[code]OTScanIt2 logfile created on: 3/5/2009 6:20:41 PM - Run 2
OTScanIt2 by OldTimer - Version 1.0.8.0 Folder = C:\Documents and Settings\Paige Lindsey\Desktop\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.07 Mb Total Physical Memory | 508.46 Mb Available Physical Memory | 50.14% Memory free
2.38 Gb Paging File | 1.95 Gb Available in Paging File | 81.67% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.71 Gb Total Space | 5.65 Gb Free Space | 10.71% Space Free | Partition Type: NTFS
Drive D: | 18.48 Gb Total Space | 1.56 Gb Free Space | 8.42% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: XAHRA
Current User Name: Paige Lindsey
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
adskscsrv.exe -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> [2008/02/28 19:43:37 | 00,079,360 | ---- | M] (Autodesk)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> [2009/02/08 20:04:36 | 00,307,704 | ---- | M] (Mozilla Corporation)
jucheck.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jucheck.exe -> [2008/06/10 03:27:03 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> [2008/07/11 16:48:54 | 00,641,208 | ---- | M] (McAfee, Inc.)
mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/10/10 16:16:00 | 00,792,696 | ---- | M] (McAfee, Inc.)
mcnasvc.exe -> %CommonProgramFiles%\mcafee\mna\mcnasvc.exe -> [2008/07/18 08:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.)
mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2008/07/09 14:49:10 | 00,358,736 | ---- | M] (McAfee, Inc.)
mcsacore.exe -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [2008/12/05 15:51:06 | 00,206,096 | ---- | M] ()
mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2008/06/20 05:41:04 | 00,144,704 | ---- | M] (McAfee, Inc.)
mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> [2008/09/16 10:04:12 | 00,605,512 | ---- | M] (McAfee, Inc.)
motivesb.exe -> %ProgramFiles%\SBC Self Support Tool\SmartBridge\MotiveSB.exe -> [2005/08/24 07:51:18 | 00,442,455 | ---- | M] (Motive, Inc.)
mpbtn.exe -> %ProgramFiles%\SBC Self Support Tool\bin\mpbtn.exe -> [2003/10/10 09:06:10 | 00,192,512 | ---- | M] ()
mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MPFSrv.exe -> [2008/07/09 17:36:30 | 00,884,360 | ---- | M] (McAfee, Inc.)
msascui.exe -> %ProgramFiles%\Windows Defender\MSASCui.exe -> [2006/11/03 19:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation)
msmpeng.exe -> %ProgramFiles%\Windows Defender\MsMpEng.exe -> [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/02/19 11:15:40 | 00,489,984 | ---- | M] (OldTimer Tools)
psiservice.exe -> %SystemRoot%\system32\PSIService.exe -> [2006/11/02 20:40:12 | 00,174,656 | ---- | M] ()
raysat_3dsmax9_32server.exe -> %ProgramFiles%\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -> [2006/09/29 11:48:06 | 00,065,536 | ---- | M] ()
realplay.exe -> %ProgramFiles%\Real\RealPlayer\RealPlay.exe -> [2006/08/24 02:17:15 | 00,026,112 | ---- | M] (RealNetworks, Inc.)
seaport.exe -> %ProgramFiles%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.)
tablet.exe -> %SystemRoot%\system32\Tablet.exe -> [2005/12/05 15:00:44 | 00,753,664 | ---- | M] (Wacom Technology, Corp.)
tabuserw.exe -> %SystemRoot%\system32\WTablet\TabUserW.exe -> [2005/12/05 14:59:02 | 00,114,688 | ---- | M] (Wacom Technology, Corp.)
wpwin12.exe -> %ProgramFiles%\WordPerfect Office 12\Programs\wpwin12.exe -> [2004/12/01 22:46:58 | 00,069,632 | ---- | M] (Corel Corporation)
[Win32 Services - Safe List]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2006/10/08 01:16:34 | 00,072,704 | ---- | M] (Adobe Systems)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(Autodesk Licensing Service) Autodesk Licensing Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> [2008/02/28 19:43:37 | 00,079,360 | ---- | M] (Autodesk)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(dlcc_device) dlcc_device [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\dlcccoms.exe -> [2005/10/27 15:41:52 | 00,491,520 | ---- | M] ( )
(fsssvc) Windows Live Family Safety [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\Family Safety\fsssvc.exe -> [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation)
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/02/25 23:47:22 | 00,137,200 | ---- | M] (Google)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/13 18:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [2008/12/05 15:51:06 | 00,206,096 | ---- | M] ()
(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/10/10 16:16:00 | 00,792,696 | ---- | M] (McAfee, Inc.)
