Computer Hope
Software => Computer viruses and spyware => Virus and spyware removal => Topic started by: tongp on June 28, 2010, 02:56:42 PM
-
Hello,
I would greatly appreciate some help with what I suspect is a virus infection. This is on a "family desktop" running windows XP. What I noticed first was that Firefox would spontaneously open new tabs to various commercial websites (go.com was one, I think). Also, occasionally the appearance of the taskbar seemed odd (different font and background than usual). My usual security stuff (nightly Symantec Antivirus scans, plus occasional AdAware scans) wasn't finding anything unusual, although Symantec did eventually find a problem but was unable to clean or quarantine it. The text of the alert is below (if this is of interest):
Symantec AniVirus Notification
Scan type: Manual Scan
Event: Risk Found!
Risk: Downloader
File: C:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\11\51bd4ccb-78f02e20>>AppleT.class
Location: C:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\11
Computer: MADCAT
User: MADCAT\pam
Action taken: Cleaned by Deletion
Date found: Sunday, June 27, 2010 8:15:25 PM
Anyway, I eventually found this forum and followed the instructions on the "Read this before requesting malware removal help" thread. The logs from SuperAntiSpyware, Malwarebyte's AntiMalware, and HijackThis are below.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 06/27/2010 at 07:23 PM
Application Version : 4.39.1002
Core Rules Database Version : 5125
Trace Rules Database Version: 2937
Scan type : Complete Scan
Total Scan Time : 03:20:54
Memory items scanned : 632
Memory threats detected : 0
Registry items scanned : 6881
Registry threats detected : 13
File items scanned : 184338
File threats detected : 630
Browser Hijacker.Deskbar
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\0
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\0\win32
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\FLAGS
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\HELPDIR
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\ProxyStubClsid
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\ProxyStubClsid32
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\TypeLib
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\TypeLib#Version
Malware.Trace
HKU\S-1-5-21-1935655697-1659004503-1801674531-1006\SOFTWARE\AVSUITE
HKLM\SOFTWARE\AVSUITE
Adware.Tracking Cookie
cdn4.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Macromedia\Flash Player\#SharedObjects\S4YQVGJP ]
interclick.com [ C:\Documents and Settings\Ben\Application Data\Macromedia\Flash Player\#SharedObjects\S4YQVGJP ]
m.media-yoomee.com [ C:\Documents and Settings\Ben\Application Data\Macromedia\Flash Player\#SharedObjects\S4YQVGJP ]
media.gamook.com [ C:\Documents and Settings\Ben\Application Data\Macromedia\Flash Player\#SharedObjects\S4YQVGJP ]
memecounter.com [ C:\Documents and Settings\Ben\Application Data\Macromedia\Flash Player\#SharedObjects\S4YQVGJP ]
spe.atdmt.com [ C:\Documents and Settings\Ben\Application Data\Macromedia\Flash Player\#SharedObjects\S4YQVGJP ]
.atdmt.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
www8.addfreestats.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adrevolver.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adrevolver.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
media.adrevolver.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adinterax.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adinterax.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ordie.adbureau.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ordie.adbureau.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ordie.adbureau.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.cracked.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.cracked.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
media.adrevolver.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adrevolver.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adrevolver.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
media.adrevolver.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.dmtracker.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.bluestreak.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.stpetersburgtimes.122.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.burstbeacon.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ads.gamersmedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ads.gamersmedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
server.cpmstar.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adlegend.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.microsoftwlcashback.112.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.videoegg.adbureau.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ehg-legonewyorkinc.hitbox.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.hitbox.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ehg-legonewyorkinc.hitbox.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.game-advertising-online.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.lego.112.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.iacas.adbureau.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.iacas.adbureau.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adbureau.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.hookedmediagroup.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.hookedmediagroup.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.hookedmediagroup.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.xm.xtendmedia.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\s6ltflfs.default\cookies.sqlite ]
convoad.technoratimedia.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
core.insightexpressai.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
media-glam.pictela.net [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
media.mtvnservices.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
media.scanscout.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
media1.break.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
msnbcmedia.msn.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
objects.tremormedia.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
s0.2mdn.net [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
secure-us.imrworldwide.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
service.twistage.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
static.2mdn.net [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\AAXZ6M4W ]
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@adcloudmedia[1].txt
C:\Documents and Settings\LocalService\Cookies\system@adlegend[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@apmebf[1].txt
C:\Documents and Settings\LocalService\Cookies\system@bizzclick[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\system@doubleclick[1].txt
C:\Documents and Settings\LocalService\Cookies\system@fastclick[2].txt
C:\Documents and Settings\LocalService\Cookies\system@imrworldwide[2].txt
C:\Documents and Settings\LocalService\Cookies\system@invitemedia[1].txt
C:\Documents and Settings\LocalService\Cookies\system@media6degrees[2].txt
C:\Documents and Settings\LocalService\Cookies\system@revsci[1].txt
C:\Documents and Settings\LocalService\Cookies\system@smartadx[1].txt
C:\Documents and Settings\LocalService\Cookies\system@specificclick[2].txt
C:\Documents and Settings\LocalService\Cookies\system@specificmedia[1].txt
C:\Documents and Settings\LocalService\Cookies\system@specificmedia[2].txt
C:\Documents and Settings\LocalService\Cookies\system@trafficmp[2].txt
convoad.technoratimedia.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
core.insightexpressai.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
media-glam.pictela.net [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
media.entertonement.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
media.mtvnservices.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
media.scanscout.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
media1.break.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
objects.tremormedia.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
s0.2mdn.net [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
secure-us.imrworldwide.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\F8DT7AEZ ]
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@adbrite[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adecn[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@edgeadx[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@pointroll[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@questionmarket[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@realmedia[1].txt
ads1.msn.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
cdn-www.pornhub.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
content.oddcast.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
m1.2mdn.net [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
macromedia.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
media.mtvnservices.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
media.scanscout.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
media.vmixcore.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
media1.break.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
media1.clubpenguin.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
mediaforgews.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
medianewsgroup.a.mms.mavenapps.net [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
memecounter.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
stmedia.startribune.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
www.pornhub.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\VPA4NPSU ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.hulu.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.healthgrades.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
sales.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
data.coremetrics.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.comparenetworks.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.gandermountain.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
county-map.digital-topo-maps.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.c21sandcounty.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.qksrv.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.qksrv.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.linksynergy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
sales.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
server.iad.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.tracking.keywordmax.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
counter2.hitslink.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.northwestairlines.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nextstat.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nextstat.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nextstat.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.allegis.122.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.bluestreak.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.roiservice.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ticketsnow.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.cookingcom.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.s.clickability.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.s.clickability.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.www-stat.stanford.edu [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.samsclub.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ge.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjkoqidzsfo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wfmiupdpogp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wfkyggdzwgq.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wdmicncjsbp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wmlywlc5chp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjk4eldpigo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.paypal.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.stats.paypal.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.nasdaq.122.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-aha.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ford.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-zvents.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-zvents.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6whk4kncpsco.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjlywmd5mkp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wcmiwgcjikp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjkoaiczgbq.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wfmywicjmdq.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjnycocpacp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.charmingshoppes.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.dealtime.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
stat.dealtime.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wglyapdpafp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.millipore.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.dmtracker.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.findinternettv.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.track.bestbuy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.track.bestbuy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
server.iad.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.farecastcom.122.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.microsoftoffice.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
tracker.freerun.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-foxmovies.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
stats.manticoretechnology.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
counter.hitslink.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.track.bestbuy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.datacoremarketing.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.track.bestbuy.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.microsoftwindows.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjnygnczibp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wdlyugajkdo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6walyggajaho.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wcliuldjchp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.accountonline.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.accountonline.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
www.accountonline.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.wistar.org [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.msnbc.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wmlokiczaao.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wgkiugc5weo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjmiomajehp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-scheringploughcorp.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-scheringploughcorp.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-scheringploughcorp.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-scheringploughcorp.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wakoejdpsbo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjkygpczoao.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wfl4qkazwkp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
caloriecount.about.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
caloriecount.about.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
caloriecount.about.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.caloriecount.about.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
server.lon.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
server.lon.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.superarray.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wgmyeodpalo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjkyghazgco.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjkycgajwgq.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wnkoandjalo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjkokjc5afp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjmiaic5ofo.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.dominionenterprises.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.timeinc.122.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
find.myrecipes.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.tripod.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-cskautocorporation.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
traffic.prod.cobaltgroup.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.petfinder.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.petfinder.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.petfinder.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.hearstmagazines.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.dardenrestaurants.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.bravenet.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wjmikgdzskp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.highbeam.122.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.ehg-becton.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.generalelectric.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.phg.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.phg.hitbox.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.jibjab.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.amfam.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.kelleybluebook.112.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
service.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
server.iad.liveperson.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.allbritton.122.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
link.mercent.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.default\cookies.sqlite ]
.e-2dj6wmliwic5akp.stats.esomniture.com [ C:\Documents and Settings\Pam\Application Data\Mozilla\Firefox\Profiles\ip1p7w2o.defaul
-
Hello, and welcome to Computer Hope.
Please note the following information about the malware forum:
- Only the Malware Specialist Team is allowed to give advice on removing malware from your computer.
- From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
- Please do not attach logs or post them in Quote/Code boxes unless requested.
- Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
- If you have already asked for help somewhere, please post the link to the topic you were helped.
- We try our best to reply quickly, but for any reason we do not reply in two days, reply to this topic with the word BUMP
- Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.
Please download MySystem-Search from here: Download mirror (http://www.drivehq.com/file/df.aspx/publish/GPuser/DragonMasterJay/mss.exe)- Save the file to your Desktop.
- Double-click on mss.exe
- Allow it to run, and follow the prompts.
- Once done, it will launch a log.
- Post it in your next reply.
Note: the logs are long. Please use more than one post, if necessary.
-
MySystem-Search
MSS v1.5
Basic System Information
Username: pam - Date: 06/28/2010 - Time: 21:17:55
Microsoft Windows XP [Version 5.1.2600]
Processor type: x86 Family 15 Model 35 Stepping 2, AuthenticAMD
Total processors: 2
Computer Name: MADCAT
Logon Server: \\MADCAT
CD Emulation Drivers running?
Nero found!
Peer-to-Peer applications?
