Did what you said....
Here is the reply
Malwarebytes' Anti-Malware 1.11
Database version: 710
Scan type: Quick Scan
Objects scanned: 45098
Time elapsed: 18 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 10
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 32
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\Mike\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\bfgtoolbarDLL.zip (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg638031 (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\bfg_greetings.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\mygamestoolbar.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mike\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
[code=auto:0]OTScanIt logfile created on: 5/3/2008 2:04:05 AM
OTScanIt by OldTimer - Version 1.0.11.12 Folder = C:\Documents and Settings\Mike\Desktop\OTScanIt
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 78.28% Memory free
3.85 Gb Paging File | 3.51 Gb Available in Paging File | 91.30% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.00 Gb Total Space | 36.70 Gb Free Space | 51.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 149.01 Gb Total Space | 144.12 Gb Free Space | 96.72% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D3KP3K71
Current User Name: Mike
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
[Processes - Non-Microsoft Only]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 5/1/2008 11:06:15 AM | Attr = ]
mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 8,0,238,0 | Size = 749904 bytes | Modified Date = 8/4/2007 7:08:06 AM | Attr = ]
mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 2,0,136,0 | Size = 2376992 bytes | Modified Date = 7/22/2007 8:15:18 PM | Attr = ]
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc. [Ver = 8,0,237,0 | Size = 582992 bytes | Modified Date = 8/4/2007 2:33:14 AM | Attr = ]
mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 2,0,150,0 | Size = 359248 bytes | Modified Date = 8/15/2007 12:36:04 PM | Attr = ]
lxbxmon.exe -> %ProgramFiles%\Lexmark 7100 Series\lxbxmon.exE -> Lexmark International, Inc. [Ver = 1.206.0.0 | Size = 196608 bytes | Modified Date = 1/18/2005 5:43:04 AM | Attr = ]
ezprint.exe -> %ProgramFiles%\Lexmark 7100 Series\ezprint.exe -> [Ver = | Size = 61440 bytes | Modified Date = 9/17/2004 9:24:02 AM | Attr = ]
siteadv.exe -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.exe -> McAfee, Inc. [Ver = 2.3.0 | Size = 36904 bytes | Modified Date = 2/8/2007 10:39:34 PM | Attr = ]
mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> McAfee, Inc. [Ver = VSCORE.14.0.0.349.x86 | Size = 144704 bytes | Modified Date = 7/24/2007 12:02:14 PM | Attr = ]
intelmem.exe -> %ProgramFiles%\Intel\Modem Event Monitor\IntelMEM.exe -> Intel Corporation [Ver = 0, 1, 0, 10 | Size = 221184 bytes | Modified Date = 9/3/2003 9:12:44 PM | Attr = ]
spysweeperui.exe -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeperUI.exe -> Webroot Software, Inc. [Ver = 5,5,7,124 | Size = 5367664 bytes | Modified Date = 1/4/2008 9:56:58 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 7/12/2007 4:00:36 AM | Attr = ]
msksrver.exe -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> McAfee, Inc. [Ver = 9.0.214.0 | Size = 23880 bytes | Modified Date = 8/24/2007 5:00:40 AM | Attr = ]
pnkbstra.exe -> %SystemRoot%\SYSTEM32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 11/12/2007 8:58:03 PM | Attr = ]
popupstopperprofessional.exe -> %ProgramFiles%\Panicware\Pop-Up Stopper Professional\PopUpStopperProfessional.exe -> Panicware, Inc. [Ver = 1, 80, 0, 1000 | Size = 516096 bytes | Modified Date = 6/2/2005 7:06:26 PM | Attr = ]
dsagnt.exe -> %ProgramFiles%\DellSupport\DSAgnt.exe -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 11:09:36 AM | Attr = ]
saservice.exe -> %ProgramFiles%\SiteAdvisor\6253\SAService.exe -> [Ver = | Size = 345376 bytes | Modified Date = 12/22/2007 3:34:26 AM | Attr = ]
spysweeper.exe -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeper.exe -> Webroot Software, Inc. [Ver = 3,5,6,114 | Size = 3572592 bytes | Modified Date = 1/4/2008 9:56:52 PM | Attr = ]
wkcalrem.exe -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkCalRem.exe -> Microsoft® Corporation [Ver = 6.00.1828.1 | Size = 24633 bytes | Modified Date = 8/8/2000 4:00:00 PM | Attr = ]
lxbxcoms.exe -> %SystemRoot%\SYSTEM32\lxbxcoms.exe -> Lexmark International, Inc. [Ver = 1.101.75.0 | Size = 462848 bytes | Modified Date = 1/6/2005 1:41:22 PM | Attr = ]
mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 12,0,188,0 | Size = 695624 bytes | Modified Date = 7/25/2007 1:41:52 AM | Attr = ]