(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\mcafee\mna\mcnasvc.exe -> [2008/07/18 08:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.)
(McODS) McAfee Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> [2008/06/20 13:10:22 | 00,361,800 | ---- | M] (McAfee, Inc.)
(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2008/07/09 14:49:10 | 00,358,736 | ---- | M] (McAfee, Inc.)
(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2008/06/20 05:41:04 | 00,144,704 | ---- | M] (McAfee, Inc.)
(McSysmon) McAfee SystemGuards [Win32_Own | On_Demand | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> [2008/09/16 10:04:12 | 00,605,512 | ---- | M] (McAfee, Inc.)
(mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit) [Win32_Own | Auto | Running] -> %ProgramFiles%\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -> [2006/09/29 11:48:06 | 00,065,536 | ---- | M] ()
(MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MPFSrv.exe -> [2008/07/09 17:36:30 | 00,884,360 | ---- | M] (McAfee, Inc.)
(NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Intel\PROSetWired\NCS\Sync\NetSvc.exe -> [2004/11/19 10:26:40 | 00,147,456 | ---- | M] (Intel(R) Corporation)
(ProtexisLicensing) ProtexisLicensing [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PSIService.exe -> [2006/11/02 20:40:12 | 00,174,656 | ---- | M] ()
(seaport) seaport [Win32_Own | Auto | Running] -> %ProgramFiles%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.)
(TabletService) TabletService [Win32_Own | Auto | Running] -> %SystemRoot%\system32\Tablet.exe -> [2005/12/05 15:00:44 | 00,753,664 | ---- | M] (Wacom Technology, Corp.)
(windefend) Windows Defender [Win32_Own | Auto | Running] -> %ProgramFiles%\Windows Defender\MsMpEng.exe -> [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
(AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\aliide.sys -> [2001/08/17 12:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\amdagp.sys -> [2008/04/13 12:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\asc.sys -> [2001/08/17 12:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\asc3550.sys -> [2001/08/17 12:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(ASCTRM) ASCTRM [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\asctrm.sys -> [2006/08/24 02:17:18 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\cmdide.sys -> [2001/08/17 12:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 12:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(DLABOIOM) DLABOIOM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLABOIOM.SYS -> [2005/09/08 04:20:00 | 00,025,628 | ---- | M] (Sonic Solutions)
(DLACDBHM) DLACDBHM [File_System | System | Running] -> %SystemRoot%\System32\Drivers\DLACDBHM.SYS -> [2005/08/25 11:16:52 | 00,005,628 | ---- | M] (Sonic Solutions)
(DLADResN) DLADResN [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLADResN.SYS -> [2005/09/08 04:20:00 | 00,002,496 | ---- | M] (Sonic Solutions)
(DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAIFS_M.SYS -> [2005/09/08 04:20:00 | 00,086,524 | ---- | M] (Sonic Solutions)
(DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAOPIOM.SYS -> [2005/09/08 04:20:00 | 00,014,684 | ---- | M] (Sonic Solutions)
(DLAPoolM) DLAPoolM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAPoolM.SYS -> [2005/09/08 04:20:00 | 00,006,364 | ---- | M] (Sonic Solutions)
(DLARTL_N) DLARTL_N [File_System | System | Running] -> %SystemRoot%\System32\Drivers\DLARTL_N.SYS -> [2005/08/25 11:16:16 | 00,022,684 | ---- | M] (Sonic Solutions)
(DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAUDFAM.SYS -> [2005/09/08 04:20:00 | 00,094,332 | ---- | M] (Sonic Solutions)
(DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAUDF_M.SYS -> [2005/09/08 04:20:00 | 00,087,036 | ---- | M] (Sonic Solutions)
(DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\DRVMCDB.SYS -> [2005/09/12 02:30:00 | 00,089,264 | ---- | M] (Sonic Solutions)
(DRVNDDM) DRVNDDM [File_System | Auto | Running] -> %SystemRoot%\System32\Drivers\DRVNDDM.SYS -> [2005/08/12 04:20:00 | 00,040,544 | ---- | M] (Sonic Solutions)
(E100B) Intel(R) PRO Network Connection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\e100b325.sys -> [2004/10/14 00:30:46 | 00,155,648 | ---- | M] (Intel Corporation)
(fssfltr) fssfltr [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\fssfltr_tdi.sys -> [2009/02/06 18:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> [2008/04/13 10:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFHWBS2.sys -> [2003/11/17 13:59:20 | 00,212,224 | ---- | M] (Conexant Systems, Inc.)
