OTScanIt2 logfile created on: 3/27/2009 8:08:58 PM - Run 4
OTScanIt2 by OldTimer - Version 1.0.9.0 Folder = C:\Documents and Settings\Scott\Desktop\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1015.37 Mb Total Physical Memory | 475.24 Mb Available Physical Memory | 46.80% Memory free
2.38 Gb Paging File | 1.87 Gb Available in Paging File | 78.26% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.47 Gb Total Space | 33.43 Gb Free Space | 46.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 931.28 Gb Total Space | 713.29 Gb Free Space | 76.59% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LAPTOP
Current User Name: Scott
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLAcsd.exe -> [2006/10/23 11:50:35 | 00,046,640 | R--- | M] (AOL LLC)
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 12:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
bcmwltry.exe -> %SystemRoot%\System32\bcmwltry.exe -> [2006/11/02 01:48:10 | 01,253,376 | ---- | M] (Dell Inc.)
dsagnt.exe -> %ProgramFiles%\DellSupport\DSAgnt.exe -> [2007/03/15 15:09:36 | 00,460,784 | ---- | M] (Gteko Ltd.)
explorer.exe -> %SystemRoot%\explorer.exe -> [2008/04/13 23:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/04/13 23:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> [2006/06/06 15:06:44 | 00,077,824 | ---- | M] (Intel Corporation)
igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> [2006/06/06 15:10:40 | 00,118,784 | ---- | M] (Intel Corporation)
lvprcsrv.exe -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> [2008/12/16 19:59:50 | 00,150,040 | ---- | M] (Logitech Inc.)
lxctcoms.exe -> %SystemRoot%\system32\lxctcoms.exe -> [2006/07/13 16:27:16 | 00,528,384 | ---- | M] ( )
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> [2007/11/01 16:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.)
mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/01/09 13:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.)
mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> [2008/01/24 23:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.)
mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2007/08/15 10:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.)
mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2007/07/24 10:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.)
mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 03:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 08:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MPFSrv.exe -> [2007/07/18 10:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/03/22 18:23:22 | 00,491,520 | ---- | M] (OldTimer Tools)
stsystra.exe -> %SystemRoot%\stsystra.exe -> [2005/09/09 16:19:34 | 00,393,216 | ---- | M] (SigmaTel, Inc.)
stsystra.exe -> %SystemRoot%\stsystra.exe -> [2005/09/09 16:19:34 | 00,393,216 | ---- | M] (SigmaTel, Inc.)
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2006/03/08 16:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.)
wltray.exe -> %SystemRoot%\system32\WLTRAY.exe -> [2006/11/02 01:48:12 | 01,392,640 | ---- | M] (Dell Inc.)
wltrysvc.exe -> %SystemRoot%\System32\WLTRYSVC.EXE -> [2006/11/02 01:48:12 | 00,020,480 | ---- | M] ()
wmpnetwk.exe -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2006/10/19 01:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
wmpnscfg.exe -> %ProgramFiles%\Windows Media Player\WMPNSCFG.exe -> [2006/10/19 01:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation)
[Win32 Services - Safe List]
(0211041229988289mcinstcleanup) McAfee Application Installer Cleanup (0211041229988289) [Win32_Own | Auto | Stopped] -> -> File not found
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\AOLAcsd.exe -> [2006/10/23 11:50:35 | 00,046,640 | R--- | M] (AOL LLC)
(AOL TopSpeedMonitor) AOL TopSpeed Monitor [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\AOL\TopSpeed\2.0\aoltsmon.exe -> [2004/10/15 19:54:14 | 00,100,016 | ---- | M] (America Online, Inc)
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 12:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 06:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 08:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 06:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [2007/03/07 19:47:46 | 00,076,848 | ---- | M] ()
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2007/10/09 17:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/13 23:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 03:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2007/10/11 14:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation)
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/11/20 11:20:44 | 00,536,872 | ---- | M] (Apple Inc.)
(LVPrcSrv) Process Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> [2008/12/16 19:59:50 | 00,150,040 | ---- | M] (Logitech Inc.)
(lxct_device) lxct_device [Win32_Own | Auto | Running] -> %SystemRoot%\system32\lxctcoms.exe -> [2006/07/13 16:27:16 | 00,528,384 | ---- | M] ( )
(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/01/09 13:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.)
(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> [2008/01/24 23:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.)
(McODS) McAfee Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> [2007/11/07 07:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.)
(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2007/08/15 10:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.)
(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2007/07/24 10:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.)
(McSysmon) McAfee SystemGuards [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> [2007/12/05 08:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.)
(MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 03:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
(MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MPFSrv.exe -> [2007/07/18 10:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2007/10/11 14:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 16:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> %SystemRoot%\System32\WLTRYSVC.EXE -> [2006/11/02 01:48:12 | 00,020,480 | ---- | M] ()
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2006/10/19 01:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(gusvc) Google Software Updater [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/03/21 01:29:30 | 00,183,280 | ---- | M] (Google)
[Driver Services - Safe List]
(Aspi32) Aspi32 [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\aspi32.sys -> [2005/11/21 04:48:21 | 00,016,512 | ---- | M] (Adaptec)
(avcgbdr) Adaptec GameBridge AVC-14X0/15X0 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\avcgbdr.sys -> [2005/09/26 18:08:12 | 00,125,568 | ---- | M] (Adaptec, Inc.)
(avcgbfl) Adaptec GameBridge AVC-14X0/15X0 Loader [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\avcgbfl.sys -> [2005/10/26 16:14:22 | 00,019,712 | ---- | M] (Adaptec, Inc)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\bcmwl5.sys -> [2006/10/13 04:28:42 | 00,604,928 | ---- | M] (Broadcom Corporation)
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\bcm4sbxp.sys -> [2005/08/05 15:32:16 | 00,045,312 | ---- | M] (Broadcom Corporation)
(cercsr6) cercsr6 [Kernel | Boot | Stopped] -> %SystemRoot%\System32\drivers\cercsr6.sys -> [2005/03/22 19:49:09 | 00,039,904 | ---- | M] (Adaptec, Inc.)
