Here is the OTSCANIT.Do you want a report from both the way the system is now.
OTScanIt logfile created on: 4/1/2008 8:40:58 PM
OTScanIt by OldTimer - Version 1.0.8.0 Folder = C:\Documents and Settings\DENNIS ANDREWS\Desktop\OTScanIt
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.48 Mb Total Physical Memory | 612.46 Mb Available Physical Memory | 59.84% Memory free
2.40 Gb Paging File | 2.06 Gb Available in Paging File | 85.86% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114.48 Gb Total Space | 91.85 Gb Free Space | 80.23% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 124.28 Gb Free Space | 53.36% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HOME-9E0A4F8D43
Current User Name: DENNIS ANDREWS
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
[Processes - Non-Microsoft Only]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4178 | Size = 483328 bytes | Modified Date = 9/28/2007 10:56:32 PM | Attr = ]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4178 | Size = 483328 bytes | Modified Date = 9/28/2007 10:56:32 PM | Attr = ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 169576 bytes | Modified Date = 1/22/2007 10:19:34 PM | Attr = ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 192104 bytes | Modified Date = 1/22/2007 10:19:28 PM | Attr = ]
ccproxy.exe -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 104.0.16.1 | Size = 202088 bytes | Modified Date = 9/13/2007 6:49:48 PM | Attr = ]
sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.6.604 | Size = 214672 bytes | Modified Date = 3/28/2007 6:52:18 PM | Attr = ]
spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 2,0,0,73 | Size = 1160800 bytes | Modified Date = 9/15/2005 4:21:13 PM | Attr = ]
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.878 | Size = 1128640 bytes | Modified Date = 7/23/2007 6:06:05 PM | Attr = ]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 1:27:08 PM | Attr = ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 52840 bytes | Modified Date = 1/22/2007 10:19:26 PM | Attr = ]
opwarese2.exe -> %ProgramFiles%\ScanSoft\OmniPageSE2.0\opwareSE2.exe -> ScanSoft, Inc. [Ver = 12.0 | Size = 49152 bytes | Modified Date = 5/8/2003 1:00:58 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr = ]
isuspm.exe -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> Macrovision Corporation [Ver = 6, 0, 100, 54472 | Size = 218032 bytes | Modified Date = 9/11/2006 4:40:32 AM | Attr = ]
rogersagent.exe -> %ProgramFiles%\Rogers\SelfHealing\RogersAgent.exe -> Rogers Cable Communications [Ver = 1.00.0007 | Size = 478968 bytes | Modified Date = 4/23/2007 4:51:22 PM | Attr = ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 9/6/2007 1:28:18 PM | Attr = ]
aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.160 | Size = 100032 bytes | Modified Date = 2/23/2006 11:41:02 AM | Attr = ]
dkservice.exe -> %ProgramFiles%\Executive Software\DiskeeperWorkstation\DKService.exe -> Executive Software International, Inc. [Ver = 7.0.393.0 | Size = 253952 bytes | Modified Date = 8/31/2001 3:23:12 PM | Attr = ]
djsnetcn.exe -> %CommonProgramFiles%\Symantec Shared\DJSNETCN.exe -> Symantec Corporation [Ver = 6.3.0.7 | Size = 54976 bytes | Modified Date = 2/2/2006 6:54:04 PM | Attr = ]
navapsvc.exe -> %ProgramFiles%\Yahoo!\NAV\NAVAPSVC.EXE -> Symantec Corporation [Ver = 12.8.0.4 | Size = 139888 bytes | Modified Date = 5/23/2007 12:13:38 PM | Attr = ]
npfmntor.exe -> %ProgramFiles%\Yahoo!\NAV\IWP\NPFMNTOR.EXE -> Symantec Corporation [Ver = 12.8.0.4 | Size = 46704 bytes | Modified Date = 5/23/2007 12:13:40 PM | Attr = ]
nscsrvce.exe -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> Symantec Corporation [Ver = 2006.1.8.2 | Size = 750720 bytes | Modified Date = 12/15/2006 1:36:28 PM | Attr = ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.8.0 | Size = 370176 bytes | Modified Date = 3/29/2008 5:10:10 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 1:27:08 PM | Attr = ]