File associations
.exe=exefile
.scr=scrfile
.pif=piffile
.com=comfile
.bat=batfile
.cmd=cmdfile
.log=txtfile
.txt=txtfile
.reg=regfile
.sys=sysfile
.dll=dllfile
.ini=inifile
.inf=inffile
Running processes
Image Name PID Session Name Session# Mem Usage
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 28 K
System 4 Console 0 60 K
smss.exe 728 Console 0 244 K
csrss.exe 792 Console 0 2,196 K
winlogon.exe 816 Console 0 4,476 K
services.exe 864 Console 0 1,840 K
lsass.exe 876 Console 0 1,768 K
svchost.exe 1044 Console 0 2,148 K
svchost.exe 1132 Console 0 1,948 K
svchost.exe 1304 Console 0 19,352 K
svchost.exe 1360 Console 0 208 K
svchost.exe 1524 Console 0 1,756 K
svchost.exe 1632 Console 0 188 K
ccSetMgr.exe 1692 Console 0 26,576 K
ccEvtMgr.exe 1736 Console 0 36,344 K
SPBBCSvc.exe 1844 Console 0 39,160 K
oacat.exe 1872 Console 0 1,192 K
oasrv.exe 1964 Console 0 9,092 K
AAWService.exe 136 Console 0 12,840 K
spoolsv.exe 308 Console 0 2,592 K
cvpnd.exe 624 Console 0 1,448 K
DefWatch.exe 788 Console 0 32,876 K
GoogleUpdate.exe 424 Console 0 324 K
lxdeserv.exe 248 Console 0 200 K
lxdecoms.exe 692 Console 0 3,532 K
lxdicoms.exe 1004 Console 0 2,140 K
nvsvc32.exe 2116 Console 0 1,864 K
GravitixService.exe 2228 Console 0 728 K
SavRoam.exe 2736 Console 0 26,004 K
SeaPort.exe 3112 Console 0 1,204 K
svchost.exe 3268 Console 0 208 K
Rtvscan.exe 3804 Console 0 187,348 K
WLService.exe 3960 Console 0 148 K
WUSB54GC.exe 256 Console 0 2,328 K
PDSched.exe 272 Console 0 260 K
unsecapp.exe 2768 Console 0 228 K
alg.exe 2808 Console 0 232 K
wmiprvse.exe 3188 Console 0 532 K
explorer.exe 1484 Console 0 10,032 K
NvMixerTray.exe 3144 Console 0 540 K
pddm.exe 3552 Console 0 664 K
E_FATIALA.EXE 3652 Console 0 800 K
lxdemon.exe 3724 Console 0 544 K
lxdeamon.exe 3736 Console 0 2,048 K
acrotray.exe 4000 Console 0 416 K
sprtcmd.exe 492 Console 0 672 K
lxdimon.exe 1476 Console 0 544 K
lxdiamon.exe 1752 Console 0 2,800 K
AAWTray.exe 540 Console 0 412 K
ccApp.exe 2720 Console 0 10,432 K
VPTray.exe 3828 Console 0 10,864 K
oaui.exe 796 Console 0 5,516 K
ctfmon.exe 3956 Console 0 1,068 K
SetPoint.exe 3876 Console 0 756 K
oahlp.exe 2164 Console 0 1,024 K
KHALMNPR.exe 2784 Console 0 2,548 K
jusched.exe 5192 Console 0 196 K
jqs.exe 4232 Console 0 1,420 K
wmiprvse.exe 3252 Console 0 4,576 K
mDNSResponder.exe 580 Console 0 180 K
AppleMobileDeviceService. 4504 Console 0 1,796 K
iPodService.exe 4548 Console 0 2,088 K
iTunesHelper.exe 3520 Console 0 884 K
mss.exe 5392 Console 0 5,784 K
cmd.exe 5488 Console 0 4,416 K
tasklist.exe 4496 Console 0 7,292 K
Hidden objects
PATH: C:\windows
$hf_mig$
$MSI31Uninstall_KB893803v2$
$NtServicePackUninstall$
$NtServicePackUninstallIDNMitigationAPIs$
$NtServicePackUninstallNLSDownlevelMapping$
$NtUninstallbasecsp$
$NtUninstallKB873339$
$NtUninstallKB885835$
$NtUninstallKB885836$
$NtUninstallKB886185$
$NtUninstallKB887472$
$NtUninstallKB888302$
$NtUninstallKB890046$
$NtUninstallKB890046_0$
$NtUninstallKB890859$
$NtUninstallKB891781$
$NtUninstallKB893756$
$NtUninstallKB894391$
$NtUninstallKB896344$
$NtUninstallKB896358$
$NtUninstallKB896423$
$NtUninstallKB896424$
$NtUninstallKB896428$
$NtUninstallKB898461$
$NtUninstallKB899587$
$NtUninstallKB899589$
$NtUninstallKB899591$
$NtUninstallKB900485$
$NtUninstallKB900725$
$NtUninstallKB900930$
$NtUninstallKB901017$
$NtUninstallKB901214$
$NtUninstallKB902400$
$NtUninstallKB904706$
$NtUninstallKB904942$
$NtUninstallKB905414$
$NtUninstallKB905749$
$NtUninstallKB908519$
$NtUninstallKB908531$
$NtUninstallKB910437$
$NtUninstallKB911280$
$NtUninstallKB911562$
$NtUninstallKB911564$
$NtUninstallKB911567$
$NtUninstallKB911927$
$NtUninstallKB912919$
$NtUninstallKB913580$
$NtUninstallKB914388$
$NtUninstallKB914389$
$NtUninstallKB914440$
$NtUninstallKB915865$
$NtUninstallKB916595$
$NtUninstallKB917344$
$NtUninstallKB917422$
$NtUninstallKB917734_WMP10$
$NtUninstallKB917953$
$NtUninstallKB918118$
$NtUninstallKB918439$
$NtUninstallKB918899$
$NtUninstallKB919007$
$NtUninstallKB920213$
$NtUninstallKB920214$
$NtUninstallKB920342$
$NtUninstallKB920670$
$NtUninstallKB920683$
$NtUninstallKB920685$
$NtUninstallKB920872$
$NtUninstallKB921398$
$NtUninstallKB921503$
$NtUninstallKB921883$
$NtUninstallKB922582$
$NtUninstallKB922616$
$NtUninstallKB922819$
$NtUninstallKB923191$
$NtUninstallKB923414$
$NtUninstallKB923561$
$NtUninstallKB923689$
$NtUninstallKB923694$
$NtUninstallKB923980$
$NtUninstallKB924191$
$NtUninstallKB924270$
$NtUninstallKB924496$
$NtUninstallKB924667$
$NtUninstallKB925398_WMP64$
$NtUninstallKB925454$
$NtUninstallKB925486$
$NtUninstallKB925902$
$NtUninstallKB926239$
$NtUninstallKB926255$
$NtUninstallKB926436$
$NtUninstallKB927779$
$NtUninstallKB927802$
$NtUninstallKB927891$
$NtUninstallKB928090$
$NtUninstallKB928255$
$NtUninstallKB928843$
$NtUninstallKB929123$
$NtUninstallKB929338$
$NtUninstallKB929399$
$NtUninstallKB929969$
$NtUninstallKB930178$
$NtUninstallKB930916$
$NtUninstallKB931261$
$NtUninstallKB931768$
$NtUninstallKB931784$
$NtUninstallKB931836$
$NtUninstallKB932168$
$NtUninstallKB933360$
$NtUninstallKB933566$
$NtUninstallKB933729$
$NtUninstallKB935839$
$NtUninstallKB935840$
$NtUninstallKB936021$
$NtUninstallKB936782_WMP11$
$NtUninstallKB937143$
$NtUninstallKB937894$
$NtUninstallKB938127$
$NtUninstallKB938464$
$NtUninstallKB938828$
$NtUninstallKB938829$
$NtUninstallKB939653$
$NtUninstallKB939683$
$NtUninstallKB941202$
$NtUninstallKB941568$
$NtUninstallKB941569$
$NtUninstallKB941644$
$NtUninstallKB941693$
$NtUninstallKB942615$
$NtUninstallKB942763$
$NtUninstallKB942840$
$NtUninstallKB943055$
$NtUninstallKB943460$
$NtUninstallKB943485$
$NtUninstallKB944338$
$NtUninstallKB944533$
$NtUninstallKB944653$
$NtUninstallKB945553$
$NtUninstallKB946026$
$NtUninstallKB946627$
$NtUninstallKB946648$
$NtUninstallKB947864$
$NtUninstallKB948590$
$NtUninstallKB948881$
$NtUninstallKB950749$
$NtUninstallKB950759$
$NtUninstallKB950759_0$
$NtUninstallKB950760$
$NtUninstallKB950762$
$NtUninstallKB950762_0$
$NtUninstallKB950974$
$NtUninstallKB950974_0$
$NtUninstallKB951066$
$NtUninstallKB951066_0$
$NtUninstallKB951072-v2$
$NtUninstallKB951376$
$NtUninstallKB951376-v2$
$NtUninstallKB951376-v2_0$
$NtUninstallKB951376_0$
$NtUninstallKB951698$
$NtUninstallKB951698_0$
$NtUninstallKB951748$
$NtUninstallKB951748_0$
$NtUninstallKB951978$
$NtUninstallKB952004$
$NtUninstallKB952069_WM9$
$NtUninstallKB952287$
$NtUninstallKB952287_0$
$NtUninstallKB952954$
$NtUninstallKB952954_0$
$NtUninstallKB953838$
$NtUninstallKB953838_0$
$NtUninstallKB953839$
$NtUninstallKB954154_WM11$
$NtUninstallKB954155_WM9$
$NtUninstallKB954211$
$NtUninstallKB954459$
$NtUninstallKB954600$
$NtUninstallKB954708$
$NtUninstallKB955069$
$NtUninstallKB955759$
$NtUninstallKB955839$
$NtUninstallKB956390$
$NtUninstallKB956391$
$NtUninstallKB956572$
$NtUninstallKB956744$
$NtUninstallKB956802$
$NtUninstallKB956803$
$NtUninstallKB956841$
$NtUninstallKB956844$
$NtUninstallKB957095$
$NtUninstallKB957097$
$NtUninstallKB958215$
$NtUninstallKB958644$
$NtUninstallKB958687$
$NtUninstallKB958690$
$NtUninstallKB958869$
$NtUninstallKB959426$
$NtUninstallKB959772_WM11$
$NtUninstallKB960225$
$NtUninstallKB960714$
$NtUninstallKB960715$
$NtUninstallKB960803$
$NtUninstallKB960859$
$NtUninstallKB961118$
$NtUninstallKB961371$
$NtUninstallKB961373$
$NtUninstallKB961501$
$NtUninstallKB961503$
$NtUninstallKB963027$
$NtUninstallKB967715$
$NtUninstallKB968389$
$NtUninstallKB968537$
$NtUninstallKB968816_WM9$
$NtUninstallKB969059$
$NtUninstallKB969897$
$NtUninstallKB969898$
$NtUninstallKB969947$
$NtUninstallKB970238$
$NtUninstallKB970430$
$NtUninstallKB970653-v3$
$NtUninstallKB971468$
$NtUninstallKB971486$
$NtUninstallKB971557$
$NtUninstallKB971633$
$NtUninstallKB971657$
$NtUninstallKB971737$
$NtUninstallKB972270$
$NtUninstallKB973346$
$NtUninstallKB973354$
$NtUninstallKB973507$
$NtUninstallKB973525$
$NtUninstallKB973540_WM9$
$NtUninstallKB973687$
$NtUninstallKB973815$
$NtUninstallKB973869$
$NtUninstallKB973904$
$NtUninstallKB974112$
$NtUninstallKB974318$
$NtUninstallKB974392$
$NtUninstallKB974571$
$NtUninstallKB975025$
$NtUninstallKB975467$
$NtUninstallKB975560$
$NtUninstallKB975561$
$NtUninstallKB975713$
$NtUninstallKB976098-v2$
$NtUninstallKB977165$
$NtUninstallKB977816$
$NtUninstallKB977914$
$NtUninstallKB978037$
$NtUninstallKB978251$
$NtUninstallKB978262$
$NtUninstallKB978338$
$NtUninstallKB978542$
$NtUninstallKB978601$
$NtUninstallKB978706$
$NtUninstallKB979306$
$NtUninstallKB979309$
$NtUninstallKB979683$
$NtUninstallKB980232$
$NtUninstallKB981793$
$NtUninstallMSCompPackV1$
$NtUninstallWdf01005$
$NtUninstallWMFDist11$
$NtUninstallwmp11$
$NtUninstallWudf01000$
ftpcache
ie8
inf
Installer
msdownld.tmp
QTFont.qfn
WindowsShell.Manifest
winnt.bmp
winnt256.bmp
PATH: C:\windows\system32
cdplayer.exe.manifest
dllcache
GroupPolicy
h6o8qxt.dll
logonui.exe.manifest
mlfcache.dat
ncpa.cpl.manifest
nwc.cpl.manifest