(DellBIOS) DellBIOS [Kernel | On_Demand | Stopped] -> %SystemRoot%\DellBIOS.Sys -> [2006/08/21 03:35:17 | 00,005,120 | ---- | M] ()
(DSproct) DSproct [Kernel | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 20:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.)
(dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\dsunidrv.sys -> [2007/02/25 16:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.)
(FilterService) UVC Filter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\lvuvcflt.sys -> [2008/12/17 05:02:06 | 00,023,832 | ---- | M] (Logitech Inc.)
(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\GEARAspiWDM.sys -> [2008/04/17 11:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> [2008/04/13 15:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\HSFHWAZL.sys -> [2005/07/22 15:01:08 | 00,201,600 | ---- | M] (Conexant Systems, Inc.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSX_DPV.sys -> [2005/12/01 05:40:56 | 00,936,960 | ---- | M] (Conexant Systems, Inc.)
(HSXHWAZL) HSXHWAZL [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSXHWAZL.sys -> [2005/12/01 05:40:12 | 00,192,512 | ---- | M] (Conexant Systems, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ialmnt5.sys -> [2006/06/06 15:32:54 | 01,168,860 | ---- | M] (Intel Corporation)
(Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\iviaspi.sys -> [2003/12/25 22:48:14 | 00,010,752 | ---- | M] (InterVideo, Inc.)
(lvpopflt) Logitech POP Suppression Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\lvpopflt.sys -> [2008/12/17 04:58:30 | 00,114,712 | ---- | M] (Logitech Inc.)
(LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LVPr2Mon.sys -> [2008/12/16 19:58:54 | 00,025,624 | ---- | M] ()
(LVRS) Logitech RightSound Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\lvrs.sys -> [2008/12/17 05:00:12 | 00,768,024 | ---- | M] (Logitech Inc.)
(LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LVUSBSta.sys -> [2008/12/17 05:01:20 | 00,041,752 | ---- | M] (Logitech Inc.)
(LVUVC) QuickCam for Notebooks Deluxe(UVC) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\lvuvc.sys -> [2008/12/17 05:01:42 | 06,364,440 | ---- | M] (Logitech Inc.)
(Machnm32) Machnm32 Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\Machnm32.sys -> [2003/08/13 04:27:00 | 00,002,304 | ---- | M] ()
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdmxsdk.sys -> [2005/10/05 03:57:08 | 00,012,544 | ---- | M] (Conexant)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfeavfk.sys -> [2007/11/22 04:44:08 | 00,079,304 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfebopk.sys -> [2007/11/22 04:44:08 | 00,035,240 | ---- | M] (McAfee, Inc.)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mfehidk.sys -> [2007/11/22 04:44:08 | 00,201,320 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mferkdk.sys -> [2007/11/22 04:44:04 | 00,033,832 | ---- | M] (McAfee, Inc.)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mfesmfk.sys -> [2007/12/02 10:51:42 | 00,040,488 | ---- | M] (McAfee, Inc.)
(MPFP) MPFP [Kernel | System | Running] -> %SystemRoot%\System32\Drivers\Mpfp.sys -> [2007/07/13 04:20:24 | 00,113,952 | ---- | M] (McAfee, Inc.)
(OMCI) OMCI [Kernel | System | Running] -> %SystemRoot%\SYSTEM32\DRIVERS\OMCI.SYS -> [2001/08/22 12:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation)
(oreans32) oreans32 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\oreans32.sys -> [2006/10/17 01:02:41 | 00,033,952 | ---- | M] ()
(PalmUSBD) PalmUSBD [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\PalmUSBD.sys -> [2006/04/14 18:19:08 | 00,016,694 | ---- | M] (PalmSource, Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> [2004/08/04 11:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2007/11/29 21:30:24 | 00,043,528 | ---- | M] (Sonic Solutions)
(SCRx31 USB Reader) SCRx31 USB Reader [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\stc2.sys -> [2002/07/03 17:32:02 | 00,056,320 | ---- | M] (SCM Microsystems Inc.)
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> [2007/11/13 09:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(Ser2pl) Prolific Serial port driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\ser2pl.sys -> [2004/06/28 17:08:56 | 00,042,752 | ---- | M] (Prolific Technology Inc.)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sthda.sys -> [2005/09/09 16:15:32 | 01,032,472 | ---- | M] (SigmaTel, Inc.)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\SynTP.sys -> [2006/03/08 16:35:10 | 00,191,872 | ---- | M] (Synaptics, Inc.)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/04/13 11:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation)
(vncdrv) vncdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\vncdrv.sys -> [2004/06/26 18:22:00 | 00,004,736 | ---- | M] (RDV Soft)
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\wanatw4.sys -> [2003/01/10 20:13:04 | 00,033,588 | R--- | M] (America Online, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSX_CNXT.sys -> [2005/12/01 05:40:08 | 00,669,696 | ---- | M] (Conexant Systems, Inc.)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> Reg Error: Invalid data type. ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_CURRENT_USER\: Main\\"Secondary Start Pages" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.geocaching.com/login/ ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyOverride" -> *.local ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > (302826 bytes and 10481 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
First 25 entries...
Reset Hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.163ns.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2008/06/11 20:33:22 | 00,061,816 | ---- | M] (Adobe Systems Incorporated)
{0941C58F-E461-4E03-BD7D-44C27392ADE1} [HKLM] -> %ProgramFiles%\IBM\Lotus Forms\Viewer\3.0\PEhelper.dll [PE_IE_Helper Class] -> [2008/08/05 14:57:04 | 00,075,144 | ---- | M] (IBM Corporation)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/11 20:33:16 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2008/09/23 12:17:08 | 01,088,296 | ---- | M] (Skype Technologies S.A.)