(AcrSch2Svc) Acronis Scheduler2 Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Acronis\Schedule2\schedul2.exe -> File not found
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 9/6/2007 1:28:18 PM | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4178 | Size = 483328 bytes | Modified Date = 9/28/2007 10:56:32 PM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [Ver = 5.13.0027 | Size = 593920 bytes | Modified Date = 9/28/2007 9:05:00 PM | Attr = ]
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.160 | Size = 100032 bytes | Modified Date = 2/23/2006 11:41:02 AM | Attr = ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 192104 bytes | Modified Date = 1/22/2007 10:19:28 PM | Attr = ]
(ccISPwdSvc) Symantec Internet Security Password Validation [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Yahoo!\NPF\ccPwdSvc.exe -> Symantec Corporation [Ver = 9.0.0.127 | Size = 72280 bytes | Modified Date = 9/23/2005 2:52:18 PM | Attr = ]
(ccProxy) Symantec Network Proxy [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 104.0.16.1 | Size = 202088 bytes | Modified Date = 9/13/2007 6:49:48 PM | Attr = ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 169576 bytes | Modified Date = 1/22/2007 10:19:34 PM | Attr = ]
(Diskeeper) Diskeeper [Win32_Own | Auto | Running] -> %ProgramFiles%\Executive Software\DiskeeperWorkstation\DKService.exe -> Executive Software International, Inc. [Ver = 7.0.393.0 | Size = 253952 bytes | Modified Date = 8/31/2001 3:23:12 PM | Attr = ]
(DJSNETCN) Symantec Licensing Detect Internet Connection [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\DJSNETCN.exe -> Symantec Corporation [Ver = 6.3.0.7 | Size = 54976 bytes | Modified Date = 2/2/2006 6:54:04 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 10/22/2004 3:24:18 AM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 4:22:44 AM | Attr = ]
(KodakCCS) Kodak Camera Connection Software [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\KodakCCS.exe -> File not found
(LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_0.EXE -> Symantec Corporation [Ver = 3.0.0.160 | Size = 2045632 bytes | Modified Date = 2/23/2006 11:41:02 AM | Attr = ]
(navapsvc) Norton AntiVirus Auto-Protect Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Yahoo!\NAV\NAVAPSVC.EXE -> Symantec Corporation [Ver = 12.8.0.4 | Size = 139888 bytes | Modified Date = 5/23/2007 12:13:38 PM | Attr = ]
(NPFMntor) Norton AntiVirus Firewall Monitor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Yahoo!\NAV\IWP\NPFMNTOR.EXE -> Symantec Corporation [Ver = 12.8.0.4 | Size = 46704 bytes | Modified Date = 5/23/2007 12:13:40 PM | Attr = ]
(NSCService) Norton Protection Center Service [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> Symantec Corporation [Ver = 2006.1.8.2 | Size = 750720 bytes | Modified Date = 12/15/2006 1:36:28 PM | Attr = ]
(Roxio UPnP Renderer 9) Roxio UPnP Renderer 9 [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -> Sonic Solutions [Ver = 8.0.0.47 | Size = 57344 bytes | Modified Date = 11/26/2006 10:17:30 PM | Attr = ]
(Roxio Upnp Server 9) Roxio Upnp Server 9 [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Roxio\Digital Home 9\RoxioUpnpService9.exe -> Sonic Solutions [Ver = 9.0.5.85 | Size = 294912 bytes | Modified Date = 11/26/2006 10:17:06 PM | Attr = ]
(RoxLiveShare9) LiveShare P2P Server 9 [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -> Sonic Solutions [Ver = 9.0.5.79 | Size = 303104 bytes | Modified Date = 11/27/2006 8:54:26 PM | Attr = ]
(RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> Sonic Solutions [Ver = 9.0.5.79 | Size = 880640 bytes | Modified Date = 11/27/2006 8:53:14 PM | Attr = ]
(RoxWatch9) Roxio Hard Drive Watcher 9 [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -> Sonic Solutions [Ver = 9.0.5.79 | Size = 159744 bytes | Modified Date = 11/27/2006 8:51:06 PM | Attr = ]