sapi.cpl.manifest
WindowsLogon.manifest
wuaucpl.cpl.manifest
PATH: C:\windows\system32\drivers
MsftWdf_Kernel_01005_Coinstaller_Critic al.Wdf
Msft_Kernel_LMouFilt_01005.Wdf
Msft_Kernel_NuidFltr_01005.Wdf
PATH: C:\
boot.ini
Config.Msi
IO.SYS
MSDOS.SYS
NTDETECT.COM
ntldr
pagefile.sys
RECYCLER
System Volume Information
User Profile check
public
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
ProfilesDirectory REG_EXPAND_SZ %SystemDrive%\Documents and Settings
DefaultUserProfile REG_SZ Default User
AllUsersProfile REG_SZ All Users
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
Flags REG_DWORD 0xc
State REG_DWORD 0x0
RefCount REG_DWORD 0x1
Sid REG_BINARY 010100000000000512000000
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\LocalService
Sid REG_BINARY 010100000000000513000000
Flags REG_DWORD 0x9
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x625d2c6e
ProfileLoadTimeHigh REG_DWORD 0x1cb16fe
RefCount REG_DWORD 0x2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\NetworkService
Sid REG_BINARY 010100000000000514000000
Flags REG_DWORD 0x9
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x5eaf6b90
ProfileLoadTimeHigh REG_DWORD 0x1cb16fe
RefCount REG_DWORD 0x2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1935655697-1659004503-1801674531-1003
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Pam
Sid REG_BINARY 01050000000000051500000011C35F735766E26 2235F636BEB030000
Flags REG_DWORD 0x0
State REG_DWORD 0x100
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x773acc0a
ProfileLoadTimeHigh REG_DWORD 0x1cb13e7
RefCount REG_DWORD 0x1
RunLogonScriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1935655697-1659004503-1801674531-1006
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\pam.D6813
Sid REG_BINARY 01050000000000051500000011C35F735766E26 2235F636BEE030000
Flags REG_DWORD 0x0
State REG_DWORD 0x100
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0xb99c39de
ProfileLoadTimeHigh REG_DWORD 0x1cb16fe
RefCount REG_DWORD 0x1
RunLogonScriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb
NextLogonCacheable REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1935655697-1659004503-1801674531-1008
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Ben
Sid REG_BINARY 01050000000000051500000011C35F735766E26 2235F636BF0030000
Flags REG_DWORD 0x0
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0xd4ef89d6
ProfileLoadTimeHigh REG_DWORD 0x1cb172e
RefCount REG_DWORD 0x0
RunLogonScriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb
NextLogonCacheable REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1935655697-1659004503-1801674531-500
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Administrator
Sid REG_BINARY 01050000000000051500000011C35F735766E26 2235F636BF4010000
Flags REG_DWORD 0x0
State REG_DWORD 0x100
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x5aa73f3c
ProfileLoadTimeHigh REG_DWORD 0x1c71af9
RefCount REG_DWORD 0x0
RunLogonScriptSync REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1935655697-1659004503-1801674531-501
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Guest
Sid REG_BINARY 01050000000000051500000011C35F735766E26 2235F636BF5010000
Flags REG_DWORD 0x0
State REG_DWORD 0x80
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0xf65c4ea0
ProfileLoadTimeHigh REG_DWORD 0x1cb0dd9
RefCount REG_DWORD 0x0
RunLogonScriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb
Current Scheduled Tasks
PATH: C:\Windows\Tasks
Ad-Aware Update (Weekly).job
AppleSoftwareUpdate.job
GoogleUpdateTaskMachineCore1cb0c9868f98 95c.job
RealUpgradeLogonTaskS-1-5-21-1935655697-1659004503-1801674531-1003.job
RealUpgradeLogonTaskS-1-5-21-1935655697-1659004503-1801674531-1006.job
RealUpgradeLogonTaskS-1-5-21-1935655697-1659004503-1801674531-1008.job
RealUpgradeScheduledTaskS-1-5-21-1935655697-1659004503-1801674531-1003.job
RealUpgradeScheduledTaskS-1-5-21-1935655697-1659004503-1801674531-1006.job
RealUpgradeScheduledTaskS-1-5-21-1935655697-1659004503-1801674531-1008.job
WGASetup.job
desktop.ini
SA.DAT
Windows Drivers and NT-Services
Volume in drive C is Hard Disk
Volume Serial Number is 5C24-151F
Directory of C:\Windows\System32\Drivers
04/03/2007 03:30 PM 0 MsftWdf_Kernel_01005_Coinstaller_Critic al.Wdf
04/03/2007 03:30 PM 0 Msft_Kernel_LMouFilt_01005.Wdf
07/04/2009 04:00 PM 0 Msft_Kernel_NuidFltr_01005.Wdf
3 File(s) 0 bytes
0 Dir(s) 23,335,501,824 bytes free
Volume in drive C is Hard Disk
Volume Serial Number is 5C24-151F
Directory of C:\Windows\System32\Drivers
08/17/2001 08:46 AM 6,400 enum1394.sys
08/17/2001 08:51 AM 3,328 pciide.sys
08/17/2001 08:59 AM 3,072 audstub.sys
08/17/2001 01:48 PM 12,160 mouhid.sys
08/17/2001 02:12 PM 2,944 BrFilt.sys
08/17/2001 02:12 PM 60,416 BrSerWdm.sys
08/17/2001 02:12 PM 11,008 BrUsbMdm.sys
08/17/2001 02:12 PM 10,368 BrUsbScn.sys
07/17/2004 11:35 AM 67,866 netwlan5.img
07/17/2004 11:36 AM 64,352 ativmc20.cod
07/17/2004 10:55 PM 129,045 cxthsfs2.cty
08/03/2004 10:29 PM 701,440 ati2mtag.sys
08/03/2004 10:29 PM 57,856 atinbtxx.sys
08/03/2004 10:29 PM 327,040 ati2mtaa.sys
08/03/2004 10:29 PM 12,047 ati1pdxx.sys
08/03/2004 10:29 PM 56,623 ati1btxx.sys
08/03/2004 10:29 PM 11,615 ati1mdxx.sys
08/03/2004 10:29 PM 13,824 atinmdxx.sys
08/03/2004 10:29 PM 52,224 atinraxx.sys
08/03/2004 10:29 PM 14,336 atinpdxx.sys
08/03/2004 10:29 PM 104,960 atinrvxx.sys
08/03/2004 10:29 PM 28,672 atinsnxx.sys
08/03/2004 10:29 PM 73,216 atintuxx.sys
08/03/2004 10:29 PM 31,744 atinxbxx.sys
08/03/2004 10:29 PM 34,735 ati1xsxx.sys
08/03/2004 10:29 PM 29,455 ati1xbxx.sys
08/03/2004 10:29 PM 36,463 ati1tuxx.sys
08/03/2004 10:29 PM 21,343 ati1ttxx.sys
08/03/2004 10:29 PM 63,488 atinxsxx.sys
08/03/2004 10:29 PM 63,663 ati1rvxx.sys
08/03/2004 10:29 PM 13,824 atinttxx.sys
08/03/2004 10:29 PM 30,671 ati1raxx.sys
08/03/2004 10:29 PM 26,367 ati1snxx.sys
08/03/2004 10:29 PM 452,736 mtxparhm.sys
08/03/2004 10:29 PM 11,295 wadv08nt.sys
08/03/2004 10:29 PM 11,807 wadv07nt.sys
08/03/2004 10:29 PM 11,871 wadv09nt.sys
08/03/2004 10:29 PM 11,935 wadv11nt.sys
08/03/2004 10:29 PM 22,271 watv06nt.sys
08/03/2004 10:29 PM 25,471 watv10nt.sys
08/03/2004 10:29 PM 166,912 s3gnbm.sys
08/03/2004 10:41 PM 1,309,184 mtlstrm.sys
08/03/2004 10:41 PM 180,360 ntmtlfax.sys
08/03/2004 10:41 PM 126,686 mtlmnt5.sys
08/03/2004 10:41 PM 13,776 recagent.sys
08/03/2004 10:41 PM 129,535 slnt7554.sys
08/03/2004 10:41 PM 404,990 slntamr.sys
08/03/2004 10:41 PM 95,424 slnthal.sys
08/03/2004 10:41 PM 13,240 slwdmsup.sys
08/03/2004 10:41 PM 220,032 hsfbs2s2.sys
08/03/2004 10:41 PM 685,056 hsfcxts2.sys
08/03/2004 10:41 PM 11,868 mdmxsdk.sys
08/03/2004 10:41 PM 1,041,536 hsfdpsp2.sys
08/04/2004 07:00 AM 4,736 usbd.sys
08/04/2004 07:00 AM 352,256 atmuni.sys
08/04/2004 07:00 AM 4,224 rdpcdd.sys
08/04/2004 07:00 AM 34,432 rawwan.sys
08/04/2004 07:00 AM 16,512 raspti.sys
08/04/2004 07:00 AM 8,832 rasacd.sys
08/04/2004 07:00 AM 31,360 atmepvc.sys
08/04/2004 07:00 AM 21,376 tsbvcap.sys
08/04/2004 07:00 AM 3,440,660 gm.dls
08/04/2004 07:00 AM 4,224 beep.sys
08/04/2004 07:00 AM 7,680 mcd.sys
08/04/2004 07:00 AM 12,032 rio8drv.sys
08/04/2004 07:00 AM 646 gmreadme.txt
08/04/2004 07:00 AM 51,712 tosdvd.sys
08/04/2004 07:00 AM 32,896 ipfltdrv.sys
08/04/2004 07:00 AM 17,792 ptilink.sys
08/04/2004 07:00 AM 6,784 parvdm.sys
08/04/2004 07:00 AM 3,456 oprghdlr.sys
08/04/2004 07:00 AM 55,936 nwlnkspx.sys
08/04/2004 07:00 AM 63,232 nwlnknb.sys
08/04/2004 07:00 AM 32,512 nwlnkfwd.sys
08/04/2004 07:00 AM 13,952 cbidf2k.sys
08/04/2004 07:00 AM 18,688 cdaudio.sys
08/04/2004 07:00 AM 12,416 nwlnkflt.sys
08/04/2004 07:00 AM 12,032 riodrv.sys
08/04/2004 07:00 AM 4,224 mnmdd.sys
08/04/2004 07:00 AM 262,528 cinemst2.sys
08/04/2004 07:00 AM 125,056 ftdisk.sys
08/04/2004 07:00 AM 11,776 cpqdap01.sys
08/04/2004 07:00 AM 7,936 fs_rec.sys
08/04/2004 07:00 AM 12,160 fsvga.sys
08/04/2004 07:00 AM 58,112 vdmindvd.sys
08/04/2004 07:00 AM 11,648 acpiec.sys
08/04/2004 07:00 AM 5,888 rootmdm.sys
08/04/2004 07:00 AM 12,032 ws2ifsl.sys
08/04/2004 07:00 AM 4,352 wmilib.sys
08/04/2004 07:00 AM 3,328 dxgthk.sys
08/04/2004 07:00 AM 12,032 nikedrv.sys
08/04/2004 07:00 AM 10,496 dxapi.sys
08/04/2004 07:00 AM 14,592 smclib.sys
08/04/2004 07:00 AM 5,888 dmload.sys
08/04/2004 07:00 AM 2,944 null.sys
02/01/2005 07:18 PM 17,992 bcm42rly.sys
02/23/2005 02:58 PM 11,776 afc.sys
06/22/2005 01:47 AM 6,016 ALLOW-IO.SYS
07/26/2005 07:58 AM 53,376 nvax.sys
07/26/2005 08:01 AM 415,360 nvapu.sys
07/26/2005 08:02 AM 66,688 nvarm.sys
07/26/2005 08:02 AM 923,520 nvmcp.sys
08/18/2005 12:52 PM 93,568 nvatabus.sys
11/22/2005 12:33 PM 61,456 defrag32.sys
11/22/2005 12:33 PM 61,456 defrag32b.sys
11/24/2005 08:51 PM 245,248 rt73.sys
12/01/2005 06:57 PM 21,760 point32.sys
01/01/2006 04:13 PM <DIR> disdn
01/01/2006 04:14 PM <DIR> etc
05/01/2006 06:27 PM 100,736 nvata.sys