ssu.exe -> %ProgramFiles%\Webroot\Spy Sweeper\ssu.exe -> [Ver = | Size = 214384 bytes | Modified Date = 1/4/2008 9:34:36 PM | Attr = ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.11.12 | Size = 371712 bytes | Modified Date = 5/1/2008 4:35:22 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 5/1/2008 11:06:15 AM | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Disabled | Stopped] -> %SystemRoot%\SYSTEM32\ati2evxx.exe -> [Ver = | Size = 389120 bytes | Modified Date = 8/25/2004 2:26:56 PM | Attr = ]
(awhost32) pcAnywhere Host Service [Win32_Own | Disabled | Stopped] -> %SystemDrive%\downloads\awhost32.exe -> Symantec Corporation [Ver = 11.0.1.764 | Size = 106496 bytes | Modified Date = 10/31/2003 11:01:00 AM | Attr = ]
(Boonty Games) Boonty Games [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\BOONTY Shared\Service\Boonty.exe -> BOONTY [Ver = 2.60.030 | Size = 69120 bytes | Modified Date = 11/9/2007 8:49:37 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\SYSTEM32\DMADMIN.EXE -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
(DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [Ver = 1, 0, 0, 8 | Size = 76848 bytes | Modified Date = 3/7/2007 3:47:46 PM | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> -> File not found
(IDriverT) InstallDriver Table Manager [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr = ]
(lxbx_device) lxbx_device [Win32_Own | On_Demand | Running] -> %SystemRoot%\SYSTEM32\lxbxcoms.exe -> Lexmark International, Inc. [Ver = 1.101.75.0 | Size = 462848 bytes | Modified Date = 1/6/2005 1:41:22 PM | Attr = ]
(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 8,0,238,0 | Size = 749904 bytes | Modified Date = 8/4/2007 7:08:06 AM | Attr = ]
(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 2,0,136,0 | Size = 2376992 bytes | Modified Date = 7/22/2007 8:15:18 PM | Attr = ]
(McODS) McAfee Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> McAfee, Inc. [Ver = 12,0,172,0 | Size = 378184 bytes | Modified Date = 7/25/2007 3:16:16 AM | Attr = ]
(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 2,0,150,0 | Size = 359248 bytes | Modified Date = 8/15/2007 12:36:04 PM | Attr = ]
(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> -> File not found
(McSysmon) McAfee SystemGuards [Win32_Own | On_Demand | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 12,0,188,0 | Size = 695624 bytes | Modified Date = 7/25/2007 1:41:52 AM | Attr = ]
(MpfService) McAfee Personal Firewall Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 9.0.136.0 | Size = 856864 bytes | Modified Date = 7/18/2007 3:54:42 PM | Attr = ]
(MSK80Service) McAfee SpamKiller Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> McAfee, Inc. [Ver = 9.0.214.0 | Size = 23880 bytes | Modified Date = 8/24/2007 5:00:40 AM | Attr = ]
(NetSvc) Intel NCS NetService [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Intel\PROSetWired\NCS\Sync\NetSvc.exe -> Intel(R) Corporation [Ver = 1.6.3.0 | Size = 143360 bytes | Modified Date = 12/17/2003 2:59:48 PM | Attr = ]
(PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\SYSTEM32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 11/12/2007 8:58:03 PM | Attr = ]
(SiteAdvisor Service) SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\SiteAdvisor\6253\SAService.exe -> [Ver = | Size = 345376 bytes | Modified Date = 12/22/2007 3:34:26 AM | Attr = ]
(WebrootSpySweeperService) Webroot Spy Sweeper Engine [Win32_Own | Auto | Running] -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeper.exe -> Webroot Software, Inc. [Ver = 3,5,6,114 | Size = 3572592 bytes | Modified Date = 1/4/2008 9:56:52 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
-> [] -> File not found
dscactivate -> %ProgramFiles%\Dell Support Center\gs_agent\custom\dsca.exe ["C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"] -> [Ver = 1.0.2767.18581 | Size = 16384 bytes | Modified Date = 11/15/2007 10:24:00 AM | Attr = ]
EzPrint -> %ProgramFiles%\Lexmark 7100 Series\ezprint.exe ["C:\Program Files\Lexmark 7100 Series\ezprint.exe"] -> [Ver = | Size = 61440 bytes | Modified Date = 9/17/2004 9:24:02 AM | Attr = ]
FaxCenterServer4_in_1 -> %ProgramFiles%\Lexmark 7100 Series\fm3032.exe ["C:\Program Files\Lexmark 7100 Series\fm3032.exe" /s] -> [Ver = | Size = 286720 bytes | Modified Date = 12/6/2004 11:53:56 AM | Attr = ]
IntelMeM -> %ProgramFiles%\Intel\Modem Event Monitor\IntelMEM.exe ["C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"] -> Intel Corporation [Ver = 0, 1, 0, 10 | Size = 221184 bytes | Modified Date = 9/3/2003 9:12:44 PM | Attr = ]
