[code] OTS logfile created on: 21/03/2011 20:35:50 - Run 1 OTS by OldTimer - Version 3.1.42.0 Folder = C:\Documents and Settings\HP_Administrator\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 179.56 Gb Total Space | 139.73 Gb Free Space | 77.82% Space Free | Partition Type: NTFS Drive D: | 6.73 Gb Total Space | 0.66 Gb Free Space | 9.79% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: OLLY Current User Name: HP_Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\HP_Administrator\Desktop\OTS.exe -> [2011/03/21 19:07:49 | 000,645,632 | ---- | M] (OldTimer Tools) msseces.exe -> C:\Program Files\Microsoft Security Client\msseces.exe -> [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) msmpeng.exe -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2010/02/16 12:49:15 | 000,198,160 | ---- | M] (RealNetworks, Inc.) affinegyservice.exe -> C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe -> [2008/05/26 16:14:56 | 000,143,360 | ---- | M] (Affinegy, Inc.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) symlcsvc.exe -> C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2008/01/23 22:51:32 | 001,251,720 | ---- | M] () wg111v3.exe -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe -> [2007/09/12 15:14:42 | 001,527,808 | ---- | M] () apdproxy.exe -> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> [2007/03/09 10:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) dmascheduler.exe -> C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe -> [2006/04/13 01:05:00 | 000,090,112 | ---- | M] (Sonic Solutions) ssaad.exe -> C:\Program Files\Sony\SonicStage\SSAAD.exe -> [2006/01/07 01:36:10 | 000,081,920 | ---- | M] () jusched.exe -> C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe -> [2005/11/10 12:03:52 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) arpwrmsg.exe -> C:\WINDOWS\arpwrmsg.exe -> [2005/08/02 15:19:16 | 000,077,312 | ---- | M] (Microsoft) arservice.exe -> C:\WINDOWS\arservice.exe -> [2005/08/02 15:19:16 | 000,058,880 | ---- | M] (Microsoft) [Modules - Safe List] ots.exe -> C:\Documents and Settings\HP_Administrator\Desktop\OTS.exe -> [2011/03/21 19:07:49 | 000,645,632 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 16:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Auto | Stopped] -> -> File not found (MSIServer) Windows Installer [Disabled | Stopped] -> -> File not found (HidServ) Human Interface Device Access [Disabled | Stopped] -> -> File not found (gupdate) Google Update Service (gupdate) [Auto | Stopped] -> -> File not found (MsMpSvc) Microsoft Antimalware Service [Auto | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) (StumbleUponUpdateService) StumbleUponUpdateService [On_Demand | Stopped] -> C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -> [2010/03/25 20:21:24 | 000,120,232 | ---- | M] (stumbleupon.com) (SolidWorks Licensing Service) SolidWorks Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -> [2010/03/12 18:14:40 | 000,079,360 | ---- | M] (SolidWorks) (sdCoreService) PC Tools Security Service [On_Demand | Stopped] -> C:\Program Files\Spyware Doctor\pctsSvc.exe -> [2009/08/24 17:49:12 | 001,097,096 | ---- | M] (PC Tools) (ThreatFire) ThreatFire [On_Demand | Stopped] -> C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -> [2009/03/31 10:23:06 | 000,070,944 | ---- | M] (PC Tools) (sdAuxService) PC Tools Auxiliary Service [On_Demand | Stopped] -> C:\Program Files\Spyware Doctor\pctsAuxs.exe -> [2009/01/07 11:40:56 | 000,348,752 | ---- | M] (PC Tools) (AffinegyService) AffinegyService [Auto | Running] -> C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe -> [2008/05/26 16:14:56 | 000,143,360 | ---- | M] (Affinegy, Inc.) (Symantec Core LC) Symantec Core LC [Auto | Running] -> C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2008/01/23 22:51:32 | 001,251,720 | ---- | M] () (WinDefend) Windows Defender [Auto | Stopped] -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) (SSScsiSV) SonicStage SCSI Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -> [2006/01/06 21:25:12 | 000,069,632 | ---- | M] (Sony Corporation) (MSCSPTISRV) MSCSPTISRV [On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -> [2005/11/24 16:03:22 | 000,053,337 | ---- | M] (Sony Corporation) (PACSPTISVR) PACSPTISVR [On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -> [2005/11/24 15:57:44 | 000,053,337 | ---- | M] (Sony Corporation) (SPTISRV) Sony SPTI Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -> [2005/11/24 15:47:30 | 000,069,718 | ---- | M] (Sony Corporation) (ARSVC) ARSVC [Auto | Running] -> C:\WINDOWS\arservice.exe -> [2005/08/02 15:19:16 | 000,058,880 | ---- | M] (Microsoft) [Driver Services - Safe List] (MpKsle972738f) MpKsle972738f [Kernel | System | Running] -> c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4965C2DA-4D74-43A1-AEDC-9CC39A65D313}\MpKsle972738f.sys -> [2011/03/21 18:43:40 | 000,028,752 | ---- | M] (Microsoft Corporation) (PCTCore) PCTools KDS [File_System | Boot | Running] -> C:\WINDOWS\system32\drivers\PCTCore.sys -> [2009/11/24 19:25:44 | 000,206,256 | ---- | M] (PC Tools) (TfSysMon) TfSysMon [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\TfSysMon.sys -> [2009/03/31 10:23:26 | 000,039,200 | ---- | M] (PC Tools) (TfNetMon) TfNetMon [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\TfNetMon.sys -> [2009/03/31 10:23:24 | 000,033,056 | ---- | M] (PC Tools) (TfFsMon) TfFsMon [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\TfFsMon.sys -> [2009/03/31 10:23:20 | 000,051,488 | ---- | M] (PC Tools) (pctgntdi) pctgntdi [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\pctgntdi.sys -> [2008/12/11 07:38:22 | 000,159,600 | ---- | M] (PC Tools) (pctplsg) pctplsg [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\pctplsg.sys -> [2008/12/10 10:36:04 | 000,064,392 | ---- | M] (PC Tools) (AFGSp50) AFGSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\AFGSp50.sys -> [2008/05/26 16:09:42 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) (USB_RNDIS) USB Remote NDIS Network Device Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usb8023.sys -> [2008/04/13 18:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) (VolSnap) VolSnap [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\volsnap.sys -> [2008/04/13 18:41:01 | 000,052,352 | ---- | M] () (RTL8187B) NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wg111v3.sys -> [2007/12/28 20:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) (RTLWUSB) Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RTL8187.sys -> [2007/01/11 10:20:06 | 000,194,304 | R--- | M] (Realtek Semiconductor Corporation ) (symlcbrd) symlcbrd [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\symlcbrd.sys -> [2006/10/23 10:15:07 | 000,010,344 | ---- | M] (Symantec Corporation) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2006/07/24 16:15:04 | 004,353,024 | ---- | M] (Realtek Semiconductor Corp.) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2006/04/04 21:58:44 | 001,536,000 | ---- | M] (ATI Technologies Inc.) (MRENDIS5) MRENDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\Program Files\Common Files\Motive\MRENDIS5.sys -> [2006/03/24 16:53:07 | 000,018,003 | ---- | M] (Motive, Inc.) (RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtnicxp.sys -> [2006/02/27 05:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation ) (Ps2) Ps2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\PS2.sys -> [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RTL8139.sys -> [2004/08/03 14:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Search\\"CustomSearch" -> http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/cs/*http://uk.docs.yahoo.com/info/bt_side.html -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PAVILION&pf=desktop -> HKEY_USERS\.DEFAULT\: Main\\"Default_Search_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PAVILION&pf=desktop -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> HKEY_USERS\.DEFAULT\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PAVILION&pf=desktop -> HKEY_USERS\S-1-5-18\: Main\\"Default_Search_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PAVILION&pf=desktop -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-18\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\] > -> -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: Main\\"Default_Search_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PAVILION&pf=desktop -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: Main\\"SearchMigratedDefaultName" -> Google -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: Main\\"Start Page" -> http://community.tes.co.uk/forums/31.aspx -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: SearchURL\\"" -> http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/ -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar] -> File not found HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\: "ProxyOverride" -> *.local -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739} -> C:\PROGRAM FILES\SITEADVISOR\FF1\ [C:\PROGRAM FILES\SITEADVISOR\FF1\] -> [2009/05/30 13:35:20 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> < HOSTS File > ([2011/03/16 23:16:41 | 000,000,027 | ---- | M] - 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} [HKLM] -> C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Launcher] -> [2010/03/25 20:21:24 | 001,283,472 | ---- | M] (stumbleupon.com) {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2010/02/16 12:51:00 | 000,329,312 | ---- | M] (RealPlayer) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{5093EB4C-3E93-40AB-9266-B607BA87BDC8}" [HKLM] -> C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Toolbar] -> [2010/03/25 20:21:24 | 001,283,472 | ---- | M] (stumbleupon.com) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Photo Downloader" -> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe ["C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"] -> [2007/03/09 10:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) "AlwaysReady Power Message APP" -> C:\WINDOWS\arpwrmsg.exe [ARPWRMSG.EXE] -> [2005/08/02 15:19:16 | 000,077,312 | ---- | M] (Microsoft) "DMAScheduler" -> c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe ["c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"] -> [2006/04/13 01:05:00 | 000,090,112 | ---- | M] (Sonic Solutions) "ftutil2" -> C:\WINDOWS\System32\ftutil2.dll [rundll32.exe ftutil2.dll,SetWriteCacheMode] -> [2004/06/07 06:05:38 | 000,106,496 | ---- | M] (Promise Technology, Inc.) "HPBootOp" -> C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe ["C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run] -> [2006/02/15 14:34:58 | 000,249,856 | ---- | M] (Hewlett-Packard Company) "MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) "Recguard" -> C:\WINDOWS\SMINST\Recguard.exe [C:\WINDOWS\SMINST\RECGUARD.EXE] -> [2005/07/22 14:14:00 | 000,237,568 | ---- | M] () "SsAAD.exe" -> C:\Program Files\Sony\SonicStage\SSAAD.exe [C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe] -> [2006/01/07 01:36:10 | 000,081,920 | ---- | M] () "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2010/02/16 12:49:15 | 000,198,160 | ---- | M] (RealNetworks, Inc.) "Wireless Manager" -> C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe ["C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" startup] -> [2008/05/26 16:20:50 | 000,585,728 | ---- | M] (Affinegy, Inc.) < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe -> [2007/09/12 15:14:42 | 001,527,808 | ---- | M] () < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk -> C:\hp\bin\cloaker.exe -> [1999/11/07 00:11:14 | 000,027,136 | ---- | M] (Hewlett-Packard Co.) C:\Documents and Settings\Default User\Start Menu\Programs\Startup\PinMcLnk.lnk -> C:\hp\bin\cloaker.exe -> [1999/11/07 00:11:14 | 000,027,136 | ---- | M] (Hewlett-Packard Co.) < HP_Administrator Startup Folder > -> C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007] > -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Policies\Microsoft\Internet Explorer -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\Software\Policies\Microsoft\Internet