05/16/2006 08:24 PM 261,120 nvsnpu.sys
05/16/2006 08:24 PM 1,075,328 nvnrm.sys
05/16/2006 08:24 PM 109,568 nvtcp.sys
05/16/2006 08:25 PM 52,736 NVENETFD.sys
05/16/2006 08:25 PM 18,944 nvnetbus.sys
06/27/2006 03:24 PM 31,744 AmdTools.sys
07/01/2006 11:39 PM 36,864 AmdK8.sys
07/12/2006 02:19 PM 3,934,592 nv4_mini.sys
09/28/2006 07:55 PM 77,568 WudfPf.sys
09/28/2006 08:00 PM 82,944 WudfRd.sys
10/18/2006 09:00 PM 38,528 wpdusb.sys
11/02/2006 07:22 AM 32,224 wdfldr.sys
11/02/2006 07:22 AM 492,000 wdf01000.sys
11/12/2006 09:09 PM 114,048 snapman.sys
11/12/2006 09:09 PM 395,744 timntr.sys
11/12/2006 09:09 PM 39,264 tifsfilt.sys
12/12/2006 08:01 PM 8,413 mcstrm.sys
12/31/2006 08:28 PM <DIR> UMDF
01/18/2007 05:28 PM 5,275 CVirtA.sys
01/23/2007 03:45 PM 34,576 LHidFilt.Sys
01/23/2007 03:45 PM 33,296 LMouFilt.Sys
11/13/2007 05:25 AM 20,480 secdrv.sys
02/29/2008 03:12 AM 20,240 L8042Kbd.sys
02/29/2008 03:12 AM 63,120 L8042mou.Sys
02/29/2008 03:13 AM 79,120 LMouKE.Sys
03/03/2008 07:46 PM 20,747 AegisP.sys
03/29/2008 05:36 PM 125,328 dne2000.sys
04/13/2008 11:36 AM 144,384 hdaudbus.sys
04/13/2008 11:39 AM 142,592 aec.sys
04/13/2008 01:31 PM 35,840 processr.sys
04/13/2008 01:31 PM 42,752 p3.sys
04/13/2008 01:31 PM 37,376 amdk6.sys
04/13/2008 01:31 PM 36,352 intelppm.sys
04/13/2008 01:31 PM 36,736 crusoe.sys
04/13/2008 01:31 PM 37,760 amdk7.sys
04/13/2008 01:32 PM 66,048 udfs.sys
04/13/2008 01:32 PM 30,848 npfs.sys
04/13/2008 01:32 PM 19,072 msfs.sys
04/13/2008 01:32 PM 180,608 mrxdav.sys
04/13/2008 01:32 PM 196,224 rdpdr.sys
04/13/2008 01:32 PM 129,792 fltmgr.sys
04/13/2008 01:33 PM 44,544 fips.sys
04/13/2008 01:34 PM 163,584 nwrdr.sys
04/13/2008 01:36 PM 5,888 smbali.sys
04/13/2008 01:36 PM 187,776 acpi.sys
04/13/2008 01:36 PM 42,368 agp440.sys
04/13/2008 01:36 PM 42,752 alim1541.sys
04/13/2008 01:36 PM 40,960 sisagp.sys
04/13/2008 01:36 PM 43,008 amdagp.sys
04/13/2008 01:36 PM 44,928 agpcpq.sys
04/13/2008 01:36 PM 46,464 gagp30kx.sys
04/13/2008 01:36 PM 44,672 uagp35.sys
04/13/2008 01:36 PM 42,240 viaagp.sys
04/13/2008 01:36 PM 63,744 mf.sys
04/13/2008 01:36 PM 37,248 isapnp.sys
04/13/2008 01:36 PM 120,192 pcmcia.sys
04/13/2008 01:36 PM 79,232 sdbus.sys
04/13/2008 01:36 PM 68,224 pci.sys
04/13/2008 01:36 PM 15,488 mssmbios.sys
04/13/2008 01:36 PM 73,472 sr.sys
04/13/2008 01:38 PM 71,168 dxg.sys
04/13/2008 01:39 PM 92,544 mqac.sys
04/13/2008 01:39 PM 384,768 update.sys
04/13/2008 01:39 PM 42,368 mountmgr.sys
04/13/2008 01:39 PM 23,040 mouclass.sys
04/13/2008 01:39 PM 24,576 kbdclass.sys
04/13/2008 01:39 PM 14,592 kbdhid.sys
04/13/2008 01:39 PM 5,376 mspclock.sys
04/13/2008 01:39 PM 4,992 mspqm.sys
04/13/2008 01:39 PM 7,552 mskssrv.sys
04/13/2008 01:39 PM 4,352 swenum.sys
04/13/2008 01:40 PM 80,128 parport.sys
04/13/2008 01:40 PM 15,744 serenum.sys
04/13/2008 01:40 PM 27,392 fdc.sys
04/13/2008 01:40 PM 20,480 flpydisk.sys
04/13/2008 01:40 PM 57,600 redbook.sys
04/13/2008 01:40 PM 24,960 pciidex.sys
04/13/2008 01:40 PM 96,384 scsiport.sys
04/13/2008 01:40 PM 96,512 atapi.sys
04/13/2008 01:40 PM 14,208 diskdump.sys
04/13/2008 01:40 PM 62,976 cdrom.sys
04/13/2008 01:40 PM 36,352 disk.sys
04/13/2008 01:40 PM 11,008 sffp_sd.sys
04/13/2008 01:40 PM 11,904 sffdisk.sys
04/13/2008 01:40 PM 10,240 sffp_mmc.sys
04/13/2008 01:40 PM 11,392 sfloppy.sys
04/13/2008 01:40 PM 19,712 partmgr.sys
04/13/2008 01:40 PM 14,976 tape.sys
04/13/2008 01:40 PM 42,112 imapi.sys
04/13/2008 01:41 PM 52,352 volsnap.sys
04/13/2008 01:43 PM 14,208 wacompen.sys
04/13/2008 01:43 PM 12,672 mutohpen.sys
04/13/2008 01:44 PM 20,992 vga.sys
04/13/2008 01:44 PM 81,664 videoprt.sys
04/13/2008 01:44 PM 153,344 dmio.sys
04/13/2008 01:44 PM 799,744 dmboot.sys
04/13/2008 01:45 PM 52,864 dmusic.sys
04/13/2008 01:45 PM 6,272 splitter.sys
04/13/2008 01:45 PM 56,576 swmidi.sys
04/13/2008 01:45 PM 172,416 kmixer.sys
04/13/2008 01:45 PM 60,032 USBAUDIO.sys
04/13/2008 01:45 PM 2,944 drmkaud.sys
04/13/2008 01:45 PM 60,160 drmk.sys
04/13/2008 01:45 PM 49,408 stream.sys
04/13/2008 01:45 PM 24,960 hidparse.sys
04/13/2008 01:45 PM 36,864 hidclass.sys
04/13/2008 01:45 PM 19,200 hidir.sys
04/13/2008 01:45 PM 10,368 hidusb.sys
04/13/2008 01:45 PM 46,592 irbus.sys
04/13/2008 01:45 PM 15,104 usbscan.sys
04/13/2008 01:45 PM 17,152 usbohci.sys
04/13/2008 01:45 PM 30,208 usbehci.sys
04/13/2008 01:45 PM 143,872 usbport.sys
04/13/2008 01:45 PM 59,520 usbhub.sys
04/13/2008 01:45 PM 26,368 usbstor.sys
04/13/2008 01:45 PM 32,128 usbccgp.sys
04/13/2008 01:45 PM 25,600 usbcamd.sys
04/13/2008 01:45 PM 25,728 usbcamd2.sys
04/13/2008 01:45 PM 15,872 usbintel.sys
04/13/2008 01:46 PM 25,344 sonydcam.sys
04/13/2008 01:46 PM 61,696 ohci1394.sys
04/13/2008 01:46 PM 53,376 1394bus.sys
04/13/2008 01:46 PM 121,984 usbvideo.sys
04/13/2008 01:46 PM 18,944 bthusb.sys
04/13/2008 01:46 PM 25,600 hidbth.sys
04/13/2008 01:46 PM 36,480 bthprint.sys
04/13/2008 01:46 PM 59,136 rfcomm.sys
04/13/2008 01:46 PM 37,888 bthmodem.sys
04/13/2008 01:46 PM 17,024 bthenum.sys
04/13/2008 01:47 PM 25,856 usbprint.sys
04/13/2008 01:51 PM 60,800 arp1394.sys
04/13/2008 01:51 PM 61,824 nic1394.sys
04/13/2008 01:51 PM 59,904 atmarpc.sys
04/13/2008 01:51 PM 55,808 atmlane.sys
04/13/2008 01:51 PM 101,120 bthpan.sys
04/13/2008 01:53 PM 40,320 nmnt.sys
04/13/2008 01:53 PM 71,552 bridge.sys
04/13/2008 01:53 PM 36,608 ip6fw.sys
04/13/2008 01:54 PM 11,264 irenum.sys
04/13/2008 01:55 PM 14,592 ndisuio.sys
04/13/2008 01:56 PM 12,288 tunmp.sys
04/13/2008 01:56 PM 34,688 netbios.sys
04/13/2008 01:56 PM 88,320 nwlnkipx.sys
04/13/2008 01:56 PM 35,072 msgpc.sys
04/13/2008 01:56 PM 69,120 psched.sys
04/13/2008 01:56 PM 30,592 rndismpx.sys
04/13/2008 01:56 PM 12,800 usb8023x.sys
04/13/2008 01:56 PM 12,800 usb8023.sys
04/13/2008 01:56 PM 30,592 rndismp.sys
04/13/2008 01:57 PM 20,864 ipinip.sys
04/13/2008 01:57 PM 152,832 ipnat.sys
04/13/2008 01:57 PM 34,560 wanarp.sys
04/13/2008 01:57 PM 10,112 ndistapi.sys
04/13/2008 01:57 PM 14,336 asyncmac.sys
04/13/2008 01:57 PM 40,576 ndproxy.sys
04/13/2008 01:57 PM 41,472 raspppoe.sys
04/13/2008 02:00 PM 19,072 tdi.sys
04/13/2008 02:00 PM 30,080 modem.sys
04/13/2008 02:14 PM 63,744 cdfs.sys
04/13/2008 02:14 PM 143,744 fastfat.sys
04/13/2008 02:15 PM 64,512 serial.sys
04/13/2008 02:15 PM 574,976 ntfs.sys
04/13/2008 02:15 PM 60,800 sysaudio.sys
04/13/2008 02:16 PM 49,536 classpnp.sys
04/13/2008 02:16 PM 141,056 ks.sys
04/13/2008 02:17 PM 105,344 mup.sys
04/13/2008 02:17 PM 83,072 wdmaud.sys
04/13/2008 02:18 PM 52,480 i8042prt.sys
04/13/2008 02:19 PM 75,264 ipsec.sys
04/13/2008 02:19 PM 146,048 portcls.sys
04/13/2008 02:19 PM 51,328 rasl2tp.sys
04/13/2008 02:19 PM 48,384 raspptp.sys
04/13/2008 02:20 PM 182,656 ndis.sys
04/13/2008 02:20 PM 91,520 ndiswan.sys
04/13/2008 02:21 PM 162,816 netbt.sys
04/13/2008 02:28 PM 175,744 rdbss.sys
04/13/2008 07:11 PM 3,135 adv08nt5.dll
04/13/2008 07:11 PM 3,775 adv11nt5.dll
04/13/2008 07:11 PM 3,647 adv07nt5.dll
04/13/2008 07:11 PM 3,615 adv05nt5.dll
04/13/2008 07:11 PM 3,967 adv02nt5.dll
04/13/2008 07:11 PM 4,255 adv01nt5.dll
04/13/2008 07:11 PM 3,711 adv09nt5.dll
04/13/2008 07:11 PM 14,143 atv06nt5.dll
04/13/2008 07:11 PM 25,471 atv04nt5.dll
04/13/2008 07:11 PM 11,359 atv02nt5.dll
04/13/2008 07:11 PM 15,423 ch7xxnt5.dll
04/13/2008 07:11 PM 21,183 atv01nt5.dll
04/13/2008 07:11 PM 17,279 atv10nt5.dll
04/13/2008 07:11 PM 21,504 hidserv.dll
04/13/2008 07:12 PM 3,901 siint5.dll
04/13/2008 07:12 PM 11,325 vchnt5.dll
04/13/2008 07:13 PM 40,840 termdd.sys
04/13/2008 07:13 PM 12,040 tdpipe.sys
04/13/2008 07:13 PM 21,896 tdtcp.sys
04/13/2008 07:13 PM 139,656 rdpwd.sys
05/08/2008 09:02 AM 203,136 rmcast.sys
06/02/2008 06:01 PM 64,144 NEOFLTR_550_13237.sys
06/13/2008 06:05 AM 272,128 bthport.sys
06/19/2008 06:07 PM 306,299 CVPNDRVA.sys
06/20/2008 06:51 AM 361,600 tcpip.sys
08/14/2008 05:04 AM 138,496 afd.sys
12/17/2008 04:02 PM 20 SymRedir.cat
12/17/2008 04:02 PM 1,133 SymRedir.inf
12/17/2008 04:20 PM 12,680 symdns.sys
12/17/2008 04:20 PM 99,208 symfw.sys
12/17/2008 04:20 PM 28,040 symndis.sys
12/17/2008 04:20 PM 31,624 symids.sys
12/17/2008 04:20 PM 23,944 symredrv.sys
12/17/2008 04:20 PM 188,808 symtdi.sys
05/09/2009 01:14 AM 14,736 nuidfltr.sys
05/18/2009 03:17 PM 26,600 GEARAspiWDM.sys
06/24/2009 06:18 AM 92,928 ksecdd.sys
10/16/2009 02:33 AM 41,472 usbaapl.sys
10/20/2009 11:20 AM 265,728 http.sys
12/31/2009 11:50 AM 353,792 srv.sys
02/11/2010 07:02 AM 226,880 tcpip6.sys
02/16/2010 09:04 PM 95,024 SBREDrv.sys
02/24/2010 08:11 AM 455,680 mrxsmb.sys
02/27/2010 03:20 PM 123,952 SYMEVENT.SYS
02/27/2010 03:20 PM 805 SYMEVENT.INF
02/27/2010 03:20 PM 10,671 SYMEVENT.CAT
04/20/2010 04:13 AM 228,216 OADriver.sys
04/20/2010 04:13 AM 29,560 OAnet.sys
04/20/2010 04:13 AM 24,440 OAmon.sys
04/29/2010 03:39 PM 20,952 mbam.sys
04/29/2010 03:39 PM 38,224 mbamswissarmy.sys
06/20/2010 10:08 AM 64,288 Lbd.sys
06/28/2010 02:42 PM <DIR> .
