Virus alert next to clock

Computing.Net > Forums > Security and Virus > Virus alert next to clock

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Click here to start participating now! Also, check out the New User Guide.

Virus alert next to clock

Name: haze077
Date: November 18, 2008 at 17:17:43 Pacific
OS: Windows XP home 2002 SP 2
CPU/Ram: 640
Product: Dell Dimenson 3000

Comment:

I have a virus alert next to the clock on my computer. How do I get rid of it?

Google Ads

Response Number 1

Name: jabuck
Date: November 18, 2008 at 17:38:35 Pacific

Reply:

Welcome to Computing.net, please download Malwarebytes' Anti-Malware from one of these sites:
MalwareBytes1
MalwareBytes2
1. Double Click mbam-setup.exe to install the application.
2. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
3. If an update is found, it will download and install the latest version.
4. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient.
5. When the scan is complete, click OK, then Show Results to view the results.
6. Make sure that everything found is checked, and click Remove Selected.
7. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
8. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
9. Copy&Paste the entire report in your next reply.

Please download and install the latest version of HijackThis v2.0.2:

Download the "HijackThis" Installer from this link:
Hijack This

1. Save " HJTInstall.exe" to your desktop.
2. Double click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
8. Paste the log in your next reply.
9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
If you have trouble installing or running MalwareBytes or Hijack This do the following:
If you got them downloaded rename the setup file then try installing them again.
Right click the mbam-setup.exe file> click rename> rename it something.exe then try to run it. If it installed but will not run navigate to this folder:
C:\Programs Files\Malwarebytes' AntiMalware
Rename the mbam.exe file then try to run it again, if still no luck rename all the .exe files in the MAlwarebytes' Anti-Malware folder and try to run it again.
For Hijack This rename the Hijack This.exe file to something else and try installing it again.

Response Number 2

Name: haze077
Date: November 18, 2008 at 18:17:56 Pacific

Reply:

Malwarebytes' Anti-Malware 1.30
Database version: 1410
Windows 5.1.2600 Service Pack 2
11/18/2008 8:04:56 PM
mbam-log-2008-11-18 (20-04-56).txt
Scan type: Quick Scan
Objects scanned: 76906
Time elapsed: 1 hour(s), 29 minute(s), 38 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 24
Registry Values Infected: 7
Registry Data Items Infected: 15
Folders Infected: 29
Files Infected: 60
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7545d8c8-f53c-4e2f-8fa0-d248ef4a6e61} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bd4f7a6d-0107-4bdf-b72b-021b717b06ce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{964bf54a-a147-4b3f-9540-6c40cc6b9d8c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42ae5f74-0164-4f87-89be-85033ac91f2d} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f7c9fee8-75ff-4729-9912-78103373cb38} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{141b8a83-0b13-4830-a03d-437f651a8f09} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{be47068e-1501-4897-873a-3269d436556f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d1edcdb2-e2db-4beb-809c-31a494a72bcd} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{06cbcb4e-d5e8-47e3-9bb8-4005694a56c4} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcgbej0ee1p (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcgbej0ee1p (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clbdriver (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinCtrl32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fdkowvbp.bvar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fdkowvbp.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37ac8f48-9783-4a8f-8911-b43fb53beac3} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{37ac8f48-9783-4a8f-8911-b43fb53beac3} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhcgbej0ee1p (Rogue.AntivirusXP2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\backupwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (h:mm:ss tt) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\rhcgbej0ee1p\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Application Data\rhcgbej0ee1p\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\nlmmtuld.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dlutmmln.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nwksagro.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\orgaskwn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyigbkye.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eykbgiyn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\towlgsrd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drsglwot.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\wnslvxtf.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\WINDOWS\SysBA.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\SysBE.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\eblv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cymrqveq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddlkoola.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oizzyg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\midylz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\perdogcl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vdbqmmsl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dvvhvd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocktbp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rboihkce.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tpbqapsh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uarywn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uealvfhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ydmgpn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lqgavsyp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ltwwkrpp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\index.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\capt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\danger.jpg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\down.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\spacer.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sex1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sex2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\rhcgbej0ee1p.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcgbej0ee1p\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sex1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sex2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\clbinit.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Application Data\TmpRecentIcons\Vista Antivirus 2008.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\KIDS\Desktop\NAKED LADIES.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Favorites\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Favorites\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rachel\Favorites\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully.

