Am seriously frustrated after trying so many things with this invasive and destructive virus.
I have downloaded an run DSS with the following results:
Deckard's System Scanner v20071014.68
Run by Robin Coleman on 2008-08-11 19:10:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-08-11 19:10:53
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\SYSTEM32\LEXBCES.EXE
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\fxssvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SYSTEM32\hkcmd.exe
C:\WINDOWS\SYSTEM32\DSentry.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mindjet\MindManager 6\MmReminderService.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\V0250Mon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\SYSTEM32\LEXPPS.EXE
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\WINDOWS\SYSTEM32\ctfmon.exe
C:\WINDOWS\SYSTEM32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
E:\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell...gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Tesco internet access
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O2 - BHO: QXK Olive - {AF78793A-C6D3-4282-B395-CBA1D0599AB6} - C:\WINDOWS\wnlmdakqanr.dll
O3 - Toolbar: bgrqfetx - {968232F5-0910-483D-B059-4C6AB5C785DC} - C:\WINDOWS\bgrqfetx.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [VirusScan] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMReminderService] C:\Program Files\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\ROBINC~1\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [V0250Mon.exe] C:\WINDOWS\V0250Mon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [\Win2AC.exe] C:\Windows\system32\Win2AC.exe
O4 - HKLM\..\Run: [\Win2AD.exe] C:\Windows\system32\Win2AD.exe
O4 - HKLM\..\Run: [\Win2AE.exe] C:\Windows\system32\Win2AE.exe
O4 - HKLM\..\Run: [\Win2AF.exe] C:\Windows\system32\Win2AF.exe
O4 - HKLM\..\Run: [\Win2B0.exe] C:\Windows\system32\Win2B0.exe
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\ROBINC~1\LOCALS~1\Temp\20088917254_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\ROBINC~1\LOCALS~1\Temp\20088917251_mcinfo.exe /insfin
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [\Win2AC.exe] C:\Windows\system32\Win2AC.exe
O4 - HKCU\..\Run: [\Win2AD.exe] C:\Windows\system32\Win2AD.exe
O4 - HKCU\..\Run: [\Win2AE.exe] C:\Windows\system32\Win2AE.exe
O4 - HKCU\..\Run: [\Win2AF.exe] C:\Windows\system32\Win2AF.exe
O4 - HKCU\..\Run: [\Win2B0.exe] C:\Windows\system32\Win2B0.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe -rem
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://memberservices.tesco.net (HKCU)
O15 - Trusted Zone: https://register.tesco.net (HKCU)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\SYSTEM32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O24 - Desktop Component 0: - http://www.broadjam....ges/hifimp3.gif
--
End of file - 12309 bytes
-- Files created between 2008-07-11 and 2008-08-11 -----------------------------
2008-08-11 18:38:24 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-08-11 18:38:24 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-08-11 18:38:24 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-08-11 18:38:24 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-08-11 18:38:24 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-08-11 18:38:24 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-08-11 18:38:24 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-08-11 18:38:24 82432 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; 404Fix>
2008-08-10 20:11:17 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Macromedia
2008-08-10 19:17:34 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Symantec
2008-08-10 19:17:26 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Real
2008-08-10 19:17:26 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Creative
2008-08-10 19:16:47 0 d--h----- C:\Documents and Settings\Russell Coleman\Templates
2008-08-10 19:16:47 0 dr------- C:\Documents and Settings\Russell Coleman\Start Menu
2008-08-10 19:16:47 0 dr-h----- C:\Documents and Settings\Russell Coleman\SendTo
2008-08-10 19:16:47 0 dr-h----- C:\Documents and Settings\Russell Coleman\Recent
2008-08-10 19:16:47 0 d--h----- C:\Documents and Settings\Russell Coleman\PrintHood
2008-08-10 19:16:47 1310720 --ah----- C:\Documents and Settings\Russell Coleman\NTUSER.DAT
2008-08-10 19:16:47 0 d--h----- C:\Documents and Settings\Russell Coleman\NetHood
2008-08-10 19:16:47 0 dr------- C:\Documents and Settings\Russell Coleman\My Documents
2008-08-10 19:16:47 0 d--h----- C:\Documents and Settings\Russell Coleman\Local Settings
2008-08-10 19:16:47 0 dr------- C:\Documents and Settings\Russell Coleman\Favorites
2008-08-10 19:16:47 0 d-------- C:\Documents and Settings\Russell Coleman\Desktop