06/28/2010 02:42 PM <DIR> ..
335 File(s) 35,216,096 bytes
5 Dir(s) 23,335,473,152 bytes free
Virtual drives found?
Environment variables
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\pam.D6813\Application Data
asl.log=Destination=file;OnFirstLog=command,environment
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MADCAT
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\pam.D6813
LOGONSERVER=\\MADCAT
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 35 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2302
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\PAM~1.D68\LOCALS~1\Temp
TMP=C:\DOCUME~1\PAM~1.D68\LOCALS~1\Temp
USERDOMAIN=MADCAT
USERNAME=pam
USERPROFILE=C:\Documents and Settings\pam.D6813
windir=C:\WINDOWS
Stealth malware?
Internet Explorer
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Default_Page_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
Search Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
Enable_Disk_Cache REG_SZ yes
Cache_Percent_of_Disk REG_BINARY 0A000000
Delete_Temp_Files_On_Exit REG_SZ yes
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Anchor_Visitation_Horizon REG_BINARY 01000000
Use_Async_DNS REG_SZ yes
Placeholder_Width REG_BINARY 1A000000
Placeholder_Height REG_BINARY 1A000000
Start Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
CompanyName REG_SZ Microsoft Corporation
Custom_Key REG_SZ MICROSO
Wizard_Version REG_SZ 6.0.2600.0000
FullScreen REG_SZ no
Default_Secondary_Page_URL REG_MULTI_SZ \0
Extensions Off Page REG_SZ about:NoAdd-ons
Security Risk Page REG_SZ about:SecurityRisk
Check_Associations REG_SZ yes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\ErrorThresholds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\UrlTemplate
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
User Agent REG_SZ Mozilla/4.0 (compatible; MSIE 8.0; Win32)
IE5_UA_Backup_Flag REG_SZ 5.0
NoNetAutodial REG_DWORD 0x1
MigrateProxy REG_DWORD 0x1
EnableNegotiate REG_DWORD 0x1
EmailName REG_SZ IEUser@
AutoConfigProxy REG_SZ wininet.dll
MimeExclusionListForCache REG_SZ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
WarnOnPost REG_BINARY 01000000
UseSchannelDirectly REG_BINARY 01000000
EnableHttp1_1 REG_DWORD 0x1
PrivacyAdvanced REG_DWORD 0x0
ProxyEnable REG_DWORD 0x0
UrlEncoding REG_DWORD 0x0
SecureProtocols REG_DWORD 0xa0
PrivDiscUiShown REG_DWORD 0x1
ZonesSecurityUpgrade REG_BINARY 6C6F91C794F7C901
DisableCachingOfSSLPages REG_DWORD 0x0
WarnonZoneCrossing REG_DWORD 0x0
ProxyOverride REG_SZ <local>;*.local
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Passport
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
NoUpdateCheck REG_DWORD 0x1
NoJITSetup REG_DWORD 0x1
Disable Script Debugger REG_SZ yes
Show_ChannelBand REG_SZ No
Anchor Underline REG_SZ yes
Cache_Update_Frequency REG_SZ Once_Per_Session
Display Inline Images REG_SZ yes
Do404Search REG_BINARY 01000000
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Save_Session_History_On_Exit REG_SZ no
Show_FullURL REG_SZ no
Show_StatusBar REG_SZ yes
Show_ToolBar REG_SZ yes
Show_URLinStatusBar REG_SZ yes
Show_URLToolBar REG_SZ yes
Start Page REG_SZ http://www.google.com/
Use_DlgBox_Colors REG_SZ yes
Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
XMLHTTP REG_DWORD 0x1
UseClearType REG_SZ yes
Enable Browser Extensions REG_SZ yes
Play_Background_Sounds REG_SZ yes
Play_Animations REG_SZ yes
Window Title REG_SZ Windows Internet Explorer provided by Qwest
Default_Secondary_Page_URL REG_MULTI_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome\0\0
Default_Page_URL REG_SZ http://qwest.live.com
SearchDefaultBranded REG_DWORD 0x1
Search Bar
-
You did not post a full log.
Was the scanner stopped? Or did you not post all the info?
Please re-run it and post a new log.
-
Sorry, let me try again (posting log from where the last one left off....)
Search Bar REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchAssistant REG_SZ http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
CompatibilityFlags REG_DWORD 0x0
IE8TourNoShow REG_DWORD 0x1
FullScreen REG_SZ no
Window_Placement REG_BINARY 2C0000000200000003000000FFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFF2C0100002C0100004C0400 00AC030000
IE8RunOnceLastShown REG_DWORD 0x1
IE8RunOnceLastShown_TIMESTAMP REG_BINARY 3B58F6121016CB01
NotifyDownloadComplete REG_SZ yes
Check_Associations REG_SZ no
Use FormSuggest REG_SZ no
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default Feeds
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search
SearchAssistant REG_SZ http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
CustomizeSearch REG_SZ http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} REG_SZ
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31816979-F864-4acf-919F-D0B3B56432E6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E12A882B-F14F-4440-9BC0-84A5EB766605}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{EF99BD32-C1FB-11D2-892F-0090271D4F88} REG_BINARY 00
{47833539-D0C5-4125-9FA8-0819E2EAAC93} REG_BINARY 00
{21FA44EF-376D-4D53-9B0F-8A89D3229068} REG_BINARY 00
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} REG_BINARY 00
{6F60C5C5-61B3-4378-8902-ED9497663AC9} REG_SZ DictateBar
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Append Link Target to Existing PDF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Append to Existing PDF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Convert Link Target to Adobe PDF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Convert to Adobe PDF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...
Protocol hijack?
Security Center
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
FirstRunDisabled REG_DWORD 0x1
AntiVirusDisableNotify REG_DWORD 0x0
FirewallDisableNotify REG_DWORD 0x0
UpdatesDisableNotify REG_DWORD 0x0
AntiVirusOverride REG_DWORD 0x0
FirewallOverride REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Invitrogen\Vector NTI Advance 10\Vector NTI 10.exe REG_SZ C:\Program Files\Invitrogen\Vector NTI Advance 10\Vector NTI 10.exe:*:Enabled:Vector NTI 10.0.1
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE REG_SZ C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE:*:Enabled:Microsoft Office Word
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE REG_SZ C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:Microsoft Office Excel
C:\WINDOWS\system32\lxdecoms.exe REG_SZ C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:4800 Series Server
C:\Program Files\Lexmark 4800 Series\lxdemon.exe REG_SZ C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor
C:\Documents and Settings\Pam\Local Settings\Temp\lxde\wireless\ENGLISH\lxdewpss.exe REG_SZ C:\Documents and Settings\Pam\Local Settings\Temp\lxde\wireless\ENGLISH\lxdewpss.exe:*:Enabled:
C:\WINDOWS\system32\lxdecfg.exe REG_SZ C:\WINDOWS\system32\lxdecfg.exe:*:Enabled:Printer Communication System
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface
C:\Program Files\Lexmark 4800 Series\frun.exe REG_SZ C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Printing Application
C:\Program Files\Lexmark 4800 Series\app4r.exe REG_SZ C:\Program Files\Lexmark 4800 Series\app4r.exe:*:Enabled:Lexmark Productivity Studio
C:\WINDOWS\twain_32\escndv\escndv.exe REG_SZ C:\WINDOWS\twain_32\escndv\escndv.exe:*:Disabled:EPSON Scan
C:\Documents and Settings\Pam\My Documents\refworks\RWDesktop.exe REG_SZ C:\Documents and Settings\Pam\My Documents\refworks\RWDesktop.exe:*:Enabled:RWDesktop
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
C:\WINDOWS\system32\lxdicoms.exe REG_SZ C:\WINDOWS\system32\lxdicoms.exe:*:Enabled:3500-4500 Series Server
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe REG_SZ C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:*:Enabled:Device Monitor
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe REG_SZ C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:*:Enabled:Device Monitor Application
C:\Program Files\Lexmark 3500-4500 Series\App4R.exe REG_SZ C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Printing Application
C:\Documents and Settings\Pam\Local Settings\Temp\lxdi\wireless\ENGLISH\lxdiwpss.exe REG_SZ C:\Documents and Settings\Pam\Local Settings\Temp\lxdi\wireless\ENGLISH\lxdiwpss.exe:*:Enabled:
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway
C:\Program Files\Juniper Networks\Secure Application Manager\dsSamProxy.exe REG_SZ C:\Program Files\Juniper Networks\Secure Application Manager\dsSamProxy.exe:*:Enabled:Secure Application Manager Proxy
C:\Program Files\Qwest\QuickConnect\QuickConnect.exe REG_SZ C:\Program Files\Qwest\QuickConnect\QuickConnect.exe:*:Enabled:QuickConnect
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
Uninstall List
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
<NO NAME> REG_SZ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\53F13DB4D9611FD63BE580F06F0729BF236ABE68
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Professional
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Illustrator CS2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe SVG Viewer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Branding
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectAnimation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EndNote
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EPSON Printer and Utilities
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICW
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigationAPIs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InterActual Player
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISI ResearchSoft - Export Helper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Java Web Start
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB884016
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB884267
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB885353
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB886612
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB887078
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB887626
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB888656
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB889858
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB891122
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB892313
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893240
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893241
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893803
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895181
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895316
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895572
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB897586
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB898549
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB900399
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB902344
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB907658
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB909520
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911564
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911565
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911854
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB917734_WMP10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923561
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923689
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923789
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB925398_WMP64
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB929399
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB931906
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB936782_WMP11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB938464
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB939683
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB941569
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB946648
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950759
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950760
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950762
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950974
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951066
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951072-v2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951376
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951376-v2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951698
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951748
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951978
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952004
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952069_WM9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952287
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952954
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB953838
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB953839
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954154_WM11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954155_WM9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954211
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954459
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954550-v5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954600
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954708
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955069
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955759
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955839
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956390
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956391
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956572
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956744
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956802
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956803
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956841
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956844
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB957095
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB957097
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958215
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958644
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958687
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958690
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958869
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB959426
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB959772_WM11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960225
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960714
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960715
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960803
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960859
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961118
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961371
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961373
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961501
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961503
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB963027
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB967715
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968389
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968537
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968816_WM9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969059
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969897
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969897-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969898
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969947
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970238
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970430
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970653-v3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971180-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971468