LXBXCATS -> %SystemRoot%\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxbxtime.dll [rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll,_RunDLLEntry@16] -> [Ver = 0.1.11.5 | Size = 69632 bytes | Modified Date = 11/2/2004 11:08:26 AM | Attr = ]
lxbxmon.exe -> %ProgramFiles%\Lexmark 7100 Series\lxbxmon.exE ["C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"] -> Lexmark International, Inc. [Ver = 1.206.0.0 | Size = 196608 bytes | Modified Date = 1/18/2005 5:43:04 AM | Attr = ]
mcagent_exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe ["C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey] -> McAfee, Inc. [Ver = 8,0,237,0 | Size = 582992 bytes | Modified Date = 8/4/2007 2:33:14 AM | Attr = ]
PrinTray -> %SystemRoot%\SYSTEM32\SPOOL\DRIVERS\W32X86\3\printray.exe [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe] -> Lexmark [Ver = 1, 0, 0, 7 | Size = 36864 bytes | Modified Date = 6/27/2002 3:47:08 AM | Attr = ]
SiteAdvisor -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.exe ["C:\Program Files\SiteAdvisor\6253\SiteAdv.exe"] -> McAfee, Inc. [Ver = 2.3.0 | Size = 36904 bytes | Modified Date = 2/8/2007 10:39:34 PM | Attr = ]
SpySweeper -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeperUI.exe [C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray] -> Webroot Software, Inc. [Ver = 5,5,7,124 | Size = 5367664 bytes | Modified Date = 1/4/2008 9:56:58 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 7/12/2007 4:00:36 AM | Attr = ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
DelayShred -> %ProgramFiles%\McAfee\MSHR\ShrCL.exe ["C:\Program Files\McAfee\MSHR\ShrCL.EXE" /P7 /q C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\925LGDXM\47DF7E~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\CTLWS60Z\47D15D~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\CTLWS60Z\47DF7E~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\A8K6MPLU\47D15D~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\HZ0AXTQQ\47D15D~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\925LGDXM\47D15D~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\CTLWS60Z\47DF7E~2.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\A8K6MPLU\47DF7E~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\CTLWS60Z\300X25~1.SH! C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\Content.IE5\CTLWS60Z\47DF7E~3.SH!] -> [Ver = | Size = 111904 bytes | Modified Date = 7/25/2007 3:10:18 PM | Attr = ]
DellSupport -> %ProgramFiles%\DellSupport\DSAgnt.exe ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 11:09:36 AM | Attr = ]
PopUpStopperProfessional -> %ProgramFiles%\Panicware\Pop-Up Stopper Professional\PopUpStopperProfessional.exe ["C:\Program Files\Panicware\Pop-Up Stopper Professional\PopUpStopperProfessional.exe"] -> Panicware, Inc. [Ver = 1, 80, 0, 1000 | Size = 516096 bytes | Modified Date = 6/2/2005 7:06:26 PM | Attr = ]
updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe ["C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1] -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 3/30/2006 4:45:08 PM | Attr = R ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/23/2005 10:05:26 PM | Attr = ]
%AllUsersProfile%\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkCalRem.exe -> Microsoft® Corporation [Ver = 6.00.1828.1 | Size = 24633 bytes | Modified Date = 8/8/2000 4:00:00 PM | Attr = ]
< Mike Startup Folder > -> C:\Documents and Settings\Mike\Start Menu\Programs\Startup ->
-> %UserProfile%\Start Menu\Programs\Startup\CleanupNortelVPN.bat -> [Ver = | Size = 923 bytes | Modified Date = 3/29/2008 1:05:04 PM | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
PCANotify -> %SystemRoot%\SYSTEM32\PCANotify.dll -> Symantec Corporation [Ver = 11.0.1.764 | Size = 8704 bytes | Modified Date = 10/31/2003 11:01:00 AM | Attr = ]
WRNotifier -> %SystemRoot%\SYSTEM32\WRLogonNtf.dll -> Webroot Software, Inc. [Ver = 3,5,6,114 | Size = 219504 bytes | Modified Date = 1/4/2008 9:34:36 PM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\\NoHTMLWallPaper -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\\NoChangingWallpaper -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\\NoEditingComponents -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\\NoDeletingComponents -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\\NoAddingComponents -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\\NoComponents -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\Wallpaper -> ->
< CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup ->
SCSI miniport -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 ->
