ---- | M] (ALWIL Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2010/06/28 16:32:16 | 000,028,880 | ---- | M] (ALWIL Software) (amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) (sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) (dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\dsunidrv.sys -> [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) (DSproct) DSproct [Kernel | On_Demand | Stopped] -> C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) (RT73) Linksys Home Wireless-G USB Adapter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\rt73.sys -> [2005/11/24 19:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) (STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2005/11/16 21:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) (DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -> [2005/09/12 03:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) (DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -> [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) (DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -> [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) (DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -> [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) (DLABOIOM) DLABOIOM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLABOIOM.SYS -> [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) (DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -> [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) (DLAPoolM) DLAPoolM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAPoolM.SYS -> [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) (DLADResN) DLADResN [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLADResN.SYS -> [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) (DLACDBHM) DLACDBHM [File_System | System | Running] -> C:\WINDOWS\system32\drivers\DLACDBHM.SYS -> [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) (DLARTL_N) DLARTL_N [File_System | System | Running] -> C:\WINDOWS\system32\drivers\DLARTL_N.SYS -> [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) (DRVNDDM) DRVNDDM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DRVNDDM.SYS -> [2005/08/12 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) (BANTExt) Belarc SMBios Access [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\BANTExt.sys -> [2005/04/07 17:18:34 | 000,003,840 | ---- | M] () (BCM42RLY) BCM42RLY [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\bcm42rly.sys -> [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) (nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wanatw4.sys -> [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) (symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) (ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) (ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) (ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) (ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) (dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) (asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) (asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) (AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.com/ -> HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\"" -> http://search.yahoo.com/search?fr=mcafee&p=%s -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> -> HKEY_CURRENT_USER\: "ProxyServer" -> http=127.0.0.1:5643 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Bill\Application Data\Mozilla\FireFox\Profiles\ga8o288o.default\prefs.js -> browser.search.defaultenginename -> "Google" -> browser.search.defaulturl -> "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" -> browser.search.selectedEngine -> "Google" -> < FireFox Settings [User.js] > -> C:\Documents and Settings\Bill\Application Data\Mozilla\FireFox\Profiles\ga8o288o.default\user.js -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Mozilla Firefox 1.5.0.12\Extensions -> -> HKLM\software\mozilla\Mozilla Firefox 1.5.0.12\Extensions\\Components -> C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS\ [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS\] -> [2010/03/27 12:56:04 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 1.5.0.12\Extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS\ [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS\] -> [2010/07/22 16:03:40 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Bill\Application Data\Mozilla\Firefox\Profiles\ga8o288o.default\extensions -> [2006/11/02 10:39:04 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> siteadvisor.gif -> C:\Documents and Settings\Bill\Application Data\Mozilla\Firefox\Profiles\ga8o288o.default\searchplugins\siteadvisor.gif -> [2008/09/01 22:07:05 | 000,001,406 | ---- | M] () siteadvisor.src -> C:\Documents and Settings\Bill\Application Data\Mozilla\Firefox\Profiles\ga8o288o.default\searchplugins\siteadvisor.src -> [2008/09/01 22:07:05 | 000,000,276 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2010/07/25 21:33:10 | 000,000,000 | ---D | M] Google Toolbar for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} -> [2006/11/02 10:36:23 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} -> [2010/07/25 21:33:10 | 000,000,000 | ---D | M] -> C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com -> [2008/09/24 21:15:50 | 000,000,000 | ---D | M] < HOSTS File > ([2010/08/02 10:49:47 | 000,000,789 | ---- | M] - 21 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> [2005/09/08 05:20:00 | 000,110,652 | ---- | M] (Sonic Solutions) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [Google Toolbar Notifier BHO] -> [2009/11/24 01:06:20 | 000,764,912 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/08/04 21:54:42 | 000,343,112 | ---- | M] (Yahoo! Inc.) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/08/04 21:54:42 | 000,343,112 | ---- | M] (Yahoo! Inc.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "avast5" -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe [C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui] -> [2010/06/28 16:57:18 | 002,837,864 | ---- | M] (AVAST Software) "DLA" -> C:\WINDOWS\system32\DLA\DLACTRLW.EXE [C:\WINDOWS\System32\DLA\DLACTRLW.EXE] -> [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) "ISUSPM Startup" -> C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup] -> [2005/06/10 10:44:02 | 000,249,856 | ---- | M] (InstallShield Software Corporation) "ISUSScheduler" -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> [2005/06/10 10:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "H/PC Connection Agent" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe ["C:\Program Files\Microsoft ActiveSync\wcescomm.exe"] -> [2005/11/15 19:44:14 | 001,200,128 | ---- | M] (Microsoft Corporation) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> [2002/11/18 02:11:00 | 000,651,264 | ---- | M] (Intuit, Inc.) C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk -> C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe -> [2005/05/03 22:07:32 | 000,081,920 | ---- | M] (Microsoft Corporation) < Bill Startup Folder > -> C:\Documents and Settings\Bill\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found \\"NoCDBurning" -> [0] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2010/04/24 08:25:04 | 018,352,488 | ---- | M] (Microsoft Corporation) Google Sidewiki... -> C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html] -> [2009/11/24 01:02:06 | 000,648,192 | ---- | M] (Google Inc.) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Button: Create Mobile Favorite] -> [2005/11/15 19:42:44 | 000,135,168 | ---- | M] (Microsoft Corporation) {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Menu: Create Mobile Favorite...] -> [2005/11/15 19:42:44 | 000,135,168 | ---- | M] (Microsoft Corporation) {5067A26B-1337-4436-8AFE-EE169C2DA79F}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Menu: Skype add-on for Internet Explorer] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.) {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] -> [Reg Error: Key error.] -> File not found CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7360 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7360 domain(s) found. -> turbotax.com .[https] -> Trusted sites -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [HKLM] -> http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab [BDSCANONLINE Control] -> {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [Reg Error: Key error.] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [HKLM] -> https://toysrus.webex.com/client/T27L10NSP11EP5/webex/ieatgpc.cab [GpcContainer Class] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> vzTCPConfig [HKLM] -> http://www2.verizon.net/help/fios_settings/include/vzTCPConfig.CAB [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 65.32.5.111 65.32.5.112 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {4866E32B-066E-4572-BDD6-C94E8051C8C7}\\DhcpNameServer -> 65.32.5.111 65.32.5.112 (Intel(R) PRO/100 VE Network Connection) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2005/10/14 20:45:38 | 000,135,168 | ---- | M] (Intel Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL] -> [2004/09/01 11:56:56 | 000,259,184 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> [2004/04/07 12:07:34 | 000,496,752 | ---- | M] (America Online, Inc) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager] -> [2005/11/15 19:42:22 | 000,180,224 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager] -> [2005/11/15 19:44:14 | 001,200,128 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application] -> [2005/11/15 19:43:04 | 001,970,176 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL] -> [2004/09/01 11:56:56 | 000,259,184 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> [2004/04/07 12:07:34 | 000,496,752 | ---- | M] (America Online, Inc) "C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2010/02/15 18:06:56 | 010,358,056 | ---- | M] (Apple Inc.) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager] -> [2005/11/15 19:42:22 | 000,180,224 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager] -> [2005/11/15 19:44:14 | 001,200,128 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application] -> [2005/11/15 19:43:04 | 001,970,176 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> [2009/02/14 06:03:18 | 000,337,264 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2010/05/20 23:44:02 | 012,978,544 | ---- | M] (Microsoft Corporation) "C:\Program Files\Real\RealPlayer\realplay.exe" -> C:\Program Files\Real\RealPlayer\realplay.exe [C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer] -> [2006/11/02 10:36:11 | 000,214,560 | ---- | M] (RealNetworks, Inc.) "C:\Program Files\TurboTax\Basic 2006\32bit\ttax.exe" -> C:\Program Files\TurboTax\Basic 2006\32bit\ttax.exe [C:\Program Files\TurboTax\Basic 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax] -> [2007/03/08 01:25:56 | 009,950,760 | ---- | M] (Intuit, Inc.) "C:\Program Files\TurboTax\Basic 2006\32bit\updatemgr.exe" -> C:\Program Files\TurboTax\Basic 2006\32bit\updatemgr.exe [C:\Program Files\TurboTax\Basic 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager] -> [2007/04/08 17:03:47 | 003,679,784 | ---- | M] (Intuit, Inc.) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll [(default): Viewpoint Media Player; IsInstalled: 01 00 00 00 [binary data]] -> [2007/06/18 08:52:40 | 000,254,022 | ---- | M] (Viewpoint Corporation) {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2010/06/22 05:57:02 | 000,278,528 | ---- | M] (Oracle) {10072CEC-8CC1-11D1-986E-00A0C955B42F} [HKLM] -> Reg Error: Key error. [(default): Vector Graphics Rendering (VML); IsInstalled: 01 00 00 00 [binary data]] -> File not found {1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll [(default): Viewpoint Media Player; IsInstalled: 01 00 00 00 [binary data]] -> [2007/06/18 08:52:40 | 000,254,022 | ---- | M] (Viewpoint Corporation) {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [StubPath] -> [ComponentID: NetShow; IsInstalled: 1] -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> [(default): Microsoft Windows Media Player 6.4; IsInstalled: 1] -> {283807B5-2C60-11D0-A31D-00AA00B92C03} [HKLM] -> Reg Error: Key error. [(default): DirectAnimation; IsInstalled: 1] -> File not found {2A3320D6-C805-4280-B423-B665BDE33D8F} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.1 Security Update (KB979906); IsInstalled: 1] -> File not found {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {36f8ec70-c29a-11d1-b5c7-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding for Java; IsInstalled: 1] -> File not found {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {3bf42070-b3b1-11d1-b5c5-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Uniscribe; IsInstalled: 1] -> File not found {411EDCF7-755D-414E-A74B-3DCD6583F589} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.1 Service Pack 1 (KB867460); IsInstalled: 1] -> File not found {4278c270-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Advanced Authoring; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [(default): Microsoft Outlook Express 6; IsInstalled: 1] -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [(default): NetMeeting 3.01; IsInstalled: 01 00 00 00 [binary data]] -> {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(default): DirectShow; IsInstalled: 1] -> File not found {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f216970-c90c-11d1-b5c7-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): DirectAnimation Java Classes; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.7; IsInstalled: 1] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [(default): Windows Messenger 4.7; IsInstalled: 1] -> {5A8D6EE0-3E18-11D0-821E-444553540000} [HKLM] -> Reg Error: Key error. [ComponentID: ICW; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {73FA19D0-2D75-11D2-995D-00C04F98BBC9} [StubPath] -> [(default): Web Folders; IsInstalled: 1] -> {7790769C-0471-11d2-AF11-00C04FA35D02} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [(default): Address Book 6; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [(default): Internet Explorer; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {8b15971b-5355-4c82-8c07-7e181ea07608} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser [(default): Fax; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {94de52c8-2d59-4f1b-883e-79663d2d9a8c} [StubPath] -> [(default): Fax Provider; IsInstalled: 1] -> {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {CC2A9BA0-3BDD-11D0-821E-444553540000} [HKLM] -> Reg Error: Key error. [(default): Task Scheduler; IsInstalled: 1] -> File not found {CDD7975E-60F8-41d5-8149-19E51D6F71D0} [HKLM] -> Reg Error: Key error. [ComponentID: Windows Movie Maker v2.1; IsInstalled: 01 00 00 00 [binary data]] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00 [binary data]] -> [2010/01/26 20:58:36 | 003,981,080 | R--- | M] (Adobe Systems, Inc.) {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 01 00 00 00 [binary data]] -> File not found <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [StubPath] -> C:\WINDOWS\system32\ieudinit.exe [(default): Internet Explorer Version Update; IsInstalled: 0] -> >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS [StubPath] -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [StubPath] -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [(default): Outlook Express; IsInstalled: 1] -> < ActiveX StubPath [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {4b218e3e-bc98-4770-93d3-2731b9329278} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {73FA19D0-2D75-11D2-995D-00C04F98BBC9} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {8b15971b-5355-4c82-8c07-7e181ea07608} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {94de52c8-2d59-4f1b-883e-79663d2d9a8c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found InitiallyClear [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> AcroRd32.exe -> C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/06/19 22:06:46 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) Aol.exe -> C:\Program Files\America Online 9.0\aol.exe [C:\Program Files\America Online 9.0\Aol.exe] -> [2004/09/01 11:56:34 | 000,038,000 | ---- | M] (America Online, Inc.) AvastUI.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe [C:\Program Files\Alwil Software\Avast5\AvastUI.exe] -> [2010/06/28 16:57:18 | 002,837,864 | ---- | M] (AVAST Software) bckgzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe [C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe] -> [2004/08/04 05:00:00 | 000,042,577 | ---- | M] (Microsoft Corporation) CEAPPMGR.EXE -> C:\Program Files\Microsoft ActiveSync\CEAPPMGR.EXE [C:\Program Files\Microsoft ActiveSync\CEAPPMGR.EXE] -> [2005/11/15 19:43:52 | 000,086,016 | ---- | M] (Microsoft Corporation) chkrzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe [C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe] -> [2004/08/04 05:00:00 | 000,042,575 | ---- | M] (Microsoft Corporation) combofix.exe -> C:\DOCUME~1\Bill\Desktop\GEORGE~1.201\COMBOF~1\ComboFix.exe [C:\DOCUME~1\Bill\Desktop\GEORGE~1.201\COMBOF~1\ComboFix.exe] -> File not found CONF.EXE -> C:\Program Files\NetMeeting\conf.exe [C:\Program Files\NetMeeting\conf.exe] -> [2008/04/13 20:12:15 | 001,032,192 | ---- | M] (Microsoft Corporation) dialer.exe -> C:\Program Files\Windows NT\dialer.exe [C:\Program Files\Windows NT\dialer.exe] -> [2008/04/13 20:12:17 | 000,539,136 | ---- | M] (Microsoft Corporation) DMX.exe -> C:\Program Files\Dell\Media Experience\DMX.exe [C:\Program Files\Dell\Media Experience\DMX.exe] -> [2005/10/05 03:12:00 | 000,237,568 | ---- | M] (Sonic Solutions) excel.exe -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE] -> [2010/04/24 08:25:04 | 018,352,488 | ---- | M] (Microsoft Corporation) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe] -> [2008/09/30 15:28:20 | 007,209,069 | ---- | M] (Mozilla Corporation) GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\PROGRA~1\MICROS~2\Office12\GROOVE.EXE] -> [2009/02/14 06:03:18 | 000,337,264 | ---- | M] (Microsoft Corporation) HelpAsst.exe -> C:\Documents and Settings\Bill\Desktop\HelpAsst_mebroot_fix.exe [C:\Documents and Settings\Bill\Desktop\HelpAsst_mebroot_fix.exe] -> [2010/07/24 22:16:36 | 000,490,232 | ---- | M] () HELPCTR.EXE -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe [%Systemroot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe] -> [2008/04/13 20:12:21 | 000,769,024 | ---- | M] (Microsoft Corporation) hrtzzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe [C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe] -> [2004/08/04 05:00:00 | 000,042,573 | ---- | M] (Microsoft Corporation) hypertrm.exe -> C:\Program Files\Windows NT\hypertrm.exe ["C:\Program Files\Windows NT\hypertrm.exe"] -> [2004/08/04 05:00:00 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) ICWCONN1.EXE -> C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE ["C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE"] -> [2008/04/13 20:12:22 | 000,214,528 | ---- | M] (Microsoft Corporation) ICWCONN2.EXE -> C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE ["C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE"] -> [2008/04/13 20:12:22 | 000,086,016 | ---- | M] (Microsoft Corporation) INETWIZ.EXE -> C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE ["C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE"] -> [2008/04/13 20:12:22 | 000,020,480 | ---- | M] (Microsoft Corporation) infopath.exe -> C:\Program Files\Microsoft Office\Office12\INFOPATH.EXE [C:\PROGRA~1\MICROS~2\Office12\INFOPATH.EXE] -> [2010/02/04 04:18:10 | 001,459,576 | ---- | M] (Microsoft Corporation) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found INSV1.exe -> C:\Program Files\Insurance Study Guide\INSV1.exe [C:\Program Files\Insurance Study Guide\INSV1.exe] -> [2006/05/16 12:54:40 | 000,692,224 | ---- | M] (Florida Insurance School) ISIGNUP.EXE -> C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE ["C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE"] -> [2004/08/04 05:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe] -> [2010/02/15 18:06:56 | 010,358,056 | ---- | M] (Apple Inc.) javaws.exe -> C:\Program Files\Java\jre6\bin\javaws.exe [C:\Program Files\Java\jre6\bin\javaws.exe] -> [2010/07/25 21:32:54 | 000,153,376 | ---- | M] (Oracle) LUALL.EXE -> C:\Program Files\Symantec\LiveUpdate\LUALL.EXE [C:\Program Files\Symantec\LiveUpdate\LUALL.EXE] -> [2004/12/14 12:24:40 | 002,541,200 | ---- | M] (Symantec Corporation) mbam.exe -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) MediaHub.exe -> C:\Program Files\Common Files\Sonic Shared\Sonic Central\Main\Mediahub.exe [C:\Program Files\Common Files\Sonic Shared\Sonic Central\Main\Mediahub.exe] -> [2005/11/07 02:04:00 | 002,314,240 | ---- | M] () migwiz.exe -> C:\WINDOWS\system32\usmt\migwiz.exe [%SystemRoot%\system32\usmt\migwiz.exe] -> [2008/04/13 20:12:25 | 000,245,248 | ---- | M] (Microsoft Corporation) moviemk.exe -> C:\Program Files\Movie Maker\moviemk.exe [C:\Program Files\Movie Maker\moviemk.exe] -> [2009/10/23 11:28:37 | 003,558,912 | ---- | M] (Microsoft Corporation) mplayer2.exe -> C:\Program Files\Windows Media Player\mplayer2.exe ["C:\Program Files\Windows Media Player\mplayer2.exe"] -> [2008/04/13 20:12:27 | 000,004,639 | ---- | M] (Microsoft Corporation) MSACCESS.EXE -> C:\Program Files\Microsoft Office\Office12\MSACCESS.EXE [C:\PROGRA~1\MICROS~2\Office12\MSACCESS.EXE] -> [2010/05/20 23:36:24 | 010,223,984 | ---- | M] (Microsoft Corporation) MSCONFIG.EXE -> C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe [%systemroot%\pchealth\helpctr\Binaries\MSCONFIG.EXE] -> [2008/04/13 20:12:27 | 000,169,984 | ---- | M] (Microsoft Corporation) msimn.exe -> C:\Program Files\Outlook Express\msimn.exe [%ProgramFiles%\Outlook Express\msimn.exe] -> [2008/04/13 20:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) msinfo32.exe -> C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe [C:\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe] -> [2004/08/04 05:00:00 | 000,039,936 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found msoxmled.exe -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE [C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/26 21:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation) MSPUB.EXE -> C:\Program Files\Microsoft Office\Office12\MSPUB.EXE [C:\PROGRA~1\MICROS~2\Office12\MSPUB.EXE] -> [2010/04/24 08:16:32 | 009,589,104 | ---- | M] (Microsoft Corporation) MyDVD.exe -> C:\Program Files\Roxio\MyDVD\MyDVD.EXE [C:\Program Files\Roxio\MyDVD\MyDVD.EXE] -> [2005/10/17 06:16:00 | 017,936,384 | ---- | M] (Sonic Solutions) ois.exe -> C:\Program Files\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~1\MICROS~2\Office12\OIS.EXE] -> [2008/11/04 01:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE] -> [2010/05/20 23:44:02 | 012,978,544 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\WINDOWS\system32\mspaint.exe [%SystemRoot%\system32\mspaint.exe] -> [2009/12/16 14:43:27 | 000,343,040 | ---- | M] (Microsoft Corporation) PictureViewer.exe -> C:\Program Files\QuickTime\PictureViewer.exe [C:\Program Files\QuickTime\PictureViewer.exe] -> [2009/11/10 23:08:12 | 000,561,152 | ---- | M] (Apple Inc.) pinball.exe -> C:\Program Files\Windows NT\Pinball\pinball.exe [C:\Program Files\Windows NT\Pinball\pinball.exe] -> [2008/04/13 20:12:31 | 000,281,088 | ---- | M] (Cinematronics) powerpnt.exe -> C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~1\MICROS~2\Office12\POWERPNT.EXE] -> [2009/02/26 13:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation) qblaunch.exe -> C:\Program Files\Common Files\Intuit\QuickBooks\qblaunch.exe [C:\Program Files\Common Files\Intuit\QuickBooks\qblaunch.exe] -> [2002/11/18 03:46:16 | 000,110,592 | ---- | M] (Intuit, Inc.) QuickTimePlayer.exe -> C:\Program Files\QuickTime\QuickTimePlayer.exe [C:\Program Files\QuickTime\QuickTimePlayer.exe] -> [2009/11/10 23:35:52 | 001,230,112 | ---- | M] (Apple Inc.) realplay.exe -> C:\Program Files\Real\RealPlayer\realplay.exe [C:\Program Files\Real\RealPlayer\realplay.exe] -> [2006/11/02 10:36:11 | 000,214,560 | ---- | M] (RealNetworks, Inc.) rnxproc.exe -> C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe [C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe] -> [2006/11/02 10:36:06 | 000,058,912 | ---- | M] (RealNetworks, Inc.) rvsezm.exe -> C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe [C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe] -> [2004/08/04 05:00:00 | 000,042,574 | ---- | M] (Microsoft Corporation) SBA.exe -> C:\Program Files\Microsoft Small Business\Small Business Accounting\SBA.exe [C:\Program Files\Microsoft Small Business\Small Business Accounting\SBA.exe] -> [2009/06/29 11:08:50 | 000,353,280 | ---- | M] (Microsoft Corp.) SBAHost.exe -> C:\Program Files\Microsoft Small Business\Small Business Accounting\SBAHost.exe [C:\Program Files\Microsoft Small Business\Small Business Accounting\SBAHost.exe] -> [2009/06/29 11:08:50 | 000,049,152 | ---- | M] (Microsoft Corp.) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found shvlzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe [C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe] -> [2004/08/04 05:00:00 | 000,042,573 | ---- | M] (Microsoft Corporation) SYNCMGR.EXE -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe] -> [2005/11/15 19:43:04 | 001,970,176 | ---- | M] (Microsoft Corporation) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Ttax.exe -> C:\Program Files\TurboTax\Basic 2006\32bit [C:\Program Files\TurboTax\Basic 2006\32bit] -> [2007/04/08 17:05:14 | 000,000,000 | ---D | M] UES07.exe -> C:\Program Files\Search Party\South Carolina State University 2007 Alumni Directory\UES07.exe [C:\Program Files\Search Party\South Carolina State University 2007 Alumni Directory\UES07.exe] -> [2006/08/29 10:52:18 | 002,621,440 | ---- | M] (Antech Systems, Inc.) wab.exe -> C:\Program Files\Outlook Express\wab.exe [%ProgramFiles%\Outlook Express\wab.exe] -> [2008/04/13 20:12:38 | 000,046,080 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Outlook Express\wabmig.exe [%ProgramFiles%\Outlook Express\wabmig.exe] -> [2008/04/13 20:12:39 | 000,030,208 | ---- | M] (Microsoft Corporation) WCESCOMM.EXE -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe] -> [2005/11/15 19:44:14 | 001,200,128 | ---- | M] (Microsoft Corporation) WCESMGR.EXE -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe] -> [2005/11/15 19:43:04 | 001,970,176 | ---- | M] (Microsoft Corporation) winnt32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Winword.exe -> C:\Program Files\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~1\MICROS~2\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation) wmplayer.exe -> C:\Program Files\Windows Media Player\wmplayer.exe [C:\Program Files\Windows Media Player\wmplayer.exe] -> [2006/10/18 22:46:20 | 000,064,000 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2008/04/21 08:08:15 | 000,215,552 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2008/04/21 08:08:15 | 000,215,552 | ---- | M] (Microsoft Corporation) WTFavLauncher.exe -> C:\Program Files\Watchtower\Watchtower Library 2007\WTFavLauncher.exe [C:\Program Files\Watchtower\Watchtower Library 2007\WTFavLauncher.exe] -> [2007/10/19 15:49:02 | 000,077,824 | ---- | M] (Watchtower Bible and Tract Society of New York, Inc.) wtlib.exe -> C:\Program Files\Watchtower\Watchtower Library 2006\e\wtlib.exe [C:\Program Files\Watchtower\Watchtower Library 2006\e\wtlib.exe] -> [2006/10/06 12:21:50 | 002,732,032 | ---- | M] (Watch Tower Bible and Tract Society of Pennsylvania.) WTLibrary.exe -> C:\Program Files\Watchtower\Watchtower Library 2008\E\WTLibrary.exe [C:\Program Files\Watchtower\Watchtower Library 2008\E\WTLibrary.exe] -> [2008/11/05 18:01:06 | 002,002,944 | ---- | M] (Watch Tower Bible and Tract Society of Pennsylvania.) < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{00020D75-0000-0000-C000-000000000046}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\MLSHEXT.DLL [Microsoft Office Outlook Desktop Icon Handler] -> [2009/02/26 12:09:28 | 000,020,352 | ---- | M] (Microsoft Corporation) "{0006F045-0000-0000-C000-000000000046}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\OLKFSTUB.DLL [Microsoft Office Outlook Custom Icon Handler] -> [2009/03/11 18:01:24 | 000,253,808 | ---- | M] (Microsoft Corporation) "{16F3DD56-1AF5-4347-846D-7C10C4192619}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 3 (GFS Folder)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}" [HKLM] -> C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Microsoft Data Link] -> [2008/04/13 20:12:02 | 000,487,424 | ---- | M] (Microsoft Corporation) "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Explorer Bar] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{32714800-2E5F-11d0-8B85-00AA0044F941}" [HKLM] -> C:\Program Files\Outlook Express\wabfind.dll [For &People...] -> [2008/04/13 20:12:08 | 000,032,768 | ---- | M] (Microsoft Corporation) "{387E725D-DC16-4D76-B310-2C93ED4752A0}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove XML Icon Handler] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2008/10/25 06:18:56 | 000,061,816 | ---- | M] (Microsoft Corporation) "{42071714-76d4-11d1-8b24-00a0c9068ff3}" [HKLM] -> [Display Panning CPL Extension] -> File not found "{472083B0-C522-11CF-8763-00608CC02F24}" [HKLM] -> C:\Program Files\Alwil Software\Avast5\ashShell.dll [avast] -> [2010/06/28 16:58:30 | 000,081,072 | ---- | M] (AVAST Software) "{49BF5420-FA7F-11cf-8011-00A0C90A8F78}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\Wcesview.dll [Mobile Device] -> [2005/11/15 19:43:22 | 000,241,664 | ---- | M] (Microsoft Corporation) "{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL [Microsoft Office OneNote Namespace Extension for Windows Desktop Search] -> [2009/02/26 15:24:50 | 000,071,536 | ---- | M] (Microsoft Corporation) "{5CA3D70E-1895-11CF-8E15-001234567890}" [HKLM] -> C:\WINDOWS\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> [2005/09/08 05:20:00 | 000,110,652 | ---- | M] (Sonic Solutions) "{6C467336-8281-4E60-8204-430CED96822D}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Context Menu Handler] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{72923739-5A47-40A3-9895-25AF0DFBB9E4}" [HKLM] -> Reg Error: Key error. [Glary Utilities Context Menu Shell Extension] -> File not found "{764BF0E1-F219-11ce-972D-00AA00A14F56}" [HKLM] -> Reg Error: Key error. [Shell extensions for file compression] -> File not found "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}" [HKLM] -> Reg Error: Key error. [Encryption Context Menu] -> File not found "{88895560-9AA2-1069-930E-00AA0030EBC8}" [HKLM] -> C:\WINDOWS\system32\hticons.dll [HyperTerminal Icon Ext] -> [2004/08/04 05:00:00 | 000,044,544 | ---- | M] (Hilgraeve, Inc.) "{920E6DB1-9907-4370-B3A0-BAFC03D81399}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll [Microsoft Office Metadata Handler] -> [2009/02/26 10:07:14 | 000,987,016 | ---- | M] (Microsoft Corporation) "{99FD978C-D287-4F50-827F-B2C658EDA8E7}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{A449600E-1DC6-4232-B948-9BD794D62056}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Icon Handler] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 2 (GFS Stub)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010/02/15 18:07:02 | 000,124,200 | ---- | M] (Apple Inc.) "{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}" [HKLM] -> Reg Error: Key error. [Microsoft Browser Architecture] -> File not found "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}" [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL [Web Folders] -> [2008/11/20 23:58:22 | 000,972,632 | ---- | M] (Microsoft Corporation) "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll [Microsoft Office Thumbnail Handler] -> [2009/02/26 10:07:14 | 000,987,016 | ---- | M] (Microsoft Corporation) "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" [HKLM] -> C:\Program