Response Number 3

Name: haze077
Date: November 18, 2008 at 18:19:50 Pacific

Reply:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:17:35 PM, on 11/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Adapter\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Adapter\WMP54Gv4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\WINDOWS\system32\NOTEPAD.exe
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\ASOOPHUK\HiJackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\Yiesrvc1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {863684D8-6AFD-4588-A48A-0151964D8208} - C:\WINDOWS\system32\hgGaaYPh.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: fdkowvbp - {7EB73DDA-FC6B-4064-8B30-89E6AE779699} - C:\WINDOWS\fdkowvbp.dll (file missing)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\Yiesrvc1.DLL
O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program Files\Poker.com\poker.exe (file missing)
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v1...
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?lin...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v1...
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySp...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.c...
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd...
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v1...
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagame...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewo...
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v1...
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Adapter\WLService.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.exe
O24 - Desktop Component 0: (no name) - http://www.tomgpalmer.com/images/Pl...
O24 - Desktop Component 1: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 14818 bytes

Response Number 4

Name: jabuck
Date: November 18, 2008 at 18:37:45 Pacific

Reply:

Run Hijack This, close all windows and browsers except Hijack This, place a check to the left of the following items and press "fix checked":
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...
O2 - BHO: (no name) - {863684D8-6AFD-4588-A48A-0151964D8208} - C:\WINDOWS\system32\hgGaaYPh.dll (file missing)
O3 - Toolbar: fdkowvbp - {7EB73DDA-FC6B-4064-8B30-89E6AE779699} - C:\WINDOWS\fdkowvbp.dll (file missing)

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program Files\Poker.com\poker.exe (file missing)
O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O24 - Desktop Component 1: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
Exit Hijack This.
Download SDFix.exe and save it to your Desktop.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with SDFix or remove some of its embedded files which may cause "unpredictable results".
Click on This Link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.
1.Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.
2. Open the c:\SDFix folder and double click RunThis.cmd to start the script.
Type Y to begin the script.
It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
3. Your system will take longer that normal to restart as the fixtool will be running and removing files.
When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
4. Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt

Response Number 5

Name: haze077
Date: November 19, 2008 at 07:22:29 Pacific

Reply:

[b]SDFix: Version 1.240 [/b]
Run by Administrator on Wed 11/19/2008 at 08:50 AM
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File
Rebooting

[b]Checking Files [/b]:
No Trojan Files Found

microsoft digital media keyboard 1.0a sa60-743 symtdi.sys audio/x-pn-realaudio-plugin remove kodak easyshare software from Mac entourage 2008 error 39 i586 sed html parse del command switches virus change doc to exe	cmmgr32.exe down gif microsoft multimedia viewer cmmgr32.exe download cmmgr32.exe iesetup.exe update C:\WINDOWS\system32\ntbackup.exe backup trend micro uninstall password iesetup.exe termservdevices 1108
See More

Response Number 6

Name: jabuck
Date: November 19, 2008 at 14:22:36 Pacific

Reply:

Please download ComboFix to the desktop from one of the following links:
Link1
Link 2
Link 3
Combofix is a powerful tool so follow the instructions exactly or you could damage your computer.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with Combofix and remove some of its embedded files which may cause "unpredictable results".
Click on This Link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
In your case to run Combofix do the following:
1. Go offline turn off your Nortons antivirus, Yahoo Search Protection, Winpatrol and any other antispyware that you may have.
2. Run Combofix and save its log.
3. Restart the computer to get the antivirus running again but leave the antispyware programs off until we get the computer cleaned.
4. Post the Combofix log.