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> %ProgramFiles%\BitComet\tools\BitCometBHO_1.2.8.7.dll [BitComet Helper] -> [2008/08/11 07:12:14 | 00,656,696 | ---- | M] (BitComet)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 13:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> [2007/09/25 05:11:33 | 00,501,136 | ---- | M] (Sun Microsystems, Inc.)
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> [2007/11/09 10:09:08 | 00,058,688 | ---- | M] (McAfee, Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [Google Toolbar Notifier BHO] -> [2009/03/21 01:29:39 | 00,668,656 | ---- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{DE9C389F-3316-41A7-809B-AA305ED9D922}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Broadcom Wireless Manager UI" -> %SystemRoot%\system32\WLTRAY.exe [C:\WINDOWS\system32\WLTRAY.exe] -> [2006/11/02 01:48:12 | 01,392,640 | ---- | M] (Dell Inc.)
"igfxhkcmd" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2006/06/06 15:06:44 | 00,077,824 | ---- | M] (Intel Corporation)
"igfxpers" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2006/06/06 15:10:40 | 00,118,784 | ---- | M] (Intel Corporation)
"igfxtray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2006/06/06 15:09:58 | 00,094,208 | ---- | M] (Intel Corporation)
"mcagent_exe" -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe [C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey] -> [2007/11/01 16:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.)
"SigmatelSysTrayApp" -> %SystemRoot%\stsystra.exe [stsystra.exe] -> [2005/09/09 16:19:34 | 00,393,216 | ---- | M] (SigmaTel, Inc.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2006/03/08 16:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ErrorFix" -> %ProgramFiles%\ErrorFix\ErrorFix.exe [C:\Program Files\ErrorFix\ErrorFix.exe -boot] -> File not found
"SpybotSD TeaTimer" -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2009/03/05 14:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.)
"swg" -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2008/04/27 05:28:24 | 00,068,856 | ---- | M] (Google Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Scott Startup Folder > -> C:\Documents and Settings\Scott\Start Menu\Programs\Startup ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&AOL Toolbar Search -> %ProgramFiles%\aol\aol toolbar 5.0\resources\en-US\local\search.html [c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html] -> File not found
&D&ownload &with BitComet -> %ProgramFiles%\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm] -> [2008/12/03 09:11:42 | 02,514,744 | ---- | M] (www.BitComet.com)
&D&ownload all video with BitComet -> %ProgramFiles%\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm] -> [2008/12/03 09:11:42 | 02,514,744 | ---- | M] (www.BitComet.com)
&D&ownload all with BitComet -> %ProgramFiles%\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm] -> [2008/12/03 09:11:42 | 02,514,744 | ---- | M] (www.BitComet.com)
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 09:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Menu: Sun Java Console] -> [2007/09/25 05:11:34 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2008/09/23 12:17:08 | 01,088,296 | ---- | M] (Skype Technologies S.A.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 09:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}:res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 [HKLM] -> %ProgramFiles%\BitComet\tools\BitCometBHO_1.2.8.7.dll [Button: BitComet] -> [2008/08/11 07:12:14 | 00,656,696 | ---- | M] (BitComet)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 13:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 17:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 23:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 23:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Sun Java Console] -> [2007/09/25 05:11:34 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{3369AF0D-62E9-4bda-8103-B4C75499B578}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 09:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 23:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5446 domain(s) found. ->
49 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5515 domain(s) found. ->
objects_aol.com [*] -> Out of zone range - ( 5 ) ->
92 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [HKLM] -> http://go.microsoft.com/fwlink/?linkid=58813 [Office Genuine Advantage Validation Tool] ->
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab [Windows Genuine Advantage Validation Tool] ->
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} [HKLM] -> http://o.aolcdn.com/pictures/ap/Resources/2.0.6.7/cab/aolpPlugins.10.6.0.4.cab [Reg Error: Key error.] ->
{37A273C2-5129-11D5-BF37-00A0CCE8754B} [HKLM] -> http://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab [TTestGenXInstallObject] ->
{39B0684F-D7BF-4743-B050-FDC3F48F7E3B} [HKLM] -> http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab [Reg Error: Key error.] ->
{3DCEC959-378A-4922-AD7E-FD5C925D927F} [HKLM] -> http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab [Disney Online Games ActiveX Control] ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [HKLM] -> http://office.microsoft.com/officeupdate/content/opuc3.cab [Office Update Installation Engine] ->
{48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab [MySpace Uploader Control] ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145051106572 [WUWebControl Class] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145326712609 [MUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Java Plug-in 1.6.0_03] ->
{95D88B35-A521-472B-A182-BB1A98356421} [HKLM] -> http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab [Pearson Installation Assistant 2] ->
{C228AEDD-FC47-11D3-AF87-D128A9381404} [HKLM] -> http://www.link-systems.com/~sdk/SDK/paste/lsiw2k.cab [LSICapture Control] ->
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} [HKLM] -> http://office.microsoft.com/officeupdate/content/opuc4.cab [Office Update Installation Engine] ->
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_03] ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Java Plug-in 1.6.0_02] ->
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Java Plug-in 1.6.0_03] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Java Plug-in 1.6.0_03] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab [Shockwave Flash Object] ->
{DE22A7AB-A739-4C58-AD52-21F9CD6306B7} [HKLM] -> http://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab [CTAdjust Class] ->
{E6D23284-0E9B-417D-A782-03E4487FC947} [HKLM] -> http://asp.mathxl.com/books/_Players/MathPlayer.cab [Pearson MathXL Player] ->
{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} [HKLM] -> https://secure.logmein.com/activex/ractrl.cab?lmi=100 [Performance Viewer Activex Control] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{3F41AA5D-B36B-427F-915C-B72B0CEBF8C7} -> () ->
{552138F6-FC56-4726-8D41-6E839B04DF3C} -> (Dell Wireless 1370 WLAN Mini-PCI Card) ->
{CF570374-3755-43FE-99C3-0A1C5E180068} -> (Broadcom 440x 10/100 Integrated Controller) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> %SystemRoot%\Explorer.exe -> [2008/04/13 23:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2006/06/06 15:05:50 | 00,139,264 | ---- | M] (Intel Corporation)
NavLogon -> %SystemRoot%\system32\NavLogon.dll -> [2001/09/24 11:59:00 | 00,045,056 | ---- | M] ()
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 17:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 23:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 17:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 23:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL] -> [2005/07/26 17:37:54 | 00,037,464 | ---- | M] (America Online, Inc.)