Files\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> [2006/11/02 10:36:14 | 000,054,848 | ---- | M] (RealNetworks, Inc.) "{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}" [HKLM] -> Reg Error: Key error. [IE User Assist] -> File not found < Approved Shell Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ -> {BDEADF00-C265-11d0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL [Web Folders] -> [2008/11/20 23:58:22 | 000,972,632 | ---- | M] (Microsoft Corporation) < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 0 -> [Key] -> 0 -> FriendlyName = My Current Home Page -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < Desktop WallPaper > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General -> WallPaper -> C:\Documents and Settings\Bill\Local Settings\Application Data\Microsoft\Wallpaper1.bmp -> BackupWallPaper -> C:\Documents and Settings\Bill\Local Settings\Application Data\Microsoft\Wallpaper1.bmp -> < Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk -> C:\Program Files\America Online 9.0\aoltray.exe -> [2004/09/01 11:56:34 | 000,156,784 | -H-- | M] (America Online, Inc.) < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Adobe ARM hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe -> [2010/06/09 04:06:33 | 000,976,832 | ---- | M] (Adobe Systems Incorporated) Adobe Photo Downloader hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe -> [2010/06/19 22:04:47 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) Corel Photo Downloader hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe -> [2006/02/09 18:34:54 | 000,106,496 | ---- | M] (Corel, Inc.) DellHelp hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Dell\DellHelp\DellHelp.exe -> [2004/04/01 15:51:38 | 001,589,248 | ---- | M] (Dell Inc) DellSupport hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\DellSupport\DSAgnt.exe -> [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) DMXLauncher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Dell\Media Experience\DMXLauncher.exe -> [2005/10/05 03:12:00 | 000,094,208 | ---- | M] () iTunesHelper hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\iTunes\iTunesHelper.exe -> [2010/02/15 18:07:02 | 000,141,608 | ---- | M] (Apple Inc.) MSMSGS hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Messenger\msmsgs.exe -> [2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\QuickTime\qttask.exe -> [2009/11/10 23:08:18 | 000,417,792 | ---- | M] (Apple Inc.) swg hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2007/07/08 19:06:36 | 000,068,856 | ---- | M] (Google Inc.) TkBellExe hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2006/11/02 10:36:06 | 000,185,896 | ---- | M] (RealNetworks, Inc.) < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 0 -> "services" -> 0 -> "startup" -> 2 -> "system.ini" -> 0 -> "win.ini" -> 0 -> < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 06:18:50 | 000,172,880 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll [MetaStreamCtl Class] -> [2007/06/18 08:52:40 | 000,254,022 | ---- | M] (Viewpoint Corporation) {07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL [STSUpld UploadCtl Class] -> [2006/10/26 19:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {0D012ABD-CEED-11D2-9C76-00105AA73033} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveDocumentShareTool.dll [Groove DocumentShareView] -> [2009/02/14 06:03:38 | 003,070,832 | ---- | M] (Microsoft Corporation) {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll [MetaStreamCtl Class] -> [2007/06/18 08:52:40 | 000,254,022 | ---- | M] (Viewpoint Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Spreadsheet Launcher] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {56A58823-AE99-11D5-B90B-0050DACD1F75} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveCommonComponents.dll [Groove Data List Display] -> [2009/02/14 06:03:28 | 002,687,336 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/07/25 21:32:55 | 000,108,320 | ---- | M] (Oracle) {62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Export Database Launcher] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 03:01:06 | 002,335,648 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8075631E-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files\Microsoft Office\Office12\INLAUNCH.DLL [SharepointOpenXMLDocuments] -> [2009/03/06 04:26:06 | 000,065,400 | ---- | M] (Microsoft Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_21.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:55 | 000,141,088 | ---- | M] (Oracle) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {9F81C14C-04C0-4378-9A0F-70B5F25397BC} [HKLM] -> C:\Program Files\Netflix\Netflix Movie Viewer\AxPlayer.ocx [AxPlayer Control] -> [2007/06/26 15:53:36 | 000,683,072 | ---- | M] (Netflix, Inc.) {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {B3E658DF-D425-430C-82C2-D54295915020} [HKLM] -> C:\Program Files\Netflix\Netflix Movie Viewer\AxVersion.ocx [AxVersion Control] -> [2007/06/26 15:53:28 | 000,371,776 | ---- | M] (Netflix Inc.) {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [SharePoint Spreadsheet Launcher] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint Stssync Handler] -> File not found {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Stssync Handler] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 06:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2010/06/19 15:28:28 | 000,660,912 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 04:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 04:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 04:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_21.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:55 | 000,141,088 | ---- | M] (Oracle) {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_21.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:55 | 000,141,088 | ---- | M] (Oracle) {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_21.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:55 | 000,141,088 | ---- | M] (Oracle) {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2010/07/25 21:32:54 | 000,423,656 | ---- | M] (Oracle) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2010/07/25 21:32:54 | 000,423,656 | ---- | M] (Oracle) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL [STSUpld CopyCtl Class] -> [2006/10/26 19:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2006/11/02 10:36:27 | 000,185,952 | ---- | M] (RealNetworks, Inc.) {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 20:58:36 | 003,981,080 | R--- | M] (Adobe Systems, Inc.) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/02/15 18:06:50 | 000,111,912 | ---- | M] (Apple Inc.) {DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation) {E01D1C6A-4F40-11D3-8958-00105A272DCF} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveTextTools.dll [Groove Text View] -> [2009/02/14 06:03:54 | 001,161,568 | ---- | M] (Microsoft Corporation) {E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 04:23:50 | 000,022,432 | ---- | M] (Microsoft Corporation) {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 05:42:16 | 000,482,656 | ---- | M] () < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Script Object] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll [MetaStreamCtl Class] -> [2007/06/18 08:52:40 | 000,254,022 | ---- | M] (Viewpoint Corporation) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2010/06/19 15:29:40 | 000,061,888 | ---- | M] (Adobe Systems Incorporated) {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {22BF413B-C6D2-4D91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.) {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {32004B8A-44A9-43E7-84E9-808838809519} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Side Bar] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> [2005/09/08 05:20:00 | 000,110,652 | ---- | M] (Sonic Solutions) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_21.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:55 | 000,141,088 | ---- | M] (Oracle) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {8B7D2210-CC81-4F59-A486-4409FB485D4A} [HKLM] -> C:\WINDOWS\Downloaded Program Files\vzTCPConfig.dll [RegConfig Class] -> [2010/01/08 18:36:28 | 000,163,328 | ---- | M] () {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [Google Toolbar Notifier BHO] -> [2009/11/24 01:06:20 | 000,764,912 | ---- | M] (Google Inc.) {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 20:58:36 | 003,981,080 | R--- | M] (Adobe Systems, Inc.) {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [HKLM] -> C:\WINDOWS\Downloaded Program Files\ieatgpc.dll [GpcContainer Class] -> [2009/09/29 14:16:56 | 000,099,224 | ---- | M] () {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/08/04 21:54:42 | 000,343,112 | ---- | M] (Yahoo! Inc.) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {00000000-0000-0000-0000-000000000000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {00CEDC01-864D-11D3-908D-00C0F03B3EDC} [HKLM] -> C:\Program Files\Real\RealPlayer\ierjplug.dll [IERJCtl Class] -> [2006/11/02 10:36:38 | 000,049,152 | ---- | M] (RealNetworks, Inc.) {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Script Object] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> [2005/08/04 21:54:42 | 000,343,112 | ---- | M] (Yahoo! Inc.) {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll [MetaStreamCtl Class] -> [2007/06/18 08:52:40 | 000,254,022 | ---- | M] (Viewpoint Corporation) {0468C085-CA5B-11D0-AF08-00609797F0E0} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OUTLCTL.DLL [DataCtl Class] -> [2009/08/17 22:54:46 | 000,136,520 | ---- | M] () {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2010/06/19 15:29:40 | 000,061,888 | ---- | M] (Adobe Systems Incorporated) {089FD14D-132B-48FC-8861-0048AE113215} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found {0BF43445-2F28-4351-9252-17FE6E806AA0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {10072CEC-8CC1-11D1-986E-00A0C955B42E} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [PeerDraw Class] -> [2007/07/12 19:31:54 | 000,765,952 | ---- | M] (Microsoft Corporation) {189504B8-50D1-4AA8-B4D6-95C8F58A6414} [HKLM] -> C:\Program Files\America Online 9.0\sb.dll [SuperBuddy Class] -> [2004/09/01 11:56:52 | 000,106,496 | ---- | M] (America Online, Inc.) {1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream_0305000D.dll [MetaStreamCtl Class] -> [2007/06/18 08:52:40 | 000,254,022 | ---- | M] (Viewpoint Corporation) {22BF413B-C6D2-4D91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.) {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx [DHTML Edit Control Safe for Scripting for IE5] -> [2009/07/27 18:27:12 | 000,128,512 | ---- | M] (Microsoft