Explorer\Recovery \Recovery\\"NoReopenLastSession" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found \\"NoCDBurning" -> [0] -> File not found \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"InstallVisualStyle" -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> [2004/08/09 18:39:00 | 001,347,728 | ---- | M] (Microsoft) \\"InstallTheme" -> C:\WINDOWS\Resources\Themes\Royale.Theme [C:\WINDOWS\Resources\Themes\Royale.theme] -> [2004/07/27 17:03:28 | 000,001,293 | ---- | M] () < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007] > -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007] > -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\] > -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html] -> File not found StumbleUpon PhotoBlog It! -> [res://StumbleUponIEBar.dll/blogimage] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll [Menu: Sun Java Console] -> [2008/02/22 04:25:19 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {E2D4D26B-0180-43a4-B05F-462D6D54C789}:C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [HKLM] -> C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [Button: Connection Help] -> [2008/10/11 14:13:39 | 000,000,706 | ---- | M] () {E2D4D26B-0180-43a4-B05F-462D6D54C789}:C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [HKLM] -> C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [Menu: Connection Help] -> [2008/10/11 14:13:39 | 000,000,706 | ---- | M] () < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{E2D4D26B-0180-43a4-B05F-462D6D54C789}" [HKLM] -> [Connection Help] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{E2D4D26B-0180-43a4-B05F-462D6D54C789}" [HKLM] -> [Connection Help] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\] > -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\] > -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] -> Microsoft XML Parser for Java [HKLM] -> file:///C:/WINDOWS/Java/classes/xmldso.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3C5DD490-121D-473B-AB63-58109E2EFD16}\\DhcpNameServer -> 192.168.1.1 (Voyager 220V USB Remote NDIS Device) -> {6538C46C-1BBE-4EBA-BBD1-12A6B68572F0}\\DhcpNameServer -> 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243 (HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> C:\WINDOWS\System32\ati2evxx.dll -> [2006/04/04 21:53:40 | 000,061,440 | ---- | M] (ATI Technologies Inc.) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" [HKLM] -> C:\Program Files\Windows Defender\MpShHook.dll [Microsoft AntiMalware ShellExecuteHook] -> [2006/11/03 19:20:00 | 000,083,224 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" -> C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe [C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe:LocalSubNet:Enabled:Wireless Manager] -> [2008/05/26 16:20:50 | 000,585,728 | ---- | M] (Affinegy, Inc.) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe" -> C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe [C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4] -> [2006/03/30 11:51:12 | 011,747,976 | ---- | M] (Firaxis Games) "C:\Program Files\Spotify\spotify.exe" -> C:\Program Files\Spotify\spotify.exe [C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify] -> [2010/12/17 19:34:01 | 003,982,928 | ---- | M] (Spotify Ltd) "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" -> C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe [C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe:LocalSubNet:Enabled:Wireless Manager] -> [2008/05/26 16:20:50 | 000,585,728 | ---- | M] (Affinegy, Inc.) "E:\Autorun.exe" -> [E:\Autorun.exe:*:Enabled:CD navigator] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2005/10/10 08:20:36 | 000,000,000 | ---- | M] () D:\AUTOEXEC.BAT [] -> D:\AUTOEXEC.BAT [ FAT32 ] -> [2001/07/27 08:07:38 | 000,000,000 | -HS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {0430454D-47EA-11D6-AD58-00010333D0AD} [HKLM] -> Reg Error: Key error. [ComponentID: Yahoo! Import WAB; IsInstalled: 1] -> File not found {10072CEC-8CC1-11D1-986E-00A0C955B42F} [HKLM] -> Reg Error: Key error. [(default): Vector Graphics Rendering (VML); IsInstalled: 01 00 00 00 [binary data]] -> File not found {1803B9EF-9905-4F34-AFC4-05D1BAB28801} [HKLM] -> Reg Error: Key error. [HKLM: Yahoo! Mail Config I; IsInstalled: 1] -> File not found {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.0 Hotfix (KB887998); IsInstalled: 1] -> File not found {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [StubPath] -> [ComponentID: NetShow; IsInstalled: 1] -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> [(default): Microsoft Windows Media Player 6.4; IsInstalled: 1] -> {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [(default): Adobe Shockwave Director 10.4; IsInstalled: 01 00 00 00 [binary data]] -> [2008/08/06 15:30:48 | 000,202,168 | ---- | M] (Adobe Systems, Inc.) {283807B5-2C60-11D0-A31D-00AA00B92C03} [HKLM] -> Reg Error: Key error. [(default): DirectAnimation; IsInstalled: 1] -> File not found {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.0 Hotfix (KB979904); IsInstalled: 1] -> File not found {2A202491-F00D-11cf-87CC-0020AFEECF20} [HKLM] -> Reg Error: Key error. [(default): Adobe Shockwave Director 10.4; IsInstalled: 01 00 00 00 [binary data]] -> File not found {2A3320D6-C805-4280-B423-B665BDE33D8F} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.1 Security Update (KB979906); IsInstalled: 1] -> File not found {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.1 Security Update (KB2416447); IsInstalled: 1] -> File not found {36f8ec70-c29a-11d1-b5c7-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding for Java; IsInstalled: 1] -> File not found {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {3bf42070-b3b1-11d1-b5c5-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Uniscribe; IsInstalled: 1] -> File not found {407408d4-94ed-4d86-ab69-a7f649d112ee} [StubPath] -> %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf [(default): Media Center; IsInstalled: 