[code] OTScanIt2 logfile created on: 1/3/2009 2:50:34 PM - Run 1 OTScanIt2 by OldTimer - Version 1.0.5.0 Folder = C:\Documents and Settings\Shanna Kimsey\Desktop\OTScanIt2 Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 503.37 Mb Total Physical Memory | 183.29 Mb Available Physical Memory | 36.41% Memory free 1.20 Gb Paging File | 0.65 Gb Available in Paging File | 54.32% Paging File free Paging file location(s): C:\pagefile.sys 756 1512; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 33.54 Gb Total Space | 13.81 Gb Free Space | 41.18% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SHANNA Current User Name: Shanna Kimsey Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days [Processes - Safe List] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) apntex.exe -> %ProgramFiles%\Apoint\ApntEx.exe -> [2004/08/19 14:40:08 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) apoint.exe -> %ProgramFiles%\Apoint\Apoint.exe -> [2004/09/13 16:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.) calmain.exe -> %ProgramFiles%\Canon\CAL\CALMAIN.exe -> [2006/03/30 08:15:44 | 00,096,341 | ---- | M] (Canon Inc.) dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> [2003/10/29 03:06:00 | 00,024,576 | ---- | M] (BVRP Software) dvpapi.exe -> %CommonProgramFiles%\Authentium\AntiVirus\dvpapi.exe -> [2007/07/09 12:54:08 | 00,177,416 | R--- | M] (Authentium, Inc.) hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> [2005/10/14 13:46:34 | 00,077,824 | ---- | M] (Intel Corporation) hnm_svc.exe -> %ProgramFiles%\Dell Network Assistant\hnm_svc.exe -> [2007/02/19 17:58:30 | 00,083,504 | ---- | M] (SingleClick Systems) hpzipm12.exe -> %SystemRoot%\system32\HPZipm12.exe -> [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP) iavemailscanner.exe -> %ProgramFiles%\iolo\System Shield 3\AntiVirus\iAVEmailScanner.exe -> [2007/11/03 11:09:44 | 00,463,232 | ---- | M] () igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> [2005/10/14 13:50:30 | 00,114,688 | ---- | M] (Intel Corporation) igfxsrvc.exe -> %SystemRoot%\system32\igfxsrvc.exe -> [2005/10/14 13:46:24 | 00,159,744 | ---- | M] (Intel Corporation) ioloav.exe -> %ProgramFiles%\iolo\System Shield 3\AntiVirus\ioloAV.exe -> [2008/03/05 09:48:18 | 01,095,520 | ---- | M] () iolofw.exe -> %ProgramFiles%\iolo\System Shield 3\Personal Firewall\ioloFW.exe -> [2008/03/05 10:06:38 | 01,305,440 | ---- | M] () ioloservicemanager.exe -> %ProgramFiles%\iolo\Common\Lib\ioloServiceManager.exe -> [2008/02/26 11:31:16 | 00,628,584 | ---- | M] () iolosgctrl.exe -> %ProgramFiles%\iolo\System Shield 3\IoloSGCtrl.exe -> [2007/11/07 20:10:52 | 00,307,040 | ---- | M] () mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) mspmspsv.exe -> %SystemRoot%\system32\MsPMSPSv.exe -> [2001/05/01 17:06:22 | 00,053,248 | ---- | M] (Microsoft Corporation) nicconfigsvc.exe -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> [2005/03/03 23:29:02 | 00,356,352 | ---- | M] (Dell Inc.) otscanit2.exe -> %UserProfile%\desktop\OTScanIt2\OTScanIt2.exe -> [2009/01/03 12:44:42 | 00,485,888 | ---- | M] (OldTimer Tools) searchindexer.exe -> %SystemRoot%\system32\searchindexer.exe -> [2008/05/26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) symwsc.exe -> %CommonProgramFiles%\Symantec Shared\Security Center\symwsc.exe -> [2004/11/02 15:59:50 | 00,316,544 | ---- | M] (Symantec Corporation) systemguardalerter.exe -> %ProgramFiles%\iolo\System Shield 3\SystemGuardAlerter.exe -> [2007/11/07 20:10:46 | 00,473,952 | ---- | M] () teatimer.exe -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> [2008/09/16 12:16:08 | 01,833,296 | ---- | M] (Safer Networking Limited) usnsvc.exe -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) utscsi.exe -> %SystemRoot%\system32\UTSCSI.EXE -> [2008/04/14 15:27:53 | 00,045,056 | ---- | M] () wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008/04/13 19:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (aawservice) Lavasoft Ad-Aware Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) (CCALib8) Canon Camera Access Library 8 [Win32_Own | Auto | Running] -> %ProgramFiles%\Canon\CAL\CALMAIN.exe -> [2006/03/30 08:15:44 | 00,096,341 | ---- | M] (Canon Inc.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) (DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [2007/03/07 14:47:46 | 00,076,848 | ---- | M] () (dvpapi) dvpapi [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Authentium\AntiVirus\dvpapi.exe -> [2007/07/09 12:54:08 | 00,177,416 | R--- | M] (Authentium, Inc.) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2007/10/09 11:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) (hnmsvc) Advanced Networking Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell Network Assistant\hnm_svc.exe -> [2007/02/19 17:58:30 | 00,083,504 | ---- | M] (SingleClick Systems) (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2007/10/11 08:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) (ioloDMV) iolo DMV Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\iolo\Common\Lib\ioloDMVSvc.exe -> [2008/02/26 11:27:24 | 00,195,424 | ---- | M] () (ioloFileInfoList) iolo FileInfoList Service [Win32_Shared | Auto | Running] -> %ProgramFiles%\iolo\Common\Lib\ioloServiceManager.exe -> [2008/02/26 11:31:16 | 00,628,584 | ---- | M] () (ioloProductUpdate) iolo Product Update Service [Win32_Shared | Auto | Running] -> %ProgramFiles%\iolo\Common\Lib\ioloServiceManager.exe -> [2008/02/26 11:31:16 | 00,628,584 | ---- | M] () (ioloSystemService) iolo System Service [Win32_Shared | Auto | Running] -> %ProgramFiles%\iolo\Common\Lib\ioloServiceManager.exe -> [2008/02/26 11:31:16 | 00,628,584 | ---- | M] () (IOLO_SRV) iolo System Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\iolo\System Shield 3\IoloSGCtrl.exe -> [2007/11/07 20:10:52 | 00,307,040 | ---- | M] () (MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) (NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2007/10/11 08:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) (NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> [2005/03/03 23:29:02 | 00,356,352 | ---- | M] (Dell Inc.) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Unknown | Running] -> %SystemRoot%\system32\HPZipm12.exe -> [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP) (SymWSC) SymWMI Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\Security Center\symwsc.exe -> [2004/11/02 15:59:50 | 00,316,544 | ---- | M] (Symantec Corporation) (usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) (UTSCSI) CLCV0 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\UTSCSI.EXE -> [2008/04/14 15:27:53 | 00,045,056 | ---- | M] () (WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) (WMDM PMSP Service) WMDM PMSP Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\MsPMSPSv.exe -> [2001/05/01 17:06:22 | 00,053,248 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) (WSearch) Windows Search [Win32_Own | Auto | Running] -> %SystemRoot%\system32\searchindexer.exe -> [2008/05/26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) (WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\WudfSvc.dll -> [2006/09/28 17:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> [2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) (amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\amdagp.sys -> [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) (ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Apfiltr.sys -> [2004/11/16 16:03:52 | 00,108,791 | ---- | M] (Alps Electric Co., Ltd.) (APPDRV) APPDRV [Kernel | System | Running] -> %SystemRoot%\system32\drivers\APPDRV.SYS -> [2004/08/18 14:53:54 | 00,016,128 | ---- | M] (Dell Inc) (asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc.sys -> [2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) (asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc3550.sys -> [2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) (bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\bcm4sbxp.sys -> [2004/05/26 20:18:18 | 00,044,928 | ---- | M] (Broadcom Corporation) (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BLKWGU.sys -> [2005/11/10 13:54:56 | 00,402,944 | R--- | M] (Belkin Corporation) (Cdr4_xp) Cdr4_xp [Kernel | System | Running] -> %SystemRoot%\System32\drivers\cdr4_xp.sys -> [2006/10/04 21:42:42 | 00,002,432 | ---- | M] (Sonic Solutions) (Cdralw2k) Cdralw2k [Kernel | System | Running] -> %SystemRoot%\System32\drivers\cdralw2k.sys -> [2006/10/04 21:42:42 | 00,002,560 | ---- | M] (Sonic Solutions) (cdudf_xp) cdudf_xp [File_System | System | Running] -> %SystemRoot%\System32\drivers\Cdudf_xp.sys -> [2003/07/17 00:19:56 | 00,259,328 | ---- | M] (Roxio) (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2001/08/17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) (CSS DVP) Dynamic Virus Protection [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\Css-Dvp.sys -> [2007/07/09 12:01:04 | 00,834,448 | ---- | M] (Authentium, Inc.) (dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> [2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) (DSproct) DSproct [Kernel | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 15:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) (dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\dsunidrv.sys -> [2007/02/25 11:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.) (DVDVRRdr_xp) DVDVRRdr_xp [File_System | System | Running] -> %SystemRoot%\System32\drivers\DVDVRRdr_xp.sys -> [2004/01/27 21:34:56 | 00,140,416 | ---- | M] (Windows (R) 2000 DDK provider) (dvd_2K) dvd_2K [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\Dvd_2k.sys -> [2003/07/17 00:19:56 | 00,021,993 | ---- | M] (Roxio) (E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\e100b325.sys -> [2001/08/17 12:12:10 | 00,117,760 | ---- | M] (Intel Corporation) (HIDKbFlt) HIDKbFlt.SvcDesc% [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\HIDKbFlt.sys -> [2005/07/25 05:13:00 | 00,023,680 | ---- | M] (Dritek System Inc.) (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZid412.sys -> [2006/04/12 05:04:39 | 00,049,664 | ---- | M] (HP) (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZipr12.sys -> [2006/04/12 05:04:39 | 00,016,496 | ---- | M] (HP) (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZius12.sys -> [2006/04/12 05:04:39 | 00,021,568 | ---- | M] (HP) (HSFHWICH) HSFHWICH [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWICH.sys -> [2005/05/03 14:08:50 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) (HSF_DP) HSF_DP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> [2004/06/17 20:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) (HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DPV.SYS -> [2005/05/03 14:09:28 | 01,033,728 | ---- | M] (Conexant Systems, Inc.) (ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2005/10/14 14:15:18 | 01,302,812 | ---- | M] (Intel Corporation) (kbdhid) Keyboard HID Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\kbdhid.sys -> [2008/04/13 13:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation) (MCSTRM) MCSTRM [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\mcstrm.sys -> [2007/11/16 17:51:17 | 00,008,413 | ---- | M] (RealNetworks, Inc.) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2004/03/17 11:04:14 | 00,013,059 | ---- | M] (Conexant) (mmc_2K) mmc_2K [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\Mmc_2k.sys -> [2003/07/17 00:19:56 | 00,022,745 | ---- | M] (Roxio) (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) (nv) nv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) (omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\omci.sys -> [2004/02/13 16:46:00 | 00,017,153 | ---- | M] (Dell Inc) (Packet) Auto Internet Protocol [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\packet.sys -> [2006/12/18 17:01:20 | 00,012,672 | ---- | M] (SingleClick Systems) (pavboot) pavboot [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\pavboot.sys -> [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) (pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2003/12/05 04:46:36 | 00,010,368 | ---- | M] (Padus, Inc.) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (pwd_2k) pwd_2k [Kernel | System | Running] -> %SystemRoot%\System32\drivers\pwd_2K.sys -> [2003/07/17 00:19:56 | 00,118,409 | ---- | M] (Roxio) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2006/09/27 16:53:22 | 00,036,560 | ---- | M] (Sonic Solutions) (ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1080.sys -> [2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) (ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql12160.sys -> [2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) (ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1280.sys -> [2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) (sdbus) sdbus [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sdbus.sys -> [2008/04/13 13:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (sffdisk) SFF Storage Class Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sffdisk.sys -> [2008/04/13 13:40:47 | 00,011,904 | ---- | M] (Microsoft Corporation) (sffp_sd) SFF Storage Protocol Driver for SDBus [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sffp_sd.sys -> [2008/04/13 13:40:47 | 00,011,008 | ---- | M] (Microsoft Corporation) (sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisagp.sys -> [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> [2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) (STAC97) SigmaTel C-Major Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\STAC97.sys -> [2005/03/10 14:56:06 | 00,273,168 | ---- | M] (SigmaTel, Inc.) (symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc810.sys -> [2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) (tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmcomm.sys -> [2007/08/01 21:47:26 | 00,102,664 | ---- | M] (Trend Micro Inc.) (UDFReadr) UDFReadr [File_System | System | Running] -> %SystemRoot%\System32\drivers\Udfreadr.sys -> [2004/01/27 21:29:40 | 00,197,632 | ---- | M] (Roxio) (UdfReadr_xp) UdfReadr_xp [File_System | System | Running] -> %SystemRoot%\System32\drivers\UdfReadr_xp.sys -> [2003/07/17 00:19:56 | 00,213,120 | ---- | M] (Roxio) (ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ultra.sys -> [2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) (usbser) Motorola USB Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser.sys -> [2008/04/13 13:45:36 | 00,026,112 | ---- | M] (Microsoft Corporation) (usb_rndisx) USB RNDIS Adapter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usb8023x.sys -> [2008/04/13 13:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) (winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> [2005/05/03 14:08:44 | 00,705,408 | ---- | M] (Conexant Systems, Inc.) (WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ws2ifsl.sys -> [2004/08/04 05:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) (XPacket) iolo Personal Firewall Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\xpacket.sys -> [2007/10/02 10:41:12 | 00,039,424 | ---- | M] (iolo technologies, LLC) (ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ZDPSp50.sys -> [2004/10/25 13:40:58 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.msn.com/ -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\] > -> -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\: Main\\"Page_Transitions" -> -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\: Main\\"Start Page" -> http://www.msn.com/ -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\: "ProxyOverride" -> *.local -> < HOSTS File > (291723 bytes and 10091 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> First 25 entries... 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.123topsearch.com 127.0.0.1 123topsearch.com 127.0.0.1 www.132.com 127.0.0.1 132.com 127.0.0.1 www.136136.net 127.0.0.1 136136.net 127.0.0.1 www.163ns.com 127.0.0.1 163ns.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2008/03/06 10:06:07 | 00,370,296 | ---- | M] (RealPlayer) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 14:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> [2008/02/22 03:25:19 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2007/09/20 10:30:18 | 00,328,752 | ---- | M] (Microsoft Corporation) {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar Helper] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\] > -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Apoint" -> %ProgramFiles%\Apoint\Apoint.exe [C:\Program Files\Apoint\Apoint.exe] -> [2004/09/13 16:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.) "igfxhkcmd" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2005/10/14 13:46:34 | 00,077,824 | ---- | M] (Intel Corporation) "igfxpers" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2005/10/14 13:50:30 | 00,114,688 | ---- | M] (Intel Corporation) "igfxtray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2005/10/14 13:49:46 | 00,094,208 | ---- | M] (Intel Corporation) "iolo AntiVirus" -> %ProgramFiles%\iolo\System Shield 3\AntiVirus\ioloAV.exe ["C:\Program Files\iolo\System Shield 3\AntiVirus\ioloAV.exe"] -> [2008/03/05 09:48:18 | 01,095,520 | ---- | M] () "iolo Personal Firewall" -> %ProgramFiles%\iolo\System Shield 3\Personal Firewall\ioloFW.exe ["C:\Program Files\iolo\System Shield 3\Personal Firewall\ioloFW.exe"] -> [2008/03/05 10:06:38 | 01,305,440 | ---- | M] () "SystemGuardAlerter" -> %ProgramFiles%\iolo\System Shield 3\SystemGuardAlerter.exe ["C:\Program Files\iolo\System Shield 3\SystemGuardAlerter.exe"] -> [2007/11/07 20:10:46 | 00,473,952 | ---- | M] () "TrojanScanner" -> %ProgramFiles%\Trojan Remover\Trjscan.exe [C:\Program Files\Trojan Remover\Trjscan.exe /boot] -> [2008/12/10 20:58:50 | 01,230,728 | ---- | M] (Simply Super Software) < RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "OTMoveIt" -> %UserProfile%\desktop\OTMoveIt3.exe [C:\Documents and Settings\Shanna Kimsey\Desktop\OTMoveIt3.exe] -> [2009/01/03 14:18:34 | 00,348,160 | ---- | M] (OldTimer Tools) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "msnmsgr" -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) "SpybotSD TeaTimer" -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2008/09/16 12:16:08 | 01,833,296 | ---- | M] (Safer Networking Limited) < Run [HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\] > -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "msnmsgr" -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) "SpybotSD TeaTimer" -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2008/09/16 12:16:08 | 01,833,296 | ---- | M] (Safer Networking Limited) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2004/12/14 03:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) %AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> [2003/10/29 03:06:00 | 00,024,576 | ---- | M] (BVRP Software) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Shanna Kimsey Startup Folder > -> C:\Documents and Settings\Shanna Kimsey\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"CDRAutoRun" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"CDRAutoRun" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006] > -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) Add to Windows &Live Favorites -> [http://favorites.live.com/quickadd.aspx] -> File not found E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) Add to Windows &Live Favorites -> [http://favorites.live.com/quickadd.aspx] -> File not found E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\] > -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\Software\Microsoft\Internet Explorer\MenuExt\ -> &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Menu: Sun Java Console] -> [2008/02/22 03:25:19 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2007/10/26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2007/10/26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) {d81ca86b-ef63-42af-bee3-4502d9a03c2d}:http://wwws.musicmatch.com/mmz/openWebRadio.html [HKLM] -> [Button: MUSICMATCH MX Web Player] -> File not found {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 14:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited) {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> [2008/02/22 03:25:19 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> [2008/02/22 03:25:19 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5238 domain(s) found. -> 50 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6056 domain(s) found. -> 52 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5237 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5237 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\] > -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6056 domain(s) found. -> 52 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\] > -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-3930035540-2187289283-1375061897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} [HKLM] -> http://housecall60.trendmicro.com/housecall/xscan60.cab[HouseCall Control] -> {05D44720-58E3-49E6-BDF6-D00330E511D3} [HKLM] -> http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab[StagingUI Object] -> {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {215B8138-A3CF-44C5-803F-8226143CFC0A} [HKLM] -> http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[Trend Micro ActiveX Scan Agent 6.6] -> {21BB8360-F943-447E-98F3-3C22345375A7} [HKLM] -> http://games.bigfishgames.com/en_chocolatier/online/ChocolatierWeb.1.0.0.13.cab[CPlayFirstChocolatierControl Object] -> {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {2359626E-7524-4F87-B04E-22CD38A0C88C} [HKLM] -> http://download.zonelabs.com/bin/free/cm/ICSCM_ca.cab[ICSScannerLight Class] -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} [HKLM] -> http://www.pandasecurity.com/activescan/cabs/as2stubie.cab[ActiveScan 2.0 Installer Class] -> {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} [HKLM] -> http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.67.cab[CPlayFirstTriJinxControl Object] -> {3107C2A8-9F0B-4404-A58B-21BD85268FBC} [HKLM] -> http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB[PogoWebLauncher Control] -> {3BB54395-5982-4788-8AF4-B5388FFDD0D8} [HKLM] -> http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab[MSN Games – Buddy Invite] -> {47CEF84E-92D8-4C4A-86D7-CB982889DCC0} [HKLM] -> http://mp1.mplay.oberon-media.com/client/flashnet.cab[Oberon Media Network Optimizer] -> {48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab[MySpace Uploader Control] -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab[MSN Photo Upload Tool] -> {512FC5A1-7DE1-43F1-BC0C-371622FCB409} [HKLM] -> http://www.nanoscan.com/as/v1/cabs/ascstubie.cab[TotalScan Installer Class] -> {5736C456-EA94-4AAC-BB08-917ABDD035B3} [HKLM] -> http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab[ZonePAChat Object] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144342820625[MUWebControl Class] -> {74C861A1-D548-4916-BC8A-FDE92EDFF62C} [HKLM] -> http://mediaplayer.walmart.com/installer/install.cab[Reg Error: Key does not exist or could not be opened.] -> {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} [HKLM] -> http://zone.msn.com/bingame/chnz/default/mjolauncher.cab[MJLauncherCtrl Class] -> {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} [HKLM] -> http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab[UnoCtrl Class] -> {8436FE12-31DB-48BF-83BF-FE682F9160B4} [HKLM] -> http://www.nanoscan.com/cabs/nanoinst.cab[NanoInstaller Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {95B5D20C-BD31-4489-8ABF-F8C8BE748463} [HKLM] -> http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab67031.cab[MSN Games – Hearts] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} [HKLM] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {A7ECD556-D6F6-4F41-8C6B-14AB246801A0} [HKLM] -> http://cdn.digitalcity.com/video/kdx.cab[Secure Delivery] -> {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} [HKLM] -> http://games.bigfishgames.com/en_burger-shop/online/GoBitGamesPlayer_v4.cab[GoBit Games Player] -> {B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab[MSN Games - Installer] -> {BD8667B7-38D8-4C77-B580-18C3E146372C} [HKLM] -> http://bmm.imgag.com/imgag/cp/install/crusher-us.cab[Creative Toolbox Plug-in] -> {CAC181B0-4D70-402D-B571-C596A47D0CE0} [HKLM] -> http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab[CBankshotZoneCtrl Class] -> {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab[Java Plug-in 1.5.0_10] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} [HKLM] -> http://www.rockyou.com/RockYouImageUploader.cab[RockYou Image Uploader Control] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} [HKLM] -> http://zone.msn.com/bingame/cnma/default/ct.cab[TikGames Online Control] -> {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} [HKLM] -> http://zone.msn.com/binframework/v10/StProxy.cab55579.cab[MSN Games – Game Communicator] -> {E5D419D6-A846-4514-9FAD-97E826C84822} [HKLM] -> http://fdl.msn.com/zone/datafiles/heartbeat.cab[HeartbeatCtl Class] -> {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} [HKLM] -> http://by112fd.bay112.hotmail.msn.com/activex/HMAtchmt.ocx[Hotmail Attachments Control] -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3AD468F1-EDCF-42E2-9356-6B5B18F55510} -> (1394 Net Adapter) -> {600FC1D5-5939-4710-8900-50BD0A586DCD} -> (Windows Mobile-based Device) -> {76964111-5B24-4A36-8FDA-4D2A1A548A9A} -> (Belkin Wireless G USB Network Adapter) -> {810008C1-11ED-4F28-BF88-BA5A55AE03F2} -> (Broadcom 440x 10/100 Integrated Controller) -> {9F4A32A3-20BA-453D-9D6D-617E23EBD9AD} -> (Belkin Wireless G USB Network Adapter) -> {B7000046-11D7-43E5-8606-96DABE371F2E} -> (Belkin Wireless G USB Network Adapter) -> IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005/10/14 13:45:38 | 00,135,168 | ---- | M] (Intel Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> %ProgramFiles%\Windows Desktop Search\MSNLNamespaceMgr.dll [] -> [2008/05/26 21:19:02 | 00,304,128 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL] -> File not found "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Documents and Settings\Shanna Kimsey\Application Data\mjusbsp\magicJack.exe" -> C:\Documents and Settings\Shanna Kimsey\Application Data\mjusbsp\magicJack.exe [C:\Documents and Settings\Shanna Kimsey\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack] -> [2008/06/12 14:33:24 | 11,699,544 | ---- | M] (magicJack L.P.) "C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL] -> File not found "C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe" -> C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe:*:Enabled:Belkin Wireless USB Utility] -> [2005/10/28 11:23:10 | 01,404,928 | ---- | M] (Belkin) "C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> File not found "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL] -> File not found "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL] -> File not found "C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" -> C:\Program Files\Dell Network Assistant\ezi_hnm2.exe [C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant] -> [2007/02/19 17:59:20 | 00,914,992 | ---- | M] (SingleClick Systems) "C:\Program Files\Grisoft\AVG7\avgamsvr.exe" -> C:\Program Files\Grisoft\AVG7\avgamsvr.exe [C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe] -> [2007/10/23 07:27:17 | 00,418,816 | ---- | M] (GRISOFT, s.r.o.) "C:\Program Files\Grisoft\AVG7\avgcc.exe" -> C:\Program Files\Grisoft\AVG7\avgcc.exe [C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe] -> [2008/04/15 07:27:07 | 00,579,584 | ---- | M] (GRISOFT, s.r.o.) "C:\Program Files\Grisoft\AVG7\avgemc.exe" -> C:\Program Files\Grisoft\AVG7\avgemc.exe [C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe] -> [2007/12/21 08:27:07 | 00,406,528 | ---- | M] (GRISOFT, s.r.o.) "C:\Program Files\Grisoft\AVG7\avginet.exe" -> C:\Program Files\Grisoft\AVG7\avginet.exe [C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe] -> [2008/04/15 07:27:07 | 00,510,976 | ---- | M] (GRISOFT, s.r.o.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe [C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe] -> [2006/02/15 10:37:26 | 00,147,511 | R--- | M] (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe] -> [2006/04/20 23:42:18 | 00,063,064 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe] -> [2006/04/21 00:13:30 | 00,231,000 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe] -> [2006/04/20 21:28:12 | 00,040,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> [2006/04/20 23:43:46 | 00,087,640 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe [C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe] -> [2006/04/21 00:06:26 | 00,181,848 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> [2006/02/16 22:49:52 | 01,085,440 | R--- | M] (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe] -> [2006/02/19 05:29:46 | 00,139,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe] -> [2006/02/17 00:19:34 | 00,192,512 | ---- | M] () "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe] -> [2006/02/19 05:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe] -> [2006/02/19 04:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe] -> [2006/04/21 00:13:00 | 00,456,280 | ---- | M] (Hewlett-Packard Development Company, L.P.) "C:\Program Files\iolo\System Shield 3\AntiVirus\iAVEmailScanner.exe" -> C:\Program Files\iolo\System Shield 3\AntiVirus\iAVEmailScanner.exe [C:\Program Files\iolo\System Shield 3\AntiVirus\iAVEmailScanner.exe:*:Enabled:iolo AntiVirus® Email Protection] -> [2007/11/03 11:09:44 | 00,463,232 | ---- | M] () "C:\Program Files\iolo\System Shield 3\AntiVirus\ioloAV.exe" -> C:\Program Files\iolo\System Shield 3\AntiVirus\ioloAV.exe [C:\Program Files\iolo\System Shield 3\AntiVirus\ioloAV.exe:*:Enabled:iolo AntiVirus®] -> [2008/03/05 09:48:18 | 01,095,520 | ---- | M] () "C:\Program Files\iolo\System Shield 3\Personal Firewall\ioloFW.exe" -> C:\Program Files\iolo\System Shield 3\Personal Firewall\ioloFW.exe [C:\Program Files\iolo\System Shield 3\Personal Firewall\ioloFW.exe:*:Enabled:iolo Firewall®] -> [2008/03/05 10:06:38 | 01,305,440 | ---- | M] () "C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation) "C:\Program Files\MySpace\IM\MySpaceIM.exe" -> C:\Program Files\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM] -> File not found "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> File not found "C:\Program Files\Yahoo!