(SAVScan) Symantec AVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Yahoo!\NAV\SAVScan.exe -> Symantec Corporation [Ver = 9.7.0.10 | Size = 198368 bytes | Modified Date = 8/26/2005 2:22:48 PM | Attr = ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.6.604 | Size = 214672 bytes | Modified Date = 3/28/2007 6:52:18 PM | Attr = ]
(SPBBCSvc) SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 2,0,0,73 | Size = 1160800 bytes | Modified Date = 9/15/2005 4:21:13 PM | Attr = ]
(stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.453 | Size = 73728 bytes | Modified Date = 11/1/2006 11:17:32 AM | Attr = R ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.878 | Size = 1128640 bytes | Modified Date = 7/23/2007 6:06:05 PM | Attr = ]
(YPCService) YPCService [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\YPcservice.exe -> Yahoo! Inc. [Ver = 2003, 5, 19, 1 | Size = 86016 bytes | Modified Date = 5/19/2003 4:07:38 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 52840 bytes | Modified Date = 1/22/2007 10:19:26 PM | Attr = ]
OpwareSE2 -> %ProgramFiles%\ScanSoft\OmniPageSE2.0\opwareSE2.exe -> ScanSoft, Inc. [Ver = 12.0 | Size = 49152 bytes | Modified Date = 5/8/2003 1:00:58 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.4 | Size = 385024 bytes | Modified Date = 1/10/2008 4:27:36 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr = ]
< RunServices [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices ->
DJSNetCN -> %CommonProgramFiles%\Symantec Shared\DJSNETCN.exe -> Symantec Corporation [Ver = 6.3.0.7 | Size = 54976 bytes | Modified Date = 2/2/2006 6:54:04 PM | Attr = ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ISUSPM -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> Macrovision Corporation [Ver = 6, 0, 100, 54472 | Size = 218032 bytes | Modified Date = 9/11/2006 4:40:32 AM | Attr = ]
RogersAgent -> %ProgramFiles%\Rogers\SelfHealing\RogersAgent.exe -> Rogers Cable Communications [Ver = 1.00.0007 | Size = 478968 bytes | Modified Date = 4/23/2007 4:51:22 PM | Attr = ]
Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,401 | Size = 4670968 bytes | Modified Date = 6/11/2007 12:52:42 PM | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\ymetray.lnk -> %ProgramFiles%\Yahoo!\Yahoo! Music Jukebox\ymetray.exe -> Yahoo! Inc. [Ver = 2.2.2.056 (Build 056) | Size = 54512 bytes | Modified Date = 10/3/2007 2:56:10 PM | Attr = ]
< DENNIS ANDREWS Startup Folder > -> C:\Documents and Settings\DENNIS ANDREWS\Start Menu\Programs\Startup ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{94BC3D1D-22E9-4744-8ED1-3E08A3B74078} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\qoMcdBts.dll [] -> [Ver = | Size = 40448 bytes | Modified Date = 3/28/2008 4:29:36 PM | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4176 | Size = 122880 bytes | Modified Date = 9/28/2007 10:57:55 PM | Attr = ]
qoMcdBts -> %SystemRoot%\system32\qoMcdBts.dll -> [Ver = | Size = 40448 bytes | Modified Date = 3/28/2008 4:29:36 PM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://rogers.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://ca.red.client...//www.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://ca.red.client.../search/ie.html ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft....k/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft....k/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn...st/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft...amp;ar=iesearch ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn...st/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft...amp;ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://sympatico.msn.ca/ ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsof...search.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
.[msn] -> My Computer ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