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable ->
NEC MBR-7 -> -> File not found
NEC MBR-7.4 -> -> File not found
PIONEER CHANGR DRM-1804X -> -> File not found
PIONEER CD-ROM DRM-6324X -> -> File not found
PIONEER CD-ROM DRM-624X -> -> File not found
TORiSAN CD-ROM CDR_C36 -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomHL-DT-ST_DVD-ROM_GDR8163B_______________0D20____\5&1ce3bd75&0&0.0.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> IDE\CdRomSONY_CD-RW__CRX217E_____________________1DS2____\5&1ce3bd75&0&0.1.0 ->
< Drives - Autoruns > -> ->
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 8/10/2004 2:04:08 PM | Attr = ]
autorun [] -> F:\autorun [ FAT32 ] -> [Folder | Modified Date = 8/8/2006 9:59:46 AM | Attr = ]
autorun.inf [[autorun] | ICON=AUTORUN\WDLOGO.ICO | ] -> F:\autorun.inf [ FAT32 ] -> [Ver = | Size = 36 bytes | Modified Date = 11/15/2005 11:08:04 AM | Attr = H ]
< HOSTS File > (4562 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.2 lb2.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.20 ofep20.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.20 ofep20.sabre.com # Nortel SSL-VPN -> ->
127.0.0.21 ofep21.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.21 ofep21.sabre.com # Nortel SSL-VPN -> ->
127.0.0.22 ofep22.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.22 ofep22.sabre.com # Nortel SSL-VPN -> ->
127.0.0.23 ofep23.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.23 ofep23.sabre.com # Nortel SSL-VPN -> ->
127.0.0.24 ofep24.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.24 ofep24.sabre.com # Nortel SSL-VPN -> ->
127.0.0.25 ofep25.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.25 ofep25.sabre.com # Nortel SSL-VPN -> ->
127.0.0.26 ofep26.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.26 ofep26.sabre.com # Nortel SSL-VPN -> ->
127.0.0.27 ofep27.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.27 ofep27.sabre.com # Nortel SSL-VPN -> ->
127.0.0.28 ofep28.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.28 ofep28.sabre.com # Nortel SSL-VPN -> ->
127.0.0.29 ofep29.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.29 ofep29.sabre.com # Nortel SSL-VPN -> ->
127.0.0.30 ofep30.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.30 ofep30.sabre.com # Nortel SSL-VPN -> ->
127.0.0.31 ofep31.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.31 ofep31.sabre.com # Nortel SSL-VPN -> ->
127.0.0.32 ofep32.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.32 ofep32.sabre.com # Nortel SSL-VPN -> ->
127.0.0.33 ofep33.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.33 ofep33.sabre.com # Nortel SSL-VPN -> ->
127.0.0.34 ofep34.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.34 ofep34.sabre.com # Nortel SSL-VPN -> ->
127.0.0.35 ofep35.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.35 ofep35.sabre.com # Nortel SSL-VPN -> ->
127.0.0.36 decs.sabre.com # Nortel SSL-VPN -> ->
127.0.0.36 fos.sabre.com # Nortel SSL-VPN -> ->
127.0.0.36 frt.sabre.com # Nortel SSL-VPN -> ->
127.0.0.37 lb1.sabre.com # Nortel SSL-VPN -> ->
127.0.0.38 lb2.sabre.com # Nortel SSL-VPN -> ->
127.0.0.39 tsts.sabre.com # Nortel SSL-VPN -> ->
127.0.0.4 ofep04.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.4 ofep04.sabre.com # Nortel SSL-VPN -> ->
127.0.0.40 cert.sabre.com # Nortel SSL-VPN -> ->
127.0.0.5 ofep05.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.5 ofep05.sabre.com # Nortel SSL-VPN -> ->
127.0.0.6 ofep06.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.6 ofep06.sabre.com # Nortel SSL-VPN -> ->
127.0.0.7 ofep07.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.7 ofep07.sabre.com # Nortel SSL-VPN -> ->
127.0.0.8 ofep08.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.8 ofep08.sabre.com # Nortel SSL-VPN -> ->
127.0.0.9 ofep09.dcs.amrcorp.com # Nortel SSL-VPN -> ->
127.0.0.9 ofep09.sabre.com # Nortel SSL-VPN -> ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Bar -> http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> about:blank ->
HKEY_CURRENT_USER\: Search\\CustomizeSearch -> http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm ->
HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch[] ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
objects_aol.com [*] -> Out of zone range - ( 5 ) ->
internet .[about] -> Trusted sites ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 12/18/2006 4:16:42 AM | Attr = ]
{089FD14D-132B-48FC-8861-0048AE113215} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 927008 bytes | Modified Date = 12/4/2007 5:02:24 PM | Attr = ]