2008-08-10 19:16:47 0 d--hs---- C:\Documents and Settings\Russell Coleman\Cookies
2008-08-10 19:16:47 0 dr-h----- C:\Documents and Settings\Russell Coleman\Application Data
2008-08-10 19:16:47 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Sun
2008-08-10 19:16:47 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Sonic
2008-08-10 19:16:47 0 d---s---- C:\Documents and Settings\Russell Coleman\Application Data\Microsoft
2008-08-10 19:16:47 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Jasc Software Inc
2008-08-10 19:16:47 0 d-------- C:\Documents and Settings\Russell Coleman\Application Data\Identities
2008-08-10 14:53:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-09 17:19:03 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\Symantec
2008-08-09 17:13:58 0 d-------- C:\Program Files\Windows Sidebar
2008-08-09 17:13:23 0 d-------- C:\Program Files\Norton 360
2008-08-09 17:09:44 0 d-------- C:\Program Files\Symantec
2008-08-09 17:09:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-09 17:06:01 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-08-08 21:54:42 0 d-------- C:\Program Files\VirusRemover2008
2008-08-08 21:35:40 0 d-------- C:\WINDOWS\Prefetch
2008-08-08 18:28:19 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\Sammsoft
2008-08-08 18:27:45 0 d-------- C:\Program Files\Advanced Registry Optimizer
2008-08-08 12:07:01 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\TmpRecentIcons
2008-08-08 12:06:27 339968 --a------ C:\WINDOWS\wnlmdakqanr.dll
2008-08-08 12:06:26 233472 --a------ C:\WINDOWS\xokvrpwg.dll
2008-08-08 12:06:26 200704 --a------ C:\WINDOWS\tfnslopk.dll
2008-08-08 12:06:26 86016 --a------ C:\WINDOWS\lnvegaow.exe
2008-08-08 12:06:26 139264 --a------ C:\WINDOWS\eqbn.exe
2008-08-08 12:06:26 192512 --a------ C:\WINDOWS\bgrqfetx.dll
2008-08-08 12:06:18 0 d-------- C:\Program Files\PCHealthCenter
2008-08-08 09:29:06 0 d-------- C:\Program Files\DivX
2008-07-30 12:54:48 0 d-------- C:\WINDOWS\system32\scripting
2008-07-30 12:54:46 0 d-------- C:\WINDOWS\l2schemas
2008-07-30 12:54:44 0 d-------- C:\WINDOWS\system32\en
2008-07-30 11:38:10 0 d-------- C:\Program Files\Common Files\Scanner
2008-07-30 11:26:22 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\Yahoo!
2008-07-30 11:26:21 0 d-------- C:\Program Files\Yahoo!
2008-07-26 20:33:58 0 d-------- C:\Program Files\iPod
2008-07-26 20:32:39 0 d-------- C:\Program Files\Bonjour
2008-07-25 14:51:22 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-18 14:09:54 0 d-------- C:\Program Files\Mindscape
-- Find3M Report ---------------------------------------------------------------
2008-08-11 18:26:51 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\Skype
2008-08-10 19:07:10 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\Apple Computer
2008-08-10 14:43:19 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\Real
2008-08-09 17:14:51 0 d-------- C:\Program Files\Common Files
2008-08-07 08:55:42 0 d-------- C:\Program Files\Java
2008-07-30 13:11:42 0 d-------- C:\Program Files\MSN Messenger
2008-07-30 13:06:19 0 d-------- C:\Program Files\Messenger
2008-07-30 12:54:43 0 d-------- C:\Program Files\Movie Maker
2008-07-30 12:47:44 0 d-------- C:\Program Files\Windows NT
2008-07-29 08:40:49 0 d-------- C:\Documents and Settings\Robin Coleman\Application Data\LimeWire
2008-07-28 22:39:03 0 d-------- C:\Program Files\Google
2008-07-28 21:42:46 0 d-------- C:\Program Files\QuickTime
2008-07-26 20:34:25 0 d-------- C:\Program Files\iTunes
2008-07-18 14:13:34 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-04 18:38:27 0 d-------- C:\Program Files\Common Files\eSellerate
2008-07-04 18:21:44 0 d-------- C:\Program Files\iPod To Computer Transfer
2008-07-04 13:41:22 179 --a------ C:\handle.dat
2008-06-25 16:32:46 0 d-------- C:\Program Files\Apple Software Update
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF78793A-C6D3-4282-B395-CBA1D0599AB6}]
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
CTFMON.EXE REG_SZ C:\WINDOWS\System32\CTFMON.EXE
DESKTOP.INI [03/09/2002 09:00:00]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [15/12/2005 13:00:54]
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer
Written by Bobbi Flekman 2006 ©
GeneralFlags REG_DWORD 1 (0x1)
RestoredStateInfo REG_BINARY dcff35010948e9778832e877ffffffffde60e777d0752300
RestoredStateInfo REG_BINARY 180000006a02000023000000a40000009a00000001000000
REGEDIT4
"ChangePasswordUseKerberos"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPExtensions]
"ProcessGroupPolicy"="ProcessGroupPolicy"
00
"MaxNoGPOListChangesInterval"=dword:000003c0
00
"RequiresSuccessfulRegistry"=dword:00000001
"NoGPOListChanges"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001
74,61,6c,6c,65,72,2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Notify]
"Logoff"="ChainWlxLogoffEvent"