\Messenger\YServer.exe" -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> File not found "C:\WINDOWS\kdx\khost.exe" -> C:\WINDOWS\kdx\khost.exe [C:\WINDOWS\kdx\khost.exe:*:Enabled:Delivery Manager] -> [2006/10/05 10:51:04 | 02,242,120 | ---- | M] (Kontiki Inc.) "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 13:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{81e059e2-0a5a-11dd-8eb6-00114377fac5} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81e059e2-0a5a-11dd-8eb6-00114377fac5}\Shell\AutoRun \{81e059e2-0a5a-11dd-8eb6-00114377fac5}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81e059e2-0a5a-11dd-8eb6-00114377fac5}\Shell\AutoRun\command \{81e059e2-0a5a-11dd-8eb6-00114377fac5}\Shell\AutoRun\command\\"" -> E:\autorun.exe [E:\autorun.exe] -> File not found \{81e059e2-0a5a-11dd-8eb6-00114377fac5} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81e059e2-0a5a-11dd-8eb6-00114377fac5}\Shell\phone\command \{81e059e2-0a5a-11dd-8eb6-00114377fac5}\Shell\phone\command\\"" -> E:\autorun.exe [E:\autorun.exe] -> File not found [Registry - Additional Scans - Safe List] < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 12/31/2008 12:02:19 PM Computer Name = SHANNA | Source = Windows Search Service | ID = 3079 -> Description = Notifications for the volume c:\ are not active. Application [ Error ] 1/1/2009 5:07:22 PM Computer Name = SHANNA | Source = Application Error | ID = 1000 -> Description = Faulting application ad-aware.exe, version 7.1.0.11, faulting module ad-aware.exe, version 7.1.0.11, fault address 0x0015566e. Application [ Error ] 1/2/2009 12:28:03 AM Computer Name = SHANNA | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 1/2/2009 12:28:15 AM Computer Name = SHANNA | Source = Application Hang | ID = 1001 -> Description = Fault bucket 1015682910. Application [ Error ] 1/3/2009 3:11:25 PM Computer Name = SHANNA | Source = Application Hang | ID = 1002 -> Description = Hanging application Ad-Aware.exe, version 7.1.0.11, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 1/3/2009 3:11:57 PM Computer Name = SHANNA | Source = Application Hang | ID = 1002 -> Description = Hanging application Ad-Aware.exe, version 7.1.0.11, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 1/3/2009 3:12:00 PM Computer Name = SHANNA | Source = Application Hang | ID = 1001 -> Description = Fault bucket 931772520. Application [ Error ] 1/3/2009 3:12:08 PM Computer Name = SHANNA | Source = Application Hang | ID = 1001 -> Description = Fault bucket 931772520. Application [ Error ] 1/3/2009 3:24:22 PM Computer Name = SHANNA | Source = Application Hang | ID = 1002 -> Description = Hanging application OTMoveIt3.exe, version 1.0.8.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 1/3/2009 3:24:30 PM Computer Name = SHANNA | Source = Application Hang | ID = 1001 -> Description = Fault bucket 1084229164. System [ Error ] 1/3/2009 6:45:00 AM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 7:45:00 AM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 8:45:00 AM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 9:45:00 AM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 10:45:00 AM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 11:45:00 AM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 12:45:04 PM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 1:22:54 PM Computer Name = SHANNA | Source = Service Control Manager | ID = 7009 -> Description = Timeout (30000 milliseconds) waiting for the iolo DMV Service service to connect. System [ Error ] 1/3/2009 1:45:01 PM Computer Name = SHANNA | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/3/2009 2:26:36 PM Computer Name = SHANNA | Source = Dhcp | ID = 1002 -> Description = The IP address lease 192.168.254.1 for the Network Card with network address 00114377FAC5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). [Files/Folders - Created Within 30 Days] OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/01/03 14:47:23 | 00,000,000 | ---D | C] OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/01/03 14:46:30 | 00,657,248 | ---- | C] () _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [2009/01/03 14:20:43 | 00,000,000 | ---D | C] OTMoveIt3.exe -> %UserProfile%\Desktop\OTMoveIt3.exe -> [2009/01/03 14:18:30 | 00,348,160 | ---- | C] (OldTimer Tools) VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [2009/01/03 11:31:31 | 00,000,000 | ---D | C] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/01/03 11:16:12 | 00,001,745 | ---- | C] () Trend Micro -> %ProgramFiles%\Trend Micro -> [2009/01/03 11:16:11 | 00,000,000 | ---D | C] Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [2009/01/03 02:17:12 | 00,000,944 | ---- | C] () ztvunrar36.dll -> %SystemRoot%\System32\ztvunrar36.dll -> [2009/01/03 02:05:57 | 00,162,304 | ---- | C] () UNRAR3.dll -> %SystemRoot%\System32\UNRAR3.dll -> [2009/01/03 02:05:57 | 00,153,088 | ---- | C] () ztvunace26.dll -> %SystemRoot%\System32\ztvunace26.dll -> [2009/01/03 02:05:57 | 00,077,312 | ---- | C] () unacev2.dll -> %SystemRoot%\System32\unacev2.dll -> [2009/01/03 02:05:57 | 00,075,264 | ---- | C] () ztvcabinet.dll -> %SystemRoot%\System32\ztvcabinet.dll -> [2009/01/03 02:05:57 | 00,069,632 | ---- | C] (Microsoft Corporation) Trojan Remover -> %ProgramFiles%\Trojan Remover -> [2009/01/03 02:05:51 | 00,000,000 | ---D | C] Simply Super Software -> %UserProfile%\My Documents\Simply Super Software -> [2009/01/03 02:05:51 | 00,000,000 | ---D | C] Simply Super Software -> %AppData%\Simply Super Software -> [2009/01/03 02:05:51 | 00,000,000 | ---D | C] Simply Super Software -> %AllUsersProfile%\Application Data\Simply Super Software -> [2009/01/03 02:05:51 | 00,000,000 | ---D | C] ytgnbqlw.dll -> %SystemRoot%\System32\ytgnbqlw.dll -> [2009/01/01 14:15:14 | 00,132,608 | ---- | C] () pavboot.sys -> %SystemRoot%\System32\drivers\pavboot.sys -> [2008/12/31 11:45:09 | 00,028,544 | ---- | C] (Panda Security, S.L.) spybotsd160.exe -> %UserProfile%\Desktop\spybotsd160.exe -> [2008/12/30 15:41:37 | 14,968,808 | ---- | C] (Safer Networking Limited ) Ad-Watch.lnk -> %AllUsersProfile%\Desktop\Ad-Watch.lnk -> [2008/12/30 11:37:48 | 00,000,804 | ---- | C] () Ad-Aware.lnk -> %AllUsersProfile%\Desktop\Ad-Aware.lnk -> [2008/12/30 11:37:48 | 00,000,804 | ---- | C] () Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [2008/12/30 11:37:29 | 00,000,000 | ---D | C] Microsoft ActiveSync -> %ProgramFiles%\Microsoft ActiveSync -> [2008/12/30 09:26:12 | 00,000,000 | ---D | C] $AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [2008/12/29 21:54:12 | 00,000,000 | -H-D | C] AVG -> %ProgramFiles%\AVG -> [2008/12/29 17:52:09 | 00,000,000 | ---D | C] ntuser.dat -> %UserProfile%\ntuser.dat -> [2008/12/23 23:21:57 | 10,747,904 | ---- | C] () Play Mystery Case Files - Return to Ravenhearst.lnk -> %AllUsersProfile%\Desktop\Play Mystery Case Files - Return to Ravenhearst.lnk -> [2008/12/23 08:49:27 | 00,001,897 | ---- | C] () More Great Games.lnk -> %AllUsersProfile%\Desktop\More Great Games.lnk -> [2008/12/23 08:49:27 | 00,001,608 | ---- | C] () Mystery Case Files - Return to Ravenhearst -> %ProgramFiles%\Mystery Case Files - Return to Ravenhearst -> [2008/12/23 08:47:41 | 00,000,000 | ---D | C] Pictures -> %UserProfile%\Desktop\Pictures -> [2008/12/17 13:00:57 | 00,000,000 | ---D | C] desktop.png -> %UserProfile%\My Documents\desktop.png -> [2008/12/17 12:57:13 | 00,019,862 | ---- | C] () Dexter Screen Saver.scr -> %SystemRoot%\System32\Dexter Screen Saver.scr -> [2008/12/13 11:18:47 | 00,520,192 | ---- | C] (ScreenTime Media) Dexter Screen Saver dir -> %SystemRoot%\System32\Dexter Screen Saver dir -> [2008/12/13 11:18:47 | 00,000,000 | ---D | C] Authentium -> %CommonProgramFiles%\Authentium -> [2008/12/11 13:43:48 | 00,000,000 | ---D | C] System Checkup.url -> %UserProfile%\Desktop\System Checkup.url -> [2008/12/11 13:34:31 | 00,000,167 | ---- | C] () ioloBootDefrag.cfg -> %SystemRoot%\System32\ioloBootDefrag.cfg -> [2008/12/11 13:34:30 | 00,000,406 | ---- | C] () Microsoft Silverlight -> %ProgramFiles%\Microsoft Silverlight -> [2008/12/07 10:36:07 | 00,000,000 | ---D | C] 2009.pdf -> %UserProfile%\My Documents\2009.pdf -> [2008/12/06 21:24:50 | 01,002,279 | ---- | C] () [Files/Folders - Modified Within 30 Days] ntuser.dat -> %UserProfile%\ntuser.dat -> [2009/01/03 14:48:30 | 10,747,904 | ---- | M] () OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/01/03 14:46:35 | 00,657,248 | ---- | M] () Check Updates for Windows Live Toolbar.job -> %SystemRoot%\tasks\Check Updates for Windows Live Toolbar.job -> [2009/01/03 14:45:09 | 00,000,270 | ---- | M] () OTMoveIt3.exe -> %UserProfile%\Desktop\OTMoveIt3.exe -> [2009/01/03 14:18:34 | 00,348,160 | ---- | M] (OldTimer Tools) My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [2009/01/03 13:27:38 | 00,000,584 | ---- | M] () Perflib_Perfdata_644.dat -> %SystemRoot%\Temp\Perflib_Perfdata_644.dat -> [2009/01/03 13:16:45 | 00,016,384 | ---- | M] () Perflib_Perfdata_85c.dat -> %AllUsersProfile%\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_85c.dat -> [2009/01/03 12:23:13 | 00,016,384 | ---- | M] () wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/01/03 12:23:03 | 00,002,206 | ---- | M] () SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/01/03 12:22:33 | 00,000,006 | -H-- | M] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/01/03 12:22:21 | 00,002,048 | --S- | M] () ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/01/03 12:21:01 | 00,000,278 | -HS- | M] () Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [2009/01/03 11:34:20 | 00,000,380 | ---- | M] () HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/01/03 11:16:12 | 00,001,745 | ---- | M] () hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2009/01/03 11:10:20 | 00,291,723 | R--- | M] () User_Feed_Synchronization-{0F224A1B-001F-4042-832E-19B803F06BDB}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{0F224A1B-001F-4042-832E-19B803F06BDB}.job -> [2009/01/03 10:26:06 | 00,000,438 | -H-- | M] () Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [2009/01/03 02:17:12 | 00,000,944 | ---- | M] () ytgnbqlw.dll -> %SystemRoot%\System32\ytgnbqlw.dll -> [2009/01/01 14:15:16 | 00,132,608 | ---- | M] () spybotsd160.exe -> %UserProfile%\Desktop\spybotsd160.exe -> [2008/12/30 15:42:38 | 14,968,808 | ---- | M] (Safer Networking Limited ) Ad-Watch.lnk -> %AllUsersProfile%\Desktop\Ad-Watch.lnk -> [2008/12/30 11:37:49 | 00,000,804 | ---- | M] () Ad-Aware.lnk -> %AllUsersProfile%\Desktop\Ad-Aware.lnk -> [2008/12/30 11:37:48 | 00,000,804 | ---- | M] () System Shield 3.lnk -> %UserProfile%\Desktop\System Shield 3.lnk -> [2008/12/30 10:34:17 | 00,000,839 | ---- | M] () IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2008/12/30 05:40:46 | 04,291,846 | -H-- | M] () System Checkup.url -> %UserProfile%\Desktop\System Checkup.url -> [2008/12/29 15:07:29 | 00,000,167 | ---- | M] () Play Mystery Case Files - Return to Ravenhearst.lnk -> %AllUsersProfile%\Desktop\Play Mystery Case Files - Return to Ravenhearst.lnk -> [2008/12/23 08:49:27 | 00,001,897 | ---- | M] () More Great Games.lnk -> %AllUsersProfile%\Desktop\More Great Games.lnk -> [2008/12/23 08:49:27 | 00,001,608 | ---- | M] () BILLS.xls -> %UserProfile%\Desktop\BILLS.xls -> [2008/12/23 08:08:40 | 00,026,624 | ---- | M] () Play My Games.lnk -> %AllUsersProfile%\Desktop\Play My Games.lnk -> [2008/12/22 20:59:40 | 00,001,583 | ---- | M] () perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/12/18 14:42:39 | 00,467,482 | ---- | M] () perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/12/18 14:42:38 | 00,080,280 | ---- | M] () PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/12/18 14:42:35 | 00,555,630 | ---- | M] () eBay Countdown.url -> %UserProfile%\Desktop\eBay Countdown.url -> [2008/12/17 16:55:04 | 00,000,295 | ---- | M] () qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/12/17 14:26:38 | 00,004,646 | ---- | M] () qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/12/17 14:26:38 | 00,004,232 | ---- | M] () desktop.png -> %UserProfile%\My Documents\desktop.png -> [2008/12/17 12:57:14 | 00,019,862 | ---- | M] () Dexter Screen Saver.scr -> %SystemRoot%\System32\Dexter Screen Saver.scr -> [2008/12/13 11:18:47 | 00,520,192 | ---- | M] (ScreenTime Media) mshtml.dll -> %SystemRoot%\System32\mshtml.dll -> [2008/12/13 01:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) mshtml.dll -> %SystemRoot%\System32\dllcache\mshtml.dll -> [2008/12/13 01:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) ioloBootDefrag.cfg -> %SystemRoot%\System32\ioloBootDefrag.cfg -> [2008/12/11 13:34:30 | 00,000,406 | ---- | M] () imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/12/11 11:48:57 | 00,001,393 | ---- | M] () win.ini -> %SystemRoot%\win.ini -> [2008/12/11 11:47:58 | 00,000,757 | ---- | M] () MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2008/12/09 18:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [2008/12/08 18:28:12 | 00,000,232 | -H-- | M] () sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [2008/12/08 18:28:11 | 00,000,244 | -H-- | M] () Launch Microsoft Office Outlook.lnk -> %UserProfile%\Desktop\Launch Microsoft Office Outlook.lnk -> [2008/12/07 12:53:43 | 00,000,803 | ---- | M] () 2009.pdf -> %UserProfile%\My Documents\2009.pdf -> [2008/12/06 21:24:51 | 01,002,279 | ---- | M] () hhcolreg.dat -> %AllUsersProfile%\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [2008/09/28 23:06:14 | 00,000,184 | ---- | M] () opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2007/10/28 11:29:33 | 00,011,096 | ---- | M] () [Alternate Data Streams] @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable @Alternate Data Stream - 0 bytes -> %UserProfile%\My Documents\Thumbs.db:encryptable @Alternate Data Stream - 124 bytes -> %AllUsersProfile%\Application Data\TEMP:CB0AACC9 @Alternate Data Stream - 134 bytes -> %AllUsersProfile%\Application Data\TEMP:D31BE97C @Alternate Data Stream - 187 bytes -> %AllUsersProfile%\Application Data\TEMP:C22674B6 @Alternate Data Stream - 187 bytes -> %AllUsersProfile%\Application Data\TEMP:D1713795 @Alternate Data Stream - 204 bytes -> %AllUsersProfile%\Application Data\TEMP:BFAD7A5D @Alternate Data Stream - 284334 bytes -> %UserProfile%\Desktop\eBay Countdown.url:favicon [File - Lop Check] Application Data -> C:\Documents and Settings\All Users\Application Data -> [2009/01/03 02:05:51 | 00,000,000 | RH-D | M] CyberLink -> C:\Documents and Settings\All Users\Application Data\CyberLink -> [2008/09/28 22:39:14 | 00,000,000 | ---D | M] EA -> C:\Documents and Settings\All Users\Application Data\EA -> [2008/02/23 19:20:26 | 00,000,000 | ---D | M] FLEXnet -> C:\Documents and Settings\All Users\Application Data\FLEXnet -> [2008/03/23 22:38:13 | 00,000,000 | ---D | M] GoBit Games -> C:\Documents and Settings\All Users\Application Data\GoBit Games -> [2008/02/22 17:30:26 | 00,000,000 | ---D | M] Intuit -> C:\Documents and Settings\All Users\Application Data\Intuit -> [2005/05/24 09:28:13 | 00,000,000 | ---D | M] iolo -> C:\Documents and Settings\All Users\Application Data\iolo -> [2008/12/09 13:44:08 | 00,000,000 | ---D | M] JollyBear -> C:\Documents and Settings\All Users\Application Data\JollyBear -> [2007/04/21 13:30:23 | 00,000,000 | ---D | M] MinigolfAdventures -> C:\Documents and Settings\All Users\Application Data\MinigolfAdventures -> [2008/06/11 13:49:28 | 00,000,000 | ---D | M] MumboJumbo -> C:\Documents and Settings\All Users\Application Data\MumboJumbo -> [2007/12/09 14:58:21 | 00,000,000 | ---D | M] pixelStorm -> C:\Documents and Settings\All Users\Application Data\pixelStorm -> [2006/06/24 19:33:50 | 00,000,000 | ---D | M] Playtonium Games -> C:\Documents and Settings\All Users\Application Data\Playtonium Games -> [2007/06/14 15:30:02 | 00,000,000 | ---D | M] PopCap -> C:\Documents and Settings\All Users\Application Data\PopCap -> [2006/06/24 19:03:15 | 00,000,000 | ---D | M] Roxio -> C:\Documents and Settings\All Users\Application Data\Roxio -> [2006/02/01 11:17:57 | 00,000,000 | ---D | M] Sandlot Games -> C:\Documents and Settings\All Users\Application Data\Sandlot Games -> [2006/10/29 15:06:08 | 00,000,000 | ---D | M] SBSI -> C:\Documents and Settings\All Users\Application Data\SBSI -> [2004/08/10 13:13:06 | 00,000,000 | ---D | M] SBT -> C:\Documents and Settings\All Users\Application Data\SBT -> [2006/01/27 14:56:12 | 00,000,000 | ---D | M] Simply Super Software -> C:\Documents and Settings\All Users\Application Data\Simply Super Software -> [2009/01/03 02:05:52 | 00,000,000 | ---D | M] SingleClick Systems -> C:\Documents and Settings\All Users\Application Data\SingleClick Systems -> [2007/05/02 12:30:59 | 00,000,000 | ---D | M] SupportSoft -> C:\Documents and Settings\All Users\Application Data\SupportSoft -> [2007/06/08 16:05:59 | 00,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2009/01/03 12:23:06 | 00,000,000 | ---D | M] Trymedia -> C:\Documents and Settings\All Users\Application Data\Trymedia -> [2008/09/28 22:57:28 | 00,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2008/09/28 22:57:28 | 00,000,000 | ---D | M] VirtualFarm -> C:\Documents and Settings\All Users\Application Data\VirtualFarm -> [2008/06/22 00:31:44 | 00,000,000 | ---D | M] Wal-Mart -> C:\Documents and Settings\All Users\Application Data\Wal-Mart -> [2008/04/06 16:28:48 | 00,000,000 | ---D | M] Zylom -> C:\Documents and Settings\All Users\Application Data\Zylom -> [2007/11/18 12:16:09 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\Default User\Application Data -> [2008/09/28 22:57:28 | 00,000,000 | RH-D | M] Application Data -> C:\Documents and Settings\LocalService\Application Data -> [2008/09/27 11:59:58 | 00,000,000 | ---D | M] agi -> C:\Documents and Settings\LocalService\Application Data\agi -> [2008/09/27 11:59:58 | 00,000,000 | ---D | M] iolo -> C:\Documents and Settings\LocalService\Application Data\iolo -> [2008/10/06 21:01:40 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\NetworkService\Application Data -> [2008/10/07 19:44:13 | 00,000,000 | ---D | M] agi -> C:\Documents and Settings\NetworkService\Application Data\agi -> [2008/10/07 19:44:15 | 00,000,000 | ---D | M] iolo -> C:\Documents and Settings\NetworkService\Application Data\iolo -> [2008/10/06 21:13:01 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\Shanna Kimsey\Application Data -> [2009/01/03 02:05:51 | 00,000,000 | RH-D | M] 7Wonders -> C:\Documents and Settings\Shanna Kimsey\Application Data\7Wonders -> [2007/02/09 10:43:05 | 00,000,000 | ---D | M] ArcSoft -> C:\Documents and Settings\Shanna Kimsey\Application Data\ArcSoft -> [2006/02/01 14:50:20 | 00,000,000 | ---D | M] BloodTies -> C:\Documents and Settings\Shanna