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSF_DP.sys -> [2003/11/17 13:56:26 | 01,042,432 | ---- | M] (Conexant Systems, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ialmnt5.sys -> [2005/10/14 13:15:18 | 01,302,812 | ---- | M] (Intel Corporation)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdmxsdk.sys -> [2003/04/09 10:48:08 | 00,011,043 | ---- | M] (Conexant)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfeavfk.sys -> [2008/06/27 06:08:40 | 00,079,240 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfebopk.sys -> [2008/06/27 06:08:40 | 00,035,240 | ---- | M] (McAfee, Inc.)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mfehidk.sys -> [2008/06/27 06:08:40 | 00,207,656 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mferkdk.sys -> [2008/06/20 05:41:38 | 00,034,152 | ---- | M] (McAfee, Inc.)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfesmfk.sys -> [2008/06/27 06:08:40 | 00,040,488 | ---- | M] (McAfee, Inc.)
(MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\MODEMCSA.sys -> [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation)
(MPFP) MPFP [Kernel | System | Running] -> %SystemRoot%\System32\Drivers\Mpfp.sys -> [2008/06/02 14:55:42 | 00,120,136 | ---- | M] (McAfee, Inc.)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\mraid35x.sys -> [2001/08/17 12:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(nv) nv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\nv4_mini.sys -> [2004/08/03 21:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation)
(PenClass) Pen Class [Kernel | Boot | Running] -> %SystemRoot%\system32\Drivers\PenClass.sys -> [2005/11/29 15:50:42 | 00,008,138 | ---- | M] (Wacom Technology Corporation)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> [2004/08/04 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2007/11/14 02:00:00 | 00,043,840 | ---- | M] (Sonic Solutions)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\ql1080.sys -> [2001/08/17 12:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\ql12160.sys -> [2001/08/17 12:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\ql1280.sys -> [2001/08/17 12:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\sisagp.sys -> [2008/04/13 12:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\sparrow.sys -> [2001/08/17 13:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sthda.sys -> [2006/02/10 10:19:12 | 01,107,224 | ---- | M] (SigmaTel, Inc.)
(symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\symc810.sys -> [2001/08/17 13:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\symc8xx.sys -> [2001/08/17 13:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\sym_hi.sys -> [2001/08/17 13:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\sym_u3.sys -> [2001/08/17 13:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\DRIVERS\ultra.sys -> [2001/08/17 12:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSF_CNXT.sys -> [2003/11/17 13:58:02 | 00,680,704 | ---- | M] (Conexant Systems, Inc.)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> Reg Error: Invalid data type. ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.google.com ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.google.com ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Page_URL" ->
www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com ->
HKEY_LOCAL_MACHINE\: Search\\"Start Page" ->
www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"First Home Page" -> http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1 ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/defaulta.aspx ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: Search\\"AutoSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx ->
HKEY_CURRENT_USER\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyOverride" -> 127.0.0.1 ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\Paige Lindsey\Application Data\Mozilla\FireFox\Profiles\4fcxgyjw.default\prefs.js ->
browser.search.defaultenginename -> "Yoog Search" ->
browser.search.defaulturl -> "http://www8.yoog.com/search.php?q=" ->
browser.search.selectedEngine -> "Yoog Search" ->
browser.startup.homepage -> "http://go.microsoft.com/fwlink/?LinkId=69157" ->
browser.startup.homepage_override.mstone -> "rv:1.9.0.6" ->
extensions.enabledItems -> {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 ->
extensions.enabledItems -> {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6 ->
< HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [&Yahoo! Toolbar Helper] -> [2008/07/28 04:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)
{6ebf7485-159f-4bff-a14f-b9e3aac4465b} [HKLM] -> %ProgramFiles%\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [Search Helper] -> [2009/01/14 17:49:24 | 00,092,504 | ---- | M] (Microsoft Corp.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> [2008/06/20 05:41:56 | 00,058,688 | ---- | M] (McAfee, Inc.)
