Hi Tim,
I have a folder where I could install Zone Alarm and then uninstall it, but nothing in my Add/Remove Programs. And no sign of Norton. I assume I should get rid of the older Ad-Aware SE I have.
WinPFind3.txt
WinPFind3 logfile created on: 08/08/2007 1:43:17 AM
WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\Documents and Settings\MIC\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5700.6)
1022.98 Mb Total Physical Memory | 465.16 Mb Available Physical Memory | 45.47% Memory free
2.41 Gb Paging File | 1.99 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 7.36 Gb Free Space | 9.87% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Computer Name: MDN
Current User Name: MIC
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
acs.exe -> %System32%\acs.exe -> [Ver = | Size = 36864 bytes | Modified Date = 07/07/2004 3:16:24 PM | Attr = ]
agrsmmsg.exe -> %SystemRoot%\agrsmmsg.exe -> Agere Systems [Ver = 2.1.38 2.1.38 02/20/2004 15:00:27 | Size = 88363 bytes | Modified Date = 20/02/2004 2:00:00 PM | Attr = ]
apntex.exe -> %ProgramFiles%\Apoint2K\ApntEx.exe -> Alps Electric Co., Ltd. [Ver = 5.0.1.15 | Size = 45056 bytes | Modified Date = 25/02/2003 7:08:00 PM | Attr = ]
apoint.exe -> %ProgramFiles%\Apoint2K\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 6.0.2.180 | Size = 192512 bytes | Modified Date = 30/10/2003 12:46:00 AM | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5115 | Size = 339968 bytes | Modified Date = 10/07/2004 8:10:00 PM | Attr = ]
ceekey.exe -> %ProgramFiles%\TOSHIBA\E-KEY\CeEKey.exe -> COMPAL ELECTRONIC INC. [Ver = 2, 1, 0, 9 | Size = 643072 bytes | Modified Date = 06/08/2004 2:14:42 PM | Attr = ]
cfsvcs.exe -> %ProgramFiles%\TOSHIBA\ConfigFree\CFSvcs.exe -> TOSHIBA CORPORATION [Ver = 5, 0, 0, 7 | Size = 36864 bytes | Modified Date = 15/06/2004 11:44:06 PM | Attr = ]
dvdramsv.exe -> %System32%\DVDRAMSV.exe -> Matsushita Electric Industrial Co., Ltd. [Ver = 2, 0, 7, 0 | Size = 106496 bytes | Modified Date = 22/05/2003 8:38:26 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 4:31:10 AM | Attr = ]
hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 22/12/2003 8:38:42 AM | Attr = ]
hpgs2wnd.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 57344 bytes | Modified Date = 03/07/2001 9:11:52 AM | Attr = ]
hpgs2wnf.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe -> [Ver = 2,4,0,26 | Size = 65536 bytes | Modified Date = 03/07/2001 9:17:04 AM | Attr = ]
hpwuschd.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 04/08/2003 5:28:18 PM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 30/10/2006 9:36:32 AM | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 30/10/2006 9:36:36 AM | Attr = ]
lvcomsx.exe -> %System32%\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.7.1036 | Size = 221184 bytes | Modified Date = 19/07/2005 4:32:18 PM | Attr = ]
ndstray.exe -> %ProgramFiles%\TOSHIBA\ConfigFree\NDSTray.exe -> TOSHIBA CORPORATION [Ver = 5, 0, 0, 57 | Size = 892928 bytes | Modified Date = 13/07/2004 4:51:04 AM | Attr = ]
pnkbstra.exe -> %System32%\PnkBstrA.exe -> [Ver = | Size = 63040 bytes | Modified Date = 07/05/2007 10:22:56 PM | Attr = ]
ramasst.exe -> %System32%\RAMASST.exe -> Matsushita Electric Industrial Co., Ltd. [Ver = 1, 0, 9, 0 | Size = 155648 bytes | Modified Date = 13/03/2003 6:38:12 PM | Attr = ]
smoothview.exe -> %ProgramFiles%\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe -> TOSHIBA Corporation [Ver = 2, 0, 0, 18 | Size = 135168 bytes | Modified Date = 02/03/2004 12:45:28 PM | Attr = ]
tavsvc.exe -> %ProgramFiles%\Trend Micro\AntiVirus 2007\tavsvc.exe -> Trend Micro Inc. [Ver = 15.1.0.1206 | Size = 251408 bytes | Modified Date = 19/01/2007 5:48:58 PM | Attr = ]
tavui.exe -> %ProgramFiles%\Trend Micro\AntiVirus 2007\tavui.exe -> Trend Micro Inc. [Ver = 15.1.0.2002 | Size = 4609288 bytes | Modified Date = 05/07/2007 8:09:54 PM | Attr = ]
tctrliohook.exe -> %System32%\TCtrlIOHook.exe -> TOSHIBA [Ver = 0, 8, 0, 0 | Size = 28672 bytes | Modified Date = 05/08/2004 8:49:24 PM | Attr = ]
tfncky.exe -> %ProgramFiles%\TOSHIBA\TOSHIBA Controls\TFncKy.exe -> TOSHIBA Corporation [Ver = 3.05.02 | Size = 114688 bytes | Modified Date = 26/07/2004 4:32:32 PM | Attr = ]
tfswctrl.exe -> %System32%\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 122939 bytes | Modified Date = 20/07/2004 12:04:00 AM | Attr = ]
tmproxy.exe -> %ProgramFiles%\Trend Micro\AntiVirus 2007\Components\TmProxy.exe -> Trend Micro Inc. [Ver = 3.1.0.1013 | Size = 566872 bytes | Modified Date = 10/01/2007 7:19:26 PM | Attr = ]
toscdspd.exe -> %ProgramFiles%\TOSHIBA\TOSCDSPD\TOSCDSPD.exe -> TOSHIBA [Ver = 1, 0, 5, 0 | Size = 65536 bytes | Modified Date = 05/09/2003 2:24:46 AM | Attr = ]
tpsbattm.exe -> %System32%\TPSBattM.exe -> TOSHIBA Corporation [Ver = 1, 0, 2, 0 | Size = 45056 bytes | Modified Date = 01/06/2004 7:43:10 PM | Attr = ]
tptray.exe -> %ProgramFiles%\TOSHIBA\TouchPad\TPTray.exe -> COMPAL ELECTRONIC INC. [Ver = 1, 1, 0, 2 | Size = 53248 bytes | Modified Date = 28/07/2004 3:23:30 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23/06/2007 3:15:54 PM | Attr = ]
zoominghook.exe -> %System32%\ZoomingHook.exe -> TOSHIBA [Ver = 1, 0, 0, 0 | Size = 24576 bytes | Modified Date = 14/07/2004 3:07:32 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(ACS) Atheros Configuration Service [Win32_Own | Auto | Running] -> %System32%\acs.exe -> [Ver = | Size = 36864 bytes | Modified Date = 07/07/2004 3:16:24 PM | Attr = ]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 26/05/2006 10:50:04 AM | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Disabled | Stopped] -> %System32%\ati2evxx.exe -> [Ver = | Size = 385024 bytes | Modified Date = 10/07/2004 5:35:00 AM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 4:31:10 AM | Attr = ]