{377C180E-6F0E-4D4C-980F-F45BD3D40CF4} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\MSK\mcapbho.dll [McAfee Phishing Filter] -> [Ver = | Size = 329032 bytes | Modified Date = 9/19/2007 6:15:26 AM | Attr = ]
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> McAfee, Inc. [Ver = VSCORE.14.0.0.366.x86 | Size = 58688 bytes | Modified Date = 10/24/2007 6:51:28 AM | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{0BF43445-2F28-4351-9252-17FE6E806AA0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll [McAfee SiteAdvisor] -> [Ver = | Size = 927008 bytes | Modified Date = 12/4/2007 5:02:24 PM | Attr = ]
{BA52B914-B692-46c4-B683-905236F6F655} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{F3DF2532-A2CC-48D8-8643-A033AE4FC313} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value MenuText does not exist or could not be read.] -> File not found
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Search -> -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
SV1 -> ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{8E20C362-66FE-4BFA-8091-8B0DE2E4A03A} -> (Intel(R) PRO/100 VE Network Connection) ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
siteadvisor:{3A5DC592-7723-4EAA-9EE6-AF4222BCF879} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll[Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 927008 bytes | Modified Date = 12/4/2007 5:02:24 PM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{149E45D8-163E-4189-86FC-45022AB2B6C9}[HKEY_LOCAL_MACHINE] -> file://C:\Program Files\Baby Luv\Images\stg_drm.ocx[SpinTop DRM Control] ->
{17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://go.microsoft.com/fwlink/?linkid=39204[Windows Genuine Advantage Validation Tool] ->
{74C861A1-D548-4916-BC8A-FDE92EDFF62C}[HKEY_LOCAL_MACHINE] -> http://mediaplayer.walmart.com/installer/install.cab[Reg Error: Key does not exist or could not be opened.] ->
{77E32299-629F-43C6-AB77-6A1E6D7663F6}[HKEY_LOCAL_MACHINE] -> http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab[Reg Error: Key does not exist or could not be opened.] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[MessengerStatsClient Class] ->
{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-140-windows-i586.cab[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab[Java Plug-in 1.6.0_02] ->
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] ->
{CC450D71-CC90-424C-8638-1F2DBAC87A54}[HKEY_LOCAL_MACHINE] -> file://C:\Program Files\Baby Luv\Images\armhelper.ocx[Reg Error: Key does not exist or could not be opened.] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] ->
CabBuilder[HKEY_LOCAL_MACHINE] -> http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab[Reg Error: Key does not exist or could not be opened.] ->
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/cpbrkpie.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/cpbrkpie.ocx\\.Owner -> {9522B3FB-7A2B-4646-8AF6-36E7F593073C} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/cpbrkpie.ocx\\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\\.Owner -> {CC450D71-CC90-424C-8638-1F2DBAC87A54} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\\{CC450D71-CC90-424C-8638-1F2DBAC87A54} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/stg_drm.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.2/stg_drm.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.2/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.2/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.3/stg_drm.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.3/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.3/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/InstallerControl.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/InstallerControl.dll\\.Owner -> CabBuilder ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/InstallerControl.dll\\CabBuilder -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\.Owner -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/OTOYAX.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/OTOYAX.dll\\.Owner -> {77E32299-629F-43C6-AB77-6A1E6D7663F6} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/OTOYAX.dll\\{77E32299-629F-43C6-AB77-6A1E6D7663F6} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ASYCFILT.DLL\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ASYCFILT.DLL\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/atl.dll\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/COMCAT.DLL\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/COMCAT.DLL\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACH