I run mocha(pkms) and mainframe, epc and other applications for work. Recently one of the new applications for work only works with ie6, so I tried running both ie7 and ie6 with multiple ies, but 6 was acting strange, so I uninstalled 7 and that left me with 6, that does not seem stable. Anyway, epc can sometimes have a lot of windows open and then my computer turns black and locks up.
Here are the logs from DSS.
Deckard's System Scanner v20071014.68
Run by Lucinda on 2008-03-11 01:11:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
24: 2008-03-11 05:11:47 UTC - RP24 - Deckard's System Scanner Restore Point
23: 2008-03-11 03:00:51 UTC - RP23 - Installed Nero 8
22: 2008-03-11 02:55:09 UTC - RP22 - Installed DirectX
21: 2008-03-10 11:40:16 UTC - RP21 - Removed PayPal Plug-In
20: 2008-03-09 13:16:32 UTC - RP20 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-02-29 12:02:14 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Lucinda.exe) ---------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:15:06 AM, on 3/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Axaware\SpamBully 4 for Outlook Express\sb4service.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Lucinda\Desktop\dss.exe
C:\DOCUME~1\Lucinda\Desktop\Lucinda.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: bxNewFolder - {51C8BCA8-2524-4523-BF09-738C4EEBFC58} - C:\PROGRA~1\BXNEWF~1\BXNEWF~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [LXBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Customize Menu -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Fill Forms -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: RoboForm Toolbar -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.exodusvipdesk.com
O15 - Trusted Zone: *.learn.com
O15 - Trusted Zone: *.vipdesk.com
O15 - Trusted Zone: *.vipdeskconnect.com
O15 - Trusted Zone: *.webroom.com
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) -
http://www.worldwinner.com/games/v47/share...GamesLoader.cabO16 - DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} (UMediaPlayer Class) -
http://www.umediaserver.net/bin/UMediaControl5.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {312159C7-B247-4322-835A-EDA779B9EC2B} (APCClient13.System) -
http://tcpastutewebprd/epcprod/DLL/APCClient13.CABO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftu...b?1201344323125O16 - DPF: {72820DC6-3AB9-49E8-9E58-9C462731C275} (Learn.com WebRoomLoader) -
http://www.stlu.com/webroom/prod/WebRoomLoader.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinner.com/games/shared/wwlaunch.cabO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) -
http://www.worldwinner.com/games/v67/swapit/swapit.cabO16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) -
http://www.worldwinner.com/games/v49/dinerdash/dinerdash.cabO16 - DPF: {C75BE5CC-7F80-458C-8B66-FAB86E3B13C3} (FotkiUploader Control) -
http://images.fotki.com/activex/FotkiUploader.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CarboniteService - Carbonite, Inc. (
www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxbx_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbxcoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XI\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XI\RpcSandraSrv.exe
O23 - Service: ServiceSB4 - Axaware - C:\Program Files\Axaware\SpamBully 4 for Outlook Express\sb4service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
--
End of file - 13109 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R1 ATMDLC (Attachmate DLC Protocol) - c:\windows\system32\drivers\atmdlc.sys <Not Verified; Attachmate Corporation; EXTRA! X-treme>
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
S3 GMSIPCI - d:\install\gmsipci.sys (file missing)
S3 MSICPL - d:\install4\msicpl.sys (file missing)
S3 NTACCESS - d:\ntaccess.sys (file missing)
S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda® Antivirus>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
R2 ServiceSB4 - c:\program files\axaware\spambully 4 for outlook express\sb4service.exe <Not Verified; Axaware; SB4service>
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Serial
Device ID: ROOT\LEGACY_SERIAL\0000
Manufacturer:
Name: Serial
PNP Device ID: ROOT\LEGACY_SERIAL\0000
Service: Serial
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Scheduled Tasks -------------------------------------------------------------
2008-03-09 08:23:07 294 --ah----- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
-- Files created between 2008-02-11 and 2008-03-11 -----------------------------
2008-03-11 00:34:20 0 d-------- C:\WINDOWS\LastGood
2008-03-10 23:04:27 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Nero
2008-03-10 23:01:03 0 d-------- C:\Program Files\Nero
2008-03-10 23:01:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-10 23:01:02 0 d-------- C:\Program Files\Common Files\Nero
2008-03-09 19:59:23 0 d-------- C:\Documents and Settings\Lucinda\.housecall6.6
2008-03-09 10:19:06 0 dr-h----- C:\Documents and Settings\Lucinda\Recent
2008-03-09 08:44:01 0 d-------- C:\Documents and Settings\Lucinda\Application Data\WholeSecurity
2008-03-08 20:48:13 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2008-03-08 20:47:05 0 d-------- C:\Program Files\Microsoft IntelliType Pro 5.5
2008-03-08 19:55:50 0 d-------- C:\Program Files\Driver-Soft
2008-03-07 21:39:08 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-07 21:38:50 0 d-------- C:\Program Files\Go-Go Gourmet
2008-03-07 21:36:32 0 --a------ C:\Program Files\temp01
2008-03-06 15:15:41 0 d-------- C:\Program Files\SpeedFan
2008-03-06 14:33:36 0 d-------- C:\Macromedia
2008-03-06 10:55:38 0 d-------- C:\Program Files\Send To Toys
2008-03-06 10:47:26 0 d-------- C:\Program Files\XMgr
2008-03-06 10:40:09 0 d-------- C:\Funny Pics
2008-03-06 10:39:02 0 d-------- C:\FontRenamer122(BestOne)
2008-03-04 20:45:56 163800 --a-s---- C:\WINDOWS\system32\FotkiUploadThumbDB.dat
2008-03-04 20:45:56 4920000 --a-s---- C:\WINDOWS\system32\FotkiThumbDB.dat
2008-03-04 07:51:06 0 d-------- C:\Program Files\SiSoftware
2008-03-04 07:42:21 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Jasc
2008-03-03 13:21:34 0 d-------- C:\FTW
2008-03-02 21:36:47 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-03-02 21:07:12 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-29 23:05:00 0 d-------- C:\Program Files\Ice Cream Craze
2008-02-29 00:20:12 0 d-------- C:\WINDOWS\BDOSCAN8
2008-02-28 14:56:07 0 d-------- C:\Program Files\FileTip
2008-02-28 11:27:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-02-28 11:27:26 0 d-------- C:\Program Files\Common Files\Ahead
2008-02-28 10:20:38 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-02-27 17:33:56 7340032 --a------ C:\Documents and Settings\Lucinda\ntuser.dat
2008-02-27 07:52:21 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-02-26 22:15:17 0 d-------- C:\SGF90
2008-02-26 22:14:41 0 d-------- C:\Tubes46
2008-02-26 10:10:32 0 d-------- C:\Downloads
2008-02-25 00:27:44 0 d-------- C:\Documents and Settings\Lucinda\Application Data\PlayFirst
2008-02-25 00:08:04 0 d-------- C:\WINDOWS\Cache
2008-02-24 00:23:41 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Unreal Streaming
2008-02-23 10:10:41 0 d-------- C:\Documents and Settings\All Users\Application Data\FunGames
2008-02-23 09:59:00 0 d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-02-22 19:48:31 0 d-------- C:\Fonts7
2008-02-22 19:03:18 0 d-------- C:\Tubes13
2008-02-22 09:16:54 0 d-------- C:\Program Files\My Lockbox
2008-02-21 23:36:16 0 d-------- C:\MOCHASOFT
2008-02-21 20:01:11 0 d-------- C:\Program Files\RegSupreme Pro
2008-02-21 19:19:17 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Corel
2008-02-21 19:17:36 0 d-------- C:\Program Files\Common Files\Corel
2008-02-20 08:43:07 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-02-20 08:43:07 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-02-20 08:43:07 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-02-20 08:43:07 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-02-20 08:43:07 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-02-20 08:43:07 786432 --ah----- C:\Documents and Settings\Administrator\ntuser.dat
2008-02-20 08:43:07 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-02-20 08:43:07 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-02-20 08:43:07 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-02-20 08:43:07 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-02-20 08:43:07 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-02-20 08:43:07 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-02-20 08:43:07 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-02-20 08:43:07 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-02-20 08:42:56 0 d--hs---- C:\WINDOWS\CSC
2008-02-20 08:39:56 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Leadertech
2008-02-19 10:02:45 4608 --a------ C:\WINDOWS\system32\W95Inf32.DLL <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2008-02-19 10:02:45 2272 --a------ C:\WINDOWS\system32\W95Inf16.DLL <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2008-02-19 09:03:03 0 d-------- C:\WINDOWS\system32\appmgmt
2008-02-18 17:37:16 0 d-------- C:\Program Files\MSXML 4.0
2008-02-18 12:54:39 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
2008-02-18 07:17:12 8576 --a------ C:\WINDOWS\system32\drivers\havqupnhrtca.sys <Not Verified; Panda Software International; RKPavProc Driver>
2008-02-18 07:09:23 0 d-------- C:\Program Files\Axaware
2008-02-18 06:58:57 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-02-18 06:46:22 0 d-------- C:\Program Files\Common Files\Jasc Software Inc
2008-02-18 06:45:51 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Jasc Software Inc
2008-02-18 06:41:06 0 d-------- C:\Program Files\Jasc Software Inc
2008-02-18 06:10:03 88 -r-hs---- C:\WINDOWS\system32\9844CE62F3.sys
2008-02-18 00:14:33 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-02-18 00:10:06 5226 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-02-18 00:08:33 0 d-------- C:\Program Files\Corel
2008-02-17 21:36:32 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Yahoo!