{2DC64287-F606-4C10-9144-E7B3ACE316D3} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\ssqnlMcD.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 268288 bytes | Modified Date = 3/28/2008 4:35:33 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:33:54 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ]
{94BC3D1D-22E9-4744-8ED1-3E08A3B74078} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\qoMcdBts.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 40448 bytes | Modified Date = 3/28/2008 4:29:36 PM | Attr = ]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [CNisExtBho Class] -> Symantec Corporation [Ver = 9.0.4.26 | Size = 94384 bytes | Modified Date = 4/14/2006 12:20:32 PM | Attr = ]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\NAV\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 12.8.0.4 | Size = 140912 bytes | Modified Date = 5/23/2007 12:13:40 PM | Attr = ]
{bcaf8204-00d1-461f-baef-a6b8e15f06b3} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\crmewnte.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 90688 bytes | Modified Date = 4/1/2008 12:19:12 PM | Attr = ]
{F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\browser\YSidebarIEBHO.dll [SidebarAutoLaunch Class] -> Yahoo! Inc. [Ver = 2004, 8, 3, 1 | Size = 124032 bytes | Modified Date = 2/3/2005 5:07:08 PM | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Rogers Yahoo! Services] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:33:54 PM | Attr = ]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ]
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:33:54 PM | Attr = ]
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ]
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add to Windows &Live Favorites -> -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.micro...d...=%s&mime=%s ->
< User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
YPC 3.2.0 -> Yahoo! Parental Controls ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{01B480B4-C00E-4728-8DD6-AEC375FE78DD} -> () ->
{C83E4D01-15FF-4384-A5D1-EBABDD7A3122} -> (RemoteControl USB LAN LINK) ->
{DBF9CED2-EA9F-46B1-8DE2-68B16625E9F0} -> (Realtek RTL8169/8110 Family Gigabit Ethernet NIC) ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}[HKEY_LOCAL_MACHINE] -> http://gfx2.hotmail....es/MSNPUpld.cab[MSN Photo Upload Tool] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}[HKEY_LOCAL_MACHINE] -> http://www.update.mi...b?1186746137718[MUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/...indows-i586.cab[Java Plug-in 1.6.0_05] ->
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/...indows-i586.cab[Java Plug-in 1.6.0_05] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/...indows-i586.cab[Java Plug-in 1.6.0_05] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macr...ash/swflash.cab[Shockwave Flash Object] ->
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/muweb.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/muweb.dll\\.Owner -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/muweb.dll\\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> ->
[Files/Folders - Created Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 3/28/2008 9:14:58 PM | Attr = ]
rcblan.sys -> %SystemRoot%\System32\drivers\rcblan.sys -> Belcarra Technologies [Ver = 02.03.02.317 | Size = 39704 bytes | Created Date = 3/25/2008 4:31:54 PM | Attr = ]
crmewnte.dll -> %SystemRoot%\System32\crmewnte.dll -> [Ver = | Size = 90688 bytes | Created Date = 4/1/2008 12:19:11 PM | Attr = ]
DcMlnqss.ini -> %SystemRoot%\System32\DcMlnqss.ini -> [Ver = | Size = 104051 bytes | Created Date = 3/28/2008 4:35:34 PM | Attr = HS]
DcMlnqss.ini2 -> %SystemRoot%\System32\DcMlnqss.ini2 -> [Ver = | Size = 104051 bytes | Created Date = 3/28/2008 4:35:34 PM | Attr = HS]
dumphive.exe -> %SystemRoot%\System32\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 3/30/2008 9:20:09 PM | Attr = ]