(CFSvcs) ConfigFree Service [Win32_Own | Auto | Running] -> %ProgramFiles%\TOSHIBA\ConfigFree\CFSvcs.exe -> TOSHIBA CORPORATION [Ver = 5, 0, 0, 7 | Size = 36864 bytes | Modified Date = 15/06/2004 11:44:06 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 4:00:00 AM | Attr = ]
(DVD-RAM_Service) DVD-RAM_Service [Win32_Own | Auto | Running] -> %System32%\DVDRAMSV.exe -> Matsushita Electric Industrial Co., Ltd. [Ver = 2, 0, 7, 0 | Size = 106496 bytes | Modified Date = 22/05/2003 8:38:26 PM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 03/04/2005 11:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 30/10/2006 9:36:32 AM | Attr = ]
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %System32%\hpzipm12.exe -> HP [Ver = 7, 0, 0, 0 | Size = 65795 bytes | Modified Date = 25/02/2004 10:18:00 PM | Attr = ]
(PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %System32%\PnkBstrA.exe -> [Ver = | Size = 63040 bytes | Modified Date = 07/05/2007 10:22:56 PM | Attr = ]
(tavsvc) Trend Micro AntiVirus Protection Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\AntiVirus 2007\tavsvc.exe -> Trend Micro Inc. [Ver = 15.1.0.1206 | Size = 251408 bytes | Modified Date = 19/01/2007 5:48:58 PM | Attr = ]
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\AntiVirus 2007\Components\TmProxy.exe -> Trend Micro Inc. [Ver = 3.1.0.1013 | Size = 566872 bytes | Modified Date = 10/01/2007 7:19:26 PM | Attr = ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 12/11/2003 4:48:20 AM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
AGRSMMSG -> %SystemRoot%\agrsmmsg.exe -> Agere Systems [Ver = 2.1.38 2.1.38 02/20/2004 15:00:27 | Size = 88363 bytes | Modified Date = 20/02/2004 2:00:00 PM | Attr = ]
Apoint -> %ProgramFiles%\Apoint2K\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 6.0.2.180 | Size = 192512 bytes | Modified Date = 30/10/2003 12:46:00 AM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5115 | Size = 339968 bytes | Modified Date = 10/07/2004 8:10:00 PM | Attr = ]
ccApp -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> File not found
CeEKEY -> %ProgramFiles%\TOSHIBA\E-KEY\CeEKey.exe -> COMPAL ELECTRONIC INC. [Ver = 2, 1, 0, 9 | Size = 643072 bytes | Modified Date = 06/08/2004 2:14:42 PM | Attr = ]
dla -> %System32%\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 122939 bytes | Modified Date = 20/07/2004 12:04:00 AM | Attr = ]
HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 22/12/2003 8:38:42 AM | Attr = ]
HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 04/08/2003 5:28:18 PM | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 30/10/2006 9:36:36 AM | Attr = ]
NDSTray.exe -> NDSTray.exe -> File not found
PadTouch -> %ProgramFiles%\TOSHIBA\Touch and Launch\PadExe.exe -> TOSHIBA [Ver = 1, 2, 4, 0 | Size = 1089589 bytes | Modified Date = 03/02/2004 1:47:06 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 25/10/2006 6:58:18 PM | Attr = ]
Share-to-Web Namespace Daemon -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 57344 bytes | Modified Date = 03/07/2001 9:11:52 AM | Attr = ]
SmoothView -> %ProgramFiles%\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe -> TOSHIBA Corporation [Ver = 2, 0, 0, 18 | Size = 135168 bytes | Modified Date = 02/03/2004 12:45:28 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12/07/2007 4:00:36 AM | Attr = ]
Symantec NetDriver Monitor -> %SystemDrive%\PROGRA~1\SYMNET~1\SNDMon.exe -> File not found
TCtryIOHook -> %System32%\TCtrlIOHook.exe -> TOSHIBA [Ver = 0, 8, 0, 0 | Size = 28672 bytes | Modified Date = 05/08/2004 8:49:24 PM | Attr = ]
TFncKy -> TFncKy.exe -> File not found
TPNF -> %ProgramFiles%\TOSHIBA\TouchPad\TPTray.exe -> COMPAL ELECTRONIC INC. [Ver = 1, 1, 0, 2 | Size = 53248 bytes | Modified Date = 28/07/2004 3:23:30 PM | Attr = ]
TPSMain -> %System32%\TPSMain.exe -> TOSHIBA Corporation [Ver = 1, 0, 14, 0 | Size = 278528 bytes | Modified Date = 01/06/2004 7:43:28 PM | Attr = ]
Trend Micro AntiVirus 2007 -> %ProgramFiles%\Trend Micro\AntiVirus 2007\tavui.exe -> Trend Micro Inc. [Ver = 15.1.0.2002 | Size = 4609288 bytes | Modified Date = 05/07/2007 8:09:54 PM | Attr = ]
Zone Labs Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> File not found
ZoomingHook -> %System32%\ZoomingHook.exe -> TOSHIBA [Ver = 1, 0, 0, 0 | Size = 24576 bytes | Modified Date = 14/07/2004 3:07:32 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
TOSCDSPD -> %ProgramFiles%\TOSHIBA\TOSCDSPD\TOSCDSPD.exe -> TOSHIBA [Ver = 1, 0, 5, 0 | Size = 65536 bytes | Modified Date = 05/09/2003 2:24:46 AM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\RAMASST.lnk -> %System32%\RAMASST.exe -> Matsushita Electric Industrial Co., Ltd. [Ver = 1, 0, 9, 0 | Size = 155648 bytes | Modified Date = 13/03/2003 6:38:12 PM | Attr = ]
< User Startup > -> C:\Documents and Settings\MIC\Start Menu\Programs\Startup ->
%UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16/03/2005 7:16:50 PM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 4:29:58 AM | Attr = ]
< SharedTaskScheduler [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler ->
{af8bca8b-a9f1-471d-bdcd-caa14be2bdd9} [HKLM] -> Reg Data - Key not found [hemprich] -> File not found
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> ÿÿÿÿ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL ->
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome ->
HKLM: Main\\Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Start Page ->
http://www.google.ca/ ->
HKCU: SearchAssistant ->
http://ie.search.msn.com ->
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> localhost ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18/12/2006 4:16:42 AM | Attr = ]