2008-02-17 21:23:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-02-17 21:21:22 0 d-------- C:\Program Files\Yahoo!
2008-02-17 09:11:08 0 d-------- C:\Documents and Settings\Lucinda\Application Data\LimeWire
2008-02-17 09:10:43 0 d-------- C:\Program Files\LimeWire
2008-02-16 09:07:56 0 d-------- C:\Program Files\Carbonite
2008-02-16 09:07:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Carbonite
2008-02-16 01:02:35 0 d-------- C:\ScrapKits
2008-02-15 20:31:18 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-02-15 20:23:42 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-02-15 20:22:34 0 d-------- C:\ATI
2008-02-15 18:08:33 0 d-------- C:\Program Files\Microsoft IntelliPoint
2008-02-15 18:07:11 0 d-------- C:\Swsetup
2008-02-15 17:04:00 0 d-------- C:\Drivers
2008-02-15 17:01:16 0 d-------- C:\Program Files\DriverGeniusPortable
2008-02-15 10:27:01 0 d-------- C:\Fonts6
2008-02-14 09:11:56 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Lavasoft
2008-02-14 09:11:45 0 d-------- C:\Program Files\Lavasoft
2008-02-14 08:17:09 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Thinstall
2008-02-14 07:45:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-13 22:21:05 0 d-------- C:\WINDOWS\Sun
2008-02-13 22:21:05 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Sun
2008-02-13 22:20:31 0 d-------- C:\Program Files\Java
2008-02-13 22:19:59 0 d-------- C:\Program Files\Common Files\Java
2008-02-12 20:32:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-02-11 14:52:38 0 d-------- C:\Windows Xp Plus SuperPack
2008-02-11 14:52:38 0 d-------- C:\Willmaker & Living Wills
2008-02-11 14:52:37 0 d-------- C:\WhereIsIt V3.72.327
2008-02-11 14:52:36 0 d-------- C:\Webshots.Galleries.Cats
2008-02-11 14:52:35 0 d-------- C:\webcamXP Pro 2006 v2.25.040
2008-02-11 14:52:35 0 d-------- C:\web.page.maker.2.01.keygen-tsrh
2008-02-11 14:52:35 0 d-------- C:\Web Pictures Grabber 2.00
2008-02-11 14:52:34 0 d-------- C:\Web Gallery Wizard PRO ver. 1.5.3113.1
2008-02-11 14:52:34 0 d-------- C:\Web Address Extractor v3.24
2008-02-11 14:52:34 0 d-------- C:\Wall Photo Maker 3.4
2008-02-11 14:52:33 0 d-------- C:\Voice Changer Software AV VCS 4.0.54
2008-02-11 14:52:33 0 d-------- C:\Vito Sketch Artists v2.6.1
2008-02-11 14:52:33 0 d-------- C:\Unlead Gif Animator 5 fully registered!