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971486
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971557
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971633
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971657
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971737
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971961-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB972260-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB972270
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973346
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973354
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973507
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973525
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973540_WM9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973687
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973815
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973869
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973904
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974112
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974318
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974392
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974455-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974571
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975025
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975467
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975560
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975561
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975713
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976098-v2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976325-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976662-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976749-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977165
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977816
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977914
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978037
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978207-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978251
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978262
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978338
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978542
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978601
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978706
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979306
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979309
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979683
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980182-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980232
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981332-IE8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981793
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lexmark 3500-4500 Series
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lexmark 4800 Series
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lexmark Fax Solutions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\M953297
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1 (1033)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 3.5 SP1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox (3.5.10)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Thunderbird (3.0.1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-KB884016
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30a-KB884016
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-Beta
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-RC1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Neoteris_Secure_Application_Manager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Netscape (7.2)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlevelMapping
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OLYMPUS FV1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OLYMPUS FV1000 Viewer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OnlineArmor_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pdf995
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PdfEdit995
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QwestQuickCare_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\R (D)COM Server_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\R for Windows_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegSupreme_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rhapsody
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SAM for Excel (Academic Version)_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sevinst
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Silent Package Run-Time Sample
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stanford Tools_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TaxCut Premium 2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07183.TBSB07183Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01005
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WGA
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WgaNotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite_Wave3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WMCSetup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wmp11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Write-N-Cite
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xp-AntiSpy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Anti-Spy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{00203668-8170-44A0-BE44-B632FA4D780F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0134A1A1-C283-4A47-91A1-92F19F960372}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0B073228-62C7-41A6-84EC-9D6DD9A28E4D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C826C5B-B131-423A-A229-C71B3CACCD6A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0CDE246F-1197-4374-91BE-1C8927755298}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0FC497E5-4EC1-4FE7-98C0-9AF57021F818}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15A5F982-D731-4432-9A06-83624CC23AE7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{205C6BDD-7B73-42DE-8505-9A093F35A238}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20FEBEA9-A318-4339-B8FA-7755FED22A93}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{236BB7C4-4419-42FD-0409-1E257A25E34D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216013FB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216014FB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216015FB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216017FB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216020FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2A6F1DE4-47DA-4452-8C90-5F3D4813C6DD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2CCBABCB-6427-4A55-B091-49864623C43F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3101CB58-3482-4D21-AF1A-7057FC935355}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{338F08AB-C262-42C7-B000-34DE1A475273}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3B4E636E-9D65-4D67-BA61-189800823F52}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C52E7DA-C431-4239-B66B-1BF703D5B194}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{43224D30-5941-47A4-9AD7-9250EE794396}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45A66726-69BC-466B-A7A4-12FCBA4883D7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4998FF95-709A-430A-B104-92A009ABB848}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{51F96AEC-D902-4434-A0DC-B9692A21AE7C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{693EF7BC-C5CA-43E6-AFA8-1F3FB63A8D92}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E04A7BF-65E9-4B74-85A0-929B100E1D04}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{77DCDCE3-2DED-62F3-8154-05E745472D07}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7AB3A249-FB81-416B-917A-A2A10E74C503}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F72902B-5166-4522-8610-76BD903F8584}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81BF6FB0-34E7-4897-A544-61AA6C3B1284}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{85991ED2-010C-4930-96FA-52F43C2CE98A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90110409-6000-11D3-8CFE-0150048383C9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0020-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95120000-00B9-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9611D325-5333-4415-8338-CA957D8564D0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9876E8C6-F8D7-4F43-84D3-B97D177F9466}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{995F1E2E-F542-4310-8E1D-9926F5A279B3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9F91B6C4-E892-4978-A571-B5A32BC2082C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A49F249F-0C91-497F-86DF-B2585E8E76B7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7091E1D-36A4-47F1-A739-173CC341414F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-1033-F400-7760-000000000004}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-1033-F400-7760-000000000004}_932
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A93000000001}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AFAC914D-9E83-4A89-8ABE-427521C82CCF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B017026E-FC02-4CD4-A848-52447D60676B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2D328BE-45AD-4D92-96F9-2151490A203E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B74D4E10-6884-0000-0000-000000000103}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BCE72AED-3332-4863-9567-C5DCB9052CA2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C04E32E0-0416-434D-AFB9-6969D703A9EF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C190CB55-817E-4713-84F4-0BBB8961CED9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D6E92BCC-717B-4B2A-A82E-8368D4B5F45F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D7A6C517-11F2-419F-B5BB-27772B939698}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E0000600-0600-0600-0600-000000000600}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9787678-1033-0000-8E67-000000000001}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA19EDB3-DF71-448F-AFBF-1EEB3ACB9B31}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EBC91840-41E1-4CC3-AC11-0B889546223C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EFCE5837-FC21-11D6-9D24-00010240CE95}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F02CF4B0-05EC-4938-A8D2-F739AF3B4363}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F060A75A-9D6E-46F5-A9E6-7B513F4F44FB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F7B0939E-58DF-11DF-B3A6-005056806466}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
Adobe Products
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX
DisplayName REG_SZ Adobe Flash Player 10 ActiveX
DisplayVersion REG_SZ 10.0.32.18
Publisher REG_SZ Adobe Systems Incorporated
URLInfoAbout REG_SZ http://www.adobe.com/go/getflashplayer
VersionMajor REG_SZ 10
VersionMinor REG_SZ 0
HelpLink REG_SZ http://www.adobe.com/go/flashplayer_support/
URLUpdateInfo REG_SZ http://www.adobe.com/go/flashplayer/
DisplayIcon REG_SZ C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
UninstallString REG_SZ C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
RequiresIESysFile REG_SZ 4.70.0.1155
NoModify REG_DWORD 0x1
NoRepair REG_DWORD 0x1
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin
DisplayName REG_SZ Adobe Flash Player 10 Plugin
DisplayVersion REG_SZ 10.0.42.34
Publisher REG_SZ Adobe Systems Incorporated
URLInfoAbout REG_SZ http://www.adobe.com/go/getflashplayer
DisplayIcon REG_SZ C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
UninstallString REG_SZ C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
NoModify REG_DWORD 0x1
NoRepair REG_DWORD 0x1
Autorun
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
NVMixerTray REG_SZ "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /install
amd_dc_opt REG_SZ "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
Acronis Scheduler2 Service REG_SZ "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
PDDM REG_SZ C:\Program Files\PatchLink\Update Agent\pddm.exe
Kernel and Hardware Abstraction Layer REG_SZ KHALMNPR.EXE
masqform.exe REG_SZ C:\Program Files\PureEdge\Viewer 6.0\masqform.exe -UpdateCurrentUser
EPSON Stylus CX5800F Series REG_SZ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIALA.EXE /P27 "EPSON Stylus CX5800F Series" /O6 "USB003" /M "Stylus CX5800F"
lxdemon.exe REG_SZ "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
lxdeamon REG_SZ "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
FaxCenterServer REG_SZ "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
KernelFaultCheck REG_EXPAND_SZ %systemroot%\system32\dumprep 0 -k
Adobe Acrobat Speed Launcher REG_SZ "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
<NO NAME> REG_SZ
Acrobat Assistant 8.0 REG_SZ "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
AppleSyncNotifier REG_SZ C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
QuickCare REG_SZ C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe /P QuickCare
lxdimon.exe REG_SZ "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
lxdiamon REG_SZ "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
Adobe ARM REG_SZ "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
ccApp REG_SZ "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray REG_SZ C:\PROGRA~1\SYMANT~1\VPTray.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
@OnlineArmor GUI REG_SZ "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
Restrictions - Internet Explorer
Restrictions - REGEDIT
Restrictions - Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoDriveTypeAutoRun REG_DWORD 0x91
DNS Settings
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{03B50D87-4503-4D8B-B890-3017C5B93E32}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{235DE593-39DE-4432-A5DD-BD7AB7E0A060}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{54401D30-6C81-4644-8B5A-F494A22B6BDB}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5E927268-3244-4D06-8CF1-58F3655CBDAA}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{88F59465-7181-4D2A-8EE4-6C271F29548F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{948B4B93-8E80-4B67-BA54-CDDD6C2D1D41}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F82E3A97-0768-471B-88AD-5640556FEC05}
Windows IP Configuration
Host Name . . . . . . . . . . . . : MadCat
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.actdsltmp
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : domain.actdsltmp
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-50-8D-DB-9E-34
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
205.171.3.25
Primary WINS Server . . . . . . . : 128.101.246.10
Lease Obtained. . . . . . . . . . : Monday, June 28, 2010 3:23:23 PM
Lease Expires . . . . . . . . . . : Tuesday, June 29, 2010 3:23:23 PM
AppInit DLLs
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Shell Service Object Delay Load
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
PostBootReminder REG_SZ {7849596a-48ea-486e-8937-a2a3009f31a9}
CDBurn REG_SZ {fbeb8a05-beee-4442-804e-409d6c4515e9}
WebCheck REG_SZ {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
SysTray REG_SZ {35CEC8A3-2BE6-11D2-8773-92E220524153}
WPDShServiceObj REG_SZ {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Shell Execute Hooks
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
{4F07DA45-8170-4859-9B5F-037EF2970034} REG_SZ OA Shell Helper
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} REG_SZ
Image File Execution Options
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apitrap.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cleanup.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divxdec.ax