"Logoff"="CryptnetWlxLogoffEvent"
"Asynchronous"=dword:00000001
"Unlock"="WlDimsUnlock"
"Unlock"="WinlogonUnlockEvent"
"Asynchronous"=dword:00000001
"Logoff"="SchedEventLogOff"
"DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00
"Asynchronous"=dword:00000001
"Disconnect"="TSEventDisconnect"
"Event"=dword:00000000
23,14,00,00,00,39,56,74,73,87,28,30,b8,65,c0,5f,76,ce,6d,bb,c5,06,a2,9b,76
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SpecialAccounts]
"ASPNET"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Credentials]
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ cscdll.dll
!d;s/.*t//;s/
[hkey.*/n
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy
!d;s/.*t//;s/
[hkey.*/n
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logoff REG_SZ WLEventLogoff
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ WlNotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logon REG_SZ WLEventLogon
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
Written by Bobbi Flekman 2006 ©
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 140200001002000000020000900434000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100000007000b000000000007000b0000003f0000000
20000000400010001000000000000000000000000000000440000000100560061007200460069006c
00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f0
06e00000000000904e404f0030000010053007400720069006e006700460069006c00650049006e00
66006f000000cc03000001003000340030003900300034004500340000004a001900010043006f006
d006d0065006e007400730000004300720079007300740061006c002000530051004c002000440065
007300690067006e0065007200200037002e0030000000000088003400010043006f006d007000610
06e0079004e0061006d006500000000005300650061006700610074006500200053006f0066007400
7700610072006500200049006e0066006f0072006d006100740069006f006e0020004d0061006e006
100670065006d0065006e0074002000470072006f00750070002c00200049006e0063002e000000ae
00450001004c006500670061006c0043006f007000790072006900670068007400000043006f00700
07900720069006700680074002000280063002900200031003900390031002d003100390039001000
000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5409000054020000000200008c0334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe000001000200a8112e0400000200a8112e0400003f0000002
00000000400000001000000000000000000000000000000ec020000010053007400720069006e0067
00460069006c00650049006e0066006f000000c802000001003000300030003000300034006200300
0000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c00
2000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e006
1006d006500000000005300410050002000410047002c002000570061006c006c0064006f00720066
00000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e0
0000000005300410050002000460072006f006e00740065006e006400200066006f00720020005700
69006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006
f006e000000000034003500320030002e0032002e0030002e00310030003700300000003200090001
0049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e0
05400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200
000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000
100530065007200760069006300650020005000610063006b00200033000000230054020000000200
008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f000000000
0bd04effe0000010003009e112604000003009e11260400003f000000200000000400000001000000
000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006
e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f
006d006d0065006e007400730000004f007200690067006e0061006c0020005600650072007300690
06f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300
410050002000410047002c002000570061006c006c0064006f0072006600000000005a00190001004
60069006c0065004400650073006300720069007000740069006f006e000000000053004100500020
00460072006f006e00740065006e006400200066006f0072002000570069006e0064006f007700730
0000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500
310030002e0033002e0030002e003100300036003200000032000900010049006e007400650072006
e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001
004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0
000003cfd060004000000000000006505000002000000030000000000010053006500720076006900
6300650020005000610063006b0020003300000023005402000000020000200334000000560053005
f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000004
00f003000000000400f00300003f00000000000000040001000100000000000000000000000000000
07e020000010053007400720069006e006700460069006c00650049006e0066006f0000005a020000
01003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004
e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065
004400650073006300720069007000740069006f006e00000000005300410050002000460072006f0
06e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003600
0b000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002
e003100300030003800000000002c000600010049006e007400650072006e0061006c004e0061006d
0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790
072006900670068007400000043006f0070007900720069006700680074002000a900200031003900
390033002d0031003900390037002000530041005000200041004700000000002800000001004c006
500670061006c0054007200610064000200000000000000010000004c0000003cfd06000400000000
000000650500000200000003000000000001005300650072007600690063006500200050006100630
06b0020003300000023005402000000020000180334000000560053005f0056004500520053004900
4f004e005f0049004e0046004f0000000000bd04effe0000010000000400dd03000000000400dd030
0003f0000000000000004000100010000000000000000000000000000007802000001005300740072
0069006e006700460069006c00650049006e0066006f0000005402000001003000340030003900300
034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000
530041005000200041004700000000005a0019000100460069006c006500440065007300630072006
9007000740069006f006e00000000005300410050002000460072006f006e00740065006e00640020
0066006f0072002000570069006e0064006f00770073000000000034000a000100460069006c00650
0560065007200730069006f006e000000000034002e0030002e0030002e0039003800390000002c00
0600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e0054000
0005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f
0070007900720069006700680074002000a900200031003900390033002d003100390039003700200
0530041005000200041004700000000002800000001004c006500670061006c005400720061006400
65006d000200000000000000010000004c0000003cfd0600040000000000000065050000020000000
300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5802000054020000000200006c0734000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f0000000
00000000400040001000000000000000000000000000000cc060000010053007400720069006e0067
00460069006c00650049006e0066006f0000005403000001003000340030003900300034004200300
0000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d007000
61006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006
f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073
006300720069007000740069006f006e00000000004d006900630072006f0073006f0066007400200
0450078006300680061006e0067006500200053006500720076006500720020005300650074007500
7000000036000b000100460069006c006500560065007200730069006f006e000000000035002e003
5002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c
004e0061006d00650000005300650074007500700000009c003c0001004c006500670061006c00430
06f007000790072006900670068007400000043006f00700079007200690067006800740020000200
000000000000010000004c0000003cfd0600050000000000000065050000020000000300000002000
000530065007200760069006300650020005000610063006b002000340000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 580200005402000000020000440234000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100010001000c000000010001000c000000000000000
00000000400000001000000000000000000000000000000440000000000560061007200460069006c
00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f0
06e00000000000904b004a4010000010053007400720069006e006700460069006c00650049006e00
66006f00000080010000010030003400300039003000340042003000000040002000010043006f006
d00700061006e0079004e0061006d00650000000000440065004c006f0072006d00650020004d0061
007000700069006e0067000000440022000100500072006f0064007500630074004e0061006d00650
0000000005200650067002000280044004c0069006200620079005c006d0073006600290000000000
340014000100460069006c006500560065007200730069006f006e000000000031002e00300031002
e0030003000310032000000380014000100500072006f006400750063007400560065007200730069
006f006e00000031002e00300031002e003000300031003200000034001200010049006e007400650
072006e0061006c004e0061006d00650000004d004e00470052004500470033003200000000000200
000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000
100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
ApplicationGoo REG_BINARY 140200001002000000020000b40234000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100350007000000000035000700000000003f0000000
0000000040000000100000000000000000000000000000012020000010053007400720069006e0067
00460069006c00650049006e0066006f000000ee01000001003000340030003900300034006200300
0000042001100010043006f006d00700061006e0079004e0061006d00650000000000500065006f00
70006c00650053006f00660074002c00200049006e0063002e0000000000280000000100460069006
c0065004400650073006300720069007000740069006f006e00000000002a0005000100460069006c
006500560065007200730069006f006e000000000037002e0035003300000000009c003c0001004c0
06500670061006c0043006f007000790072006900670068007400000043006f007000790072006900
6700680074002000a900200031003900380038002d0031003900390038002000500065006f0070006
c00650053006f00660074002c00200049006e0063002e002000200041006c006c0020005200690067
0068007400730020005200650073006500720076006500640000003c000a0001004f0072006900670
069006e0061006c00460069006c0065006e0061006d00650000007000730064006d0074002e001000
000000000000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 000700005402000000020000840734000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f0000000
00000000400040001000000000000000000000000000000e4060000010053007400720069006e0067
00460069006c00650049006e0066006f0000006003000001003000340030003900300034004200300
0000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d007000
61006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006
f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073
006300720069007000740069006f006e00000000004d006900630072006f0073006f0066007400200
0450078006300680061006e0067006500200053006500720076006500720020005300650074007500
7000000036000b000100460069006c006500560065007200730069006f006e000000000035002e003
5002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c
004e0061006d00650000005300650074007500700000009e003d0001004c006500670061006c00430
06f007000790072006900670068007400000043006f00700079007200690067006800740020000200
000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000
000530065007200760069006300650020005000610063006b00200033000000240054020000000200
00a40834000000560053005f00560045005200530049004f004e005f0049004e0046004f000000000
0bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000
00000000000000000000000004080000010053007400720069006e006700460069006c00650049006
e0066006f000000f0030000010030003400300039003000340042003000000018000000010043006f
006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d0
06500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100
740069006f006e000000680020000100460069006c006500440065007300630072006900700074006
9006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e
00670065002000530065007200760065007200200053006500740075007000000036000b000100460
069006c006500560065007200730069006f006e000000000035002e0035002e003100390036003000
2e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005
30065007400750070000000a600410001004c006500670061006c0043006f00700079007200690067
0068007400000043006f00700079007200690067006800740020000200000000000000010000004c0
000003cfd060005000000000000006505000002000000000000000000000053006500720076006900
6300650020005000610063006b0020003300000024005402000000020000180434000000560053005
f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005
000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000
078030000010053007400720069006e006700460069006c00650049006e0066006f00000054030000
010030003400300039003000340042003000000018000000010043006f006d006d0065006e0074007
30000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d00690063
0072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680
020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d00
6900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007
200760065007200200053006500740075007000000036000b000100460069006c0065005600650072
00730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c00060
0010049006e007400650072006e0061006c004e0061006d0065000000530065007400750070000000
9a003b0001004c006500670061006c0043006f007000790072006900670068007400000043006f007
00079007200690067006800740020000200000000000000010000004c0000003cfd06000500000000
000000650500000200000000000000000000005300650072007600690063006500200050006100630
06b002000330000002400
ApplicationGoo REG_BINARY 140200001002000000020000040334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe000001001c0008000000000000000800000000003f0000000
0000000040000000100000000000000000000000000000064020000010053007400720069006e0067
00460069006c00650049006e0066006f0000004002000001003000340030003900300034006200300
0000044001200010043006f006d00700061006e0079004e0061006d0065000000000043006f007200
65006c00200043006f00720070006f0072006100740069006f006e0000004e0013000100460069006
c0065004400650073006300720069007000740069006f006e000000000043006f00720065006c0020
00530065007400750070002000570069007a00610072006400000000002c0006000100460069006c0
06500560065007200730069006f006e000000000038002e0030003200380000004600130001004900
6e007400650072006e0061006c004e0061006d006500000043006f00720065006c002000530065007
400750070002000570069007a00610072006400000000006c00240001004c006500670061006c0043
006f007000790072006900670068007400000043006f0070007900720069006700680074002000a90
0200031003900390037002c00200043006f00720065006c00200043006f00720070006f0072000800
000000000000
ApplicationGoo REG_BINARY 140200001002000000020000380334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe0000010002000a0001000a0002000a0001000a00000000000
0000000040001000100000000000000000000000000000098020000010053007400720069006e0067
00460069006c00650049006e0066006f0000007402000001003000340030003900300034004500340
000004a001500010043006f006d00700061006e0079004e0061006d00650000000000530079006d00
61006e00740065006300200043006f00720070006f0072006100740069006f006e000000000060001
c000100460069006c0065004400650073006300720069007000740069006f006e0000000000530079
006d0061006e007400650063002000530079006d006500760065006e007400200049006e007300740
061006c006c0065007200000034000a000100460069006c006500560065007200730069006f006e00
00000000310030002e0032002e00310030002e003100000030000800010049006e007400650072006
e0061006c004e0061006d006500000053004500560049004e005300540000007e002d0001004c0065
00670061006c0043006f007000790072006900670068007400000043006f007000790072006900670
06800740020002800430029002000530079006d0061006e00740065006300200043006f0072000100
000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 1402000010020000000200007c0334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100000001000900260000000100090026003f0000000
00000000400000001000000000000000000000000000000dc020000010053007400720069006e0067
00460069006c00650049006e0066006f000000b802000001003000340030003900300034006200300
0000066002700010043006f006d006d0065006e0074007300000042007500730069006e0065007300
7300200049006e00740065006c006c006900670065006e006300650020006f006e002000450076006
5007200790020004400650073006b0074006f0070000000000048001400010043006f006d00700061
006e0079004e0061006d0065000000000043006f0067006e006f007300200049006e0063006f00720
070006f0072006100740065006400000060001c000100460069006c00650044006500730063007200
69007000740069006f006e000000000043006f0067006e006f0073002000470065006e00650072006
9006300200049006e007300740061006c006c006100740069006f006e00000038000c000100460069
006c006500560065007200730069006f006e000000000031002c00200030002c002000330038002c0
020003900000030000800010049006e007400650072006e0061006c004e0061006d00650000000100
000000000000
GlobalFlag REG_SZ 0x000010F0
ApplicationGoo REG_BINARY 140200001002000000020000a40234000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100000001000100000000000100010000003f0000000
0000000010001000100000000000000000000000000000004020000010053007400720069006e0067
00460069006c00650049006e0066006f000000e001000001003000340030003900300034004500340
0000020000000010043006f006d00700061006e0079004e0061006d00650000000000580018000100
460069006c0065004400650073006300720069007000740069006f006e000000000049004e0053005
40041004c004c0020004d004600430020004100700070006c00690063006100740069006f006e0000
00300008000100460069006c006500560065007200730069006f006e000000000031002e0030002e0
0300030003100000030000800010049006e007400650072006e0061006c004e0061006d0065000000
49004e005300540041004c004c0000002400000001004c006500670061006c0043006f00700079007
200690067006800740000002800000001004c006500670061006c00540072006100640065006d0061
0072006b0073000000000040000c0001004f0072006900670069006e0061006c00460069006c00650
06e0061006d006500000049004e005300540041004c004c002e004500580045000000300008000800
000000000000
"Notification Packages scecli
Written by Bobbi Flekman 2006 ©
Error: Key: software\microsoft\windows\currentversion\group policy\state does not exist!
Written by Bobbi Flekman 2006 ©
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SaslProfiles
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SCHANNEL
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\File system]
@="Driver Group"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\RpcSs]
@="Service"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\vgasave.sys]
@="Driver"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 ©
Error: Key: software\microsoft\shared tools\msconfig\startupfolder does not exist!
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 ©
Error: Key: software\microsoft\shared tools\msconfig\startupreg does not exist!
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs
Written by Bobbi Flekman 2006 ©
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components
7,0,5730,0
*
2,0,0,0
6,0,5730,11
en
2,0,0,0
01000000
C:\WINDOWS\System32\msjava.dll
EN
01000000
01000000
EN
01000000
11,0,5721,5145
1 (0x1)
Adobe Shockwave Director 10.1.4
DirectAnimation
Adobe Shockwave Director 10.1.4
1,1,1,7
*
1,397,2406,1
Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
6,0,2800,1106
1 (0x1)
EN
11,0,5721,5145
0400090000008603
4,71,1113,0
7,0,5730,11
3 (0x3)
5,6,0,8513
C:\Program Files\Messenger\msmsgs.exe
5,00,2918,1900
KB918439
7,0,5730,11
C:\WINDOWS\System32\msieftp.dll
11,0,5721,5145
4,9,9,2
WAB
Q831167
en
en
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}\AuthorizedCDFPrefix
2 (0x2)
EN
1 (0x1)
7,0,5730,11
6,0,5730,11
.NET Framework
4,71,1968,1
2,1,4026,0
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
KB925486
6,0,5730,11
5,0,00,0
Q832894
KB911567
-- End of Deckard's System Scanner: finished at 2008-08-11 19:12:17 ------------
Ahuge thanks in advance to anyone who can assist.
Regards,
Robin.