Corporation) {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer RAM Download Handler] -> [2006/11/02 10:36:27 | 000,185,952 | ---- | M] (RealNetworks, Inc.) {32004B8A-44A9-43E7-84E9-808838809519} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Side Bar] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {38481807-CA0E-42D2-BF39-B33AF135CC4D} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL [IETag Factory] -> [2009/04/02 12:01:44 | 000,177,520 | ---- | M] (Microsoft Corporation) {39FD89BF-D3F1-45B6-BB56-3582CCF489E1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {493ACF15-5CD9-4474-82A6-91670C3DD66E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5067A26B-1337-4436-8AFE-EE169C2DA79F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/07/25 21:32:55 | 000,108,320 | ---- | M] (Oracle) {5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> [2005/09/08 05:20:00 | 000,110,652 | ---- | M] (Sonic Solutions) {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [HKLM] -> C:\WINDOWS\DOWNLO~1\oscan82.ocx [BDSCANONLINE Control] -> [2009/05/07 16:56:24 | 000,656,384 | ---- | M] () {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.) {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {85D1F590-48F4-11D9-9669-0800200C9A66} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88D969E5-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL [XML DOM Document 5.0] -> [2008/08/31 21:39:34 | 001,425,912 | ---- | M] (Microsoft Corporation) {88D969EA-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL [XML HTTP 5.0] -> [2008/08/31 21:39:34 | 001,425,912 | ---- | M] (Microsoft Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_21.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:55 | 000,141,088 | ---- | M] (Oracle) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_21] -> [2010/07/25 21:32:54 | 000,108,320 | ---- | M] () {8B7D2210-CC81-4F59-A486-4409FB485D4A} [HKLM] -> C:\WINDOWS\Downloaded Program Files\vzTCPConfig.dll [RegConfig Class] -> [2010/01/08 18:36:28 | 000,163,328 | ---- | M] () {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\WINDOWS\system32\msnetobj.dll [RMGetLicense Class] -> [2006/10/18 22:47:16 | 000,179,712 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/11/24 01:02:03 | 000,263,280 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [Google Toolbar Notifier BHO] -> [2009/11/24 01:06:20 | 000,764,912 | ---- | M] (Google Inc.) {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B8BE588F-4B36-4DDD-8178-858C6775BC5C} [HKLM] -> C:\WINDOWS\system32\qdiagdwc.ocx [QDiagDWCUpdateObj Class] -> [2005/07/04 16:03:36 | 001,650,688 | ---- | M] (Gteko Ltd.) {BA52B914-B692-46C4-B683-905236F6F655} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BD96C556-65A3-11D0-983A-00C04FC29E36} [HKLM] -> C:\Program Files\Common Files\System\msadc\msadco.dll [RDS.DataSpace] -> [2008/04/13 20:11:58 | 000,143,360 | ---- | M] (Microsoft Corporation) {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2010/06/19 15:28:28 | 000,660,912 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2010/07/25 21:32:54 | 000,423,656 | ---- | M] (Oracle) {CD67F990-D8E9-11D2-98FE-00C0F0318AFE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2006/11/02 10:36:27 | 000,185,952 | ---- | M] (RealNetworks, Inc.) {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 20:58:36 | 003,981,080 | R--- | M] (Adobe Systems, Inc.) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/02/15 18:06:50 | 000,111,912 | ---- | M] (Apple Inc.) {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [HKLM] -> C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx [QuickTimeCheck Class] -> [2009/11/10 23:35:52 | 000,136,496 | ---- | M] (Apple Inc.) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation) {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [HKLM] -> C:\WINDOWS\Downloaded Program Files\ieatgpc.dll [GpcContainer Class] -> [2009/09/29 14:16:56 | 000,099,224 | ---- | M] () {E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05} [HKLM] -> C:\Program Files\Microsoft Office\Office12\NAME.DLL [NameCtrl Class] -> [2009/03/06 04:04:56 | 000,064,872 | ---- | M] (Microsoft Corporation) {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} [HKLM] -> C:\WINDOWS\system32\webvw.dll [WebViewFolderIcon Class] -> [2008/04/13 20:12:08 | 000,135,680 | ---- | M] (Microsoft Corporation) {E856B973-45FD-4559-8F82-EAB539144667} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/08/04 21:54:42 | 000,343,112 | ---- | M] (Yahoo! Inc.) {FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} [HKLM] -> C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll [IERPCtl Class] -> [2006/11/02 10:36:13 | 000,288,352 | ---- | M] (RealNetworks, Inc.) < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> belarc:{6318E0AB-2E93-11D1-B8ED-00608CC9A71F} [HKLM] -> C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll[VoilaXctl Class] -> [2006/03/14 16:16:06 | 000,033,280 | ---- | M] (Belarc, Inc.) grooveLocalGWS:{88FED34C-F0CA-4636-A375-3CB6248B04CD} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll[Local Groove Web Services Protocol] -> [2009/02/12 15:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 13:45:02 | 000,873,216 | ---- | M] (Microsoft Corporation) skype4com: [HKLM] -> No CLSID value < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver System Bus Extender -> Driver Group vds -> Service vga.sys -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group MpfService -> Service NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group vga.sys -> Driver < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"FirstRunDisabled" -> [1] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [1] -> File not found \\"FirewallOverride" -> [0] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"EnableFirewall" -> [1] -> File not found \\"DisableNotifications" -> [0] -> File not found \\"DoNotAllowExceptions" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> htmlfile [edit] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 10:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 10:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/04/13 20:12:41 | 000,135,168 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Directory [OneNote.Open] -> C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {07287123-B8AC-41CE-8346-3D777245C35B} -> Bonjour {075473F5-846A-448B-BCB3-104AA1760205} -> Roxio RecordNow Data {0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} -> Microsoft Plus! Photo Story 2 LE {0F756CD9-4A1E-409B-B101-601DDC4C03AA} -> Qualxserve Service Agreement {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -> Roxio DLA {1451DE6B-ABE1-4F62-BE9A-B363A17588A2} -> QuickTime {172423F9-522A-483A-AD65-03600CE4CA4F} -> Microsoft Works 6-9 Converter {18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer {18525F55-9B32-4D49-BF03-D53B17A49D97} -> DellConnect {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 {20F51690-133A-453C-B616-1C15AB2C0EF0} -> SBA {21657574-BD54-48A2-9450-EB03B2C7FC29} -> Roxio MyDVD LE {2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer {237a4b21-78c1-11d6-a394-00104bd190b1} -> QuickBooks Basic Edition 2003 {26A24AE4-039D-4CA4-87B4-2F83216021FF} -> Java(TM) 6 Update 21 {2818095F-FB6C-42C8-827E-0A406CC9AFF5} -> Quicken 2006 {29622F4A-245C-4126-8764-897E21E888D1} -> Google Earth Pro {2CCBABCB-6427-4A55-B091-49864623C43F} -> Google Toolbar for Firefox {30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Sonic Update Manager {3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java(TM) 6 Update 2 {33BB4982-DC52-4886-A03B-F4C5C80BEE89} -> Windows Media Player 10 {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {352310C3-E46B-42D3-8F32-54721FDD72D9} -> NetZeroInstallers {3FA365DF-2D68-45ED-8F83-8C8A33E65143} -> Apple Application Support {42EED331-936C-446E-9374-077F7B028518} -> Watchtower Library 2006 - English Edition {43CAC9A1-1993-4F65-9096-7C9AFC2BBF54} -> Dell CinePlayer {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {510F0423-7E14-48B3-BBCC-CAFB884ADC80} -> South Carolina State University 2007 Alumni Directory {541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} -> Skype web features {5905F42D-3F5F-4916-ADA6-94A3646AEE76} -> Dell Driver Reset Tool {5B6BE547-21E2-49CA-B2E2-6A5F470593B1} -> Sonic Activation Module {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update {6E45BA47-383C-4C1E-8ED0-0D4845C293D7} -> Microsoft Plus! Digital Media Edition Installer {7c3aeaa8-8e35-45f3-b6d9-31da59e6db5e} -> Watchtower Library 2007 - English {7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} -> DellSupport {81063354-9060-42B2-A000-1EBE96778AA9} -> iTunes {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA} -> Intel(R) PROSet for Wired Connections {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8A708DD8-A5E6-11D4-A706-000629E95E20} -> Intel(R) Graphics Media Accelerator Driver {8A9B8148-DDD7-448F-BD6C-358386D32354} -> Corel Photo Album 6 {90120000-0010-0409-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (English) 12 {90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007 {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007 {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007 {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007 {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007 {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007 {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-0044-0409-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (English) 2007 {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007 {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00BA-0409-0000-0000000FF1CE} -> Microsoft Office Groove MUI (English) 2007 {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0114-0409-0000-0000000FF1CE} -> Microsoft Office Groove Setup Metadata MUI (English) 2007 {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007 {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {91120000-0030-0000-0000-0000000FF1CE} -> Microsoft Office Enterprise 2007 {91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2) {91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581) {A654A805-41D9-40C7-AA46-4AF04F044D61} -> Adobe® Photoshop® Album Starter Edition 3.2 {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} -> Apple Mobile Device Support {AB708C9B-97C8-4AC9-899B-DBF226AC9382} -> Roxio RecordNow Audio {AC76BA86-7AD7-1033-7B44-A93000000001} -> Adobe Reader 9.3.3 {AC76BA86-7AD7-5464-3428-900000000004} -> Spelling Dictionaries Support For Adobe Reader 9 {AFF1EA96-9C23-4249-B7D4-CD4B54D4582F} -> TurboTax ItsDeductible 2006 {B12665F4-4E93-4AB4-B7FC-37053B524629} -> Roxio RecordNow Copy {B208806F-A231-4FA0-AB3F-5C1B8979223E} -> Microsoft