"C:\Program Files\America's Army\System\ArmyOps.exe" -> C:\Program Files\America's Army\System\ArmyOps.exe [C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps] -> File not found
"C:\Program Files\AOL 9.1\waol.exe" -> C:\Program Files\AOL 9.1\waol.exe [C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL] -> [2007/10/27 16:45:07 | 00,039,264 | ---- | M] (AOL, LLC.)
"C:\Program Files\BitComet\BitComet.exe" -> C:\Program Files\BitComet\BitComet.exe [C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client] -> [2008/12/03 09:11:42 | 02,514,744 | ---- | M] (www.BitComet.com)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/08/29 08:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
"C:\Program Files\Common Files\AOL\1145157821\EE\AOLOpenRide.exe" -> C:\Program Files\Common Files\AOL\1145157821\EE\AOLOpenRide.exe [C:\Program Files\Common Files\AOL\1145157821\EE\AOLOpenRide.exe:*:Enabled:AOL OpenRide] -> File not found
"C:\Program Files\Common Files\AOL\1145157821\EE\AOLServiceHost.exe" -> C:\Program Files\Common Files\AOL\1145157821\EE\AOLServiceHost.exe [C:\Program Files\Common Files\AOL\1145157821\EE\AOLServiceHost.exe:*:Enabled:AOL] -> [2004/11/03 20:03:00 | 00,110,680 | ---- | M] (America Online, Inc.)
"C:\Program Files\Common Files\AOL\1145157821\EE\aolsoftware.exe" -> C:\Program Files\Common Files\AOL\1145157821\EE\aolsoftware.exe [C:\Program Files\Common Files\AOL\1145157821\EE\aolsoftware.exe:*:Enabled:AOL Services] -> [2008/06/24 17:34:50 | 00,041,824 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> [2006/10/23 11:50:35 | 00,046,640 | R--- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> [2006/10/23 11:50:37 | 00,071,216 | R--- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" -> C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe [C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" -> C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe [C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader] -> [2006/11/03 06:17:27 | 00,010,800 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" -> C:\Program Files\Common Files\AOL\System Information\sinf.exe [C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL] -> [2007/09/17 12:02:47 | 00,206,176 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe [C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed] -> [2004/10/15 19:54:12 | 00,046,768 | ---- | M] (America Online Inc)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon] -> [2004/10/15 19:54:14 | 00,100,016 | ---- | M] (America Online, Inc)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" -> C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe [C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed] -> [2007/04/02 11:33:32 | 00,063,120 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" -> C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe [C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL] -> [2004/10/14 20:34:06 | 00,059,992 | ---- | M] (Gteko Ltd.)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" -> C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent] -> [2008/01/24 23:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.)
"C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat" -> C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat [C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)] -> [2005/11/28 16:18:19 | 17,945,597 | ---- | M] ()
"C:\Program Files\Internet Explorer\iexplore.exe" -> C:\Program Files\Internet Explorer\iexplore.exe [C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer] -> [2008/12/19 04:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation)
"C:\Program Files\InterVideo\DVD8\WinDVD.exe" -> C:\Program Files\InterVideo\DVD8\WinDVD.exe [C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD] -> File not found
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2008/11/20 11:20:48 | 14,294,824 | ---- | M] (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2008/09/23 12:17:06 | 21,755,688 | R--- | M] (Skype Technologies S.A.)
"C:\Program Files\UltraVNC\vncviewer.exe" -> C:\Program Files\UltraVNC\vncviewer.exe [C:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:VNCViewer] -> File not found
"C:\WINDOWS\system32\lxctcoms.exe" -> C:\WINDOWS\system32\lxctcoms.exe [C:\WINDOWS\system32\lxctcoms.exe:*:Enabled:Lexmark Communications System] -> [2006/07/13 16:27:16 | 00,528,384 | ---- | M] ( )
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 17:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2006/04/14 15:18:01 | 00,000,000 | ---- | M] ()
E:\autorun.inf [[autorun] | open=setup.exe | ICON=AUTORUN\WDLOGO.ICO | ] -> E:\autorun.inf [ FAT32 ] -> [2008/11/05 13:19:36 | 00,000,052 | RHS- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{14b392f0-c23a-11dd-9e90-0014229ceaaa}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14b392f0-c23a-11dd-9e90-0014229ceaaa}\Shell\AutoRun\command
\{14b392f0-c23a-11dd-9e90-0014229ceaaa}\Shell\AutoRun\command\\"" -> [WD_Windows_Tools\Setup.exe] -> File not found
\{501cd5fd-6e79-11dc-9d6e-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\AutoRun\command