2008-02-11 14:38:59 0 d-------- C:\Tubes45
2008-02-11 14:38:36 0 d-------- C:\Tubes12
2008-02-11 14:38:03 0 d-------- C:\Tubes11
2008-02-11 14:37:45 0 d-------- C:\Tubes10
2008-02-11 14:37:28 0 d-------- C:\Tubes9
2008-02-11 14:36:38 0 d-------- C:\Tubes8
2008-02-11 14:32:27 0 d-------- C:\Tubces103 (108)
2008-02-11 14:32:24 0 d-------- C:\Tubces103 (85)
2008-02-11 14:31:53 0 d-------- C:\Tubces103 (83)
2008-02-11 14:31:52 0 d-------- C:\Tubces103 (78)
2008-02-11 14:31:46 0 d-------- C:\Tubces103 (69)
2008-02-11 14:31:46 0 d-------- C:\Tubces103 (68)
2008-02-11 14:31:46 0 d-------- C:\Tubces103 (67)
2008-02-11 14:31:44 0 d-------- C:\Tribal Tattoo Design Tool 1.6
2008-02-11 14:31:44 0 d-------- C:\TranslatePlugInSetup
2008-02-11 14:31:44 0 d-------- C:\The Illustrated Dictionary of Electronics 8th Edition
2008-02-11 14:31:35 0 d-------- C:\Tarot
2008-02-11 14:31:34 0 d-------- C:\Super Blade Pro
2008-02-11 14:30:53 0 d-------- C:\SL-ContoursII
2008-02-11 14:30:53 0 d-------- C:\SL-contours
2008-02-11 14:30:33 0 d-------- C:\SGF89
2008-02-11 14:29:04 0 d-------- C:\Screen_Savers
2008-02-11 14:21:42 0 d-------- C:\SBP_ShinyGoldPreset
2008-02-11 14:21:40 0 d-------- C:\sandflower specials
2008-02-11 14:20:19 0 d-------- C:\Railroad Tycoon
2008-02-11 14:20:18 0 d-------- C:\Quick.Notes.Plus.v5.0.47
2008-02-11 14:20:15 0 d-------- C:\psp_preset_shapes
2008-02-11 13:59:59 0 d-------- C:\PSP Files
2008-02-11 13:59:59 0 d-------- C:\PSP 9 Presets
2008-02-11 13:59:56 0 d-------- C:\Preset Shapes
2008-02-11 13:59:56 0 d-------- C:\PluginSwitch
2008-02-11 13:54:52 0 d-------- C:\Program Files\Cake Mania 2
2008-02-11 13:53:17 0 d-------- C:\Program Files\Big Island Blends
2008-02-11 13:50:49 0 d-------- C:\Plug-Ins
2008-02-11 09:08:14 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Webroot
2008-02-11 09:08:12 0 d-------- C:\Program Files\Webroot
2008-02-11 09:08:12 0 d-------- C:\Program Files\Common Files\Webroot Shared
2008-02-11 09:08:01 57344 --a------ C:\WINDOWS\Unwash6.exe <Not Verified; Webroot Software, Inc.; >
2008-02-11 09:08:01 487936 --a------ C:\WINDOWS\system32\wwSecure.exe <Not Verified; Webroot Software, Inc.; >
-- Find3M Report ---------------------------------------------------------------
2008-03-10 23:12:16 0 d-------- C:\Program Files\Lx_cats
2008-03-10 23:01:02 0 d-------- C:\Program Files\Common Files
2008-03-10 22:50:06 0 d-------- C:\Program Files\YPOPs
2008-03-10 20:53:21 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-09 10:21:20 0 d-------- C:\Program Files\Interaction Client .NET Edition
2008-02-28 10:14:49 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-27 23:11:59 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Adobe
2008-02-26 09:17:19 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-02-21 08:52:18 0 d-------- C:\Program Files\PictureSorter
2008-02-21 07:56:54 0 d-------- C:\Program Files\VIPdesk IM
2008-02-20 22:29:53 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-20 22:29:51 0 d-------- C:\Program Files\Symantec
2008-02-20 22:29:47 0 d-------- C:\Program Files\Symantec AntiVirus
2008-02-18 15:26:49 0 d-------- C:\Program Files\Lexmark 7100 Series
2008-02-18 15:23:28 0 d-------- C:\Program Files\Google
2008-02-18 15:23:28 0 d-------- C:\Program Files\GetRight
2008-02-18 15:15:25 0 d-------- C:\Program Files\bxNewFolder
2008-02-18 00:12:58 0 d-------- C:\Program Files\Common Files\InstallShield
2008-02-10 12:17:22 0 d-------- C:\Program Files\CrossLoop
2008-02-09 09:09:30 0 d-------- C:\Program Files\Outlook Express Attachment Extractor
2008-02-09 09:08:11 1 --a------ C:\WINDOWS\system32\epe2000.dll
2008-02-07 22:36:46 0 d-------- C:\Program Files\Pro Imaging Powertoys
2008-02-07 22:32:44 0 d-------- C:\Program Files\Common Files\Nikon