ActiveSync 4.0 {B2544A03-10D0-4E5E-BA69-0362FFC20D18} -> OGA Notifier 2.0.0048.0 {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy {B702CCCE-3176-4DBF-B932-D1B8F402F330} -> Digital Content Portal {BCE72AED-3332-4863-9567-C5DCB9052CA2} -> Netflix Movie Viewer {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.1 {D2988E9B-C73F-422C-AD4B-A66EBE257120} -> MCU {DE5BFF9C-84D1-4B09-9C20-54633044CB85} -> Watchtower Library 2008 - English {E09B48B5-E141-427A-AB0C-D3605127224A} -> Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ) {E93E5EF6-D361-481E-849D-F16EF5C78EBC} -> Musicmatch for Windows Media Player {EA2BEBD6-87B9-41E5-95AC-7E4C165A9475} -> WexTech AnswerWorks {F413D795-B077-4A96-AE75-810BBA673A0E} -> Microsoft Office Small Business Accounting 2006 {F855C3AE-992D-4B84-A09D-07103CDCDAC2} -> Compact Wireless-G USB Adapter ActiveTouchMeetingClient -> WebEx Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Adobe® Photoshop® Album Starter Edition 3.2 -> Adobe® Photoshop® Album Starter Edition 3.2 America Online us -> America Online (Choose which version to remove) AOL Connectivity Services -> AOL Connectivity Services AOLCoach -> AOL Coach Version 1.0(Build:20040229.1 en) avast5 -> avast! Free Antivirus Belarc Advisor 2.0 -> Belarc Advisor 7.1 Dell Digital Jukebox Driver -> Dell Digital Jukebox Driver ENTERPRISER -> Microsoft Office Enterprise 2007 IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ie7 -> Windows Internet Explorer 7 Job Pulse_is1 -> Job Pulse 1.0 LiveUpdate -> LiveUpdate 2.6 (Symantec Corporation) Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 Mozilla Firefox (1.5.0.12) -> Mozilla Firefox (1.5.0.12) MRINetwork screen saver.scr -> MRINetwork screen saver MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs PROSet -> Intel(R) PRO Network Connections Drivers RealPlayer 6.0 -> RealPlayer ST5UNST #1 -> Workstation ST5UNST #3 -> Workstation (C:\Program Files\PCRecruiter\) #3 ST6UNST #1 -> Insurance Study Guide StreetPlugin -> Learn2 Player (Uninstall Only) TurboTax Basic 2006 -> TurboTax Basic 2006 TweakNow RegCleaner_is1 -> TweakNow RegCleaner ViewpointMediaPlayer -> Viewpoint Media Player Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 Windows XP Service Pack -> Windows XP Service Pack 3 WMFDist11 -> Windows Media Format 11 runtime wmp11 -> Windows Media Player 11 Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 Yahoo! Companion -> Yahoo! Toolbar < Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> GoToMeeting -> GoToMeeting/GoToWebinar 3.0.0.189 < EventViewer Logs - Last 10 Errors > -> Event Information -> Description System [ Error ] 8/3/2010 5:20:46 PM Computer Name = BR-95QW6B1 | Source = Print | ID = 19 -> Description = Sharing printer failed + 1722, Printer Intuit Internal Printer share name Printer2. System [ Error ] 8/4/2010 8:13:54 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7034 -> Description = The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 8/4/2010 8:13:54 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7031 -> Description = The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. System [ Error ] 8/4/2010 8:13:54 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7034 -> Description = The Bonjour Service service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 8/4/2010 8:13:54 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7034 -> Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 8/4/2010 8:13:54 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7034 -> Description = The MSSQL$MICROSOFTSMLBIZ service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 8/4/2010 8:13:54 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7031 -> Description = The WUSB54GCSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. System [ Error ] 8/4/2010 8:32:47 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7006 -> Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5 System [ Error ] 8/4/2010 8:32:48 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7006 -> Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5 System [ Error ] 8/4/2010 8:32:48 PM Computer Name = BR-95QW6B1 | Source = Service Control Manager | ID = 7006 -> Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5 [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Documents and Settings\Bill\Desktop\OTS.exe -> [2010/08/07 17:27:18 | 000,641,536 | ---- | C] (OldTimer Tools) aswSP.sys -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2010/08/03 20:07:12 | 000,165,456 | ---- | C] (ALWIL Software) aswFsBlk.sys -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2010/08/03 20:07:12 | 000,017,744 | ---- | C] (ALWIL Software) aswRdr.sys -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2010/08/03 20:07:10 | 000,023,376 | ---- | C] (ALWIL Software) aswTdi.sys -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2010/08/03 20:07:09 | 000,046,672 | ---- | C] (ALWIL Software) aswmon2.sys -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2010/08/03 20:07:08 | 000,100,176 | ---- | C] (ALWIL Software) aswmon.sys -> C:\WINDOWS\System32\drivers\aswmon.sys -> [2010/08/03 20:07:08 | 000,094,544 | ---- | C] (ALWIL Software) aavmker4.sys -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2010/08/03 20:07:07 | 000,028,880 | ---- | C] (ALWIL Software) avastSS.scr -> C:\WINDOWS\avastSS.scr -> [2010/08/03 20:06:54 | 000,038,848 | ---- | C] (ALWIL Software) aswBoot.exe -> C:\WINDOWS\System32\aswBoot.exe -> [2010/08/03 20:06:53 | 000,165,032 | ---- | C] (AVAST Software) Alwil Software -> C:\Program Files\Alwil Software -> [2010/08/03 20:06:47 | 000,000,000 | ---D | C] DoctorWeb -> C:\Documents and Settings\Bill\DoctorWeb -> [2010/08/02 10:31:34 | 000,000,000 | ---D | C] javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2010/07/25 21:33:07 | 000,153,376 | ---- | C] (Oracle) javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2010/07/25 21:33:07 | 000,145,184 | ---- | C] (Oracle) java.exe -> C:\WINDOWS\System32\java.exe -> [2010/07/25 21:33:07 | 000,145,184 | ---- | C] (Oracle) jre-6u21-windows-i586.exe -> C:\Documents and Settings\Bill\Desktop\jre-6u21-windows-i586.exe -> [2010/07/25 21:22:07 | 016,066,336 | ---- | C] (Oracle) RECYCLER -> C:\RECYCLER -> [2010/07/25 18:56:54 | 000,000,000 | -HSD | C] cmdcons -> C:\cmdcons -> [2010/07/25 12:42:33 | 000,000,000 | RHSD | C] SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/07/25 12:40:43 | 000,212,480 | ---- | C] (SteelWerX) SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/07/25 12:40:43 | 000,136,704 | ---- | C] (SteelWerX) NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/07/25 12:40:43 | 000,031,232 | ---- | C] (NirSoft) Qoobox -> C:\Qoobox -> [2010/07/25 12:39:38 | 000,000,000 | ---D | C] swreg.exe -> C:\WINDOWS\swreg.exe -> [2010/07/24 22:19:06 | 000,161,792 | ---- | C] (SteelWerX) _OTL -> C:\_OTL -> [2010/07/24 22:11:43 | 000,000,000 | ---D | C] TweakNow RegCleaner -> C:\Program Files\TweakNow RegCleaner -> [2010/07/23 15:27:17 | 000,000,000 | ---D | C] TweakNow RegCleaner -> C:\Documents and Settings\Bill\Application Data\TweakNow RegCleaner -> [2010/07/23 15:27:17 | 000,000,000 | ---D | C] VundoFix Backups -> C:\VundoFix Backups -> [2010/07/23 13:30:21 | 000,000,000 | ---D | C] Spybot - Search & Destroy -> C:\Program Files\Spybot - Search & Destroy -> [2010/07/22 19:10:12 | 000,000,000 | ---D | C] BDOSCAN8 -> C:\WINDOWS\BDOSCAN8 -> [2010/07/22 16:38:03 | 000,000,000 | ---D | C] Sun -> C:\Documents and Settings\All Users\Application Data\Sun -> [2010/07/22 16:04:02 | 000,000,000 | ---D | C] deployJava1.dll -> C:\WINDOWS\System32\deployJava1.dll -> [2010/07/22 16:03:40 | 000,423,656 | ---- | C] (Oracle) mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/07/22 13:16:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/07/22 13:16:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/07/22 13:16:37 | 000,000,000 | ---D | C] PIF -> C:\WINDOWS\PIF -> [2010/07/22 11:18:48 | 000,000,000 | -H-D | C] Glary Utilities -> C:\Program Files\Glary Utilities -> [2010/07/21 21:33:42 | 000,000,000 | ---D | C] GlarySoft -> C:\Documents and Settings\Bill\Application Data\GlarySoft -> [2010/07/21 21:19:28 | 000,000,000 | ---D | C] Glary Registry Repair -> C:\Program Files\Glary Registry Repair -> [2010/07/21 21:19:28 | 000,000,000 | ---D | C] Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/07/21 18:34:24 | 000,000,000 | ---D | C] MpEngineStore -> C:\WINDOWS\System32\MpEngineStore -> [2010/07/21 16:22:31 | 000,000,000 | ---D | C] Adobe -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe -> [2010/07/16 07:41:36 | 000,000,000 | ---D | C] Sun -> C:\Documents and Settings\NetworkService\Application Data\Sun -> [2010/07/16 07:41:30 | 000,000,000 | ---D | C] Real -> C:\Documents and Settings\NetworkService\Application Data\Real -> [2010/07/14 19:31:34 | 000,000,000 | ---D | C] Adobe -> C:\Documents and Settings\NetworkService\Application Data\Adobe -> [2010/07/14 18:05:51 | 000,000,000 | ---D | C] Macromedia -> C:\Documents and Settings\NetworkService\Application Data\Macromedia -> [2010/07/14 16:09:45 | 000,000,000 | ---D | C] helpsvc.exe -> C:\WINDOWS\System32\dllcache\helpsvc.exe -> [2010/07/14 14:55:13 | 000,744,448 | ---- | C] (Microsoft Corporation) IMPLODE.DLL -> C:\WINDOWS\System32\IMPLODE.DLL -> [2006/07/24 09:41:19 | 000,018,944 | ---- | C] ( ) [Files/Folders - Modified Within 30 Days] OTS.exe -> C:\Documents and Settings\Bill\Desktop\OTS.exe -> [2010/08/07 17:27:19 | 000,641,536 | ---- | M] (OldTimer Tools) wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/08/07 17:24:30 | 000,002,206 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/08/07 17:24:22 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/08/07 17:24:14 | 000,002,048 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/08/07 17:24:13 | 1063,407,616 | -HS- | M] () ntuser.dat -> C:\Documents and Settings\Bill\ntuser.dat -> [2010/08/06 13:16:49 | 008,650,752 | ---- | M] () ntuser.ini -> C:\Documents and Settings\Bill\ntuser.ini -> [2010/08/06 13:16:38 | 000,000,278 | -HS- | M] () IconCache.db -> C:\Documents and Settings\Bill\Local Settings\Application Data\IconCache.db -> [2010/08/04 20:44:06 | 004,840,900 | -H-- | M] () CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2010/08/04 20:32:47 | 000,002,626 | ---- | M] () hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2010/08/02 10:49:47 | 000,000,789 | ---- | M] () shell32.dll -> C:\WINDOWS\System32\dllcache\shell32.dll -> [2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/07/25 22:36:41 | 000,001,374 | ---- | M] () deployJava1.dll -> C:\WINDOWS\System32\deployJava1.dll -> [2010/07/25 21:32:54 | 000,423,656 | ---- | M] (Oracle) javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2010/07/25 21:32:54 | 000,153,376 | ---- | M] (Oracle) javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2010/07/25 21:32:54 | 000,145,184 | ---- | M] (Oracle) java.exe -> C:\WINDOWS\System32\java.exe -> [2010/07/25 21:32:54 | 000,145,184 | ---- | M] (Oracle) javacpl.cpl -> C:\WINDOWS\System32\javacpl.cpl -> [2010/07/25 21:32:54 | 000,073,728 | ---- | M] (Oracle) jre-6u21-windows-i586.exe -> C:\Documents and Settings\Bill\Desktop\jre-6u21-windows-i586.exe -> [2010/07/25 21:22:07 | 016,066,336 | ---- | M] (Oracle) system.ini -> C:\WINDOWS\system.ini -> [2010/07/25 18:43:40 | 000,000,227 | ---- | M] () boot.ini -> C:\boot.ini -> [2010/07/25 12:42:40 | 000,000,281 | RHS- | M] () HelpAsst_mebroot_fix.exe -> C:\Documents and Settings\Bill\Desktop\HelpAsst_mebroot_fix.exe -> [2010/07/24 22:16:36 | 000,490,232 | ---- | M] () Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Bill\Desktop\Spybot - Search & Destroy.lnk -> [2010/07/22 19:10:17 | 000,000,933 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/07/22 13:16:42 | 000,000,696 | ---- | M] () win.ini -> C:\WINDOWS\win.ini -> [2010/07/22 12:53:35 | 000,000,707 | ---- | M] () Boot.bak -> C:\Boot.bak -> [2010/07/22 12:53:35 | 000,000,211 | ---- | M] () hosts.20100722-191435.