\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\AutoRun\command\\"" -> [Autorun.exe /run] -> File not found
\{501cd5fd-6e79-11dc-9d6e-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\Shell00\Command
\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\Shell00\Command\\"" -> [Autorun.exe /run] -> File not found
\{501cd5fd-6e79-11dc-9d6e-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\Shell01\Command
\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\Shell01\Command\\"" -> [Autorun.exe /action] -> File not found
\{501cd5fd-6e79-11dc-9d6e-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\Shell02\Command
\{501cd5fd-6e79-11dc-9d6e-00038a000015}\Shell\Shell02\Command\\"" -> [Autorun.exe /uninstall] -> File not found
\{bbba60be-e90e-11da-b663-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bbba60be-e90e-11da-b663-00038a000015}\Shell\AutoRun\command
\{bbba60be-e90e-11da-b663-00038a000015}\Shell\AutoRun\command\\"" -> F:\setupSNK.exe [F:\setupSNK.exe] -> File not found
[Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.html [@ = htmlfile] -> %ProgramFiles%\Internet Explorer\IEXPLORE.EXE -> [2008/12/19 04:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807553E5-5146-11D5-A672-00B0D022E945} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\OFFICE11\MSOXMLMF.DLL[Reg Error: Value error.] -> [2007/04/19 08:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKLM] -> No CLSID value
ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %CommonProgramFiles%\SYSTEM\OLE DB\msdaipp.dll[MSDAMON.BINDER] -> [2005/09/20 07:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation)
msdaipp: [HKLM] -> No CLSID value
msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %CommonProgramFiles%\SYSTEM\OLE DB\msdaipp.dll[MSDAMON.BINDER] -> [2005/09/20 07:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation)
msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %CommonProgramFiles%\SYSTEM\OLE DB\msdaipp.dll[MSDAIPP.BINDER] -> [2005/09/20 07:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation)
ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Information Retrieval\MSITSS.DLL[Microsoft Infotech Storage Protocol for IE 4.0] -> [2000/04/19 22:47:36 | 00,520,117 | ---- | M] (Microsoft Corporation)
mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Web Components\10\OWC10.DLL[Data Page Pluggable Protocol mso-offdap Handler] -> [2007/03/14 08:10:22 | 07,255,384 | ---- | M] (Microsoft Corporation)
mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Web Components\11\OWC11.DLL[Data Page Plugable Protocal mso-offdap11 Handler] -> [2007/05/10 08:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2008/09/23 12:17:06 | 01,942,864 | R--- | M] (Skype Technologies)
x-excid:{9D6CC632-1337-4a33-9214-2DA092E776F4} [HKLM] -> %SystemRoot%\Downloaded Program Files\mimectl.dll[DB2XMLPlugProt Class] -> [2006/11/16 10:28:00 | 00,374,272 | ---- | M] ()
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"AntiVirusDisableNotify" -> [1] -> File not found
\\"FirewallDisableNotify" -> [1] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus
\Monitoring\McAfeeAntiVirus\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall
\Monitoring\McAfeeFirewall\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [0] -> File not found
\\"DoNotAllowExceptions" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{00203668-8170-44A0-BE44-B632FA4D780F} -> Adobe AIR
{18D10072035C4515918F7E37EAFAACFC} -> AutoUpdate
{1A91D1FA-B9B3-4556-9878-5C61059A19B2} -> InterVideo DVD
{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} -> Google Earth
{2BA00471-0328-3743-93BD-FA813353A783} -> Microsoft .NET Framework 3.0 Service Pack 1
{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} -> Rhapsody Player Engine
{318AB667-3230-41B5-A617-CB3BF748D371} -> iTunes
{3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java(TM) 6 Update 2
{3248F0A8-6813-11D6-A77B-00B0D0160030} -> Java(TM) 6 Update 3
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{3A7BF905-F37D-4DFB-8308-EC3AA4617B36} -> Garmin Communicator Plugin
{4817189D-1785-4627-A33C-39FD90919300} -> The Sims 2 Pets
{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} -> Skype™ 3.8
{5E3CFCA6-C95A-47CB-A822-7FA80D423AF2} -> MapSource
{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A} -> Microsoft Outlook Web Access S/MIME
{7148F0A8-6813-11D6-A77B-00B0D0142030} -> Java 2 Runtime Environment, SE v1.4.2_03
{77DCDCE3-2DED-62F3-8154-05E745472D07} -> Acrobat.com
{797EE0CA-8165-405C-B5CE-F11EC20F1BB0} -> Microsoft VC9 runtime libraries
{7B3577F5-1D82-4C9B-008B-69D026FD8BCA} -> The Sims 2 Open For Business
{7B63B2922B174135AFC0E1377DD81EC2} -> DivX Codec
{7D0F78C1-ECB0-4148-8757-35403F9E84EE} -> USB Serial Adapter Driver of Windows XP
{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} -> DellSupport
{7FCA7183-ECBD-414D-B0F9-D469399303DA} -> MapSource - North American City Select v5
{87F6C83D-F949-4d14-B5CB-DC8C75F8932D} -> The Sims™ 2 FreeTime
{89AD2814-AFA2-46AF-AE53-C27196D9FBE6} -> InterVideo TV
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} -> Bonjour