2008-02-07 17:09:29 0 d-------- C:\Program Files\CCleaner
2008-02-07 00:50:09 0 d-------- C:\Documents and Settings\Lucinda\Application Data\acccore
2008-02-07 00:50:08 0 d-------- C:\Documents and Settings\Lucinda\Application Data\AIMPro
2008-02-07 00:49:51 0 d-------- C:\Program Files\Common Files\Nullsoft
2008-02-07 00:49:47 0 d-------- C:\Program Files\AIM
2008-02-07 00:49:39 0 d-------- C:\Documents and Settings\Lucinda\Application Data\AIM
2008-02-06 22:55:20 0 d-------- C:\Documents and Settings\Lucinda\Application Data\eBay
2008-02-06 00:35:08 0 d-------- C:\Program Files\eBay
2008-02-05 23:57:51 0 d-------- C:\Program Files\Diskeeper Corporation
2008-02-05 23:56:20 0 d-------- C:\Program Files\DAMN NFO Viewer
2008-02-05 23:38:34 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Macromedia
2008-02-05 19:35:49 0 d-------- C:\Program Files\Attachmate
2008-02-05 12:35:54 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Intuit
2008-02-04 23:17:31 0 d-------- C:\Program Files\AWS
2008-02-04 23:17:31 0 d-------- C:\Documents and Settings\Lucinda\Application Data\WeatherBug
2008-02-04 21:45:40 0 d-------- C:\Program Files\ReflexiveArcade
2008-02-04 20:04:57 0 d-------- C:\Documents and Settings\Lucinda\Application Data\7100Series
2008-02-04 19:50:51 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-02-04 19:48:18 0 d-------- C:\Program Files\Lexmark_7100 Series
2008-02-04 19:29:02 0 d-------- C:\Program Files\OpenExpert
2008-01-31 23:59:37 0 d-------- C:\Program Files\Common Files\AnswerWorks 4.0
2008-01-31 00:12:00 0 d-------- C:\Program Files\ItsDeductible2005
2008-01-31 00:09:19 0 d-------- C:\Program Files\Common Files\Intuit
2008-01-30 13:24:28 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Interactive Intelligence
2008-01-30 13:05:03 0 d-------- C:\Program Files\Interactive Intelligence
2008-01-30 12:54:01 0 d-------- C:\Program Files\Common Files\Deterministic Networks
2008-01-30 12:53:45 0 d-------- C:\Program Files\Cisco Systems
2008-01-30 12:53:42 0 d-------- C:\Program Files\Learn.com
2008-01-30 12:53:32 0 d-------- C:\Program Files\MessageLabs
2008-01-30 12:51:58 0 d-------- C:\Program Files\VIPdesk Setup
2008-01-30 12:16:47 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Google
2008-01-29 00:18:01 0 d-------- C:\Documents and Settings\Lucinda\Application Data\MailFrontier
2008-01-27 23:08:35 0 d-------- C:\Program Files\Siber Systems
2008-01-27 12:11:09 0 d-------- C:\Program Files\Microsoft Works
2008-01-27 12:09:54 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-27 11:42:42 0 d-------- C:\Program Files\Common Files\L&H
2008-01-27 11:42:29 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-01-27 11:41:17 0 d-------- C:\Program Files\Microsoft.NET
2008-01-27 00:49:13 0 d-------- C:\Documents and Settings\Lucinda\Application Data\WinRAR
2008-01-26 06:52:10 0 d-------- C:\Program Files\Microsoft Silverlight
2008-01-26 00:47:47 0 d-------- C:\Program Files\MSXML 6.0
2008-01-26 00:09:34 0 d-------- C:\Program Files\MSBuild
2008-01-26 00:08:05 0 d-------- C:\Program Files\Reference Assemblies
2008-01-26 00:07:12 0 d-------- C:\Program Files\Windows Media Connect 2
2008-01-25 23:13:22 0 d-------- C:\Program Files\Messenger
2008-01-25 22:57:29 0 d-------- C:\Documents and Settings\Lucinda\Application Data\ATI
2008-01-25 22:35:07 0 d-------- C:\Program Files\ATI Technologies
2008-01-25 22:14:02 0 d-------- C:\Program Files\Setup Files
2008-01-25 22:07:02 0 d-------- C:\Program Files\Realtek
2008-01-25 22:06:58 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-01-25 20:59:09 0 d-------- C:\Program Files\MSI
2008-01-25 20:45:44 0 d-------- C:\Program Files\DIFX
2008-01-25 20:27:05 0 d-------- C:\Program Files\Common Files\ATI Technologies
2008-01-22 15:57:15 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Help