{724d43a9-0d85-11d4-9908-00400523e39a} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [Reg Data - Value does not exist] -> Siber Systems [Ver = 6-8-7 | Size = 5391416 bytes | Modified Date = 09/02/2007 10:05:28 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12/07/2007 4:00:36 AM | Attr = ]
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> [Ver = | Size = 147456 bytes | Modified Date = 15/05/2003 1:03:46 AM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 15/05/2003 1:03:46 AM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 15/05/2003 1:03:46 AM | Attr = ]
{724d43a0-0d85-11d4-9908-00400523e39a} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> Siber Systems [Ver = 6-8-7 | Size = 5391416 bytes | Modified Date = 09/02/2007 10:05:28 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
ShellBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 15/05/2003 1:03:46 AM | Attr = ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 15/05/2003 1:03:46 AM | Attr = ]
WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> Siber Systems [Ver = 6-8-7 | Size = 5391416 bytes | Modified Date = 09/02/2007 10:05:28 PM | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12/07/2007 4:00:36 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12/07/2007 4:00:36 AM | Attr = ]
{320AF880-6646-11D3-ABEE-C5DBF3571F46} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComFillForms.htm [ButtonText: Fill Forms] -> File not found
{320AF880-6646-11D3-ABEE-C5DBF3571F49} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComSavePass.htm [ButtonText: Save] -> File not found
{724d43aa-0d85-11d4-9908-00400523e39a} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htm [ButtonText: RoboForm] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Search -> -> File not found
Customize Menu -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
Fill Forms -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComFillForms.htm -> File not found
RoboForm Toolbar -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htm -> File not found
Save Forms -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComSavePass.htm -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{2BABB95E-F9A7-47B4-8577-2650B536DC42} -> (Atheros AR5004G Wireless Network Adapter) ->
{54B037D4-F607-4FA9-8469-C4A921C346D2} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{685DB276-E460-4255-B8C9-24AD02F1D538} -> () ->
{E49C22F4-4FB0-4155-8E25-9B9F9B0A2ACC} -> (1394 Net Adapter) ->
< Winsock2 Catalogs [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
Protocol_Catalog9\Catalog_Entries\000000000001 -> %System32%\TmLsp.dll -> Trend Micro Inc. [Ver = 3.1.0.1013 | Size = 284240 bytes | Modified Date = 10/01/2007 7:20:10 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000002 -> %System32%\TmLsp.dll -> Trend Micro Inc. [Ver = 3.1.0.1013 | Size = 284240 bytes | Modified Date = 10/01/2007 7:20:10 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000003 -> %System32%\TmLsp.dll -> Trend Micro Inc. [Ver = 3.1.0.1013 | Size = 284240 bytes | Modified Date = 10/01/2007 7:20:10 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000028 -> %System32%\TmLsp.dll -> Trend Micro Inc. [Ver = 3.1.0.1013 | Size = 284240 bytes | Modified Date = 10/01/2007 7:20:10 PM | Attr = ]
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
bwfile-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll -> Logitech Inc. [Ver = Version 8.1.1 (Build 50R) | Size = 28711 bytes | Modified Date = 13/03/2007 5:10:24 PM | Attr = ]
cetihpz -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll -> Hewlett-Packard Company [Ver = 2.1.4 | Size = 81920 bytes | Modified Date = 22/12/2003 8:38:40 AM | Attr = ]
ic32pp -> %SystemRoot%\wc98pp.dll -> [Ver = | Size = 51712 bytes | Modified Date = 02/05/2005 3:54:46 PM | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
skype4com -> %CommonProgramFiles%\Skype\Skype4COM.dll -> Skype Technologies [Ver = 1, 0, 27, 0 | Size = 1828440 bytes | Modified Date = 12/01/2007 12:50:48 PM | Attr = R ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase =
http://www.kaspersky.com/kos/english/ka ... nicode.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase =
http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase =
http://by131fd.bay131.hotmail.msn.com/r ... nPUpld.cab ->
{5F8469B4-B055-49DD-83F7-62B522420ECC} -> Facebook Photo Uploader Control - CodeBase =
http://upload.facebook.com/controls/Fac ... loader.cab ->
{62789780-B744-11D0-986B-00609731A21D} -> Autodesk MapGuide ActiveX Control - CodeBase =
http://webmap.em.gov.bc.ca/mapplace/mgaxctrl.cab ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase =
http://update.microsoft.com/windowsupda ... 6098484812 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... b31267.cab ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://fpdownload2.macromedia.com/get/s ... wflash.cab ->
ppctlcab -> - CodeBase =
http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab ->
[Registry - Additional Scans - Non-Microsoft Only]
< Disabled MSConfig Services [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services ->
Adobe LM Service -> ->
Ati HotKey Poller -> ->
Avg7Alrt -> ->
Avg7UpdSvc -> ->
iPod Service -> ->
UleadBurningHelper -> ->
WMPNetworkSvc -> ->
< Disabled MSConfig Folder Items[HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk -> %ProgramFiles%\Adobe\Acrobat 6.0\Distillr\acrotray.exe -> Adobe Systems Inc. [Ver = 6.0.1.2003102300 | Size = 217194 bytes | Modified Date = 23/10/2003 8:37:56 PM | Attr = ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 23/09/2005 9:05:26 PM | Attr = ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk -> %ProgramFiles%\palmOne\Hotsync.exe -> PalmSource, Inc [Ver = 6.0.1 | Size = 471040 bytes | Modified Date = 09/06/2004 1:16:08 PM | Attr = ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 5.35.0.035 | Size = 237568 bytes | Modified Date = 16/09/2003 5:19:24 AM | Attr = ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> Logitech Inc. [Ver = 2.52.21.16 | Size = 67128 bytes | Modified Date = 13/03/2007 5:10:24 PM | Attr = ]