{8A708DD8-A5E6-11D4-A706-000629E95E20} -> Intel(R) Graphics Media Accelerator Driver for Mobile
{8AB8D458-939E-403F-0097-9BA1C1F013D5} -> The Sims 2
{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2} -> The Sims 2 University
{91E30409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003
{937B232D-9776-471E-92BD-D424E514EF14} -> Logitech QuickCam
{962E05CF-3394-496D-0091-850CF1762F6B} -> The Battle for Middle-earth (tm)
{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE} -> Broadcom 440x 10/100 Integrated Controller
{A0BBF7AB-2F47-47DC-BB02-4C826F2BC73B} -> IBM Lotus Forms Viewer 3.0
{A462213D-EED4-42C2-9A60-7BDD4D4B0B17} -> SigmaTel Audio
{A49F249F-0C91-497F-86DF-B2585E8E76B7} -> Microsoft Visual C++ 2005 Redistributable
{AC76BA86-7AD7-1033-7B44-A90000000001} -> Adobe Reader 9
{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy
{B508B3F1-A24A-32C0-B310-85786919EF28} -> Microsoft .NET Framework 2.0 Service Pack 1
{B6F5B704-06D3-4687-90F3-6195304AD755} -> The Sims™ 2 Apartment Life
{BAF78226-3200-4DB4-BE33-4D922A799840} -> Windows Presentation Foundation
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{D78653C3-A8FF-415F-92E6-D774E634FF2D} -> Dell ResourceCD
{D7C40BDC-F6FA-46DC-BE4B-0C0EB6DD9212} -> MapSource - City Select North America v6 Update
{DD040AAA-F295-492B-AD91-C8DC24488273} -> Photo Explosion Special Edition
{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06} -> The Sims™ 2 Seasons
{E0000600-0600-0600-0600-000000000600} -> ICS Viewer 6.0
{E3BFEE55-39E2-4BE0-B966-89FE583822C1} -> Dell Support Center
{E40CE517-0D42-4198-96B4-C8232B257EB5} -> Data Lifeguard Diagnostic for Windows
{E646DCF0-5A68-11D5-B229-002078017FBF} -> Digital Line Detect
{EB807EB6-5179-48B7-98D4-7B4934A57A81} -> Documents To Go
{EC4455AB-F155-4CC1-A4C5-88F3777F9886} -> Apple Mobile Device Support
{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} -> PL-2303 USB-to-Serial
{F248ADFA-64E0-4b03-8A83-059078BED6A0} -> The Sims™ 2 Bon Voyage
{F7514465-E5F3-48E9-A952-327DAEF33DE6} -> InterVideo Home Theater
{F7529650-B9DB-481B-0089-A2AC3C2821C1} -> The Sims 2 Nightlife
{F958CA02-BB40-4007-894B-258729456EE4} -> QuickTime
{FF8157AA-F640-45BD-B7C2-BAA1016B267A} -> palmOne
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX
Adobe Shockwave Player -> Adobe Shockwave Player
Any Video Converter_is1 -> Any Video Converter 2.6.7
AOL Uninstaller -> AOL Uninstaller (Choose which Products to Remove)
AOL YGP Screensaver -> AOL You've Got Pictures Screensaver
AolCoach2_en -> AOL Coach Version 2.0(Build:20041026.5 en)
audcle -> Plus! MP3 Audio Converter LE
BitComet -> BitComet 1.07
Broadcom 802.11b Network Adapter -> Dell Wireless WLAN Card
CCleaner -> CCleaner (remove only)
CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3 -> Conexant HDA D110 MDC V.92 Modem
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com
DECCHECK -> Microsoft Windows XP Video Decoder Checkup Utility
drmtool.inf -> Personal License Update Wizard for Windows Media Player
Drug Lord 2 -> Drug Lord 2
DVD Decrypter -> DVD Decrypter (Remove Only)
DVD Shrink_is1 -> DVD Shrink 3.2
Eraser_is1 -> Eraser
FreeZip -> FreeZip
Google Updater -> Google Updater
GSAK (Geocaching Swiss Army Knife)_is1 -> GSAK 6.6.5.19
Guild Wars -> Guild Wars
HandBrake -> HandBrake 0.9.3
HijackThis -> HijackThis 2.0.2
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
iDump -> iDump (Backing up your iPod)
ie7 -> Windows Internet Explorer 7
InstallShield_{7FCA7183-ECBD-414D-B0F9-D469399303DA} -> MapSource - North American City Select v5
InstallShield_{D7C40BDC-F6FA-46DC-BE4B-0C0EB6DD9212} -> MapSource - City Select North America v6 Update
InterActual Player -> InterActual Player
IrfanView -> IrfanView (remove only)
legacyqcam_10.51 -> Logitech Legacy USB Camera Driver Package
Lexmark 5400 Series -> Lexmark 5400 Series
lvdrivers_11.90 -> Logitech QuickCam Driver Package
Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1
mplibwiz.inf -> Media Library Management Wizard
mpxptray.inf -> Windows Media Player Tray Control
MSC -> McAfee SecurityCenter
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
MSN Music Assistant -> MSN Music Assistant
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
Plucker_is1 -> Plucker 1.6
SynTPDeinstKey -> Synaptics Pointing Device Driver
ViewpointMediaPlayer -> Viewpoint Media Player
VLC media player -> VideoLAN VLC media player 0.8.2
WebCyberCoach_wtrb -> WebCyberCoach 3.2 Dell
WIC -> Windows Imaging Component
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Windows Media Player 11
Windows XP Service Pack -> Windows XP Service Pack 3
WinGTK-2_is1 -> GTK+ 2.10.6-1 runtime environment
WinRAR archiver -> WinRAR archiver
WMCSetup -> Windows Media Connect
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
XpsEPSC -> XML Paper Specification Shared Components Pack 1.0
XviD MPEG4 Video Codec -> XviD MPEG4 Video Codec (remove only)
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> [2008/08/29 07:53:50 | 00,147,456 | ---- | M] (Apple Inc.)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 3/13/2009 3:38:56 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1001 -> Description = Fault bucket 734037209.