Kimsey\Application Data\BloodTies -> [2008/02/03 12:27:22 | 00,000,000 | ---D | M] Corel -> C:\Documents and Settings\Shanna Kimsey\Application Data\Corel -> [2008/09/28 22:57:30 | 00,000,000 | ---D | M] CyberLink -> C:\Documents and Settings\Shanna Kimsey\Application Data\CyberLink -> [2008/09/28 22:57:30 | 00,000,000 | ---D | M] Datel -> C:\Documents and Settings\Shanna Kimsey\Application Data\Datel -> [2007/12/30 20:50:42 | 00,000,000 | ---D | M] ForgottenRiddles -> C:\Documents and Settings\Shanna Kimsey\Application Data\ForgottenRiddles -> [2007/12/30 16:02:39 | 00,000,000 | ---D | M] funkitron -> C:\Documents and Settings\Shanna Kimsey\Application Data\funkitron -> [2006/11/27 12:20:51 | 00,000,000 | ---D | M] Gamelab -> C:\Documents and Settings\Shanna Kimsey\Application Data\Gamelab -> [2008/03/03 14:50:59 | 00,000,000 | ---D | M] GlarySoft -> C:\Documents and Settings\Shanna Kimsey\Application Data\GlarySoft -> [2008/02/13 16:13:49 | 00,000,000 | ---D | M] Image Zone Express -> C:\Documents and Settings\Shanna Kimsey\Application Data\Image Zone Express -> [2008/03/27 14:22:32 | 00,000,000 | ---D | M] iolo -> C:\Documents and Settings\Shanna Kimsey\Application Data\iolo -> [2008/12/11 13:41:54 | 00,000,000 | ---D | M] iWin -> C:\Documents and Settings\Shanna Kimsey\Application Data\iWin -> [2008/09/28 22:57:31 | 00,000,000 | ---D | M] Jane s Hotel -> C:\Documents and Settings\Shanna Kimsey\Application Data\Jane s Hotel -> [2007/10/26 16:52:05 | 00,000,000 | ---D | M] Jasc -> C:\Documents and Settings\Shanna Kimsey\Application Data\Jasc -> [2008/02/09 11:34:04 | 00,000,000 | ---D | M] Kontiki -> C:\Documents and Settings\Shanna Kimsey\Application Data\Kontiki -> [2006/11/05 15:56:30 | 00,000,000 | ---D | M] Leadertech -> C:\Documents and Settings\Shanna Kimsey\Application Data\Leadertech -> [2007/06/23 16:22:44 | 00,000,000 | ---D | M] Ludia -> C:\Documents and Settings\Shanna Kimsey\Application Data\Ludia -> [2008/03/29 10:25:28 | 00,000,000 | ---D | M] Magic Academy -> C:\Documents and Settings\Shanna Kimsey\Application Data\Magic Academy -> [2007/04/27 20:01:14 | 00,000,000 | ---D | M] Magic Match -> C:\Documents and Settings\Shanna Kimsey\Application Data\Magic Match -> [2006/12/09 23:33:49 | 00,000,000 | ---D | M] Magic Seeds -> C:\Documents and Settings\Shanna Kimsey\Application Data\Magic Seeds -> [2008/02/23 18:01:01 | 00,000,000 | ---D | M] Meridian93 -> C:\Documents and Settings\Shanna Kimsey\Application Data\Meridian93 -> [2008/05/03 18:58:12 | 00,000,000 | ---D | M] mjusbsp -> C:\Documents and Settings\Shanna Kimsey\Application Data\mjusbsp -> [2008/06/28 13:06:48 | 00,000,000 | ---D | M] Move Networks -> C:\Documents and Settings\Shanna Kimsey\Application Data\Move Networks -> [2008/09/28 22:57:34 | 00,000,000 | ---D | M] MyPublisher -> C:\Documents and Settings\Shanna Kimsey\Application Data\MyPublisher -> [2008/02/22 13:46:24 | 00,000,000 | ---D | M] PlayFirst -> C:\Documents and Settings\Shanna Kimsey\Application Data\PlayFirst -> [2007/09/29 17:41:05 | 00,000,000 | ---D | M] Roxio -> C:\Documents and Settings\Shanna Kimsey\Application Data\Roxio -> [2008/09/28 22:57:36 | 00,000,000 | ---D | M] School Zone Preferences -> C:\Documents and Settings\Shanna Kimsey\Application Data\School Zone Preferences -> [2007/04/20 15:20:59 | 00,000,000 | ---D | M] Simply Super Software -> C:\Documents and Settings\Shanna Kimsey\Application Data\Simply Super Software -> [2009/01/03 02:05:51 | 00,000,000 | ---D | M] Smith Micro -> C:\Documents and Settings\Shanna Kimsey\Application Data\Smith Micro -> [2007/02/07 12:47:42 | 00,000,000 | ---D | M] TheScruffs -> C:\Documents and Settings\Shanna Kimsey\Application Data\TheScruffs -> [2008/02/16 10:04:05 | 00,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\Shanna Kimsey\Application Data\Viewpoint -> [2007/01/11 17:05:50 | 00,000,000 | ---D | M] Wal-Mart -> C:\Documents and Settings\Shanna Kimsey\Application Data\Wal-Mart -> [2008/04/06 16:28:45 | 00,000,000 | ---D | M] WebRenderer -> C:\Documents and Settings\Shanna Kimsey\Application Data\WebRenderer -> [2006/12/11 16:52:46 | 00,000,000 | ---D | M] West Group -> C:\Documents and Settings\Shanna Kimsey\Application Data\West Group -> [2005/06/08 12:58:51 | 00,000,000 | RH-D | M] Windows Desktop Search -> C:\Documents and Settings\Shanna Kimsey\Application Data\Windows Desktop Search -> [2008/09/27 00:13:00 | 00,000,000 | ---D | M] Windows Search -> C:\Documents and Settings\Shanna Kimsey\Application Data\Windows Search -> [2008/11/01 08:13:31 | 00,000,000 | ---D | M] ZoomBrowser EX -> C:\Documents and Settings\Shanna Kimsey\Application Data\ZoomBrowser EX -> [2008/12/18 21:45:11 | 00,000,000 | ---D | M] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [2008/12/29 14:37:43 | 00,000,000 | --SD | M] Check Updates for Windows Live Toolbar.job -> C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job -> [2009/01/03 14:45:09 | 00,000,270 | ---- | M] () desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2009/01/03 12:22:33 | 00,000,006 | -H-- | M] () Symantec NetDetect.job -> C:\WINDOWS\Tasks\Symantec NetDetect.job -> [2009/01/03 11:34:20 | 00,000,380 | ---- | M] () User_Feed_Synchronization-{0F224A1B-001F-4042-832E-19B803F06BDB}.job -> C:\WINDOWS\Tasks\User_Feed_Synchronization-{0F224A1B-001F-4042-832E-19B803F06BDB}.job -> [2009/01/03 10:26:06 | 00,000,438 | -H-- | M] () [File - Purity Scan] [CatchMe Rootkit Scan by GMER] < Windows folder & sub-folders > scanning hidden processes ... IPC error: 2 The system cannot find the file specified. scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 < Document and Settings folder & sub folders > scanning hidden files ... IPC error: 2 The system cannot find the file specified. C:\Documents and Settings\All Users\Application Data\TEMP:BFAD7A5D 204 bytes C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6 187 bytes C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 124 bytes C:\Documents and Settings\All Users\Application Data\TEMP:D1713795 187 bytes C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C 134 bytes C:\Documents and Settings\Shanna Kimsey\desktop\eBay Countdown.url:favicon 284334 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Insurance Plan Benefit Details and Comparison.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\J & L Self Defense Products - Batons - Side Handle Batons - Aluminum Side Handle Baton.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Janes Hotel Family Hero Online.url:favicon 3126 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Jeff\GEORGIA DEPARTMENT OF CORRECTIONS.url:favicon 766 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Jeff\http--www.cs.cmu.edu-afs-cs.cmu.edu-user-scotts-bulgarians-njsol-death_penalty_lesbian.txt.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Kid\Cartoon Network Codename KND Numbuh Generator.url:favicon 25214 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Kid\Foster's Home For Imaginary Friends Wheeeee! Cartoon Network.url:favicon 25214 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Kid\majoras mask, The Legend of Zelda Majora's Mask, Games items on eBay.com.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Kid\The SpongeBob SquarePants Movie Walkthrough - IGN FAQs.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Kid\Welcome to CartoonNetwork.com!.url:favicon 25214 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Kid\YouTube - Broadcast Yourself..url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Kid\YouTube - My Sims for Nintendo Wii.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Latest Email Hoaxes - Current Internet Scams - Hoax-Slayer.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Low Carb Bean Dip Recipe - Easy Recipe for Bean Dip.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Live Search Club - Changing the Game.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Adventure Games.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\bug.gd - Humanity's Only Hope.url:favicon 9062 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Checkout Complete - Wireless from AT&T, formerly Cingular.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Creepypasta - Encyclopedia Dramatica.url:favicon 1212 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Current Watches, Warnings and Advisories for Georgia Issued by the National Weather Service.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Desktop Tower Defense.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Finger Stylus.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\LOLCATS.COM - Murray.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\ohnotheydidnt The Billy Letters.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\PC World - Freeciv Adventure-Strategy Download.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Whedonesque Joss Whedon weblog.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\Yahoo! Answers - Home.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Miscs\YouTube - Roseanne Gets High.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Monadnock PR24XTS - Police Link.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Thank you for downloading AVG Anti-Virus Free Edition from Download.com.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\The Legend of Zelda The Wind Waker Cheats, Codes, and Secrets for GameCube - GameFAQs.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\The Scruffs - Games at Miniclip.com - Play Free Games.url:favicon 15086 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\TrendSecure HouseCall™ Free Scan.url:favicon 21686 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\What do all those funny marks, like the dots between the words in my document, and the square bullets in the left margin, mean.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\WhitePages.com - Online Directory Assistance.url:favicon 4710 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt 200 complaints take this commercial off the air . 2 men kissing..url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt Buffy the Vampire Slayer (Animated Series) Pilot.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt Just 20 years on, grunge seems like ancient history#comments#comments.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt Katie Does A Rihanna.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt Miley Cyrus is still at itNew Miley Cyru.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt Sharon Stone Flashed Her Crotch Again.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt TOM CRUISE AND HIS PEOPLE HATE DR. DREW!.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\ohnotheydidnt Top 10 Worst Scenes in Movies.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\City Hall in Demorest, GA on Yahoo! Local.url:favicon 6598 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\dabrat.url:favicon 766 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Dairy Foods on the South Beach Diet - Milk Yogurt Cheese and Other Dairy Products for South Beach Diet.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\DISH Network -- America's Top 250.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\DISH Network -- Dish HD.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\eBay Countdown.url:favicon 284334 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Eubank Family Dentistry - Clarkesville GA - Dentists Reviews & Ratings - (706) 754-7433 - Open List.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\FREE avast! antivirus 4.x Home Edition, anti-spyware & anti-rootkit for Windows.url:favicon 2862 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Free Photo Editors for Windows - Top Picks.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\A Socialite's Life.url:favicon 233 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\amazon.com Buffy the Vampire Slayer Tales of the Slayers Books Joss Whedon.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\amazon.com watchers guide Books.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\Buffy the Vampire Slayer - Wikipedia, the free encyclopedia.url:favicon 318 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\Buffy the Vampire Slayer Script at IMSDb..url:favicon 2550 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\Buffy the Vampire Slayer TV Show - Buffy the Vampire Slayer Television Show - TV.com.url:favicon 414 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\eBay - Buffy the Vampire Slayer, DVD, HD DVD Blu-ray, Action Figures items on eBay.com.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\http--www.amazon.com-exec-obidos-tg-detail---0671042602-ref=pd_luc_mri-002-2417363-4008022%5Fencoding=UTF8&m=AT90FOOJBHUGA&v=glance.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\THIS WEEK Television News TV Entertainment Weekly 1.url:favicon 318 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\tv.com The 10th Buffyversary.url:favicon 414 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Buffy\Zones - Buffy - Downloads.url:favicon 7278 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\MySpace.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\7-Day Forecast for Latitude 34.47N and Longitude 83.57W.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\7-Day Forecast for Latitude 34.91N and Longitude -83.41W.url:favicon 822 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\Cracked.com - America's Only Humor & Video Site, Since 1958.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\OH NO THEY DIDN'T! the celebrities are disposable. the content is priceless.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\Facebook YoVille.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\Good Plastic Surgery.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Frequent\http--www.tmz.com-.url:favicon 2862 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Ignorantia juris non excusat - Live Search.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\MySpace.com - Divine - 33 - Female - UNION CITY, Georgia - www.myspace.com-170784162.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\bob marley quote - MyHotComments.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\FRIDAY comment graphics - MyHotComments.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\Look-alike Meter.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\Marilyn Monroe Quote - MyHotComments.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\MySpace Codes.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\MySpace.com - deanna - 29 - Female - OAKWOOD, Georgia - www.myspace.com-ny_ga_hottie.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\Pyzam - Pyzam - Lotus Background.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Myspace\RockYou.com - photo sharing, MySpace slideshows, MySpace codes, MySpace music.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\tests\20Q.net Inc..url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\tests\Frequently Asked Questions.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\tests\The Big Five Personality Test.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\FunBrain.com - The Internet's #1 Education Site for K-8 Kids and Teachers.url:favicon 1078 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\gamefaqs Ice Age 2 The Meltdown (PS2) FAQ-Walkthrough by a_heavenly_body.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Getting your toddler to listen - BabyCenter.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Health Insurance Quote Page - Individual & Family.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\How to Cook a Great Steak -   MSN Lifestyle - Beauty & Fashion.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\How to Find Out Anything 7 Tips - MSN Encarta.url:favicon 11502 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\http--redtape.msnbc.com-2008-05-the-next-time-y.html.url:favicon 1718 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\http--www.directv.com-see-pdf-RC32.pdf.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\http--www.tmz.com-.url:favicon 2862 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\https--as400.halldata.com-cgi-bin-subscribe53.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\MySpace Comments, MySpace Graphics Codes, MySpace Backgrounds & eCards - Satisfaction.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\MySpace Comments, MySpace Graphics Codes, MySpace Backgrounds & eCards - Satisfaction2.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\MySpace Comments, MySpace Graphics Codes, MySpace Backgrounds & eCards - Satisfaction3.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\MySpace.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\OH NO THEY DIDN'T! the celebrities are disposable. the content is priceless.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\14 Vital Internet Tools - Page1 -  MSN Tech & Gadgets - Downloads.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\20 Things You Didn't Know About ... Hygiene - MSN Encarta.url:favicon 11502 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\2008-2009 Supply Lists.url:favicon 7782 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\5 Tips for Winning Photos - Page2 -  MSN Tech & Gadgets - GearDaddy.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\8 Drugs Doctors Would Never Take - Page 2 - MSN Health & Fitness - Health Topics.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\about.com http--www.lowcarb.ca-low-carb-tools-hidden_carbs.html.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\amazon.com T Type Standard Issue Police Tonfa Baton Sports & Outdoors.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\AVG7_avgtdi.sys - Live Search.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Baby\Giving medications safely and effectively - BabyCenter.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Baby\BabyCenter -- Baby Symptom Guide.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Baby\Bright Starts Tropical Fun Around We Go! Activity Station - Wal-Mart.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Baby\Buying safe baby products - BabyCenter.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Baby\index - Maukilo.com European Toys.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Baby\Live Search Baby sign language.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Baby\RaZBaby RaZ-Berry Silicone Teether - baby-Wise.com Innovative Baby Products.url:favicon 4286 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Bills\Log In.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Bills\Retail Services Online Customer Care - Signed Off Online Customer Care.url:favicon 318 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\BRANDON\The Legend of Zelda Phantom Hourglass Walkthrough - IGN FAQs.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\BRANDON\YouTube - Ed,Edd'n'Eddy Mis Edventures Rebel Robot Ranch.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\BRANDON\YouTube - Phantom Hourglass OST- 'Linebeck'.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\P.O.S.T. Officer Profile Report.url:favicon 4662 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Police Equipment and Tactical Police Gear at CopsPlus.url:favicon 318 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Policelink\mary gibson.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Policelink\Police Link The Nation's Law Enforcement Community.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Policelink\thoracias.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\pr24 items on eBay.com.