C:^Documents and Settings^MIC^Start Menu^Programs^Startup^palmOne Registration.lnk -> -> File not found
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5115 | Size = 339968 bytes | Modified Date = 10/07/2004 8:10:00 PM | Attr = ]
EA Core -> %ProgramFiles%\Electronic Arts\EA Link\Core.exe -> Electronic Arts [Ver = 3.1.1.94 | Size = 2887680 bytes | Modified Date = 19/07/2007 8:02:54 AM | Attr = ]
Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [Ver = | Size = 168448 bytes | Modified Date = 22/11/2005 10:02:04 AM | Attr = ]
HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 22/12/2003 8:38:42 AM | Attr = ]
HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 04/08/2003 5:28:18 PM | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 30/10/2006 9:36:36 AM | Attr = ]
LDM -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> Logitech Inc. [Ver = 2.52.21.16 | Size = 67128 bytes | Modified Date = 13/03/2007 5:10:24 PM | Attr = ]
LogitechSoftwareUpdate -> %ProgramFiles%\Logitech\Video\ManifestEngine.exe -> Logitech Inc. [Ver = 8.4.7.1034 | Size = 196608 bytes | Modified Date = 08/06/2005 1:44:14 PM | Attr = ]
LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.4.7.1034 | Size = 458752 bytes | Modified Date = 08/06/2005 2:24:32 PM | Attr = ]
LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.4.7.1034 | Size = 217088 bytes | Modified Date = 08/06/2005 2:14:44 PM | Attr = ]
mssSort -> %ProgramFiles%\Maxtor\Maxtor Quick Start\msssort.exe -> Maxtor [Ver = 1, 0, 0, 3 | Size = 45056 bytes | Modified Date = 10/01/2005 7:53:12 AM | Attr = ]
NDSTray.exe -> NDSTray.exe -> File not found
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09/07/2001 11:50:42 AM | Attr = ]
PadTouch -> %ProgramFiles%\TOSHIBA\Touch and Launch\PadExe.exe -> TOSHIBA [Ver = 1, 2, 4, 0 | Size = 1089589 bytes | Modified Date = 03/02/2004 1:47:06 PM | Attr = ]
Picasa Media Detector -> %ProgramFiles%\Picasa2\PicasaMediaDetector.exe -> [Ver = | Size = 135168 bytes | Modified Date = 04/02/2005 3:32:52 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 25/10/2006 6:58:18 PM | Attr = ]
RoboForm -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe -> Siber Systems [Ver = 6-8-7 | Size = 160832 bytes | Modified Date = 09/02/2007 10:05:28 PM | Attr = ]
Share-to-Web Namespace Daemon -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 57344 bytes | Modified Date = 03/07/2001 9:11:52 AM | Attr = ]
SkypeMate -> %ProgramFiles%\SkypeMate\SkypeMate.exe -> File not found
SmoothView -> %ProgramFiles%\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe -> TOSHIBA Corporation [Ver = 2, 0, 0, 18 | Size = 135168 bytes | Modified Date = 02/03/2004 12:45:28 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> File not found
ZoomingHook -> %System32%\ZoomingHook.exe -> TOSHIBA [Ver = 1, 0, 0, 0 | Size = 24576 bytes | Modified Date = 14/07/2004 3:07:32 PM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Reg Data - Key not found ->
NextId -> 8195 ->
< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{008D69EB-70FF-46AB-9C75-924620DF191A} -> TOSHIBA Speech System SR Engine(U.S.) Version1.0 ->
{0169C189-FB39-4756-B9A3-6B816C52357D} -> ESRI Software Documentation Library ->
{02EED746-8C5A-43C8-BB3D-D29C8B363A4D} -> TOSHIBA Zooming Hotkey Hook ->
{068502DA-6979-4D9A-BBE1-C3AD0FF11F19} -> Ulead DVD MovieFactory 3 Disc Creator ->
{06F80017-8F98-4C94-B868-52358569FC32} -> Command & Conquer Generals ->
{0BEDBD4E-2D34-47B5-9973-57E62B29307C} -> ATI Control Panel ->
{11B569C2-4BF6-4ED0-9D17-A4273943CB24} -> Adobe Photoshop Album 2.0 Starter Edition ->
{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -> Sonic DLA ->
{18E0918E-1060-48f3-925C-56C82E88551B} -> HP PSC & OfficeJet 3.5 ->
{19E6ECAE-E43E-4551-887D-E8F2680EDF8C} -> SketchUp 5 Symbols Library ->
{1C875160-7E87-45C6-85C5-4FE2A840A3B8} -> Maxtor Quick Start ->
{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54} -> DocProc ->
{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk -> Google Talk (remove only) ->
{22988B2A-374A-4A7B-B795-A1AFF2046BE9} -> PhotoGallery ->
{236BB7C4-4419-42FD-0409-1E257A25E34D} -> Adobe Photoshop CS2 ->
{257EC58E-03FD-472B-A9B6-93F23A3C4CB0} -> Scan ->
{295C7ABA-3D12-11D5-99EB-0080C82BC2DE} -> Sothink HTML Editor 2.5 ->
{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0} -> SkinsHP1 ->
{2A9F95AB-65A3-432c-8631-B8BC5BF7477A} -> The Battle for Middle-earth (tm) II ->
{2ADA4418-24AC-45A2-BF76-DCB733263FC9} -> SketchUp 5 Film & Stage ->
{2BD5C305-1B27-4D41-B690-7A61172D2FEB} -> Macromedia Flash 8 ->
{2CC982C0-7EAE-11D4-ACC3-0050568AD318} -> Avery DesignPro ->
{2D54D793-57C0-4A38-B043-50125C347043} -> Geosoft Plug-In for ArcGIS ->
{2FCE4FC5-6930-40E7-A4F1-F862207424EF} -> InterVideo WinDVD Creator 2 ->
{3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java(TM) 6 Update 2 ->
{34957B51-9676-41CE-9E52-44AE91B73F1C} -> HP Software Update ->
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP ->
{35D027A4-57BA-4E59-94DB-DFB36FFFDC1E} -> Remote Desktop Connection ->
{3822C803-791C-4871-BC77-CB1A0C4301E2} -> ArcGIS Plug-in with ECW Compressor ->
{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC} -> TOSHIBA Console ->
{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF} -> HPSystemDiagnostics ->
{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03} -> Skype Plugin Manager ->
{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B} -> Google Earth ->
{3E166714-D5E1-4215-8D68-58452EAA46F1} -> ArcGIS Desktop Developer Kit ->
{3FBF6F99-8EC6-41B4-8527-0A32241B5496} -> TOSHIBA Speech System TTS Engine(U.S.) Version1.0 ->