{9030d464-4c02-4abf-8ecc-5164760863c6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/01/22 15:41:30 | 00,408,448 | ---- | M] (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar Helper] -> [2009/02/25 23:39:50 | 00,251,504 | ---- | M] ()
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [Google Toolbar Notifier BHO] -> [2009/02/25 23:47:25 | 00,657,904 | ---- | M] (Google Inc.)
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2008/11/14 12:25:26 | 00,150,032 | ---- | M] ()
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> %ProgramFiles%\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [Google Dictionary Compression sdch] -> [2009/02/25 23:39:49 | 00,522,224 | ---- | M] (Google Inc.)
{e15a8dc0-8516-42a1-81ea-dc94ec1acf10} [HKLM] -> %ProgramFiles%\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation)
{fdad4da1-61a2-4fd8-9c17-86f7ac245081} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [SingleInstance Class] -> [2008/07/28 04:47:42 | 00,160,496 | ---- | M] (Yahoo! Inc)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> %ProgramFiles%\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [&Google Toolbar] -> [2009/02/25 23:39:50 | 00,251,504 | ---- | M] ()
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2008/07/28 04:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [&Google Toolbar] -> [2009/02/25 23:39:50 | 00,251,504 | ---- | M] ()
ShellBrowser\\"{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> %ProgramFiles%\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation)
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [&Google Toolbar] -> [2009/02/25 23:39:50 | 00,251,504 | ---- | M] ()
WebBrowser\\"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{F0F8ECBE-D460-4B34-B007-56A92E8F84A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DLCCCATS" -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL [rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16] -> [2005/09/13 16:50:38 | 00,073,728 | ---- | M] ()
"mcagent_exe" -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe ["C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey] -> [2008/07/11 16:48:54 | 00,641,208 | ---- | M] (McAfee, Inc.)
"McENUI" -> %ProgramFiles%\McAfee\MHN\McENUI.exe [C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide] -> [2008/06/13 02:59:26 | 01,176,808 | ---- | M] (McAfee, Inc.)
"Motive SmartBridge" -> %ProgramFiles%\SBC Self Support Tool\SmartBridge\MotiveSB.exe [C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe] -> [2005/08/24 07:51:18 | 00,442,455 | ---- | M] (Motive, Inc.)
"QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2006/08/24 02:17:28 | 00,098,304 | ---- | M] (Apple Computer, Inc.)
"RealTray" -> %ProgramFiles%\Real\RealPlayer\RealPlay.exe [C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER] -> [2006/08/24 02:17:15 | 00,026,112 | ---- | M] (RealNetworks, Inc.)
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"Windows Defender" -> %ProgramFiles%\Windows Defender\MSASCui.exe ["C:\Program Files\Windows Defender\MSASCui.exe" -hide] -> [2006/11/03 19:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"swg" -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2007/06/18 17:32:56 | 00,068,856 | ---- | M] (Google Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> [2005/03/16 18:16:50 | 00,113,664 | ---- | M] (Adobe Systems, Inc.)
%AllUsersProfile%\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk -> %ProgramFiles%\SBC Self Support Tool\bin\matcli.exe -> [2003/10/10 09:06:10 | 00,217,088 | ---- | M] (Motive Communications, Inc.)