Remember to re-enable the protection again afterwards before connecting to the Internet.

Double-click combofix.exe
Follow the prompts.
(Don't click on the window while the program is running or move the mouse, it will cause your system to hang.)
Please post the log it produces.

Response Number 7

Name: haze077
Date: November 19, 2008 at 16:58:27 Pacific

Reply:

ComboFix 08-11-18.A2 - Rachel 2008-11-19 18:32:39.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.198 [GMT -6:00]
Running from: c:\documents and settings\Rachel\Desktop\ComboFix.exe
* Created a new restore point
[COLOR=RED][B]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/B][/COLOR]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\ahmkjbrq.ini
c:\windows\system32\aljhrcnx.ini2
c:\windows\system32\aljhrcnx.tmp
c:\windows\system32\ammagrrg.ini
c:\windows\system32\bdfnisub.ini
c:\windows\system32\bnvxkhjo.ini
c:\windows\system32\bohohbji.ini
c:\windows\system32\bsfbljaq.ini
c:\windows\system32\bszip.dll
c:\windows\system32\buldicuy.ini
c:\windows\system32\cxrpjtbv.ini
c:\windows\system32\dgvcqthr.ini
c:\windows\system32\dokklxgb.ini
c:\windows\system32\dsykvmqs.ini
c:\windows\system32\ebjcnlla.ini
c:\windows\system32\eitacvct.ini
c:\windows\system32\fcgqspyr.ini
c:\windows\system32\fnnovjor.ini
c:\windows\system32\gdsnaujo.ini
c:\windows\system32\grgfafxv.ini
c:\windows\system32\henplklx.ini
c:\windows\system32\hPYaaGgh.ini
c:\windows\system32\hPYaaGgh.ini2
c:\windows\system32\ijwpkqps.ini
c:\windows\system32\jgcibped.ini
c:\windows\system32\jjRuCcfe.ini2
c:\windows\system32\jlymueig.ini
c:\windows\system32\jxixjhcs.ini
c:\windows\system32\lgujccgn.ini
c:\windows\system32\ngrpjpot.ini
c:\windows\system32\nmqeyngg.ini
c:\windows\system32\pdkdnuqc.ini
c:\windows\system32\qbhdxlrl.ini
c:\windows\system32\qrqvekeq.ini2
c:\windows\system32\qrqvekeq.tmp
c:\windows\system32\rYFLkUvw.ini
c:\windows\system32\rYFLkUvw.ini2
c:\windows\system32\silsaetu.ini
c:\windows\system32\tetlxkpu.ini
c:\windows\system32\tkuaxvlk.ini2
c:\windows\system32\tkuaxvlk.tmp
c:\windows\system32\uenonwxl.ini
c:\windows\system32\usbgvjvb.ini
c:\windows\system32\vavpkosh.ini
c:\windows\system32\veashehk.ini
c:\windows\system32\vqyypowl.ini
c:\windows\system32\vrqhtxxr.ini
c:\windows\system32\wfdmdjgo.ini
c:\windows\system32\wserewyj.ini
c:\windows\system32\xqmoudgu.ini
c:\windows\system32\xsscgkyb.ini
c:\windows\system32\yuhwcoxt.ini
c:\windows\system32\yunqvrav.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CLBDRIVER