{40F8FD5F-4701-48D6-A8FC-1F188007DF38} -> ArcGIS Desktop ->
{415B8A4E-0EA2-4C69-975C-EEE07B837FD7} -> Unload ->
{446DBFFA-4088-48E3-8932-74316BA4CAE4} -> iTunes ->
{47813E93-F2A0-484A-838E-47EC1B28D190} -> Adobe Stock Photos 1.0 ->
{47C25360-AEBC-4B21-B233-87CE653B3369} -> AIOMinimal ->
{48242276-DB89-42e8-9678-BD4280D7B99A} -> Copy ->
{505AFDC0-5E72-4928-8368-5DEA385E3647} -> CorelDRAW Graphics Suite 12 ->
{50D8FFDD-90CD-4859-841F-AA1961C7767A} -> QuickTime ->
{5285D66D-B53C-4014-B4E8-0EC0FFF86154} -> SketchUp 5 Shape File Importer ->
{5546CDB5-2CE2-498B-B059-5B3BF81FC41F} -> Macromedia Extension Manager ->
{55DCBED7-5710-4939-A928-4CBD9AB09EBB} -> 1310_Help ->
{5786D2C8-A4C4-4DDB-B671-8ED2A53310EC} -> 1310Tour ->
{57C7C46A-D35D-492d-A328-4F8C9B5B4B52} -> PrintScreen ->
{58F8C6D9-5B55-486A-A322-4E8D87670031} -> Canon MP Drivers ->
{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0} -> TOSHIBA Power Saver Driver ->
{5BCA8D15-BCB6-421E-9654-238B43456A4F} -> TOSHIBA Controls Driver ->
{5D96E2B1-D9AC-46E0-9073-425C5F63E338} -> Touch and Launch ->
{64212898-097F-4F3F-AECA-6D34A7EF82DF} -> TOSHIBA Zooming Utility ->
{6864A62D-3EF3-415F-9922-240EED34B4C0} -> Fax ->
{6AC7F416-78D5-4D98-B104-F8A39B2CF3A7} -> ArcGIS Tutorial Data ->
{6B36DEBF-27D0-4B1E-858D-D397091C6C7D} -> HP Precisionscan Pro 3.1 ->
{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE} -> Atheros Client Utility ->
{71E4D679-20AB-41E9-A350-D5BF92088FFE} -> Trend Micro AntiVirus ->
{723C033E-63EA-4227-BAB2-0AA8693C16EB} -> Director ->
{73528D51-8A68-4223-98C3-433C09B847A8} -> Google Earth and 3D Warehouse Plugin ->
{745A92AF-53B4-41A7-91C3-9B026B1D5897} -> InstantShare ->
{748F4870-8350-11D3-B0BF-080009FB4A19} -> HP Share-to-Web ->
{786C5747-1437-443D-B06E-79A00FE45110} -> Adobe Stock Photos 1.0 ->
{81DD5688-695A-4c1d-AE7D-368BF857725A} -> TrayApp ->
{862E85C6-3A84-444C-A9B8-456E8115C392} -> SketchUp 5 Transportation Library ->
{8777AC6D-89F9-4793-8266-DE406F343E89} -> QFolder ->
{885A63EA-382B-4DD4-A755-14809B8557D6} -> Macromedia Flash Player 8 ->
{896D642C-7125-44F0-AC49-A23ABF82209C} -> CDBurnerXP Pro 3 ->
{8BCAFB73-49AE-4AC4-00A1-70E4EC38BD4E} -> The Lord of the Rings, The Rise of the Witch-king ->
{8BF2C401-02CE-424D-BC26-6C4F9FB446B6} -> Macromedia Flash 8 Video Encoder ->
{8EDBA74D-0686-4C99-BFDD-F894678E5102} -> Adobe Common File Installer ->
{8FFC924C-ED06-44CB-8867-3CA778ECE903} -> Adobe Help Center 2.0 ->
{900B1197-53F5-4F46-A882-2CFFFE2EEDCB} -> Logitech Desktop Messenger ->
{90280409-6000-11D3-8CFE-0050048383C9} -> Microsoft Office XP Professional with FrontPage ->
{91057632-CA70-413C-B628-2D3CDBBB906B} -> Macromedia Flash Player 8 Plugin ->
{91810AFC-A4F8-4EBA-A5AA-B198BBC81144} -> InterVideo WinDVD for TOSHIBA ->
{91A10409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office OneNote 2003 ->
{9541FED0-327F-4DF0-8B96-EF57EF622F19} -> Sonic RecordNow! ->
{95720E85-F3FB-4F95-9399-7E3E3E26D7AB} -> hp designjet printer software ->
{97AA0C55-AFAD-4126-B21C-F1318FB6DADA} -> Realtek Fast Ethernet Adapter Driver ->
{99D48FBB-2DEF-49A9-BCC9-C5AF63DD2643} -> AiOSoftware ->
{9B03C535-3AEA-4ef2-B326-0A01A2207034} -> CreativeProjects ->
{9D765FA6-F2BC-40AF-8145-50808F9BDF4E} -> DVD-RAM Driver ->
{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} -> ALPS Touch Pad Driver ->
{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D} -> CD/DVD Drive Acoustic Silencer ->
{A32A6393-37DA-4E44-BB9F-C4F384F89EB9} -> HP System maintenance for HP Designjet 30 130 series ->
{A3DDA019-40B7-491C-AC88-62B94491FE8A} -> TouchPad On/Off Utility ->
{A535CF14-E12F-40B0-B6A3-6E214EA12CD3} -> SketchUp 5 Architecture Library ->
{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6} -> TOSHIBA Controls ->
{AC76BA86-0000-0000-0000-6028747ADE01} -> Adobe Acrobat - Reader 6.0.2 Update ->
{AC76BA86-0000-7EC8-7489-000000000603} -> Adobe Acrobat and Reader 6.0.3 Update ->
{AC76BA86-0000-7EC8-7489-000000000604} -> Adobe Acrobat and Reader 6.0.4 Update ->
{AC76BA86-0000-7EC8-7489-000000000605} -> Adobe Acrobat and Reader 6.0.5 Update ->
{AC76BA86-0000-7EC8-7489-000000000606} -> Adobe Acrobat and Reader 6.0.6 Update ->
{AC76BA86-1033-0000-7760-000000000001} -> Adobe Acrobat 6.0.1 Professional ->
{AC76BA86-7AD7-1033-7B44-A70800000002} -> Adobe Reader 7.0.8 ->
{AC76BA86-7AD7-1033-7B44-A70900000002} -> Adobe Reader 7.0.9 ->
{AEC20FEC-47D8-4DEA-85D7-0B7E5D905D11} -> AiO_Scan ->
{B357C4B4-9024-4B64-9B3F-A6729031C3DD} -> SketchUp 5 ->
{B556F76D-6EF7-49F4-9B50-09C987A2D318} -> Autodesk MapGuide(R) Author Release 6.5 ->
{B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player ->
{B74D4E10-6884-0000-0000-000000000103} -> Adobe Bridge 1.0 ->
{BC339BFD-F550-471a-8D26-4D08126C62F7} -> SkinsHP2 ->
{BC842852-5787-441A-90C1-5F315531BCE3} -> SketchUp 5 Construction Library ->
{BC8A5730-3899-4D7E-88D7-1BACDEED244A} -> ESRI Software Documentation Library ->
{BDD83DC9-BEE9-4654-A5DA-CC46C250088D} -> TOSHIBA ConfigFree ->
{BDFE199D-E889-4BB6-BECB-C4BDF5700849} -> Documents To Go ->
{C2723491-AE54-4E40-884C-A8EA9D3FA1EA} -> SketchUp 5 ESRI Plug-in ->
{C2EEB862-C767-11D5-8626-00C04F0134D4}_0 -> Bentley MicroStation (V 08.00.00.21) - 1 ->
{C43048A9-742C-4DAD-90D2-E3B53C9DB825} -> Logitech QuickCam Software ->
{C57F9385-D167-4829-BD5C-E75D08FC23CE} -> Autodesk MapGuide(R) Release 6.5 Documentation ->
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 ->
{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F} -> QuickProjects ->
{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5} -> MSN Messenger 7.5 ->
{D186329B-1B4D-408D-ABEC-EA5CE1F182C9} -> Overland ->
{DD362256-A7A2-4524-9457-213DDC2AFC2A} -> Adobe After Effects 7.0 ->
{DE9EB40D-3D05-4099-92C2-CDAB50DAC1ED} -> SketchUp 5 Film & Stage Library ->