%AllUsersProfile%\Start Menu\Programs\Startup\TabUserW.exe.lnk -> %SystemRoot%\system32\WTablet\TabUserW.exe -> [2005/12/05 14:59:02 | 00,114,688 | ---- | M] (Wacom Technology, Corp.)
< Paige Lindsey Startup Folder > -> C:\Documents and Settings\Paige Lindsey\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel
\Control Panel\\"Connwiz Admin Lock" -> [0] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Display All Images with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll ["res://C:\Program Files\NetZero\qsacc\appres.dll/228"] -> File not found
Display Image with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll ["res://C:\Program Files\NetZero\qsacc\appres.dll/227"] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{219c3416-8cb2-491a-a3c7-d9fcddc9d600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{219c3416-8cb2-491a-a3c7-d9fcddc9d600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 17:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{219c3416-8cb2-491a-a3c7-d9fcddc9d600}" [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Blog This] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab [Windows Genuine Advantage Validation Tool] ->
{3DCEC959-378A-4922-AD7E-FD5C925D927F} [HKLM] -> http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab [Disney Online Games ActiveX Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key error.] ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Java Plug-in 1.6.0_02] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] ->
{E85362EF-40D4-4E5D-BE07-D6B036CCA277} [HKLM] -> https://secure.gopetslive.com/dev/gopets.cab [GoPets Control] ->
{F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} [HKLM] -> https://secure.gopetslive.com/dev/GoPetsWeb.cab [GoPetsWeb Control] ->
Microsoft XML Parser for Java [HKLM] -> file:///C:/WINDOWS/Java/classes/xmldso.cab [Reg Error: Key error.] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{41A102D9-20E3-468C-B5A9-A1BEDC94187B} -> (Intel(R) PRO/100 VE Network Connection) ->
{43A66A83-E708-4666-A08E-FBCA3B9EA745} -> () ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> %SystemRoot%\Explorer.exe -> [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005/10/14 12:45:38 | 00,135,168 | ---- | M] (Intel Corporation)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" [HKLM] -> %ProgramFiles%\Windows Defender\MpShHook.dll [Microsoft AntiMalware ShellExecuteHook] -> [2006/11/03 19:20:00 | 00,083,224 | ---- | M] (Microsoft Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 18:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\America Online 9.0\wEmail Removedexe" -> C:\Program Files\America Online 9.0\wEmail Removedexe [C:\Program Files\America Online 9.0\wEmail Removedexe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" -> C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync] -> [2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Documents and Settings\Paige Lindsey\Application Data\U3\00001860457492A0\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe" -> C:\Documents and Settings\Paige Lindsey\Application Data\U3\00001860457492A0\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe [C:\Documents and Settings\Paige Lindsey\Application Data\U3\00001860457492A0\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:*:Disabled:Skype] -> File not found
"C:\Program Files\America Online 9.0\wEmail Removedexe" -> C:\Program Files\America Online 9.0\wEmail Removedexe [C:\Program Files\America Online 9.0\wEmail Removedexe:*:Disabled:AOL] -> File not found
"C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe" -> C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe [C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:*:Disabled:Autodesk 3ds Max 9 32-bit] -> [2006/09/29 13:30:46 | 05,946,368 | ---- | M] (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\manager.exe" -> C:\Program Files\Autodesk\Backburner\manager.exe [C:\Program Files\Autodesk\Backburner\manager.exe:*:Disabled:backburner 2.3 manager] -> [2006/09/06 02:39:10 | 00,110,592 | ---- | M] (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\monitor.exe" -> C:\Program Files\Autodesk\Backburner\monitor.exe [C:\Program Files\Autodesk\Backburner\monitor.exe:*:Disabled:backburner 2.3 monitor] -> [2006/09/06 02:39:14 | 00,425,984 | ---- | M] (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\server.exe" -> C:\Program Files\Autodesk\Backburner\server.exe [C:\Program Files\Autodesk\Backburner\server.exe:*:Disabled:backburner 2.3 server] -> [2006/09/06 02:39:12 | 00,110,592 | ---- | M] (Autodesk, Inc.)