((((((((((((((((((((((((( Files Created from 2008-10-20 to 2008-11-20 )))))))))))))))))))))))))))))))
.
2008-11-19 18:39 . 2008-11-19 18:39 <DIR> d-------- c:\windows\LastGood.Tmp
2008-11-19 08:46 . 2008-11-19 08:46 <DIR> d-------- c:\windows\ERUNT
2008-11-19 08:39 . 2008-11-19 09:07 <DIR> d-------- C:\SDFix
2008-11-19 08:37 . 2004-12-14 10:07 229,376 -ra------ c:\windows\system32\hpovst08.dll
2008-11-19 08:11 . 2008-11-19 08:11 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard
2008-11-19 08:07 . 2004-09-29 12:12 278,584 --a------ c:\windows\system32\HPZidr12.dll
2008-11-19 08:07 . 2004-09-29 12:15 204,800 --a------ c:\windows\system32\HPZipr12.dll
2008-11-19 08:07 . 2004-09-29 12:09 94,208 --a------ c:\windows\system32\HPZipt12.dll
2008-11-19 08:07 . 2004-09-29 12:14 69,632 --a------ c:\windows\system32\HPZipm12.exe
2008-11-19 08:07 . 2004-09-29 12:08 61,440 --a------ c:\windows\system32\HPZinw12.exe
2008-11-19 08:07 . 2004-09-29 12:09 57,344 --a------ c:\windows\system32\HPZisn12.dll
2008-11-19 07:42 . 2004-12-14 10:07 21,744 -ra------ c:\windows\system32\drivers\HPZius12.sys
2008-11-18 21:53 . 2008-11-18 21:55 112,316 --a------ c:\windows\hpoins07.dat
2008-11-18 21:53 . 2005-12-16 16:17 51,120 --a------ c:\windows\system32\drivers\HPZid412.sys
2008-11-18 21:53 . 2005-12-16 16:17 21,124 --------- c:\windows\hpomdl07.dat
2008-11-18 21:53 . 2005-12-16 16:17 16,496 --a------ c:\windows\system32\drivers\HPZipr12.sys
2008-11-18 21:51 . 2004-12-14 10:07 581,632 -ra------ c:\windows\system32\hpotscl.dll
2008-11-18 21:51 . 2004-12-14 10:07 278,528 -ra------ c:\windows\system32\hpgwiamd.dll
2008-11-18 21:51 . 2004-12-14 10:07 274,432 -ra------ c:\windows\system32\HPZc3212.dll
2008-11-18 21:51 . 2005-12-16 16:18 98,304 --a------ c:\windows\system32\hpzjsn01.dll
2008-11-18 21:50 . 2005-12-16 16:17 393,216 --a------ c:\windows\system32\hpzcon12.dll
2008-11-18 21:50 . 2005-12-16 16:17 196,608 --a------ c:\windows\system32\hpzcoi12.dll
2008-11-18 21:45 . 2008-11-18 21:53 <DIR> d-------- c:\temp\HP_WebRelease
2008-11-18 18:31 . 2008-11-18 18:31 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-18 18:31 . 2008-11-18 18:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-18 18:31 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-18 18:31 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-18 15:46 . 2008-11-18 15:52 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Yahoo!
2008-11-18 15:43 . 2005-07-19 14:09 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Symantec
2008-11-18 15:43 . 2005-07-19 14:01 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Jasc Software Inc
2008-11-18 15:43 . 2008-11-18 15:43 <DIR> d-------- c:\documents and settings\Administrator
2008-11-18 13:27 . 2008-07-30 17:42 23,888 --a------ c:\windows\system32\drivers\COH_Mon.sys
2008-11-18 13:27 . 2008-07-30 17:28 10,537 --a------ c:\windows\system32\drivers\COH_Mon.cat
2008-11-18 13:27 . 2008-07-30 17:28 706 --a------ c:\windows\system32\drivers\COH_Mon.inf
2008-11-18 07:44 . 2008-11-19 09:37 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-18 07:44 . 2008-11-18 07:44 1,409 --a------ c:\windows\QTFont.for