1] -> {411EDCF7-755D-414E-A74B-3DCD6583F589} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.1 Service Pack 1 (KB867460); IsInstalled: 1] -> File not found {4278c270-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Advanced Authoring; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [(default): Microsoft Outlook Express 6; IsInstalled: 1] -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [(default): NetMeeting 3.01; IsInstalled: 01 00 00 00 [binary data]] -> {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(default): DirectShow; IsInstalled: 1] -> File not found {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f216970-c90c-11d1-b5c7-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): DirectAnimation Java Classes; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.8; IsInstalled: 1] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [(default): Windows Messenger 4.7; IsInstalled: 1] -> {5A8D6EE0-3E18-11D0-821E-444553540000} [HKLM] -> Reg Error: Key error. [ComponentID: ICW; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {73FA19D0-2D75-11D2-995D-00C04F98BBC9} [StubPath] -> [(default): Web Folders; IsInstalled: 1] -> {7790769C-0471-11d2-AF11-00C04FA35D02} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [(default): Address Book 6; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [(default): Internet Explorer; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {8b15971b-5355-4c82-8c07-7e181ea07608} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser [(default): Fax; IsInstalled: 1] -> {924C1588-90C3-4910-B6CA-D57A1C0418FE} [HKLM] -> Reg Error: Key error. [HKLM: YbUploadFavsCtl Class; IsInstalled: 1] -> File not found {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {94de52c8-2d59-4f1b-883e-79663d2d9a8c} [StubPath] -> [(default): Fax Provider; IsInstalled: 1] -> {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.0 Hotfix (KB930494); IsInstalled: 1] -> File not found {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {CC2A9BA0-3BDD-11D0-821E-444553540000} [HKLM] -> Reg Error: Key error. [(default): Task Scheduler; IsInstalled: 1] -> File not found {CDD7975E-60F8-41d5-8149-19E51D6F71D0} [HKLM] -> Reg Error: Key error. [ComponentID: Windows Movie Maker v2.1; IsInstalled: 01 00 00 00 [binary data]] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10m.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00 [binary data]] -> [2011/02/11 18:59:09 | 006,162,592 | R--- | M] (Adobe Systems, Inc.) {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E8EA5BD6-D931-4001-ABF6-81BAA500360A} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.0 Hotfix (KB953295); IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 01 00 00 00 [binary data]] -> File not found {EA29D410-CE41-4953-A862-2DE706A1DAD7} [HKLM] -> Reg Error: Key error. [(default): Microsoft .NET Framework 1.0 Service Pack 3; IsInstalled: 1] -> File not found {EF289A85-8E57-408d-BE47-73B55609861A} [HKLM] -> Reg Error: Key error. [(default): RootsUpdate; IsInstalled: 1] -> File not found {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [StubPath] -> C:\WINDOWS\system32\ieudinit.exe [(default): Internet Explorer Version Update; IsInstalled: 1] -> >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [StubPath] -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [(default): Outlook Express; IsInstalled: 1] -> KB910393 [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall [(default): KB910393; IsInstalled: 1] -> < ActiveX StubPath [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\] > -> HKEY_USERS\S-1-5-21-2228557363-1226132215-2784982647-1007\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {407408d4-94ed-4d86-ab69-a7f649d112ee} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {4b218e3e-bc98-4770-93d3-2731b9329278} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {73FA19D0-2D75-11D2-995D-00C04F98BBC9} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {8b15971b-5355-4c82-8c07-7e181ea07608} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {94de52c8-2d59-4f1b-883e-79663d2d9a8c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found InitiallyClear [HKLM] -> Reg Error: Key error. [(no name)] -> File not found KB910393 [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{09A47860-11B0-4DA5-AFA5-26D86198A780}" [HKLM] -> c:\Program Files\Microsoft Security Client\shellext.dll [EPP] -> [2010/11/30 13:20:42 | 000,300,616 | ---- | M] (Microsoft Corporation) "{0DF44EAA-FF21-4412-828E-260A8728E7F1}" [HKLM] -> [Taskbar and Start Menu] -> File not found "{21D928D4-4850-45E3-9982-AD57051ECD42}" [HKLM] -> C:\Program Files\Common Files\eDrawings2010\edrwthumbnailprovider.dll [Edrawings Document Thumbnail Handler] -> [2009/12/09 04:59:00 | 000,026,624 | ---- | M] (Dassault Systèmes SolidWorks Corp.) "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}" [HKLM] -> C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Microsoft Data Link] -> [2008/04/14 00:12:02 | 000,487,424 | ---- | M] (Microsoft Corporation) "{32714800-2E5F-11d0-8B85-00AA0044F941}" [HKLM] -> C:\Program Files\Outlook Express\wabfind.dll [For &People...] -> [2008/04/14 00:12:08 | 000,032,768 | ---- | M] (Microsoft Corporation) "{42071714-76d4-11d1-8b24-00a0c9068ff3}" [HKLM] -> Reg Error: Key error. [Display Panning CPL Extension] -> File not found "{764BF0E1-F219-11ce-972D-00AA00A14F56}" [HKLM] -> Reg Error: Key error. [Shell extensions for file compression] -> File not found "{7F67036B-66F1-411A-AD85-759FB9C5B0DB}" [HKLM] -> C:\WINDOWS\system32\ShellvRTF.dll [ShellViewRTF] -> [2005/06/03 14:29:30 | 000,237,568 | ---- | M] (XSS) "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}" [HKLM] -> Reg Error: Key error. [Encryption Context Menu] -> File not found "{88895560-9AA2-1069-930E-00AA0030EBC8}" [HKLM] -> C:\WINDOWS\system32\hticons.dll [HyperTerminal Icon Ext] -> [2004/08/09 21:00:00 | 000,044,544 | ---- | M] (Hilgraeve, Inc.) "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010/09/24 01:10:54 | 000,124,200 | ---- | M] (Apple Inc.) "{DBFB267C-334F-4F19-A304-63B7130C20C7}" [HKLM] -> C:\WINDOWS\arpower.dll [MediaCenter Property Page] -> [2005/08/02 15:19:16 | 000,062,464 | ---- | M] (Microsoft) "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" [HKLM] -> C:\Program Files\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> [2010/02/16 12:50:25 | 000,063,016 | ---- | M] (RealNetworks, Inc.) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/09/09 13:01:22 | 000,800,048 | ---- | M] (Apple Inc.) {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2008/08/06 15:30:48 | 000,202,168 | ---- | M] (Adobe Systems, Inc.) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2008/08/06 15:30:48 | 000,202,168 | ---- | M] (Adobe Systems, Inc.) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/09/09 13:01:22 | 000,800,048 | ---- | M] (Apple Inc.) {4536918A-95A8-498F-B542-CB906C561A43} [HKLM] -> [Google Update Plugin] -> File not found {4EC8E993-32C1-47F5-A07A-5B0574655AD4} [HKLM] -> Reg Error: Key error. [Software Center] -> File not found {54BE6B6F-3056-470b-97E1-BB92E051B6C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\wsdetect.dll [isInstalled Class] -> [2008/02/22 04:25:31 | 000,110,592 | ---- | M] (Sun Microsystems, Inc.) {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {65D886A2-7CA7-479B-BB95-14D1EFB7946A} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6B75345B-AA36-438A-BBE6-4078B4C6984D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> [2008/02/22 04:25:19 | 000,509,328 | ---- | M] (Sun Microsystems, Inc.) {7D4CF499-32EC-4e8e-8714-7E74303869F0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll [Java Plug-in 1.6.0_05] -> [2008/02/22 04:25:19 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {9E1DDDD2-0638-4607-B266-13FE69EDFFD3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B2CD4730-67E7-401c-A2CB-D74715E05FA4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2007/05/10 22:26:40 | 000,632,432 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll [Java Plug-in 1.6.0_03] -> [2007/09/25 01:11:34 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll [Java Plug-in 1.6.0_03] -> [2007/09/25 01:11:34 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll [Java Plug-in 1.6.0_03] -> [2007/09/25 01:11:34 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll [Java Plug-in 1.6.0_05] -> [2008/02/22 04:25:19 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll [Java Plug-in 1.6.0_05 redirector] -> [2008/02/22 04:25:19 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll [Java Plug-in 1.6.0_05] -> [2008/02/22 04:25:19 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2010/09/09 13:01:22 | 000,800,048 | ---- | M] (Apple Inc.) {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2010/02/16 12:50:47 | 000,185,920 | ---- | M] (RealNetworks, Inc.) {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10m.ocx [Shockwave Flash Object] -> [2011/02/11 18:59:09 | 006,162,592 | R--- | M] (Adobe Systems, Inc.) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/09/24 01:10:42 | 000,111,912 | ---- | M] (Apple Inc.) 73ECB3AA-4717-450C-A2AB-D00DAD9EE203 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {145B29F4-A56B-4B90-BBAC-45784EBEBBB7} [HKLM] -> C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Launcher] -> [2010/03/25 20:21:24 | 001,283,472 | ---- | M] (stumbleupon.com) {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2010/02/16 12:51:00 | 000,329,312 | ---- | M] (RealPlayer) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5093EB4C-3E93-40AB-9266-B607BA87BDC8} [HKLM] -> C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Toolbar] -> [2010/03/25 20:21:24 | 001,283,472 | ---- | M] (stumbleupon.com) {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll [Java Plug-in 1.6.0_05] -> [2008/02/22 04:25:19 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10m.ocx [Shockwave Flash Object] -> [2011/02/11 18:59:09 | 006,162,592 | R--- | M] (Adobe Systems, Inc.) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {0006F03A-0000-0000-C000-000000000046} [HKLM] -> Reg Error: Value error. [Microsoft Office Outlook] -> File not found {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar Helper] -> File not found {028518E1-9FA8-44FC-92D7-5C54244B5F36} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/09/09 13:01:22 | 000,800,048 | ---- | M] (Apple Inc.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated) {089FD14D-132B-48FC-8861-0048AE113215} [HKLM] -> C:\Program Files\SiteAdvisor\SiteAdv.dll [Reg Error: Value error.] -> [2006/07/24 20:27:42 | 000,960,664 | ---- | M] (McAfee, Inc.) {0BF43445-2F28-4351-9252-17FE6E806AA0} [HKLM] -> C:\Program Files\SiteAdvisor\SiteAdv.dll [McAfee SiteAdvisor] -> [2006/07/24 20:27:42 | 000,960,664 | ---- | M] (McAfee, Inc.) {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {145B29F4-A56B-4B90-BBAC-45784EBEBBB7} [HKLM] -> C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Launcher] -> [2010/03/25 20:21:24 | 001,283,472 | ---- | M] (stumbleupon.com) {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2008/08/06 15:30:48 | 000,202,168 | ---- | M] (Adobe Systems, Inc.) {199E3101-B8B3-48EF-A596-9BCB1CCBBCE7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2008/08/06 15:30:48 | 000,202,168 | ---- | M] (Adobe Systems, Inc.) {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2010/02/16 12:51:00 | 000,329,312 | ---- | M] (RealPlayer) {32004B8A-44A9-43E7-84E9-808838809519} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/09/09 13:01:22 | 000,800,048 | ---- | M] (Apple Inc.) {47F66446-563D-11D3-9733-906958C17458} [HKLM] -> C:\hp\KBD\redirect.ocx [Redirect Control] -> [2004/01/28 19:10:22 | 000,045,056 | ---- | M] (Hewlett-Packard Company) {4DAEE2D4-A471-42AC-97A2-4C2A79C77648} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4EC8E993-32C1-47F5-A07A-5B0574655AD4} [HKLM] -> Reg Error: Key error. [Software Center] -> File not found {5093EB4C-3E93-40AB-9266-B607BA87BDC8} [HKLM] -> C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Toolbar] -> [2010/03/25 20:21:24 | 001,283,472 | ---- | M] (stumbleupon.com) {54BE6B6F-3056-470B-97E1-BB92E051B6C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\wsdetect.dll [isInstalled Class] -> [2008/02/22 04:25:31 | 000,110,592 | ---- | M] (Sun Microsystems, Inc.) {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5DF22927-384B-4BC4-A2FB-DA520FCA56A3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {60699CCA-8984-4F37-843D-5FF31A4BBFA2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {63BAECA2-9E3C-45DE-B2B1-BBC5FA99958E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\WINDOWS\system32\msnetobj.dll [Windows Media Services DRM Storage object] -> [2006/10/18 20:47:16 | 000,179,712 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> [2008/02/22 04:25:19 | 000,509,328 | ---- | M] (Sun Microsystems, Inc.) {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll [Java Plug-in 1.6.0_05] -> [2008/02/22 04:25:19 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9D39223E-AE8E-11D4-8FD3-00D0B7730277} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9D450881-607A-11D3-9733-208858C10000} [HKLM] -> C:\hp\KBD\keyroute.ocx [Keyroute Control] -> [2002/10/02 11:20:50 | 000,036,864 | ---- | M] (Hewlett-Packard Company) {A057A204-BACC-4D26-9990-79A187E2698E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\WINDOWS\system32\msnetobj.dll [RMGetLicense Class] -> [2006/10/18 20:47:16 | 000,179,712 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AB37CD3D-DC1D-46B2-ADCA-3CDC80FD2AD6} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B345F37E-6763-433B-BC53-9B526A9B7B8B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BD96C556-65A3-11D0-983A-00C04FC29E36} [HKLM] -> C:\Program Files\Common Files\System\msadc\msadco.dll [RDS.DataSpace] -> [2010/11/09 14:52:35 | 000,143,360 | ---- | M] (Microsoft Corporation) {BF0118D4-63FF-4138-9327-F3028FB1A578} [HKLM] -> C:\WINDOWS\Web\Wallpaper\welcome\AWhelper.dll [Helper Class] -> [2003/08/12 15:25:22 | 000,028,672 | ---- | M] () {C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2007/05/10 22:26:40 | 000,632,432 | ---- | M] (Adobe Systems, Inc.) {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2010/02/16 12:50:47 | 000,185,920 | ---- | M] (RealNetworks, Inc.) {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10m.ocx [Shockwave Flash Object] -> [2011/02/11 18:59:09 | 006,162,592 | R--- | M] (Adobe Systems, Inc.) {D6A5A215-FBF3-45E5-ABF8-22FF50916184} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/09/24 01:10:42 | 000,111,912 | ---- | M] (Apple Inc.) {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [HKLM] -> C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx [QuickTimeCheck Class] -> [2010/09/09 13:01:22 | 000,136,496 | ---- | M] (Apple Inc.) {DE625294-70E6-45ED-B895-CFFA13AEB044} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E2D4D26B-0180-43A4-B05F-462D6D54C789} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} [HKLM] -> C:\WINDOWS\system32\webvw.dll [WebViewFolderIcon Class] -> [2008/04/14 00:12:08 | 000,135,680 | ---- | M] (Microsoft Corporation) {EDF5E8FC-321A-4750-A6AE-2543BAB1AD03} [HKLM] -> Reg Error: Key error. [MiniFriends Class] -> File not found {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar] -> File not found {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {F31D1897-7EFD-4647-8687-E05894E382AB} [HKLM] -> C:\WINDOWS\system32\runclose.ocx [Runclose Control] -> [2003/04/07 14:22:14 | 000,045,056 | ---- | M] (Hewlett-Packard Company) {FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> -> File not found HidServ -> -> File not found Ias -> -> File not found Iprip -> -> File not found Irmon -> -> File not found NWCWorkstation -> -> File not found Nwsapagent -> -> File not found WmdmPmSp -> -> File not found *MultiFile Done* -> -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> exefile [open] -> "%1" %* -> InternetShortcut [open] -> rundll32.exe shdocvw.dll,OpenURL %l -> piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2010/07/27 17:44:08 | 000,152,864 | ---- | M] (Apple Inc.) Protocol_Catalog9\Catalog_Entries\000000000001 -> C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll -> [2009/08/24 17:49:03 | 000,321,464 | ---- | M] (PC Tools Research Pty Ltd.) Protocol_Catalog9\Catalog_Entries\000000000002 -> C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll -> [2009/08/24 17:49:03 | 000,321,464 | ---- | M] (PC Tools Research Pty Ltd.) Protocol_Catalog9\Catalog_Entries\000000000003 -> C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll -> [2009/08/24 17:49:03 | 000,321,464 | ---- | M] (PC Tools Research Pty Ltd.) Protocol_Catalog9\Catalog_Entries\000000000023 -> C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll -> [2009/08/24 17:49:03 | 000,321,464 | ---- | M] (PC Tools Research Pty Ltd.) [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Documents and Settings\HP_Administrator\Desktop\OTS.exe -> [2011/03/21 19:07:38 | 000,645,632 | ---- | C] (OldTimer Tools) PIF -> C:\WINDOWS\PIF -> [2011/03/19 21:30:59 | 000,000,000 | -H-D | C] setup_9.0.0.722_19.03.2011_16-06.exe -> C:\Documents and Settings\HP_Administrator\Desktop\setup_9.0.0.722_19.03.2011_16-06.exe -> [2011/03/19 17:59:19 | 095,524,232 | ---- | C] ( ) Kaspersky Lab Setup Files -> C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files -> [2011/03/19 17:45:22 | 000,000,000 | ---D | C] kav9.0.0.736en.exe -> C:\Documents and Settings\HP_Administrator\Desktop\kav9.0.0.736en.exe -> [2011/03/19 17:44:43 | 069,870,696 | ---- | C] (Kaspersky Lab) RECYCLER -> C:\RECYCLER -> [2011/03/17 19:14:41 | 000,000,000 | -HSD | C] cmdcons -> C:\cmdcons -> [2011/03/16 23:03:39 | 000,000,000 | RHSD | C] SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2011/03/16 22:52:27 | 000,212,480 | ---- | C] (SteelWerX) aswMBR.exe -> C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe -> [2011/03/16 22:09:33 | 000,566,272 | ---- | C] (AVAST Software) _OTL -> C:\_OTL -> [2011/03/15 22:10:52 | 000,000,000 | ---D | C] OTL.exe -> C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe -> [2011/03/15 18:51:03 | 000,580,608 | ---- | C] (OldTimer Tools) _OTM -> C:\_OTM -> [2011/03/15 18:21:53 | 000,000,000 | ---D | C] TfSysMon.sys -> C:\WINDOWS\System32\drivers\TfSysMon.sys -> [2011/03/13 11:14:53 | 000,039,200 | ---- | C] (PC Tools) TfNetMon.sys -> C:\WINDOWS\System32\drivers\TfNetMon.sys -> [2011/03/13 11:14:53 | 000,033,056 | ---- | C] (PC Tools) TfKbMon.sys -> C:\WINDOWS\System32\drivers\TfKbMon.sys -> [2011/03/13 11:14:53 | 000,012,576 | ---- | C] (PC Tools) TfFsMon.sys -> C:\WINDOWS\System32\drivers\TfFsMon.sys -> [2011/03/13 11:14:52 | 000,051,488 | ---- | C] (PC Tools) PC Tools -> C:\Documents and Settings\All Users\Application Data\PC Tools -> [2011/03/12 20:33:19 | 000,000,000 | ---D | C] XoftSpySE -> C:\Documents and Settings\All Users\Application Data\XoftSpySE -> [2011/03/11 21:26:25 | 000,000,000 | ---D | C] Microsoft Security Client -> C:\Program Files\Microsoft Security Client -> [2011/03/08 19:24:32 | 000,000,000 | ---D | C] Malwarebytes -> C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes -> [2011/03/07 21:58:46 | 000,000,000 | ---D | C] Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2011/03/07 21:58:37 | 000,000,000 | ---D | C] RandFont.dll -> C:\WINDOWS\Fonts\RandFont.dll -> [2006/02/19 02:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) 9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> [Files/Folders - Modified Within 30 Days] User_Feed_Synchronization-{93FAFC7B-6DD6-469D-A1DB-226D0A4B5F58}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{93FAFC7B-6DD6-469D-A1DB-226D0A4B5F58}.job -> [2011/03/21 19:43:39 | 000,000,348 | -H-- | M] () OTS.exe -> C:\Documents and Settings\HP_Administrator\Desktop\OTS.exe -> [2011/03/21 19:07:49 | 000,645,632 | ---- | M] (OldTimer Tools) hpsysdrv.DAT -> C:\WINDOWS\System\hpsysdrv.DAT -> [2011/03/21 18:44:53 | 000,000,188 | ---- | M] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2011/03/21 18:39:30 | 000,000,664 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/03/21 18:31:50 | 000,002,206 | ---- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011/03/21 18:31:45 | 2079,772,672 | -HS- | M] () setup_9.0.0.722_19.03.2011_16-06.exe -> C:\Documents and Settings\HP_Administrator\Desktop\setup_9.0.0.722_19.03.2011_16-06.exe -> [2011/03/19 17:59:54 | 095,524,232 | ---- | M] ( ) kav9.0.0.736en.exe -> C:\Documents and Settings\HP_Administrator\Desktop\kav9.0.0.736en.exe -> [2011/03/19 17:44:53 | 069,870,696 | ---- | M] (Kaspersky Lab) setup_9.0.0.722_18.03.2011_20-05drv.spi -> C:\WINDOWS\setup_9.0.0.722_18.03.2011_20-05drv.spi -> [2011/03/18 19:50:44 | 000,000,444 | -HS- | M] () setup_9.0.0.722_17.03.2011_22-06drv.spi -> C:\WINDOWS\setup_9.0.0.722_17.03.2011_22-06drv.spi -> [2011/03/17 22:04:31 | 000,000,652 | -HS- | M] () hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2011/03/16 23:16:41 | 000,000,027 | ---- | M] () boot.ini -> C:\boot.ini -> [2011/03/16 23:03:44 | 000,000,325 | RHS- | M] () ComboFix.exe -> C:\Documents and Settings\HP_Administrator\Desktop\ComboFix.exe -> [2011/03/16 22:34:09 | 004,288,660 | R--- | M] () aswMBR.exe -> C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe -> [2011/03/16 22:09:46 | 000,566,272 | ---- | M] (AVAST Software) imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2011/03/16 16:42:03 | 000,001,374 | ---- | M] () OTL.exe -> C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe -> [2011/03/15 18:51:09 | 000,580,608 | ---- | M] (OldTimer Tools) avinstall[1].exe -> C:\Documents and Settings\HP_Administrator\Desktop\avinstall[1].exe -> [2011/03/12 20:33:18 | 000,513,008 | ---- | M] () epplauncher.mif -> C:\WINDOWS\epplauncher.mif -> [2011/03/08 19:25:35 | 000,001,945 | ---- | M] () Launch Microsoft Office Outlook.lnk -> C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk -> [2011/02/26 14:58:34 | 000,000,803 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/02/25 19:23:49 | 000,216,064 | ---- | M] () 9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 11 C:\Documents and Settings\HP_Administrator\Local Settings\temp\*.tmp files -> C:\Documents and Settings\HP_Administrator\Local Settings\temp\*.tmp -> 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> [Files - No Company Name] setup_9.0.0.722_18.03.2011_20-05drv.spi -> C:\WINDOWS\setup_9.0.0.722_18.03.2011_20-05drv.spi -> [2011/03/18 19:49:28 | 000,000,444 | -HS- | C] () setup_9.0.0.722_17.03.2011_22-06drv.spi -> C:\WINDOWS\setup_9.0.0.722_17.03.2011_22-06drv.spi -> [2011/03/17 20:24:55 | 000,000,652 | -HS- | C] () User_Feed_Synchronization-{93FAFC7B-6DD6-469D-A1DB-226D0A4B5F58}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{93FAFC7B-6DD6-469D-A1DB-226D0A4B5F58}.job -> [2011/03/17 19:04:28 | 000,000,348 | -H-- | C] () PEV.exe -> C:\WINDOWS\PEV.exe -> [2011/03/16 22:52:27 | 000,256,512 | ---- | C] () MBR.exe -> C:\WINDOWS\MBR.exe -> [2011/03/16 22:52:27 | 000,089,088 | ---- | C] () ComboFix.exe -> C:\Documents and Settings\HP_Administrator\Desktop\ComboFix.exe -> [2011/03/16 22:33:51 | 004,288,660 | R--- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2011/03/13 15:10:08 | 2079,772,672 | -HS- | C] () avinstall[1].exe -> C:\Documents and Settings\HP_Administrator\Desktop\avinstall[1].exe -> [2011/03/12 20:33:19 | 000,513,008 | ---- | C] () epplauncher.mif -> C:\WINDOWS\epplauncher.mif -> [2011/03/08 19:25:35 | 000,001,945 | ---- | C] () Microsoft Security Essentials.