{E0CA85B5-113A-4E76-A018-6D7ECE65767D} -> ArcGIS Tutorial Data ->
{E3CE7F91-80C0-471B-8D38-905109BA9170} -> SketchUp 5 Mechanical Design Library ->
{E443F067-3345-482C-BD7A-12675A53D292} -> Readme ->
{E7A6ED40-F230-11D4-BBC4-00104B991322} -> VBA (2720) ->
{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC} -> Battlefield 2142 ->
{EDAA5D11-FAA6-425A-AF9D-0D7B5FCDCD74} -> SketchUp 5 Landscape Architecture Library ->
{EE033C1F-443E-41EC-A0E2-559B539A4E4D} -> TOSHIBA Speech System Applications ->
{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1} -> Command and ConquerTM Generals Zero Hour ->
{F5577101-33CC-4711-8235-3A95BCD49DB0} -> EA Link ->
{F730A60D-F6DA-4653-9C6E-548F7A3A5EE0} -> 1310Trb ->
{F9450605-65E7-45E4-B071-BD759E10F072} -> TOSHIBA Hotkey Utility ->
{F9B0968A-810E-484C-B81D-7F19DC2CBBF5} -> 1310 ->
{FA0951BF-BBC4-407B-A9C4-92A37EAE3AF3} -> SketchUp 5 People Library ->
{FA17A726-B229-4116-B793-A2AB1A4EAE2E} -> Adobe Premiere Pro 2.0 ->
{FB08F381-6533-4108-B7DD-039E11FBC27E} -> Realtek AC'97 Audio ->
{FBBF532A-47AC-457d-AC06-0D3163D8911E} -> WebReg ->
{FF8157AA-F640-45BD-B7C2-BAA1016B267A} -> palmOne ->
Ad-Aware SE Professional -> Ad-Aware SE Professional ->
Adobe Acrobat 5.0 -> Adobe Acrobat 5.0 ->
Adobe After Effects 7.0 -> Adobe After Effects 7.0 ->
Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D} -> Adobe Photoshop CS2 ->
Adobe Premiere Pro 2.0 -> Adobe Premiere Pro 2.0 ->
Adobe Shockwave Player -> Adobe Shockwave Player ->
AI RoboForm -> AI RoboForm (All Users) ->
All ATI Software -> ATI - Software Uninstall Utility ->
ATI Display Driver -> ATI Display Driver ->
AVGAntiSpyware75 -> AVG Anti-Spyware 7.5 ->
CANONBJ_Deinstall_CNMCP50.DLL -> Canon i250 ->
CONTACT ORGANIZER DELUXE (S) -> CONTACT ORGANIZER DELUXE (S) ->
dBpowerAMP Music Converter -> dBpowerAMP Music Converter ->
DFX for Winamp -> DFX 8 for Winamp ->
Didger 2 -> Didger 2 ->
DigDB_is1 -> DigDB 7.1 for Excel2000/2002/XP/2003 ->
DivX Content Uploader -> DivX Content Uploader ->
D-Link CIF Webcam -> D-Link CIF Webcam ->
ET GeoWizards 9.2 -> ET GeoWizards 9.2 ->
Final Draft 5 -> Final Draft 5 ->
Flash to Video Encoder Pro_is1 -> Flash to Video Encoder Pro ->
Google Desktop -> Google Desktop ->
HijackThis -> HijackThis 2.0.2 ->
HP Photo & Imaging -> HP Image Zone 3.5 ->
HTML Password Lock_is1 -> HTML Password Lock 3.2.9 ->
Icefield Inclin for PalmOS -> Icefield Inclin for PalmOS ->
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ->
ie7 -> Windows Internet Explorer 7 ->
ie7beta3 -> Windows Internet Explorer 7 Beta 3 ->
InclinDOS -> InclinDOS ->
InclinWin -> InclinWin ->
InstallShield_{06F80017-8F98-4C94-B868-52358569FC32} -> Command & Conquer Generals ->
InstallShield_{1C875160-7E87-45C6-85C5-4FE2A840A3B8} -> Maxtor Quick Start ->
InstallShield_{A3DDA019-40B7-491C-AC88-62B94491FE8A} -> TouchPad On/Off Utility ->
InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1} -> Command and ConquerTM Generals Zero Hour ->
InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0} -> EA Link ->
InstallShield_{F9450605-65E7-45E4-B071-BD759E10F072} -> TOSHIBA Hotkey Utility ->
i-Sound WMA MP3 Recorder_is1 -> i-Sound Pro 6.60 ->
Kaspersky Online Scanner -> Kaspersky Online Scanner ->
KB888302 -> Windows XP Hotfix - KB888302 ->
KB893803v2 -> Windows Installer 3.1 (KB893803) ->
KB915865 -> Hotfix for Windows XP (KB915865) ->
KB926239 -> Hotfix for Windows XP (KB926239) ->
LimeWire -> LimeWire 4.9.30 ->
Logitech Print Service -> Logitech Print Service ->
M886903 -> Microsoft .NET Framework 1.1 Hotfix (KB886903) ->
Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 ->
Mozilla Firefox (2.0.0.5) -> Mozilla Firefox (2.0.0.5) ->
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP ->
Nero - Burning Rom!UninstallKey -> Nero 6 Ultra Edition ->
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs ->
PageBreeze Free HTML Editor -> PageBreeze Free HTML Editor ->
PC Diagnostic Tool -> TOSHIBA PC Diagnostic Tool ->
Picasa2 -> Picasa 2 ->
Power Saver -> TOSHIBA Power Saver ->
ProFile -> ProFile - Uninstall Only ->
Python 2.1 -> Python 2.1 ->
Python 2.1 combined Win32 extensions -> Python 2.1 combined Win32 extensions ->
QcDrv -> Logitech® Camera Driver ->
ShockwaveFlash -> Adobe Flash Player 9 ActiveX ->
Skype_is1 -> Skype 3.1 ->
SplashStream -> SplashStream 6.0 ->
Surfer 7 -> Surfer 7 ->
SurfOffline -> SurfOffline (remove only) ->
TOSHIBA Software Modem -> TOSHIBA Software Modem ->
Toshiba Tbiosdrv Driver -> Toshiba Tbiosdrv Driver ->
Winamp -> Winamp (remove only) ->
Windows Media Format Runtime -> Windows Media Format 11 runtime ->
Windows Media Player -> Windows Media Player 11 ->
WinRAR archiver -> WinRAR archiver ->
WinZip -> WinZip ->
WMFDist11 -> Windows Media Format 11 runtime ->
wmp11 -> Windows Media Player 11 ->
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 ->
[Files/Folders - Created Within 60 days]
canonbj -> %SystemDrive%\canonbj -> [Folder | Created Date = 05/07/2007 1:09:13 PM | Attr = ]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 06/08/2007 11:26:01 PM | Attr = ]
Driver -> %SystemDrive%\Driver -> [Folder | Created Date = 05/07/2007 10:07:01 AM | Attr = ]
GOLD -> %SystemDrive%\GOLD -> [Folder | Created Date = 12/07/2007 3:37:44 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1072746496 bytes | Created Date = 01/01/1601 8:00:00 AM | Attr = HS]
info -> %SystemDrive%\info -> [Folder | Created Date = 02/08/2007 11:30:41 AM | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 03/08/2007 9:38:44 AM | Attr = ]
Temp -> %SystemDrive%\Temp -> [Folder | Created Date = 05/07/2007 1:00:38 PM | Attr = ]
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 02/08/2007 9:54:06 AM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 02/08/2007 8:49:39 AM | Attr = H ]