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DJSMAR00.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRMINST.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncodeDivXExt.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncryptPatchVer.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\front.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fullsoft.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GBROWSER.DLL
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmarq.ocx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmm.ocx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image
-
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ishscan.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ISSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javai.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_g.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\main123w.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mngreg32.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msci_uno.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorsvr.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorwks.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msjava.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mso.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVOPTRF.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NeVideoFX.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPMLIC.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NSWSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photohse.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PMSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppw32hlp.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\printhse.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prwin8.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ps80.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psdmt.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qfinder.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qpw.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\salwrap.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup32.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sevinst.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcnet.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcore_ebook.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TFDTCTT8.DLL
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ua80.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\udtapi.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ums.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vb40032.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbe6.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wpwin8.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xlmlEN.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xwsetup.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_INSTPGM.EXE
Security Providers
Local Security Authority
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Bounds REG_BINARY 0030000000200000
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
ImpersonatePrivilegeUpgradeToolHasRun REG_DWORD 0x1
LsaPid REG_DWORD 0x36c
SecureBoot REG_DWORD 0x1
auditbaseobjects REG_DWORD 0x0
crashonauditfail REG_DWORD 0x0
disabledomaincreds REG_DWORD 0x0
everyoneincludesanonymous REG_DWORD 0x0
fipsalgorithmpolicy REG_DWORD 0x0
forceguest REG_DWORD 0x1
fullprivilegeauditing REG_BINARY 00
limitblankpassworduse REG_DWORD 0x1
lmcompatibilitylevel REG_DWORD 0x5
nodefaultadminowner REG_DWORD 0x1
nolmhash REG_DWORD 0x1
restrictanonymous REG_DWORD 0x1
restrictanonymoussam REG_DWORD 0x1
Notification Packages REG_MULTI_SZ scecli\0\0
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\MSV1_0
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache
AppCert DLLs
App Paths
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Acrobat.exe
Path REG_SZ C:\Program Files\Adobe\Acrobat 9.0\Acrobat\
<NO NAME> REG_SZ C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AcrobatInfo.exe
Path REG_SZ C:\Program Files\Adobe\Acrobat 9.0\Acrobat\
<NO NAME> REG_SZ C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AcroDist.exe
Path REG_SZ C:\Program Files\Adobe\Acrobat 9.0\Acrobat\
<NO NAME> REG_SZ C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroDist.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AcroRd32.exe
<NO NAME> REG_SZ C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Path REG_SZ C:\Program Files\Adobe\Reader 9.0\Reader\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ahc.exe
Path REG_SZ C:\Program Files\Adobe\Adobe Help Center\
<NO NAME> REG_SZ C:\Program Files\Adobe\Adobe Help Center\ahc.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Bridge.exe
<NO NAME> REG_SZ C:\Program Files\Adobe\Adobe Bridge\Bridge.exe
Path REG_SZ C:\Program Files\Adobe\Adobe Bridge\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ccApp.exe
PATH REG_SZ C:\Program Files\Common Files\Symantec Shared\;
<NO NAME> REG_SZ C:\Program Files\Common Files\Symantec Shared\ccApp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ccleaner.exe
<NO NAME> REG_SZ C:\Program Files\CCleaner\ccleaner.exe
Path REG_SZ C:\Program Files\CCleaner
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\chrome.exe
Path REG_SZ C:\Program Files\Google\Chrome\Application
<NO NAME> REG_SZ C:\Program Files\Google\Chrome\Application\chrome.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\cmmgr32.exe
Path REG_SZ C:\WINDOWS\system32
CmstpExtensionDll REG_SZ C:\WINDOWS\system32\cmcfg32.dll
CMInternalVersion REG_SZ 1.2
CmNative REG_DWORD 0x1
ProfilesUpgraded REG_DWORD 0x2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\CONF.EXE
<NO NAME> REG_SZ C:\Program Files\NetMeeting\conf.exe
Path REG_SZ C:\Program Files\NetMeeting;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\EN6Demo.EXE
<NO NAME> REG_SZ C:\Program Files\EndNote\EndNote6.exe
Path REG_SZ C:\Program Files\EndNote
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\EndNote6.EXE
<NO NAME> REG_SZ C:\Program Files\EndNote\EndNote6.exe
Path REG_SZ C:\Program Files\EndNote
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\excel.exe
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
<NO NAME> REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE
SaveURL REG_SZ 1
useURL REG_SZ 1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\faxctr.exe
Path REG_SZ C:\Program Files\Lexmark Fax Solutions
<NO NAME> REG_SZ C:\Program Files\Lexmark Fax Solutions\faxctr.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\firefox.exe
<NO NAME> REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe
Path REG_SZ C:\Program Files\Mozilla Firefox
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\FV10-ASW.exe
Viewer REG_SZ C:\Program Files\OlympusMicro\FLUOVIEW Viewer
Viewer_Version REG_SZ 01.07.02.02
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\HELPCTR.EXE
<NO NAME> REG_SZ C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN1.EXE
<NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN2.EXE
<NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\IEXPLORE.EXE
<NO NAME> REG_SZ C:\Program Files\Internet Explorer\IEXPLORE.EXE
Path REG_SZ C:\Program Files\Internet Explorer;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Illustrator.exe
Path REG_SZ C:\Program Files\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows
<NO NAME> REG_SZ C:\Program Files\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows\Illustrator.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ImageReady.exe
Path REG_SZ C:\Program Files\Adobe\Adobe Photoshop CS2\
<NO NAME> REG_SZ C:\Program Files\Adobe\Adobe Photoshop CS2\ImageReady.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\INETWIZ.EXE
<NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\install.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
BlockOnTSNonInstallMode REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InterActual Player
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InterActual Player\help
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InterActual Player\help\IA_help.htm
Path REG_SZ C:\Program Files\InterActual
<NO NAME> REG_SZ C:\Program Files\InterActual\InterActual Player\help\IA_help.htm
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InterActual Player\inuninst.exe
Path REG_SZ C:\Program Files\InterActual
<NO NAME> REG_SZ C:\Program Files\InterActual\InterActual Player\inuninst.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InterActual Player\iPlayer.exe
Path REG_SZ C:\Program Files\InterActual
<NO NAME> REG_SZ C:\Program Files\InterActual\InterActual Player\iPlayer.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\IPoint.exe
Path REG_SZ C:\Program Files\Microsoft IntelliPoint\
<NO NAME> REG_SZ "C:\Program Files\Microsoft IntelliPoint\IPoint.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ipsecdialer.exe
Path REG_SZ C:\Program Files\Cisco Systems\VPN Client
<NO NAME> REG_SZ C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ISIGNUP.EXE
<NO NAME> REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\iTunes.exe
<NO NAME> REG_SZ C:\Program Files\iTunes\iTunes.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\itype.exe
Path REG_SZ C:\Program Files\Microsoft IntelliType Pro\
<NO NAME> REG_SZ "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\javaw.Exe
Path REG_SZ C:\Program Files\Java\j2re1.4.1_02\bin
<NO NAME> REG_SZ C:\Program Files\Java\j2re1.4.1_02\bin\javaw.Exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\javaws.exe
<NO NAME> REG_SZ C:\Program Files\Java\jre6\bin\javaws.exe
Path REG_SZ C:\Program Files\Java\jre6\bin
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\LBTWiz.exe
<NO NAME> REG_SZ C:\Program Files\Logitech\SetPoint\LBTWiz.exe
Path REG_SZ C:\Program Files\Common Files\Logitech\Bluetooth
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\LUALL.EXE
<NO NAME> REG_SZ C:\Program Files\Symantec\LiveUpdate\LUALL.EXE
Path REG_SZ C:\Program Files\Symantec\LiveUpdate
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\masqform.exe
Path REG_SZ C:\Program Files\PureEdge\Viewer 6.0
<NO NAME> REG_SZ C:\Program Files\PureEdge\Viewer 6.0\masqform.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mbam.exe
<NO NAME> REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\migwiz.exe
<NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\usmt\migwiz.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MM.EXE
Path REG_SZ C:\Program Files\meetingmaker\
<NO NAME> REG_SZ C:\Program Files\meetingmaker\MM.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MousInfo.exe
Path REG_SZ C:\Program Files\Microsoft IntelliPoint\
<NO NAME> REG_SZ "C:\Program Files\Microsoft IntelliPoint\Mousinfo.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\moviemk.exe
<NO NAME> REG_SZ C:\Program Files\Movie Maker\moviemk.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mplayer2.exe
<NO NAME> REG_SZ "C:\Program Files\Windows Media Player\mplayer2.exe"
Path REG_SZ "C:\Program Files\Windows Media Player"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSCONFIG.EXE
<NO NAME> REG_SZ C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msimn.exe
<NO NAME> REG_EXPAND_SZ %ProgramFiles%\Outlook Express\msimn.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msinfo32.exe
<NO NAME> REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe
Path REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mskey.exe
Path REG_SZ C:\Program Files\Microsoft IntelliType Pro\
<NO NAME> REG_SZ "C:\Program Files\Microsoft IntelliType Pro\mskey.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSMSGS.EXE
<NO NAME> REG_SZ C:\Program Files\Messenger\msmsgs.exe
Path REG_SZ C:\Program Files\Messenger;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSNMSGR.EXE
<NO NAME> REG_SZ C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
Path REG_SZ C:\Program Files\Windows Live\Messenger\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MsoHtmEd.exe
useURL REG_SZ 1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msoxmled.exe
useURL REG_SZ 1
<NO NAME> REG_SZ C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLED.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSPUB.EXE
SaveURL REG_SZ 1
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
<NO NAME> REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\MSPUB.EXE
useURL REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mspview.exe
Path REG_SZ C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\
<NO NAME> REG_SZ C:\PROGRA~1\COMMON~1\MICROS~1\MODI\11.0\MSPVIEW.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Netscp.exe
<NO NAME> REG_SZ C:\Program Files\Netscape\Netscape\Netscp.exe
Path REG_SZ C:\Program Files\Netscape\Netscape\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Netscp6.exe
<NO NAME> REG_SZ C:\Program Files\Netscape\Netscape\Netscp.exe
Path REG_SZ C:\Program Files\Netscape\Netscape\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\nvmixer.exe
Path REG_SZ C:\Program Files\NVIDIA Corporation\NvMixer
<NO NAME> REG_SZ C:\Program Files\NVIDIA Corporation\NvMixer\nvmixer.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\nvmixertray.exe
<NO NAME> REG_SZ C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
Path REG_SZ C:\Program Files\NVIDIA Corporation\NvMixer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ois.exe
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
<NO NAME> REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\OIS.EXE
SaveURL REG_SZ 0
useURL REG_SZ 1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\pbrush.exe
<NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\mspaint.exe
Path REG_EXPAND_SZ %SystemRoot%\system32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PerfectDisk.exe
<NO NAME> REG_SZ C:\Program Files\Raxco\PerfectDisk\PerfectDisk.exe
Path REG_SZ C:\Program Files\Raxco\PerfectDisk\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PhotoImpression.exe
Path REG_SZ C:\Program Files\ArcSoft\PhotoImpression 5
<NO NAME> REG_SZ C:\Program Files\ArcSoft\PhotoImpression 5\PhotoImpression.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Photoshop.exe
Path REG_SZ C:\Program Files\Adobe\Adobe Photoshop CS2\
<NO NAME> REG_SZ C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PictureViewer.exe
Path REG_SZ C:\Program Files\QuickTime\
<NO NAME> REG_SZ C:\Program Files\QuickTime\PictureViewer.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\powerpnt.exe
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
<NO NAME> REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\POWERPNT.EXE
SaveURL REG_SZ 1
useURL REG_SZ 1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\QuickTimePlayer.exe
<NO NAME> REG_SZ C:\Program Files\QuickTime\QuickTimePlayer.exe
Path REG_SZ C:\Program Files\QuickTime\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\QuickTour.exe
<NO NAME> REG_SZ C:\Program Files\Logitech\SetPoint\QuickTour.exe
Path REG_SZ C:\Program Files\Logitech\SetPoint
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Rhapsody.exe
Path REG_SZ C:\Program Files\Rhapsody\
<NO NAME> REG_SZ C:\Program Files\Rhapsody\rhapsody.exe
Version REG_SZ 4.0.5.209
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Safari.exe
<NO NAME> REG_SZ C:\Program Files\Safari\Safari.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\SetPoint.exe
<NO NAME> REG_SZ C:\Program Files\Logitech\SetPoint\SetPoint.exe
Path REG_SZ C:\Program Files\Logitech\SetPoint
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\setup.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
BlockOnTSNonInstallMode REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Sprint.exe
<NO NAME> REG_SZ C:\Program Files\Abbyy FineReader 6.0 Sprint\Sprint.exe
Path REG_SZ C:\Program Files\Abbyy FineReader 6.0 Sprint\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Spw.exe
Path REG_SZ C:\Program Files\SigmaPlot\SPW10\Spw.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\table30.exe
UseShortName REG_SZ
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\thunderbird.exe
<NO NAME> REG_SZ C:\Program Files\Mozilla Thunderbird\thunderbird.exe
Path REG_SZ C:\Program Files\Mozilla Thunderbird