2008-01-22 12:55:50 0 d-------- C:\Documents and Settings\Lucinda\Application Data\Identities
2008-01-22 12:50:41 0 d-------- C:\Program Files\microsoft frontpage
2008-01-22 12:50:18 0 -rahs---- C:\MSDOS.SYS
2008-01-22 12:50:18 0 -rahs---- C:\IO.SYS
2008-01-22 12:50:18 0 --a------ C:\CONFIG.SYS
2008-01-22 12:50:18 0 --a------ C:\AUTOEXEC.BAT
2008-01-22 12:49:23 0 d--h----- C:\Program Files\WindowsUpdate
2008-01-22 12:48:20 0 d-------- C:\Program Files\Common Files\MSSoap
2008-01-22 12:48:07 0 d-------- C:\Program Files\Movie Maker
2008-01-22 12:47:15 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-01-22 12:47:00 0 d-------- C:\Program Files\Online Services
2008-01-22 12:46:49 0 d-------- C:\Program Files\MSN Gaming Zone
2008-01-22 12:46:37 0 d-------- C:\Program Files\Windows NT
2008-01-21 08:37:43 0 d-------- C:\Program Files\Common Files\ODBC
2008-01-21 08:37:39 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-01-21 08:37:11 62 --ahs---- C:\Documents and Settings\Lucinda\Application Data\desktop.ini
2008-01-18 02:15:24 1037824 --a------ C:\new_GameHouse_keygen.exe
2008-01-09 16:01:48 53248 --a------ C:\WINDOWS\bdoscandel.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXBXCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll" [11/02/2004 11:08 AM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 03:57 PM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [09/20/2007 09:51 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [08/29/2007 11:55 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/28/2006 08:00 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [01/28/2008 11:59 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
backup=C:\WINDOWS\pss\Adobe Acrobat Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GetRight.lnk]
path=C:\Documents and Settings\Lucinda\Desktop\Unused Desktop Shortcuts\GetRight.lnk
backup=C:\WINDOWS\pss\GetRight.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
backup=C:\WINDOWS\pss\Microsoft Office OneNote 2003 Quick Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VPN Client.lnk]
backup=C:\WINDOWS\pss\VPN Client.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lucinda^Start Menu^Programs^Startup^YPOPs.lnk]
backup=C:\WINDOWS\pss\YPOPs.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
"C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Carbonite Backup]
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CoolSwitch]
C:\WINDOWS\system32\taskswitch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eBayToolbar]
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
"C:\Program Files\Lexmark 7100 Series\ezprint.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer4_in_1]
"C:\Program Files\Lexmark 7100 Series\fm3032.exe" /s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\flockbox]
C:\Program Files\My Lockbox\flockbox.exe /a
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
"c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
C:\Program Files\MSI\Live Update 3\LMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbxmon.exe]
"C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert]
regsvr32 /s mqrt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
"C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
C:\Program Files\AWS\WeatherBug\Weather.exe 1
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]
"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b5aecc2-c81d-11dc-86ba-806d6172696f}]
AutoRun\command- D:\setup.exe
*Newly Created Service* - NERO_BACKITUP_SCHEDULER_3
-- Hosts -----------------------------------------------------------------------
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
7899 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-03-11 01:15:56 ------------