ACLASS.DMF -> %SystemRoot%\ACLASS.DMF -> [Ver = | Size = 74 bytes | Created Date = 05/07/2007 10:06:51 AM | Attr = H ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Created Date = 03/08/2007 9:26:46 AM | Attr = ]
dvdrgn.exe -> %SystemRoot%\dvdrgn.exe -> [Ver = | Size = 57344 bytes | Created Date = 05/07/2007 10:06:44 AM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 03/08/2007 9:28:33 AM | Attr = ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 03/08/2007 9:26:46 AM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 07/08/2007 1:30:49 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 07/08/2007 1:30:49 PM | Attr = H ]
temp -> %SystemRoot%\temp -> [Folder | Created Date = 06/08/2007 11:38:04 PM | Attr = ]
uce.dat -> %SystemRoot%\uce.dat -> [Ver = | Size = 74 bytes | Created Date = 28/06/2007 2:04:47 PM | Attr = H ]
CNMCP50.exe -> %System32%\CNMCP50.exe -> CANON INC. [Ver = 1.70.2.0 | Size = 73728 bytes | Created Date = 05/07/2007 1:09:40 PM | Attr = ]
CNMLM50.DLL -> %System32%\CNMLM50.DLL -> CANON INC. [Ver = 1.70.2.1 | Size = 100352 bytes | Created Date = 05/07/2007 1:09:50 PM | Attr = ]
CNMVS50.DLL -> %System32%\CNMVS50.DLL -> [Ver = | Size = 5632 bytes | Created Date = 05/07/2007 1:09:50 PM | Attr = ]
DKRNL.JAX -> %System32%\DKRNL.JAX -> [Ver = | Size = 24 bytes | Created Date = 28/06/2007 2:28:08 PM | Attr = ]
ealregsnapshot1.reg -> %System32%\ealregsnapshot1.reg -> [Ver = | Size = 13340 bytes | Created Date = 23/07/2007 7:45:07 PM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 08/08/2007 12:36:00 AM | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 69632 bytes | Created Date = 08/08/2007 12:36:00 AM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 08/08/2007 12:36:00 AM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 139264 bytes | Created Date = 08/08/2007 12:36:00 AM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 06/08/2007 11:41:13 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Created Date = 03/08/2007 9:26:46 AM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 03/08/2007 9:26:46 AM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 03/08/2007 9:26:46 AM | Attr = ]
vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 03/08/2007 9:26:46 AM | Attr = ]
AU_Backup -> %System32%\drivers\AU_Backup -> [Folder | Created Date = 02/08/2007 10:22:30 AM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 03/08/2007 4:58:09 PM | Attr = ]
tmcomm.cat -> %System32%\drivers\tmcomm.cat -> [Ver = | Size = 10612 bytes | Created Date = 02/08/2007 10:22:30 AM | Attr = ]
tmcomm.inf -> %System32%\drivers\tmcomm.inf -> [Ver = | Size = 2454 bytes | Created Date = 02/08/2007 10:22:30 AM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.6.0.1052 | Size = 102800 bytes | Created Date = 02/08/2007 10:17:07 AM | Attr = ]
tmpreflt.sys -> %System32%\drivers\tmpreflt.sys -> Trend Micro Inc. [Ver = 8.320.0.1004 | Size = 32528 bytes | Created Date = 02/08/2007 10:17:08 AM | Attr = ]
2 -> %System32%\drivers\AU_Backup\2 -> [Folder | Created Date = 02/08/2007 10:22:30 AM | Attr = ]
AuBackup.ini -> %System32%\drivers\AU_Backup\AuBackup.ini -> [Ver = | Size = 420 bytes | Created Date = 02/08/2007 10:22:34 AM | Attr = ]
tmvsthfss.bin -> %System32%\drivers\etc\tmvsthfss.bin -> [Ver = | Size = 734 bytes | Created Date = 01/08/2007 5:02:03 PM | Attr = ]
tmvsthfud.bin -> %System32%\drivers\etc\tmvsthfud.bin -> [Ver = | Size = 734 bytes | Created Date = 01/08/2007 5:02:03 PM | Attr = ]
553648256 -> %System32%\drivers\AU_Backup\2\553648256 -> [Folder | Created Date = 02/08/2007 10:22:30 AM | Attr = ]
backup.000 -> %System32%\drivers\AU_Backup\2\553648256\backup.000 -> Trend Micro Inc. [Ver = 1.6.0.1049 | Size = 94480 bytes | Created Date = 02/08/2007 10:22:30 AM | Attr = ]
Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 03/08/2007 4:58:06 PM | Attr = ]
Kaspersky Lab -> %AllUsersAppData%\Kaspersky Lab -> [Folder | Created Date = 06/08/2007 11:41:15 PM | Attr = ]
TEMP -> %AllUsersAppData%\TEMP -> [Folder | Created Date = 01/08/2007 9:33:30 AM | Attr = ]
@Alternate Data Stream - 118 bytes -> %AllUsersAppData%\TEMP:44DAF2F1 ->
Trend Micro -> %AllUsersAppData%\Trend Micro -> [Folder | Created Date = 01/08/2007 4:46:56 PM | Attr = ]
Ulead Systems -> %AllUsersAppData%\Ulead Systems -> [Folder | Created Date = 28/06/2007 2:04:45 PM | Attr = ]
Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 03/08/2007 4:59:18 PM | Attr = ]
Ulead Systems -> %UserAppData%\Ulead Systems -> [Folder | Created Date = 28/06/2007 2:28:08 PM | Attr = ]
WMTools Downloaded Files -> %LocalAppData%\WMTools Downloaded Files -> [Folder | Created Date = 13/06/2007 1:24:22 PM | Attr = ]
callburner -> %UserDocuments%\callburner -> [Folder | Created Date = 13/06/2007 11:16:34 AM | Attr = ]
HJTInstall.exe -> %UserDocuments%\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Created Date = 02/08/2007 8:40:57 AM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\HJTInstall.exe:Zone.Identifier ->
lamemp3 -> %UserDocuments%\lamemp3 -> [Folder | Created Date = 29/06/2007 12:32:43 PM | Attr = ]
mplat -> %UserDocuments%\mplat -> [Folder | Created Date = 29/06/2007 12:14:56 PM | Attr = ]
PCC15.3_b1239_Small_TMWebsite.exe -> %UserDocuments%\PCC15.3_b1239_Small_TMWebsite.exe -> Trend Micro [Ver = 1.0.0.95 | Size = 53985488 bytes | Created Date = 01/08/2007 4:26:49 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\PCC15.3_b1239_Small_TMWebsite.exe:Zone.Identifier ->
PowerGramo Records -> %UserDocuments%\PowerGramo Records -> [Folder | Created Date = 29/06/2007 12:27:19 PM | Attr = ]
TrendMicroPCCsmall -> %UserDocuments%\TrendMicroPCCsmall -> [Folder | Created Date = 01/08/2007 4:29:44 PM | Attr = ]
Ulead DVD MovieFactory -> %UserDocuments%\Ulead DVD MovieFactory -> [Folder | Created Date = 05/07/2007 10:09:18 AM | Attr = ]