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\VPC32.exe
<NO NAME> REG_SZ C:\Program Files\Symantec AntiVirus\VPC32.exe
Path REG_SZ C:\Program Files\Symantec AntiVirus\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\vpngui.exe
Path REG_SZ C:\Program Files\Cisco Systems\VPN Client\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\vptray.exe
<NO NAME> REG_SZ C:\PROGRA~1\SYMANT~1\VPTray.exe
path REG_SZ C:\Program Files\Common Files\Symantec Shared\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wab.exe
<NO NAME> REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wab.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wabmig.exe
<NO NAME> REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wabmig.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\winnt32.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WinRAR.exe
<NO NAME> REG_SZ C:\Program Files\WinRAR\WinRAR.exe
Path REG_SZ C:\Program Files\WinRAR
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Winword.exe
useURL REG_SZ 1
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
<NO NAME> REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\WINWORD.EXE
SaveURL REG_SZ 1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wmplayer.exe
<NO NAME> REG_SZ C:\Program Files\Windows Media Player\wmplayer.exe
Path REG_SZ C:\Program Files\Windows Media Player
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WORDPAD.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WRITE.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\xp-AntiSpy.exe
<NO NAME> REG_SZ C:\Program Files\xp-AntiSpy\xp-AntiSpy.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\XPSViewer.exe
<NO NAME> REG_SZ "C:\WINDOWS\system32\XPSViewer\XPSViewer.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\YourApp.exe
Path REG_SZ C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor
<NO NAME> REG_SZ C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\YourApp.exe
Mozilla
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Desktop
haveBeenSet REG_SZ 1
showDialog REG_SZ 1
showMapiDialog REG_SZ 0
HKEY_LOCAL_MACHINE\Software\Clients\Mail REG_SZ Mozilla Thunderbird
HKEY_CURRENT_USER\Software\Clients\Mail REG_SZ Mozilla Thunderbird
defaultMailHasBeenSet REG_SZ 1
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions
{20a82645-c095-46ed-80e3-08825760534b} REG_SZ C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[email protected] REG_EXPAND_SZ C:\Program Files\Java\jre6\lib\deploy\jqs\ff
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox
<NO NAME> REG_SZ 1.9.1.10
CurrentVersion REG_SZ 3.5.10 (en-US)
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.10 (en-US)
<NO NAME> REG_SZ 3.5.10 (en-US)
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.10 (en-US)\Main
Install Directory REG_SZ C:\Program Files\Mozilla Firefox
PathToExe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.10 (en-US)\Uninstall
Description REG_SZ Mozilla Firefox (3.5.10)
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.10
GeckoVer REG_SZ 1.9.1.10
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.10\bin
PathToExe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.10\extensions
Components REG_SZ C:\Program Files\Mozilla Firefox\components
Plugins REG_SZ C:\Program Files\Mozilla Firefox\plugins
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird
<NO NAME> REG_SZ 1.9.1.7
CurrentVersion REG_SZ 3.0.1 (en-US)
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird\3.0.1 (en-US)
<NO NAME> REG_SZ 3.0.1 (en-US)
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird\3.0.1 (en-US)\Main
Install Directory REG_SZ C:\Program Files\Mozilla Thunderbird
PathToExe REG_SZ C:\Program Files\Mozilla Thunderbird\thunderbird.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird\3.0.1 (en-US)\Uninstall
Description REG_SZ Mozilla Thunderbird (3.0.1)
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird 1.5
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird 3.0.1
GeckoVer REG_SZ 1.9.1.7
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird 3.0.1\bin
PathToExe REG_SZ C:\Program Files\Mozilla Thunderbird\thunderbird.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird 3.0.1\extensions
Components REG_SZ C:\Program Files\Mozilla Thunderbird\components
Plugins REG_SZ C:\Program Files\Mozilla Thunderbird\plugins
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Netscape 7.2
GeckoVer REG_SZ 1.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Netscape 7.2\bin
PathToExe REG_SZ C:\Program Files\Netscape\Netscape\Netscp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Netscape 7.2\Extensions
Components REG_SZ C:\Program Files\Netscape\Netscape\Components
Plugins REG_SZ C:\Program Files\Netscape\Netscape\Plugins
Shared Task Scheduler
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1} REG_SZ Browseui preloader
{8C7461EF-2B13-11d2-BE35-3078302C2030} REG_SZ Component Categories cache daemon
SafeBoot
SafeBootMinimal
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
SafeBootNetwork
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
File Rename Operations - Session
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations
Known DLLs - Session
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls
advapi32 REG_SZ advapi32.dll
comdlg32 REG_SZ comdlg32.dll
DllDirectory REG_EXPAND_SZ %SystemRoot%\system32
gdi32 REG_SZ gdi32.dll
imagehlp REG_SZ imagehlp.dll
kernel32 REG_SZ kernel32.dll
lz32 REG_SZ lz32.dll
ole32 REG_SZ ole32.dll
oleaut32 REG_SZ oleaut32.dll
olecli32 REG_SZ olecli32.dll
olecnv32 REG_SZ olecnv32.dll
olesvr32 REG_SZ olesvr32.dll
olethk32 REG_SZ olethk32.dll
rpcrt4 REG_SZ rpcrt4.dll
shell32 REG_SZ shell32.dll
url REG_SZ url.dll
urlmon REG_SZ urlmon.dll
user32 REG_SZ user32.dll
version REG_SZ version.dll
wininet REG_SZ wininet.dll
wldap32 REG_SZ wldap32.dll
Downloaded program files (ActiveX)
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{019D5592-3928-4DE4-BAA2-1F2E5EEF4CF6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{27B87596-448E-40CB-B3B4-4F329FF540EC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{45EEDB84-57BC-4FBD-8065-7AB8E971B545}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{46965FE7-2129-407B-938C-BE358A56D11E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7E8DC73D-69CD-4F67-99B1-8DC6E42F6246}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{860FFAFE-5AAA-11D2-81EB-006008A2E49D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9A0CA502-7DA4-4B72-B5D4-D280DE8D4512}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{ACEFFC26-4628-11D1-B14A-105C01C13001}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B7B8B614-6A5C-4140-A303-43CEB589D6A5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B7EA9615-586E-4193-9C3C-A29CA577E040}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CE10AD66-84BC-46A9-9424-C863199C0408}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E5F5D008-DD2C-4D32-977D-1A0ADF03058B}
PATH: C:\windows\Downloaded Program Files
1775576.CHN
AHSCompressionEngine.dll
AHSCompressionEngine.inf
AICForms.inf
AICViewer.ocx
aic_ViewerAS2.inf
AIC_ViewerAS2.ocx
DictateBar.dll
DictateBar.inf
DictionaryManager.exe
DictionaryManager.INF
erma.inf
FMDEditor.ocx
ImgXCAB61.INF
ImgXCAB61.ocx
ImgXDialog61.dll
ImgXDialog61.INF
JuniperSetup.INF
JuniperSetup.ocx
setup2.inf
string_de.properties
string_en.properties
string_es.properties
string_fr.properties
string_ja.properties
string_ko.properties
string_zh.properties
string_zh_cn.properties
twrtf.inf
twrtf.ocx
VSMCOMM.dll
VSMVDI.dll
wavital.inf
WAVitalSignsCtl.ocx
WAVSMComSvr.dll
wspell.inf
Mountpoints
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\A
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00f31f2b-cb1d-11dd-8e05-001ee51ea6fb}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03dbba33-805b-11dd-8dee-001ee51ea6fb}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{147f134a-13a2-11df-8e4e-001ee51ea6fb}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ca988e2-7216-11db-9810-ea2aaf0774d6}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25301010-7218-11db-9a8b-806d6172696f}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{344906fc-8b40-11de-8e32-001ee51ea6fb}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3483299e-7b0b-11da-afdb-806d6172696f}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{348329a1-7b0b-11da-afdb-806d6172696f}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{373285c7-5e9f-11de-8e24-001ee51ea6fb}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e137373-714c-11dc-8db2-00508ddb9e34}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e137374-714c-11dc-8db2-00508ddb9e34}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{456422c6-db71-11dc-8dd0-00508ddb9e34}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{456422c7-db71-11dc-8dd0-00508ddb9e34}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64bb439d-daa4-11dd-8e0d-001ee51ea6fb}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{958727ea-763e-11de-8e25-001ee51ea6fb}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC
Winlogon
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
AutoRestartShell REG_DWORD 0x1
DefaultDomainName REG_SZ MADCAT
DefaultUserName REG_SZ pam
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD 0xffffffff
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0x0
passwordexpirywarning REG_DWORD 0xe
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 0x1
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 0x1
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0x0
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 0x1
ShowLogonOptions REG_DWORD 0x0
AltDefaultUserName REG_SZ pam
AltDefaultDomainName REG_SZ MADCAT
ChangePasswordUseKerberos REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SCLogon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Credentials
{END OF FILE}
-
(http://www.malwarebytes.org/forums/style_images/1/bf_new.gif) Please download Malwarebytes Anti-Malware from Malwarebytes.org (http://www.malwarebytes.org/mbam/program/mbam-setup.exe).
Alternate link: BleepingComputer.com (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe).
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)
Double Click mbam-setup.exe to install the application.
(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
- Please save the log to a location you will remember.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
- Copy and paste the entire report in your next reply.
-
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4260
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/29/2010 10:31:25 PM
mbam-log-2010-06-29 (22-31-25).txt
Scan type: Quick scan
Objects scanned: 188620
Time elapsed: 13 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
Please run a free online scan with the ESET Online Scanner (http://www.eset.com/onlinescan/)
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- When asked, allow the ActiveX control to install
- Click Start
- Make sure that the options Remove found threats and the option Scan unwanted applications is checked
- Click Scan (This scan can take several hours, so please be patient)
- Once the scan is completed, you may close the window
- Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
- Copy and paste that log as a reply to this topic
-
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=a97d33cc80130541a5f82a72fd3910ff
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-06-30 04:30:14
# local_time=2010-06-30 11:30:14 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 63732 63732 0 0
# compatibility_mode=6401 16777213 66 100 66974 5229640 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=191926
# found=0
# cleaned=0
# scan_time=7653
-
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
- Select Start > All Programs > Accessories > System tools > System Restore.
- On the dialogue box that appears select Create a Restore Point
- Click NEXT
- Enter a name e.g. Clean
- Click CREATE
You now have a clean restore point, to get rid of the bad ones:
- Select Start > All Programs > Accessories > System tools > Disk Cleanup.
- In the Drop down box that appears select your main drive e.g. C
- Click OK
- The System will do some calculation and the display a dialogue box with TABS
- Select the More Options Tab.
- At the bottom will be a system restore box with a CLEANUP button click this
- Accept the Warning and select OK again, the program will close and you are done
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe (http://oldtimer.geekstogo.com/OTC.exe) by OldTimer:
- Save it to your Desktop.
- Double click OTC.exe.
- Click the CleanUp! button.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
==
Please download TFC by OldTimer (http://oldtimer.geekstogo.com/TFC.exe) to your desktop
- Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- It will close all programs when run, so make sure you have saved all your work before you begin.
- Click the Start
button to begin the process. Depending on how often you clean temp
files, execution time should be anywhere from a few seconds to a minute
or two. Let it run uninterrupted to completion.
- Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
==
Download Security Check by screen317 from SpywareInfoforum.org (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or Changelog.fr (http://screen317.changelog.fr/SecurityCheck.exe).- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
-
Results of screen317's Security Check version 0.99.4
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
ESET Online Scanner v3
Symantec AntiVirus
Online Armor 4.0
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
CCleaner
Java Web Start
Java(TM) 6 Update 20
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java 2 Runtime Environment, SE v1.4.1_02
Out of date Java installed!
Adobe Flash Player 10.1.53.64
Adobe Reader 9.3.2
Mozilla Firefox (3.5.10) Firefox Out of Date!
Mozilla Thunderbird (3.0.1) Thunderbird Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
````````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)
``````````End of Log````````````
-
Please download JavaRa (http://prm753.bchea.org/click/click.php?id=9) and unzip it to your Desktop.
Double click JavaRa.exe then click Remove Older Versions.
Follow any prompts; a log will popup (JavaRa.log)-- please post the contents of this log.
Next, open JavaRa.exe again, and select Search For Updates.
Select Update Using Sun Java's Website --> Search, and continue the instructions for downloading and installing the latest Java version.
==============================
Firefox is out of date. Firefox is a very popular web browser, and if it is out of date, it is very vulnerable to security bugs, and other holes. To update it now, click Help > Check for Updates.
======================
Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.
Software recommendations
AntiSpyware- SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html)
SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here (http://www.bleepingcomputer.com/tutorials/tutorial49.html).
- Spybot - Search & Destroy (http://www.safer-networking.org/en/tutorial/index.html).
Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).
NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.
Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.
Securing your computer- Windows Updates (http://update.microsoft.com) - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
- hpHosts file (http://hosts-file.net) replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.
Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.
If you are interested:
- Firefox may be downloaded from here: http://www.getfirefox.com (http://www.getfirefox.com)
- Opera is available here: http://www.opera.com/download/ (http://www.opera.com/download/)
See this page (http://www.helpmyos.com/learn-security-f40/preventing-malware-and-being-resistant-to-the-dangers-of-the-internet-t1516.htm) for more info about malware and prevention.
-
Thanks very much for your help with this, DragonMaster Jay.
-
You're welcome. :)