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20100722-191435.backup -> [2010/07/22 11:18:16 | 000,000,671 | ---- | M] () Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk -> [2010/07/21 18:13:38 | 000,001,729 | ---- | M] () Launch Internet Explorer Browser.lnk -> C:\Documents and Settings\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2010/07/21 18:11:44 | 000,000,815 | ---- | M] () PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2010/07/21 16:59:30 | 000,470,942 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/07/21 16:59:30 | 000,402,426 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/07/21 16:59:30 | 000,062,032 | ---- | M] () MRT.INI -> C:\WINDOWS\System32\MRT.INI -> [2010/07/21 15:08:38 | 000,000,172 | ---- | M] () iis6.BAK -> C:\WINDOWS\iis6.BAK -> [2010/07/14 16:22:08 | 002,004,649 | ---- | M] () [Files - No Company Name] HelpAsst_mebroot_fix.exe -> C:\Documents and Settings\Bill\Desktop\HelpAsst_mebroot_fix.exe -> [2010/08/06 08:31:53 | 000,490,232 | ---- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2010/08/03 17:20:41 | 1063,407,616 | -HS- | C] () Boot.bak -> C:\Boot.bak -> [2010/07/25 12:42:39 | 000,000,211 | ---- | C] () cmldr -> C:\cmldr -> [2010/07/25 12:42:37 | 000,260,272 | ---- | C] () PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/07/25 12:40:43 | 000,256,512 | ---- | C] () grep.exe -> C:\WINDOWS\grep.exe -> [2010/07/25 12:40:43 | 000,080,412 | ---- | C] () zip.exe -> C:\WINDOWS\zip.exe -> [2010/07/25 12:40:43 | 000,068,096 | ---- | C] () sed.exe -> C:\WINDOWS\sed.exe -> [2010/07/24 22:19:06 | 000,098,816 | ---- | C] () Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Bill\Desktop\Spybot - Search & Destroy.lnk -> [2010/07/22 19:10:17 | 000,000,933 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/07/22 13:16:42 | 000,000,696 | ---- | C] () MRT.INI -> C:\WINDOWS\System32\MRT.INI -> [2010/07/21 15:08:38 | 000,000,172 | ---- | C] () ntuser.dat -> C:\Documents and Settings\Bill\ntuser.dat -> [2010/07/10 21:37:13 | 008,650,752 | ---- | C] () QUICKEN.INI -> C:\WINDOWS\QUICKEN.INI -> [2009/10/20 19:43:56 | 000,000,210 | ---- | C] () OGACheckControl.dll -> C:\WINDOWS\System32\OGACheckControl.dll -> [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () bdoscandellang.ini -> C:\WINDOWS\bdoscandellang.ini -> [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () WLAN.INI -> C:\WINDOWS\System32\WLAN.INI -> [2007/10/12 19:51:55 | 000,001,361 | ---- | C] () GTW32N50.dll -> C:\WINDOWS\System32\GTW32N50.dll -> [2007/10/12 19:39:46 | 000,094,208 | ---- | C] () dirsaver.ini -> C:\WINDOWS\dirsaver.ini -> [2007/04/09 12:07:57 | 000,000,012 | ---- | C] () UES07.INI -> C:\WINDOWS\UES07.INI -> [2007/02/03 13:41:39 | 000,000,000 | ---- | C] () liveup.ini -> C:\WINDOWS\liveup.ini -> [2007/01/05 10:08:34 | 000,000,044 | ---- | C] () atnt40k.sys -> C:\WINDOWS\System32\drivers\atnt40k.sys -> [2006/11/28 16:59:10 | 000,051,304 | ---- | C] () A5W.INI -> C:\WINDOWS\A5W.INI -> [2006/11/03 14:59:28 | 000,000,035 | ---- | C] () cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2006/11/02 10:39:05 | 000,000,088 | ---- | C] () crw.ini -> C:\WINDOWS\crw.ini -> [2006/09/06 18:11:10 | 000,000,041 | ---- | C] () wh2robo.dll -> C:\WINDOWS\System32\wh2robo.dll -> [2006/07/25 17:20:55 | 000,040,960 | R--- | C] () KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2006/07/24 12:41:48 | 000,003,350 | -HS- | C] () 3592AEE09E.sys -> C:\WINDOWS\System32\3592AEE09E.sys -> [2006/07/24 12:41:48 | 000,000,088 | RHS- | C] () ODBCSTF.DLL -> C:\WINDOWS\System32\ODBCSTF.DLL -> [2006/07/24 09:41:35 | 000,022,016 | ---- | C] () P2SODBC.DLL -> C:\WINDOWS\System32\P2SODBC.DLL -> [2006/07/24 09:41:21 | 000,131,072 | ---- | C] () P2IRDAO.DLL -> C:\WINDOWS\System32\P2IRDAO.DLL -> [2006/07/24 09:41:21 | 000,054,272 | ---- | C] () P2CTDAO.DLL -> C:\WINDOWS\System32\P2CTDAO.DLL -> [2006/07/24 09:41:21 | 000,050,176 | ---- | C] () CO2C40EN.DLL -> C:\WINDOWS\System32\CO2C40EN.DLL -> [2006/07/24 09:41:20 | 000,748,160 | ---- | C] () P2BBND.DLL -> C:\WINDOWS\System32\P2BBND.DLL -> [2006/07/24 09:41:20 | 000,036,352 | ---- | C] () BANTExt.sys -> C:\WINDOWS\System32\drivers\BANTExt.sys -> [2006/07/22 15:27:09 | 000,003,840 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2006/06/23 10:23:46 | 000,000,061 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2006/06/23 10:18:01 | 000,000,173 | ---- | C] () DellSystemRestore.dll -> C:\WINDOWS\System32\DellSystemRestore.dll -> [2006/06/23 10:13:17 | 000,712,704 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2006/06/23 10:08:16 | 000,000,376 | ---- | C] () OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2006/06/23 09:46:42 | 000,000,392 | ---- | C] () px.ini -> C:\WINDOWS\System32\px.ini -> [2005/11/10 08:56:34 | 000,000,000 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/11 17:24:19 | 000,000,791 | ---- | C] () fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2004/08/11 17:11:31 | 000,001,793 | ---- | C] () [File - Lop Check] Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/07/21 18:34:24 | 000,000,000 | ---D | M] Geek Squad -> C:\Documents and Settings\All Users\Application Data\Geek Squad -> [2008/01/17 15:40:02 | 000,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2006/06/23 10:11:10 | 000,000,000 | ---D | M] {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/10/14 22:14:47 | 000,000,000 | ---D | M] Broadlook Technologies -> C:\Documents and Settings\Bill\Application Data\Broadlook Technologies -> [2006/07/31 14:32:45 | 000,000,000 | ---D | M] GlarySoft -> C:\Documents and Settings\Bill\Application Data\GlarySoft -> [2010/07/22 11:22:25 | 000,000,000 | ---D | M] Leadertech -> C:\Documents and Settings\Bill\Application Data\Leadertech -> [2006/09/28 14:58:44 | 000,000,000 | ---D | M] TweakNow RegCleaner -> C:\Documents and Settings\Bill\Application Data\TweakNow RegCleaner -> [2010/07/23 15:27:17 | 000,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\Bill\Application Data\Viewpoint -> [2007/06/18 08:52:42 | 000,000,000 | ---D | M] Watchtower -> C:\Documents and Settings\Bill\Application Data\Watchtower -> [2008/01/06 21:24:57 | 000,000,000 | ---D | M] webex -> C:\Documents and Settings\Bill\Application Data\webex -> [2010/06/29 16:11:08 | 000,000,000 | ---D | M] [File - Purity Scan] [Custom Scans] < netsvcs > < drivers32 > < %SYSTEMDRIVE%\*.* > AUTOEXEC.BAT -> C:\AUTOEXEC.BAT -> [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () Bay Resources Quicken Backup.QBB -> C:\Bay Resources Quicken Backup.QBB -> [2008/01/20 20:11:08 | 006,970,576 | ---- | M] () Boot.bak -> C:\Boot.bak -> [2010/07/22 12:53:35 | 000,000,211 | ---- | M] () boot.ini -> C:\boot.ini -> [2010/07/25 12:42:40 | 000,000,281 | RHS- | M] () cmldr -> C:\cmldr -> [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () ComboFix.txt -> C:\ComboFix.txt -> [2010/07/25 18:46:06 | 000,016,557 | ---- | M] () CONFIG.SYS -> C:\CONFIG.SYS -> [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () dell.sdr -> C:\dell.sdr -> [2006/06/23 09:51:56 | 000,005,951 | RH-- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/08/07 17:24:13 | 1063,407,616 | -HS- | M] () INFCACHE.1 -> C:\INFCACHE.1 -> [2006/07/22 12:55:51 | 000,004,128 | ---- | M] () IO.SYS -> C:\IO.SYS -> [2004/08/11 17:15:00 | 000,000,000 | -H-- | M] () IPH.PH -> C:\IPH.PH -> [2006/06/23 10:11:13 | 000,000,840 | -H-- | M] () MSDOS.SYS -> C:\MSDOS.SYS -> [2004/08/11 17:15:00 | 000,000,000 | -H-- | M] () NTDETECT.COM -> C:\NTDETECT.COM -> [2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () ntldr -> C:\ntldr -> [2008/11/10 01:28:04 | 000,250,048 | RHS- | M] () RootRepeal report 02-08-10 (16-21-32).txt -> C:\RootRepeal report 02-08-10 (16-21-32).txt -> [2010/02/08 17:21:32 | 000,002,760 | ---- | M] () RootRepeal report 02-13-10 (08-47-41).txt -> C:\RootRepeal report 02-13-10 (08-47-41).txt -> [2010/02/13 09:47:41 | 000,002,806 | ---- | M] () SearchParty.log -> C:\SearchParty.log -> [2007/02/03 13:20:16 | 000,253,226 | ---- | M] () SystemInfo.ini -> C:\SystemInfo.ini -> [2006/06/23 10:11:19 | 000,000,087 | ---- | M] () TDSSKiller.2.4.0.0_25.07.2010_12.29.35_log.txt -> C:\TDSSKiller.2.4.0.0_25.07.2010_12.29.35_log.txt -> [2010/07/25 12:30:34 | 000,049,340 | ---- | M] () TDSSKiller.2.4.0.0_28.07.2010_18.32.11_log.txt -> C:\TDSSKiller.2.4.0.0_28.07.2010_18.32.11_log.txt -> [2010/07/28 18:34:42 | 000,047,688 | ---- | M] () VundoFix.txt -> C:\VundoFix.txt -> [2010/07/23 15:24:35 | 000,000,136 | ---- | M] () < %systemroot%\system32\*.wt > < %systemroot%\system32\*.ruy > < %systemroot%\Fonts\*.com > < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini > desktop.ini -> C:\WINDOWS\Fonts\desktop.ini -> [2004/08/11 17:14:22 | 000,000,067 | -HS- | M] () < %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > mdippr.dll -> C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll -> [2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) msonpppr.dll -> C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll -> [2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > avastSS.scr -> C:\WINDOWS\avastSS.scr -> [2010/06/28 16:57:33 | 000,038,848 | ---- | M] (ALWIL Software) MRINetwork screen saver.scr -> C:\WINDOWS\MRINetwork screen saver.scr -> [2007/04/09 11:15:31 | 002,149,807 | ---- | M] (Goldshell Digital Media) < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > LastFlashConfig.WFC -> C:\Documents and Settings\Bill\Application Data\Microsoft\LastFlashConfig.WFC -> [2009/10/18 18:58:25 | 000,001,714 | -H-- | M] () < %PROGRAMFILES%\*.