Application [ Error ] 3/15/2009 1:18:52 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/15/2009 4:25:03 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/15/2009 9:36:40 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application DVDDecrypter.exe, version 3.5.4.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/19/2009 7:58:22 PM Computer Name = LAPTOP | Source = McLogEvent | ID = 5051 -> Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took longer than 90000 ms to complete a request. The process will be terminated. Thread id : 2588 (0xa1c) Thread address : 0x12190B20 Thread message : Build VSCORE.14.0.0.349 / 5300.2777 Object being scanned = \Device\HarddiskVolume2\WINDOWS\TEMP\ver48A.tmp by c:\PROGRA~1\mcafee\msc\mcupdmgr.exe 4(1485)(0) 4(1391)(0) 7200(719)(0) 7595(719)(0) 7005(719)(0) 7004(719)(0) 5006(719)(0) 5004(719)(0)
Application [ Error ] 3/19/2009 8:38:10 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application Handbrake.exe, version 0.9.3.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/22/2009 2:35:36 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application RipIt4Me.exe, version 1.7.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/23/2009 5:03:15 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application OTScanIt2.exe, version 1.0.9.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/26/2009 3:44:39 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application ialaunch.exe, version 3.18.12.1221, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/27/2009 5:06:31 PM Computer Name = LAPTOP | Source = Application Hang | ID = 1002 -> Description = Hanging application OTScanIt2.exe, version 1.0.9.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System [ Error ] 3/22/2009 1:47:24 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:26 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:27 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:29 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:30 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:32 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:34 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:35 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/22/2009 1:47:37 PM Computer Name = LAPTOP | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 3/23/2009 2:43:03 PM Computer Name = LAPTOP | Source = DCOM | ID = 10001 -> Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe -Embedding
[Files/Folders - Created Within 30 Days]
InterActual Player.lnk -> %AllUsersProfile%\Desktop\InterActual Player.lnk -> [2009/03/26 19:57:51 | 00,000,813 | ---- | C] ()
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/03/23 19:55:52 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/03/23 19:55:19 | 00,662,639 | ---- | C] ()
hidserv.dll -> %SystemRoot%\System32\hidserv.dll -> [2009/03/21 17:30:25 | 00,021,504 | ---- | C] (Microsoft Corporation)
hidserv.dll -> %SystemRoot%\System32\dllcache\hidserv.dll -> [2009/03/21 17:30:25 | 00,021,504 | ---- | C] (Microsoft Corporation)
Google Software Updater.job -> %SystemRoot%\tasks\Google Software Updater.job -> [2009/03/21 01:29:34 | 00,000,868 | ---- | C] ()
DaVinci_Code -> %SystemDrive%\DaVinci_Code -> [2009/03/19 21:27:09 | 00,000,000 | ---D | C]
XPCD -> %UserProfile%\Desktop\XPCD -> [2009/03/15 16:15:52 | 00,000,000 | ---D | C]
UBCD4Win -> %SystemDrive%\UBCD4Win -> [2009/03/15 15:46:06 | 00,000,000 | ---D | C]
HandBrake.lnk -> %UserProfile%\Desktop\HandBrake.lnk -> [2009/03/15 00:48:30 | 00,000,728 | ---- | C] ()
HandBrake -> %ProgramFiles%\HandBrake -> [2009/03/15 00:48:29 | 00,000,000 | ---D | C]
HijackThis Logs -> %UserProfile%\Desktop\HijackThis Logs -> [2009/03/15 00:30:59 | 00,000,000 | ---D | C]
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/15 00:30:36 | 00,001,768 | ---- | C] ()
Trend Micro -> %ProgramFiles%\Trend Micro -> [2009/03/15 00:30:36 | 00,000,000 | ---D | C]
Config.Msi -> %SystemDrive%\Config.Msi -> [2009/03/14 22:06:15 | 00,000,000 | -HSD | C]
ErrorFix Scan.job -> %SystemRoot%\tasks\ErrorFix Scan.job -> [2009/03/14 21:45:24 | 00,000,422 | ---- | C] ()
ErrorFix -> %AppData%\ErrorFix -> [2009/03/14 21:45:18 | 00,000,000 | ---D | C]
Recent -> %UserProfile%\Recent -> [2009/03/14 19:08:47 | 00,000,000 | RH-D | C]
Western Digital Corporation -> %ProgramFiles%\Western Digital Corporation -> [2009/03/13 18:23:07 | 00,000,000 | ---D | C]
WDC -> %UserProfile%\My Documents\WDC -> [2009/03/13 18:22:53 | 00,000,000 | ---D | C]
jestertb.dll -> %SystemRoot%\jestertb.dll -> [2009/03/13 18:22:48 | 00,020,992 | ---- | C] ()
TopoGrafix -> %UserProfile%\Local Settings\Application Data\TopoGrafix -> [2009/03/07 19:15:55 | 00,000,000 | ---D | C]
[Files/Folders - Modified Within 30 Days]
3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
1 C:\WINDOWS\Temp\gis1a7e8e0b\*.tmp files -> C:\WINDOWS\Temp\gis1a7e8e0b\*.tmp ->
bgroykfc.dll -> %UserProfile%\Local Settings\Temp\bgroykfc.dll -> [2009/03/27 20:05:18 | 00,053,248 | ---- | M] ()
Config.MPF -> %SystemRoot%\System32\Config.MPF -> [2009/03/27 20:04:58 | 00,014,187 | ---- | M] ()
Google Software Updater.job -> %SystemRoot%\tasks\Google Software Updater.job -> [2009/03/27 19:25:17 | 00,000,868 | ---- | M] ()
User_Feed_Synchronization-{210CFB9A-4178-4488-9B90-25DB39C3EEF7}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{210CFB9A-4178-4488-9B90-25DB39C3EEF7}.job -> [2009/03/27 15:57:13 | 00,000,392 | -H-- | M] ()
ErrorFix Scan.job -> %SystemRoot%\tasks\ErrorFix Scan.job -> [2009/03/27 12:00:00 | 00,000,422 | ---- | M] ()
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/03/26 20:27:38 | 14,417,920 | -H-- | M] ()
InterActual Player.lnk -> %AllUsersProfile%\Desktop\InterActual Player.lnk -> [2009/03/26 19:57:51 | 00,000,813 | ---- | M] ()
hb_encode_log.dat -> %UserProfile%\Local Settings\Temp\hb_encode_log.dat -> [2009/03/26 19:10:21 | 00,020,166 | ---- | M] ()
hb_queue_recovery.dat -> %UserProfile%\Local Settings\Temp\hb_queue_recovery.dat -> [2009/03/26 14:16:22 | 00,000,000 | ---- | M] ()
dvdinfo.dat -> %UserProfile%\Local Settings\Temp\dvdinfo.dat -> [2009/03/24 23:07:52 | 00,005,359 | ---- | M] ()
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [2009/03/24 12:31:07 | 00,000,284 | ---- | M] ()
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/03/23 19:55:27 | 00,662,639 | ---- | M] ()
ci.dll -> %SystemRoot%\Temp\gis1a7e8e0b\2.4.1536.6592\ci.dll -> [2009/03/21 01:29:25 | 01,204,208 | ---- | M] (Google)
GoogleUpdaterService.exe -> %SystemRoot%\Temp\gis1a7e8e0b\GoogleUpdaterService.exe -> [2009/03/21 01:29:25 | 00,183,280 | ---- | M] (Google)
GoogleUpdaterSetup.exe -> %SystemRoot%\Temp\gis1a7e8e0b\2.4.1536.6592\GoogleUpdaterSetup.exe -> [2009/03/21 01:29:25 | 00,176,112 | ---- | M] (Google Inc.)
GoogleUpdaterInstallMgr.exe -> %SystemRoot%\Temp\gis1a7e8e0b\2.4.1536.6592\GoogleUpdaterInstallMgr.exe -> [2009/03/21 01:29:25 | 00,169,968 | ---- | M] (Google)
GoogleUpdater.exe -> %SystemRoot%\Temp\gis1a7e8e0b\GoogleUpdater.exe -> [2009/03/21 01:29:25 | 00,161,776 | ---- | M] (Google)
cires.dll -> %SystemRoot%\Temp\gis1a7e8e0b\2.4.1536.6592\cires.dll -> [2009/03/21 01:29:25 | 00,100,848 | ---- | M] ()
npCIDetect13.dll -> %SystemRoot%\Temp\gis1a7e8e0b\2.4.1536.6592\npCIDetect13.dll -> [2009/03/21 01:29:25 | 00,099,824 | ---- | M] (Google)
GoogleUpdaterAdminPrefs.exe -> %SystemRoot%\Temp\gis1a7e8e0b\2.4.1536.6592\GoogleUpdaterAdminPrefs.exe -> [2009/03/21 01:29:24 | 00,227,824 | ---- | M] (Google)
googleupdater.exe1a7ec2f6 -> %SystemRoot%\Temp\googleupdater.exe1a7ec2f6 -> [2009/03/21 01:29:09 | 01,075,696 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/03/19 22:50:07 | 00,445,096 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/03/19 22:50:07 | 00,072,554 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/03/19 22:50:06 | 00,526,710 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/03/15 22:03:01 | 00,002,206 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/03/15 22:02:01 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/03/15 22:01:39 | 00,002,048 | --S- | M] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/03/15 21:59:21 | 00,000,278 | -HS- | M] ()
VETlog.dmp -> %SystemDrive%\VETlog.dmp -> [2009/03/15 19:29:42 | 00,055,088 | ---- | M] ()
HandBrake.lnk -> %UserProfile%\Desktop\HandBrake.lnk -> [2009/03/15 00:48:30 | 00,000,728 | ---- | M] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/15 00:30:36 | 00,001,768 | ---- | M] ()
McDefragTask.job -> %SystemRoot%\tasks\McDefragTask.job -> [2009/03/14 23:53:08 | 00,000,340 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2009/03/14 21:32:53 | 00,000,340 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/03/14 18:15:41 | 00,005,513 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/03/14 18:15:41 | 00,004,232 | ---- | M] ()
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2009/03/14 17:42:19 | 00,302,826 | R--- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/03/14 08:25:40 | 00,333,072 | ---- | M] ()
jestertb.dll -> %SystemRoot%\jestertb.dll -> [2009/03/13 18:22:49 | 00,020,992 | ---- | M] ()
LVPrcInj01.dll -> %SystemRoot%\Temp\logishrd\LVPrcInj01.dll -> [2008/12/16 19:59:28 | 00,109,080 | ---- | M] (Logitech Inc.)
opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2006/04/15 04:00:45 | 00,011,090 | ---- | M] ()
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
< Document and Settings folder & sub folders >
scanning hidden files ...
C:\Documents and Settings\Scott\Favorites\Colombia Military Guide.url:favicon 1406 bytes
C:\Documents and Settings\Scott\Favorites\Defense Acquisition University.url:favicon 894 bytes
C:\Documents and Settings\Scott\Favorites\Pack457 Den3 - Welcome to the Bear Den!.url:favicon 1150 bytes
C:\Documents and Settings\Scott\Favorites\Parsimonious - Free Downloads Sims & Sims2 Clothes,Furniture, Houses, Hair, Makeup.url:favicon 1406 bytes
C:\Documents and Settings\Scott\Favorites\Sexy Sims 2 - powered by vBulletin.url:favicon 3638 bytes
C:\Documents and Settings\Scott\Favorites\The Sims 2 and 1 Resource - Over 564,000 Downloads for The Sims 2 and 1.url:favicon 3638 bytes
C:\Documents and Settings\Scott\Favorites\TheSims2.com - Home.url:favicon 1150 bytes
C:\Documents and Settings\Scott\Favorites\WebCT Login Page.url:favicon 318 bytes
C:\Documents and Settings\Scott\Favorites\Welcome to ModTheSims2.url:favicon 3638 bytes
C:\Documents and Settings\Scott\Favorites\FARSite (Federal Acquisition Regulation Site).url:favicon 1206 bytes
C:\Documents and Settings\Scott\Favorites\final fantsy X walkthrough.url:favicon 1406 bytes
C:\Documents and Settings\Scott\Favorites\Lajes Overview.url:favicon 894 bytes
C:\Documents and Settings\Scott\Favorites\lego replacement parts.url:favicon 1406 bytes
C:\Documents and Settings\Scott\Favorites\LINK TO PDG MP3S.url:favicon 894 bytes
C:\Documents and Settings\Scott\Favorites\LogMeIn - Remote Access and Desktop Control Software for your PC.url:favicon 2550 bytes
C:\Documents and Settings\Scott\My Documents\EA Games\Backup Files\Sims2Launcher backup.exe:SummaryInformation 184 bytes
C:\Documents and Settings\Scott\My Documents\EA Games\Backup Files\Sims2Launcher backup.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} 0 bytes
scan completed successfully
hidden files: 109
< End of report >