"C:\Program Files\Autodesk\Maya 8.5 Personal Learning Edition\bin\maya.exe" -> C:\Program Files\Autodesk\Maya 8.5 Personal Learning Edition\bin\maya.exe [C:\Program Files\Autodesk\Maya 8.5 Personal Learning Edition\bin\maya.exe:*:Disabled:Maya] -> File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" -> C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Disabled:McAfee Network Agent] -> [2008/07/18 08:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire] -> File not found
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox] -> [2009/02/08 20:04:36 | 00,307,704 | ---- | M] (Mozilla Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" -> C:\Program Files\Real\RealPlayer\realplay.exe [C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer] -> [2006/08/24 02:17:15 | 00,026,112 | ---- | M] (RealNetworks, Inc.)
"C:\Program Files\Softnyx\Rakion\Bin\rakion.bin" -> C:\Program Files\Softnyx\Rakion\Bin\rakion.bin [C:\Program Files\Softnyx\Rakion\Bin\rakion.bin:*:Disabled:rakion] -> File not found
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" -> C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync] -> [2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger] -> File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Disabled:Yahoo! FT Server] -> File not found
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019] -> [2008/04/13 18:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 12:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2004/08/10 12:04:08 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\G
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell
\G\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun
\G\Shell\AutoRun\\"" -> [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun\command
\G\Shell\AutoRun\command\\"" -> G:\LaunchU3.exe [G:\LaunchU3.exe -a] -> File not found
[Files/Folders - Created Within 30 Days]
_OTScanIt -> %SystemDrive%\_OTScanIt -> [2009/03/05 17:51:53 | 00,000,000 | ---D | C]
GooredFix.exe -> %UserProfile%\Desktop\GooredFix.exe -> [2009/03/05 16:25:51 | 00,094,208 | ---- | C] ()
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/03/05 15:35:35 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/03/05 15:34:41 | 00,661,370 | ---- | C] ()
Dragon story.wpd -> %UserProfile%\My Documents\Dragon story.wpd -> [2009/03/05 13:10:41 | 00,004,171 | ---- | C] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/05 12:41:04 | 00,001,734 | ---- | C] ()
Trend Micro -> %ProgramFiles%\Trend Micro -> [2009/03/05 12:41:03 | 00,000,000 | ---D | C]
HJTInstall.exe -> %UserProfile%\My Documents\HJTInstall.exe -> [2009/03/05 12:40:54 | 00,812,344 | ---- | C] (Trend Micro Inc.)
pussycat dolls - i hate this part.mp3 -> %UserProfile%\My Documents\pussycat dolls - i hate this part.mp3 -> [2009/03/04 04:24:56 | 06,965,376 | ---- | C] ()
963759e6-b34b-f648-28c3-2929735ebc68.exe -> %SystemRoot%\System32\963759e6-b34b-f648-28c3-2929735ebc68.exe -> [2009/03/04 04:17:57 | 00,085,590 | ---- | C] ()
setup.exe -> %UserProfile%\My Documents\setup.exe -> [2009/03/04 04:17:26 | 00,181,274 | ---- | C] ()
04 Thinking Of You.mp3 -> %UserProfile%\My Documents\04 Thinking Of You.mp3 -> [2009/03/01 09:06:02 | 03,948,251 | ---- | C] ()
WTF.mp3 -> %UserProfile%\My Documents\WTF.mp3 -> [2009/02/28 02:14:22 | 00,628,687 | ---- | C] ()
Disney - Hunchback of Notre Dame - The Bells of Notre Dame.mp3 -> %UserProfile%\My Documents\Disney - Hunchback of Notre Dame - The Bells of Notre Dame.mp3 -> [2009/02/27 00:52:21 | 06,157,523 | ---- | C] ()
Disney - The Hunchback of Notre Dame - Topsy Turvy.mp3 -> %UserProfile%\My Documents\Disney - The Hunchback of Notre Dame - Topsy Turvy.mp3 -> [2009/02/27 00:47:58 | 04,714,624 | ---- | C] ()
Disney - The Hunchback of Notre Dame - Out There.mp3 -> %UserProfile%\My Documents\Disney - The Hunchback of Notre Dame - Out There.mp3 -> [2009/02/27 00:44:10 | 04,248,20