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk -> [2011/03/08 19:24:52 | 000,001,691 | ---- | C] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2011/03/08 19:02:05 | 000,000,664 | ---- | C] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/03/07 23:31:02 | 000,002,206 | ---- | C] () eDrawingOfficeAutomator.INI -> C:\WINDOWS\eDrawingOfficeAutomator.INI -> [2010/03/12 18:14:44 | 000,000,000 | ---- | C] () housecall.guid.cache -> C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\housecall.guid.cache -> [2009/07/25 16:13:48 | 000,000,036 | ---- | C] () sed.exe -> C:\WINDOWS\sed.exe -> [2009/04/29 20:35:58 | 000,098,816 | ---- | C] () grep.exe -> C:\WINDOWS\grep.exe -> [2009/04/29 20:35:58 | 000,080,412 | ---- | C] () zip.exe -> C:\WINDOWS\zip.exe -> [2009/04/29 20:35:58 | 000,068,096 | ---- | C] () Tiny_Run.ini -> C:\WINDOWS\Tiny_Run.ini -> [2008/04/27 19:02:00 | 000,000,034 | ---- | C] () cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2008/03/06 00:26:17 | 000,000,025 | ---- | C] () QTSBandwidthCache -> C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache -> [2007/08/14 09:13:50 | 000,001,751 | ---- | C] () YCRWin32.dll -> C:\WINDOWS\System32\YCRWin32.dll -> [2007/04/21 09:46:06 | 000,065,536 | ---- | C] () wklnhst.dat -> C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat -> [2007/03/14 22:59:57 | 000,001,276 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2007/02/17 15:48:37 | 000,116,736 | ---- | C] () avgas-setup-7.5.0.50.exe -> C:\Program Files\avgas-setup-7.5.0.50.exe -> [2007/02/17 14:25:29 | 006,469,352 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2007/02/17 12:44:57 | 000,000,504 | ---- | C] () jautoexp.dat -> C:\WINDOWS\jautoexp.dat -> [2007/02/17 11:07:34 | 000,006,550 | ---- | C] () fusioncache.dat -> C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat -> [2007/02/17 10:50:34 | 000,000,139 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2006/10/23 10:26:53 | 000,000,061 | ---- | C] () USBkey.sys -> C:\WINDOWS\System32\drivers\USBkey.sys -> [2006/10/23 10:05:08 | 000,028,848 | ---- | C] () CHODDI.SYS -> C:\WINDOWS\System32\CHODDI.SYS -> [2006/10/23 10:00:38 | 000,014,309 | ---- | C] () hpreg.dll -> C:\WINDOWS\System32\hpreg.dll -> [2006/10/23 10:00:33 | 000,045,056 | ---- | C] () WININIT.INI -> C:\WINDOWS\WININIT.INI -> [2006/10/23 09:52:43 | 000,000,157 | ---- | C] () hpqins69.dat -> C:\WINDOWS\hpqins69.dat -> [2006/10/23 09:47:41 | 000,095,822 | ---- | C] () fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2006/10/23 09:46:41 | 000,001,793 | ---- | C] () atiicdxx.dat -> C:\WINDOWS\System32\atiicdxx.dat -> [2006/10/23 09:43:29 | 000,125,796 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2006/10/23 09:25:56 | 000,000,791 | ---- | C] () pythoncom22.dll -> C:\WINDOWS\System32\pythoncom22.dll -> [2006/10/23 09:18:01 | 000,323,584 | ---- | C] () pywintypes22.dll -> C:\WINDOWS\System32\pywintypes22.dll -> [2006/10/23 09:18:01 | 000,094,208 | ---- | C] () bcbmm.dll -> C:\WINDOWS\System32\bcbmm.dll -> [2006/10/23 09:17:41 | 000,016,896 | ---- | C] () px.ini -> C:\WINDOWS\System32\px.ini -> [2006/06/16 11:58:18 | 000,000,000 | ---- | C] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2005/10/10 08:27:46 | 000,445,370 | ---- | C] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2005/10/10 08:27:46 | 000,072,576 | ---- | C] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2005/10/10 08:25:26 | 000,216,064 | ---- | C] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2005/10/10 08:20:06 | 000,004,161 | ---- | C] () emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2005/10/10 08:15:30 | 000,021,640 | ---- | C] () psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2005/08/05 13:01:54 | 000,235,008 | ---- | C] () armcex.dll -> C:\WINDOWS\armcex.dll -> [2005/08/02 15:19:16 | 000,050,176 | ---- | C] () secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2004/08/10 04:00:00 | 000,004,569 | ---- | C] () mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2004/08/09 21:00:00 | 000,673,088 | ---- | C] () sbe(2).dll -> C:\WINDOWS\System32\sbe(2).dll -> [2004/08/09 21:00:00 | 000,282,112 | ---- | C] () perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2004/08/09 21:00:00 | 000,272,128 | ---- | C] () dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2004/08/09 21:00:00 | 000,218,003 | ---- | C] () volsnap.sys -> C:\WINDOWS\System32\drivers\volsnap.sys -> [2004/08/09 21:00:00 | 000,052,352 | ---- | C] () mib.bin -> C:\WINDOWS\System32\mib.bin -> [2004/08/09 21:00:00 | 000,046,258 | ---- | C] () perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2004/08/09 21:00:00 | 000,028,626 | ---- | C] () dcache.bin -> C:\WINDOWS\System32\dcache.bin -> [2004/08/09 21:00:00 | 000,001,804 | ---- | C] () noise.dat -> C:\WINDOWS\System32\noise.dat -> [2004/08/09 21:00:00 | 000,000,741 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2004/07/08 13:37:36 | 000,000,567 | ---- | C] () OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 15:05:08 | 000,002,695 | ---- | C] () oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2001/08/23 08:12:28 | 013,107,200 | ---- | C] () oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2001/08/23 08:11:02 | 000,004,490 | ---- | C] () [File - Lop Check] AVG10 -> C:\Documents and Settings\All Users\Application Data\AVG10 -> [2011/03/18 20:00:21 | 000,000,000 | ---D | M] avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2010/12/04 19:25:41 | 000,000,000 | ---D | M] Common Files -> C:\Documents and Settings\All Users\Application Data\Common Files -> [2010/12/04 20:24:32 | 000,000,000 | -H-D | M] DassaultSystemes -> C:\Documents and Settings\All Users\Application Data\DassaultSystemes -> [2010/03/12 18:15:25 | 000,000,000 | ---D | M] FirstClass -> C:\Documents and Settings\All Users\Application Data\FirstClass -> [2009/07/22 15:12:32 | 000,000,000 | ---D | M] Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [2008/08/01 20:47:33 | 000,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2011/03/21 20:32:00 | 000,000,000 | ---D | M] {429CAD59-35B1-4DBC-BB6D-1DB246563521} -> C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> [2010/10/24 17:25:39 | 000,000,000 | ---D | M] {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2010/02/18 09:55:50 | 000,000,000 | ---D | M] SACore -> C:\Documents and Settings\LocalService\Application Data\SACore -> [2009/05/31 08:25:31 | 000,000,000 | ---D | M] User_Feed_Synchronization-{93FAFC7B-6DD6-469D-A1DB-226D0A4B5F58}.job -> C:\WINDOWS\Tasks\User_Feed_Synchronization-{93FAFC7B-6DD6-469D-A1DB-226D0A4B5F58}.job -> [2011/03/21 19:43:39 | 000,000,348 | -H-- | M] () [Alternate Data Streams] @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29 @Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > [/code]