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Created Date = 3/30/2008 9:20:09 PM | Attr = ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/28/2008 9:28:23 PM | Attr = ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Created Date = 3/28/2008 9:28:23 PM | Attr = ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/28/2008 9:28:23 PM | Attr = ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 3/28/2008 9:28:23 PM | Attr = ]
mcxjydnr.ini -> %SystemRoot%\System32\mcxjydnr.ini -> [Ver = | Size = 714 bytes | Created Date = 4/1/2008 12:16:12 PM | Attr = HS]
Process.exe -> %SystemRoot%\System32\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/30/2008 9:20:09 PM | Attr = ]
qoMcdBts.dll -> %SystemRoot%\System32\qoMcdBts.dll -> [Ver = | Size = 40448 bytes | Created Date = 3/28/2008 4:29:36 PM | Attr = ]
rndyjxcm.dll -> %SystemRoot%\System32\rndyjxcm.dll -> [Ver = | Size = 85568 bytes | Created Date = 4/1/2008 12:16:11 PM | Attr = ]
SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 3/30/2008 9:20:09 PM | Attr = ]
ssqnlMcD.dll -> %SystemRoot%\System32\ssqnlMcD.dll -> [Ver = | Size = 268288 bytes | Created Date = 3/28/2008 4:35:30 PM | Attr = ]
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Created Date = 3/30/2008 9:20:09 PM | Attr = ]
VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Created Date = 3/30/2008 9:20:09 PM | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 3/29/2008 9:03:00 AM | Attr = H ]
iTunesMusic.exe -> %SystemRoot%\iTunesMusic.exe -> [Ver = | Size = 4096 bytes | Created Date = 3/28/2008 4:29:56 PM | Attr = ]
PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 3/29/2008 3:37:36 PM | Attr = H ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 3/29/2008 12:27:36 AM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 3/29/2008 12:27:36 AM | Attr = H ]
unins000.dat -> %SystemRoot%\unins000.dat -> [Ver = | Size = 2559 bytes | Created Date = 3/24/2008 9:03:02 AM | Attr = ]
unins000.exe -> %SystemRoot%\unins000.exe -> [Ver = 51.49.0.0 | Size = 691545 bytes | Created Date = 3/24/2008 9:03:02 AM | Attr = ]
[Files/Folders - Modified Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 3/30/2008 8:53:06 AM | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 3/28/2008 3:32:28 PM | Attr = ]
logfile -> %SystemDrive%\logfile -> [Ver = | Size = 21724 bytes | Modified Date = 3/19/2008 9:43:34 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/30/2008 11:10:45 PM | Attr = R ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 3/30/2008 10:38:05 AM | Attr = HS]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 4/1/2008 5:05:24 PM | Attr = ]
CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 3/29/2008 8:57:44 PM | Attr = ]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 4/1/2008 8:37:55 PM | Attr = ]
crmewnte.dll -> %SystemRoot%\System32\crmewnte.dll -> [Ver = | Size = 90688 bytes | Modified Date = 4/1/2008 12:19:12 PM | Attr = ]
DcMlnqss.ini -> %SystemRoot%\System32\DcMlnqss.ini -> [Ver = | Size = 104051 bytes | Modified Date = 4/1/2008 8:40:57 PM | Attr = HS]
DcMlnqss.ini2 -> %SystemRoot%\System32\DcMlnqss.ini2 -> [Ver = | Size = 104051 bytes | Modified Date = 4/1/2008 8:39:17 PM | Attr = HS]
DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 3/30/2008 8:52:10 AM | Attr = ]
dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 3/29/2008 8:55:53 PM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 3/30/2008 8:33:31 PM | Attr = ]
DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 3/29/2008 9:10:37 AM | Attr = ]
en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 3/29/2008 9:04:21 AM | Attr = ]
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Modified Date = 3/26/2008 8:50:45 AM | Attr = ]
mcxjydnr.ini -> %SystemRoot%\System32\mcxjydnr.ini -> [Ver = | Size = 714 bytes | Modified Date = 4/1/2008 12:16:22 PM | Attr = HS]
qoMcdBts.dll -> %SystemRoot%\System32\qoMcdBts.dll -> [Ver = | Size = 40448 bytes | Modified Date = 3/28/2008 4:29:36 PM | Attr = ]
Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 3/30/2008 10:38:05 AM | Attr = ]
rndyjxcm.dll -> %SystemRoot%\System32\rndyjxcm.dll -> [Ver = | Size = 85568 bytes | Modified Date = 4/1/2008 12:16:12 PM | Attr = ]
ssqnlMcD.dll -> %SystemRoot%\System32\ssqnlMcD.dll -> [Ver = | Size = 268288 bytes | Modified Date = 3/28/2008 4:35:33 PM | Attr = ]
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Modified Date = 3/28/2008 11:19:34 PM | Attr = ]
wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 3/29/2008 12:13:15 AM | Attr = ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 13746 bytes | Modified Date = 3/29/2008 8:53:22 AM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 3/29/2008 8:56:33 AM | Attr = H ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 3/30/2008 8:53:01 AM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 4/1/2008 8:39:07 PM | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 3/19/2008 7:32:30 AM | Attr = S]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 3/29/2008 9:15:30 AM | Attr = R S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 3/29/2008 9:07:15 AM | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 3/29/2008 9:03:09 AM | Attr = H ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 3/29/2008 9:04:14 AM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 3/29/2008 9:05:06 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/30/2008 11:10:41 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/30/2008 8:53:08 AM | Attr = HS]
iTunesMusic.exe -> %SystemRoot%\iTunesMusic.exe -> [Ver = | Size = 4096 bytes | Modified Date = 3/28/2008 4:29:56 PM | Attr = ]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 3/29/2008 9:03:13 AM | Attr = ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 3/29/2008 10:31:45 AM | Attr = ]
msnsetuplog.bak -> %SystemRoot%\msnsetuplog.bak -> [Ver = | Size = 3545 bytes | Modified Date = 3/30/2008 9:46:42 PM | Attr = ]
ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 376 bytes | Modified Date = 3/28/2008 8:11:25 AM | Attr = ]
PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 3/29/2008 3:37:36 PM | Attr = H ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 4/1/2008 6:38:26 PM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 3/29/2008 12:27:36 AM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 3/31/2008 10:07:04 AM | Attr = H ]
system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 4/1/2008 5:05:24 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 4/1/2008 4:54:39 PM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 4/1/2008 8:40:19 PM | Attr = ]
unins000.dat -> %SystemRoot%\unins000.dat -> [Ver = | Size = 2559 bytes | Modified Date = 3/24/2008 9:03:03 AM | Attr = ]
unins000.exe -> %SystemRoot%\unins000.exe -> [Ver = 51.49.0.0 | Size = 691545 bytes | Modified Date = 3/24/2008 9:01:32 AM | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 3/29/2008 9:03:16 AM | Attr = ]
Web -> %SystemRoot%\Web -> [Folder | Modified Date = 3/28/2008 4:29:52 PM | Attr = R ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1863 bytes | Modified Date = 3/17/2008 3:02:00 AM | Attr = ]
EasyShare Registration Task.job -> %SystemRoot%\tasks\EasyShare Registration Task.job -> [Ver = | Size = 454 bytes | Modified Date = 3/19/2008 9:03:01 PM | Attr = ]
Norton AntiVirus - Run Full System Scan - DENNIS ANDREWS.job -> %SystemRoot%\tasks\Norton AntiVirus - Run Full System Scan - DENNIS ANDREWS.job -> [Ver = | Size = 552 bytes | Modified Date = 3/28/2008 8:27:02 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 4/1/2008 8:39:16 PM | Attr = H ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4617 bytes | Modified Date = 3/30/2008 4:19:03 AM | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4232 bytes | Modified Date = 3/30/2008 4:19:03 AM | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1372 bytes | Modified Date = 7/24/2007 11:45:22 AM | Attr = ]
< End of report >
[/code]