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Purple Rain Script.url:favicon 3774 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Saturday Night Live - Palin - Hillary Open - Video - NBC.com.url:favicon 318 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Test your child's toys for lead - News - MSNBC.com.url:favicon 1718 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\The 20 (Mostly Free) Downloads You Can't Do Without - Page1 -  MSN Tech & Gadgets - Downloads.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Walmart.com - Free Samples.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\What Your Bowel Movements Are Telling You About Your Health - Page 1 - MSN Health & Fitness - Health Topics.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Whigs.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\O.T.I.S..url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\ohnotheydidnt My Friend, the Bobby Trendy Fucker.url:favicon 5222 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Orgasm Without Ejaculation Q&A with Dr. Gardos.url:favicon 4710 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Parents Report Lead Astray Poison Control.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Product Recalls  What You Should Do - Newsweek Tip Sheet Money - MSNBC.com.url:favicon 1718 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\How to Conquer Clutter - MSN Lifestyle - Home and Garden - Slideshow - 3.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Internet Slang Dictionary & Translator.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Jamaican Jerk Dry Rub - Allrecipes.url:favicon 1078 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Live Search Club.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Magickal Uses of Herbs.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Medical Reviews of House.url:favicon 198 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Recalls spur demand for American playthings - Consumer News - MSNBC.com.url:favicon 1718 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Recipes Jamaican Jerk Chicken Food Network.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Score that oh-so-trendy smoky eye look MakeoverSolutions.com.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Spasm may cause kids’ heart attacks - Heart Health - MSNBC.com.url:favicon 1718 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Stolen innocence Child identity theft - MSN Money.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Symptoms, Diseases and Diagnosis - WrongDiagnosis.com.url:favicon 5430 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\10 real-estate deal wreckers - Buying a House - MSN Real Estate.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\101 Fantastic Freebies - Page12 -  MSN Tech & Gadgets - Products.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\A NIGHTMARE ON ELM STREET COMPANION.url:favicon 2238 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\AltaVista - Babel Fish Translation - Translated Text.url:favicon 318 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Baby Symptom Guide - BabyCenter.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\First Look Footage from Repo! The Genetic Opera! « FirstShowing.net.url:favicon 2550 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\MSN.com.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\MySpace.com.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\MySpacej.com.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Free Online Latin to English Translators.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Frequently Asked Questions - Keyword Tax Refund.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Fun Latin.url:favicon 2366 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\GEORGIA DEPARTMENT OF CORRECTIONS.url:favicon 766 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\GPSTC Online Registration Online Registration Menu.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\Christmas Wallpapers, Free Christmas Wallpaper, Christmas Desktop Themes -- MSN Greetings.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Shanna\FDA warns about possible herbal tea risk - More Health News - MSNBC.com.url:favicon 1718 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\South Beach Diet.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\South Beach Diet2.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Television Without Pity.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Young'uns\Cold Medicines Dangerous for Infants - MSN Health & Fitness - Pregnancy & Kids.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Young'uns\Toy Hazard Recalls.url:favicon 894 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Young'uns\YouTube - Kingdom Hearts II Final Mix + - The 13th Struggle (KHII).url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Young'uns\Kingdom Hearts Walkthrough - IGN FAQs.url:favicon 3638 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Young'uns\Listerine plaque rinse recalled - Kids & Parenting - MSNBC.com.url:favicon 1718 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\ghosthunters.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\how to perform a handfasting - Google Search.url:favicon 1406 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\JohnPinette.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Peeping Tom - Mojo.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Puddle of Mudd - She Fucking Hates Me.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Robot Chicken - Plastic Buffet.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Rodney Carrington - Dear Penis.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Sarah Michelle Gellar American Idol.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Scrubs - Upsetting the Balance.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Scrubs Every Girls' Name to JD from Dr. Cox (Series 4 & 5).url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Scrubs My Odd Moments.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - SCRUBS! TURK DOES THE DANCE!.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Seth Green and Nick Brendon Gropeage.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Skid Row - In A Darkened Room.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - sneaker pimps - 6 underground.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Stevie Ray Vaughan-Pride And Joy.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Supermassive Black Hole - Muse.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Aerosmith - Pink.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - anthony stuart head coffee comerical.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Benny & Joon részlet.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Best Spike Moment Ever.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Blind Melon -Dear Ol' Dad.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Britain's Got Talent- Conny.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Broadcast Yourself..url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Charlie Brown Christmas - Performed by the Cast of Scrubs.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Cool Multiplication technique for large numbers.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Days of Our Lives The HOGESTYN-RAHMER School of Drama!.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Eminem and D12 My Band.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Extreme - Hole HEarted.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Garbage - Stupid Girl.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Green Day - Boulevard of Broken Dreams.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - hair of the dog.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Heart - Barracuda (Live at Women Rock! 2000).url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - History Of The Slayer.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - How to Create a smoky eye.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - How to draw Homer and bart simpsons.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - How to Remove Handcuffs - Without a Key!.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Invader Hearts, The Kingdom Zim special The Sequel.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - KH Numb.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Kingdom Hearts - Numb.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Kingdom Hearts II - Dual Roxas & Axel Vs. Sephiroth.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Kingdom Hearts Part 1 - Trickmaster.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Meredith Brooks-I'm A Bitch.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Moby ft. Gwen Stefani - Southside.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Ginuwine-Pony.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - talking cats.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - What goes around (comes back around)with lyrics.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube - Will and Grace - Bloopers.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\Youtube\YouTube -Barracuda.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\YouTube - !BOBEGNOPS.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\YouTube - Kingdom Hearts Linkin Park Faint Remix.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\YouTube - Kingdom Hearts, AMV - Nickelback, Hero.url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\YouTube - Rehab - Bartender Song (aka Sittin At A Bar)Unedited..url:favicon 1150 bytes C:\Documents and Settings\Shanna Kimsey\Favorites\YouTube - Weekend Update-Tina Fey.url:favicon 1150 bytes scan completed successfully hidden files: 324 < End of report > [/code]