* > Mi -> C:\Program Files\Mi -> [2006/09/06 08:47:18 | 000,068,800 | ---- | M] () < %APPDATA%\Update\*.* > < %ALLUSERSPROFILE%\Application Data\*. > Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [2010/02/03 18:02:53 | 000,000,000 | ---D | M] Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/07/21 18:34:24 | 000,000,000 | ---D | M] AOL -> C:\Documents and Settings\All Users\Application Data\AOL -> [2006/06/23 10:10:42 | 000,000,000 | ---D | M] Apple -> C:\Documents and Settings\All Users\Application Data\Apple -> [2009/10/14 22:15:25 | 000,000,000 | ---D | M] Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [2010/03/27 12:55:35 | 000,000,000 | ---D | M] Dell -> C:\Documents and Settings\All Users\Application Data\Dell -> [2008/01/24 14:14:01 | 000,000,000 | ---D | M] Geek Squad -> C:\Documents and Settings\All Users\Application Data\Geek Squad -> [2008/01/17 15:40:02 | 000,000,000 | ---D | M] Google -> C:\Documents and Settings\All Users\Application Data\Google -> [2009/01/18 14:49:40 | 000,000,000 | ---D | M] GTek -> C:\Documents and Settings\All Users\Application Data\GTek -> [2006/06/23 10:11:37 | 000,000,000 | ---D | M] InstallShield -> C:\Documents and Settings\All Users\Application Data\InstallShield -> [2006/06/23 10:15:09 | 000,000,000 | ---D | M] Intuit -> C:\Documents and Settings\All Users\Application Data\Intuit -> [2009/10/20 19:43:34 | 000,000,000 | ---D | M] Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/02/04 13:46:31 | 000,000,000 | ---D | M] McAfee -> C:\Documents and Settings\All Users\Application Data\McAfee -> [2010/02/04 14:59:57 | 000,000,000 | ---D | M] McAfee.com -> C:\Documents and Settings\All Users\Application Data\McAfee.com -> [2007/02/12 10:32:37 | 000,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [2010/06/04 03:01:07 | 000,000,000 | --SD | M] Microsoft Help -> C:\Documents and Settings\All Users\Application Data\Microsoft Help -> [2010/07/21 18:05:05 | 000,000,000 | ---D | M] Office Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage -> [2010/04/21 18:28:25 | 000,000,000 | ---D | M] QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime -> [2006/11/03 16:48:01 | 000,000,000 | ---D | M] Real -> C:\Documents and Settings\All Users\Application Data\Real -> [2010/04/22 14:35:48 | 000,000,000 | ---D | M] SBSI -> C:\Documents and Settings\All Users\Application Data\SBSI -> [2004/08/11 17:25:52 | 000,000,000 | ---D | M] SiteAdvisor -> C:\Documents and Settings\All Users\Application Data\SiteAdvisor -> [2008/10/09 02:03:50 | 000,000,000 | ---D | M] Skype -> C:\Documents and Settings\All Users\Application Data\Skype -> [2009/09/08 20:00:09 | 000,000,000 | ---D | M] Sonic -> C:\Documents and Settings\All Users\Application Data\Sonic -> [2006/06/23 10:06:42 | 000,000,000 | ---D | M] Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [2010/07/22 20:17:41 | 000,000,000 | ---D | M] Sun -> C:\Documents and Settings\All Users\Application Data\Sun -> [2010/07/22 16:04:02 | 000,000,000 | ---D | M] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [2010/02/09 14:32:00 | 000,000,000 | ---D | M] Symantec -> C:\Documents and Settings\All Users\Application Data\Symantec -> [2010/02/03 18:05:51 | 000,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2006/06/23 10:11:10 | 000,000,000 | ---D | M] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [2006/07/22 13:32:30 | 000,000,000 | ---D | M] Yahoo! Companion -> C:\Documents and Settings\All Users\Application Data\Yahoo! Companion -> [2006/10/16 11:44:00 | 000,000,000 | ---D | M] {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/10/14 22:14:47 | 000,000,000 | ---D | M] < %ALLUSERSPROFILE%\Application Data\*.exe /s > DifXInstall32.exe -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\DifXInstall32.exe -> [2009/02/04 14:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) SetupAdmin.exe -> C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe -> [2010/02/15 18:41:46 | 000,072,488 | ---- | M] (Apple Inc.) TransferAgent.exe -> C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe -> [2007/11/13 17:46:00 | 000,135,168 | ---- | M] ( ) QWPATCH.EXE -> C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\QWPATCH.EXE -> [2009/11/29 20:26:32 | 000,204,800 | ---- | M] () < %APPDATA%\*. > Adobe -> C:\Documents and Settings\Bill\Application Data\Adobe -> [2008/03/05 13:59:34 | 000,000,000 | ---D | M] AdobeUM -> C:\Documents and Settings\Bill\Application Data\AdobeUM -> [2007/01/12 18:03:00 | 000,000,000 | ---D | M] Apple Computer -> C:\Documents and Settings\Bill\Application Data\Apple Computer -> [2009/10/16 16:19:18 | 000,000,000 | ---D | M] Broadlook Technologies -> C:\Documents and Settings\Bill\Application Data\Broadlook Technologies -> [2006/07/31 14:32:45 | 000,000,000 | ---D | M] Corel Photo Album -> C:\Documents and Settings\Bill\Application Data\Corel Photo Album -> [2006/07/24 12:42:24 | 000,000,000 | ---D | M] GlarySoft -> C:\Documents and Settings\Bill\Application Data\GlarySoft -> [2010/07/22 11:22:25 | 000,000,000 | ---D | M] Google -> C:\Documents and Settings\Bill\Application Data\Google -> [2007/07/27 17:09:01 | 000,000,000 | ---D | M] Gtek -> C:\Documents and Settings\Bill\Application Data\Gtek -> [2007/04/10 15:47:26 | 000,000,000 | -H-D | M] Help -> C:\Documents and Settings\Bill\Application Data\Help -> [2006/12/14 15:25:15 | 000,000,000 | ---D | M] Identities -> C:\Documents and Settings\Bill\Application Data\Identities -> [2004/08/11 17:20:36 | 000,000,000 | ---D | M] InstallShield -> C:\Documents and Settings\Bill\Application Data\InstallShield -> [2007/04/08 16:56:07 | 000,000,000 | ---D | M] Intuit -> C:\Documents and Settings\Bill\Application Data\Intuit -> [2009/10/20 19:43:59 | 000,000,000 | ---D | M] Leadertech -> C:\Documents and Settings\Bill\Application Data\Leadertech -> [2006/09/28 14:58:44 | 000,000,000 | ---D | M] Macromedia -> C:\Documents and Settings\Bill\Application Data\Macromedia -> [2006/07/22 13:38:14 | 000,000,000 | ---D | M] Malwarebytes -> C:\Documents and Settings\Bill\Application Data\Malwarebytes -> [2010/02/04 13:46:40 | 000,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\Bill\Application Data\Microsoft -> [2010/06/26 15:09:39 | 000,000,000 | --SD | M] Mozilla -> C:\Documents and Settings\Bill\Application Data\Mozilla -> [2006/11/02 10:39:02 | 000,000,000 | ---D | M] Office Genuine Advantage -> C:\Documents and Settings\Bill\Application Data\Office Genuine Advantage -> [2010/04/21 18:28:21 | 000,000,000 | ---D | M] Real -> C:\Documents and Settings\Bill\Application Data\Real -> [2007/03/07 10:09:58 | 000,000,000 | ---D | M] Skype -> C:\Documents and Settings\Bill\Application Data\Skype -> [2009/11/21 15:06:38 | 000,000,000 | ---D | M] skypePM -> C:\Documents and Settings\Bill\Application Data\skypePM -> [2009/11/20 09:06:47 | 000,000,000 | ---D | M] Sonic -> C:\Documents and Settings\Bill\Application Data\Sonic -> [2006/09/28 14:58:52 | 000,000,000 | ---D | M] Sun -> C:\Documents and Settings\Bill\Application Data\Sun -> [2006/06/23 10:02:15 | 000,000,000 | ---D | M] Symantec -> C:\Documents and Settings\Bill\Application Data\Symantec -> [2006/06/23 10:12:16 | 000,000,000 | ---D | M] TweakNow RegCleaner -> C:\Documents and Settings\Bill\Application Data\TweakNow RegCleaner -> [2010/07/23 15:27:17 | 000,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\Bill\Application Data\Viewpoint -> [2007/06/18 08:52:42 | 000,000,000 | ---D | M] Watchtower -> C:\Documents and Settings\Bill\Application Data\Watchtower -> [2008/01/06 21:24:57 | 000,000,000 | ---D | M] webex -> C:\Documents and Settings\Bill\Application Data\webex -> [2010/06/29 16:11:08 | 000,000,000 | ---D | M] < %APPDATA%\*.exe /s > AdbeRdr709_en_US.exe -> C:\Documents and Settings\Bill\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe -> [2007/01/12 18:06:08 | 021,277,080 | ---- | M] ( ) RunGdp.exe -> C:\Documents and Settings\Bill\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\HTML\item_templ\coach\RunGdp.exe -> [2007/07/18 17:42:32 | 000,064,512 | ---- | M] (Gteko Ltd.) TransferAgentSetup.exe -> C:\Documents and Settings\Bill\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\CIP\TransferAgentSetup.exe -> [2008/01/24 14:14:00 | 000,327,437 | ---- | M] () MakeDesktopShortcut.EXE -> C:\Documents and Settings\Bill\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\HTML\MakeDesktopShortcut.EXE -> [2007/04/17 15:55:23 | 000,123,138 | ---- | M] () ARPPRODUCTICON.exe -> C:\Documents and Settings\Bill\Application Data\Microsoft\Installer\{29622F4A-245C-4126-8764-897E21E888D1}\ARPPRODUCTICON.exe -> [2007/07/27 17:08:49 | 000,026,694 | R--- | M] () googleearth.exe1_29622F4A245C41268764897E21E888D1.exe -> C:\Documents and Settings\Bill\Application Data\Microsoft\Installer\{29622F4A-245C-4126-8764-897E21E888D1}\googleearth.exe1_29622F4A245C41268764897E21E888D1.exe -> [2007/07/27 17:08:49 | 000,026,694 | R--- | M] () googleearth.exe_29622F4A245C41268764897E21E888D1.exe -> C:\Documents and Settings\Bill\Application Data\Microsoft\Installer\{29622F4A-245C-4126-8764-897E21E888D1}\googleearth.exe_29622F4A245C41268764897E21E888D1.exe -> [2007/07/27 17:08:49 | 000,026,694 | R--- | M] () UNINST_Uninstall_G_29622F4A245C41268764897E21E888D1.exe -> C:\Documents and Settings\Bill\Application Data\Microsoft\Installer\{29622F4A-245C-4126-8764-897E21E888D1}\UNINST_Uninstall_G_29622F4A245C41268764897E21E888D1.exe -> [2007/07/27 17:08:49 | 000,026,694 | R--- | M] () ARPPRODUCTICON.exe -> C:\Documents and Settings\Bill\Application Data\Microsoft\Installer\{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}\ARPPRODUCTICON.exe -> [2007/04/08 16:59:23 | 000,010,134 | R--- | M] () NewShortcut3_2E7595EC4FB14E2993D49083C8A9B107.exe -> C:\Documents and Settings\Bill\Application Data\Microsoft\Installer\{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}\NewShortcut3_2E7595EC4FB14E2993D49083C8A9B107.exe -> [2007/04/08 16:59:23 | 000,040,960 | R--- | M] (InstallShield Software Corp.) setup.exe -> C:\Documents and Settings\Bill\Application Data\Real\Update\setup3.10\setup.exe -> [2010/06/30 18:39:10 | 000,439,816 | ---- | M] (RealNetworks, Inc.) < %systemroot%\*. /mp /s > Restore point Set: OTS Restore Point (0) < %systemroot%\System32\config\*.sav > default.sav -> C:\WINDOWS\system32\config\default.sav -> [2004/08/11 17:06:14 | 000,094,208 | ---- | M] () software.sav -> C:\WINDOWS\system32\config\software.sav -> [2004/08/11 17:06:14 | 000,659,456 | ---- | M] () system.sav -> C:\WINDOWS\system32\config\system.sav -> [2004/08/11 17:06:14 | 000,876,544 | ---- | M] () < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime -> 2010-08-04 00:14:20 -> < End of report > [/code]