Untitled-2.c3d -> %UserDocuments%\Untitled-2.c3d -> [Ver = | Size = 5632 bytes | Created Date = 28/06/2007 2:42:54 PM | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 855 bytes | Created Date = 03/08/2007 4:58:13 PM | Attr = ]
Trend Micro AntiVirus 2007.lnk -> %AllUsersDesktop%\Trend Micro AntiVirus 2007.lnk -> [Ver = | Size = 1763 bytes | Created Date = 02/08/2007 10:16:59 AM | Attr = ]
Ulead DVD MovieFactory 3 Disc Creator Trial.lnk -> %AllUsersDesktop%\Ulead DVD MovieFactory 3 Disc Creator Trial.lnk -> [Ver = | Size = 2041 bytes | Created Date = 05/07/2007 10:06:51 AM | Attr = ]
Ulead DVD Player.lnk -> %AllUsersDesktop%\Ulead DVD Player.lnk -> [Ver = | Size = 2213 bytes | Created Date = 05/07/2007 10:06:47 AM | Attr = ]
ATF-Cleaner.exe -> %UserDesktop%\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 03/08/2007 4:41:36 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\ATF-Cleaner.exe:Zone.Identifier ->
avgas-setup-7.5.1.43.exe -> %UserDesktop%\avgas-setup-7.5.1.43.exe -> [Ver = | Size = 12413440 bytes | Created Date = 03/08/2007 4:54:24 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\avgas-setup-7.5.1.43.exe:Zone.Identifier ->
ComboFix.exe -> %UserDesktop%\ComboFix.exe -> [Ver = | Size = 1408767 bytes | Created Date = 03/08/2007 9:25:32 AM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\ComboFix.exe:Zone.Identifier ->
Comp 1.flv -> %UserDesktop%\Comp 1.flv -> [Ver = | Size = 176724 bytes | Created Date = 31/07/2007 9:44:35 PM | Attr = ]
Comp 1.swf -> %UserDesktop%\Comp 1.swf -> [Ver = | Size = 150390 bytes | Created Date = 31/07/2007 9:45:45 PM | Attr = ]
Comp 1R.htm -> %UserDesktop%\Comp 1R.htm -> [Ver = | Size = 1363 bytes | Created Date = 31/07/2007 9:45:45 PM | Attr = ]
DSC_0001.JPG -> %UserDesktop%\DSC_0001.JPG -> [Ver = | Size = 4510723 bytes | Created Date = 09/07/2007 2:40:22 PM | Attr = ]
DSC_0002.JPG -> %UserDesktop%\DSC_0002.JPG -> [Ver = | Size = 3840589 bytes | Created Date = 09/07/2007 2:40:34 PM | Attr = ]
HijackThis.lnk -> %UserDesktop%\HijackThis.lnk -> [Ver = | Size = 1740 bytes | Created Date = 02/08/2007 8:41:40 AM | Attr = ]
jre-6u2-windows-i586-p.exe -> %UserDesktop%\jre-6u2-windows-i586-p.exe -> [Ver = | Size = 14566808 bytes | Created Date = 07/08/2007 9:08:22 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\jre-6u2-windows-i586-p.exe:Zone.Identifier ->
Newsreel Invoice 118.pdf -> %UserDesktop%\Newsreel Invoice 118.pdf -> [Ver = | Size = 10941 bytes | Created Date = 10/07/2007 11:52:22 AM | Attr = ]
SetupDVDDecrypter_3.5.4.0.exe -> %UserDesktop%\SetupDVDDecrypter_3.5.4.0.exe -> [Ver = | Size = 899414 bytes | Created Date = 21/07/2007 4:30:07 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\SetupDVDDecrypter_3.5.4.0.exe:Zone.Identifier ->
SureThing_Label_Templates_PSD.zip -> %UserDesktop%\SureThing_Label_Templates_PSD.zip -> [Ver = | Size = 179989 bytes | Created Date = 05/07/2007 3:07:21 PM | Attr = ]
TAV15.1 -> %UserDesktop%\TAV15.1 -> [Folder | Created Date = 02/08/2007 9:51:31 AM | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.05.0006 | Size = 109056 bytes | Created Date = 02/08/2007 10:57:41 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\VundoFix.exe:Zone.Identifier ->
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 08/08/2007 12:42:29 AM | Attr = ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 355277 bytes | Created Date = 08/08/2007 12:41:06 AM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->
Ulead Systems -> %CommonProgramFiles%\Ulead Systems -> [Folder | Created Date = 05/07/2007 10:05:52 AM | Attr = ]
[Files/Folders - Modified Within 60 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 12/07/2007 1:05:06 PM | Attr = HS]
canonbj -> %SystemDrive%\canonbj -> [Folder | Modified Date = 05/07/2007 1:09:14 PM | Attr = ]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 06/08/2007 11:38:08 PM | Attr = ]
Driver -> %SystemDrive%\Driver -> [Folder | Modified Date = 05/07/2007 10:07:02 AM | Attr = ]
GOLD -> %SystemDrive%\GOLD -> [Folder | Modified Date = 12/07/2007 3:38:04 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1072746496 bytes | Modified Date = 08/08/2007 12:30:44 AM | Attr = HS]
info -> %SystemDrive%\info -> [Folder | Modified Date = 02/08/2007 11:30:42 AM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 06/08/2007 11:35:46 PM | Attr = R ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 03/08/2007 9:38:46 AM | Attr = ]
Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 05/07/2007 1:00:42 PM | Attr = ]
ttt.ttt -> %SystemDrive%\ttt.ttt -> [Ver = | Size = 2866 bytes | Modified Date = 02/08/2007 4:59:18 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 08/08/2007 12:31:40 AM | Attr = ]
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 02/08/2007 9:54:32 AM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 02/08/2007 8:49:42 AM | Attr = H ]
ACLASS.DMF -> %SystemRoot%\ACLASS.DMF -> [Ver = | Size = 74 bytes | Modified Date = 31/07/2007 2:53:44 PM | Attr = H ]
ArcView9x.INI -> %SystemRoot%\ArcView9x.INI -> [Ver = | Size = 529 bytes | Modified Date = 12/07/2007 1:31:16 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 08/08/2007 12:30:46 AM | Attr = S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Modified Date = 20/07/2007 12:47:24 AM | Attr = ]
CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 04/08/2007 8:13:32 AM | Attr = HS]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 06/08/2007 11:41:16 PM | Attr = S]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 03/08/2007 9:40:00 AM | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 06/07/2007 2:53:58 PM | Attr = R S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 02/08/2007 3:51:16 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -&g