2008-11-18 07:33 . 2008-10-03 11:41 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2008-11-18 07:33 . 2007-04-17 03:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-18 07:33 . 2007-03-07 23:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-18 07:33 . 2008-08-26 01:24 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2008-11-18 07:33 . 2008-08-26 01:24 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-18 07:33 . 2008-08-26 01:24 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2008-11-18 07:33 . 2008-08-26 01:24 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2008-11-18 07:33 . 2008-08-26 01:24 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-18 07:33 . 2008-08-25 02:38 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2008-11-18 07:18 . 2008-11-18 07:18 <DIR> d-------- c:\program files\Sun
2008-11-17 21:32 . 2008-11-17 21:32 <DIR> d-------- c:\program files\NickOnline
2008-11-17 17:01 . 2008-11-17 17:01 664 --a------ c:\windows\system32\d3d9caps.dat
2008-11-14 03:09 . 2008-11-14 03:09 197 --a------ c:\windows\system32\MRT.INI
2008-11-14 01:20 . 2008-11-18 20:29 <DIR> d-------- c:\windows\system32\CatRoot_bak
2008-11-13 22:26 . 2008-05-01 08:30 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2008-11-13 22:13 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-10-29 23:40 . 2008-10-29 23:40 244 --ah----- C:\sqmnoopt06.sqm
2008-10-29 23:40 . 2008-10-29 23:40 232 --ah----- C:\sqmdata06.sqm
2008-10-27 12:37 . 2008-10-27 12:37 244 --ah----- C:\sqmnoopt05.sqm
2008-10-27 12:37 . 2008-10-27 12:37 232 --ah----- C:\sqmdata05.sqm
2008-10-24 13:58 . 2008-10-24 13:58 244 --ah----- C:\sqmnoopt04.sqm
2008-10-24 13:58 . 2008-10-24 13:58 232 --ah----- C:\sqmdata04.sqm
2008-10-24 13:56 . 2008-10-24 13:56 244 --ah----- C:\sqmnoopt03.sqm
2008-10-24 13:56 . 2008-10-24 13:56 232 --ah----- C:\sqmdata03.sqm
2008-10-24 12:42 . 2008-10-24 12:42 244 --ah----- C:\sqmnoopt02.sqm
2008-10-24 12:42 . 2008-10-24 12:42 232 --ah----- C:\sqmdata02.sqm
2008-10-23 10:47 . 2008-10-23 10:47 244 --ah----- C:\sqmnoopt01.sqm
2008-10-23 10:47 . 2008-10-23 10:47 232 --ah----- C:\sqmdata01.sqm
2008-10-23 05:59 . 2008-10-23 05:59 244 --ah----- C:\sqmnoopt00.sqm
2008-10-23 05:59 . 2008-10-23 05:59 232 --ah----- C:\sqmdata00.sqm
2008-10-22 19:30 . 2008-10-22 19:30 262,144 --a------ C:\ntuser.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-19 20:54 --------- d-----w c:\program files\Full Tilt Poker
2008-11-19 14:30 --------- d-----w c:\program files\Hp
2008-11-19 14:17 --------- d-----w c:\program files\Hewlett-Packard
2008-11-19 14:03 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-19 03:04 --------- d-----w c:\program files\Google
2008-11-18 19:27 --------- d-----w c:\program files\Symantec
2008-11-18 13:17 --------- d-----w c:\program files\Java
2008-11-13 22:42 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2008-11-13 22:42 123,952 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2008-11-13 22:42 10,671 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2008-11-13 22:40 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-11-13 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\yahoo!
2008-10-29 00:33 --------- d-----w c:\program files\LimeWire
2008-10-29 00:07 --------- d-----w c:\program files\PC Tools AntiVirus
2008-10-28 20:20 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-03 20:14 39,984 ----a-w c:\windows\system32\drivers\symids.sys
2008-10-03 20:14 37,936 ----a-w c:\windows\system32\drivers\symndisv.sys
2008-10-03 20:14 35,120 ----a-w c:\windows\system32\drivers\symndis.sys
2008-10-03 20:14 27,696 ----a-w c:\windows\system32\drivers\symredrv.sys
2008-10-03 20:14 187,952 ----a-w c:\windows\system32\drivers\symtdi.sys
2008-10-03 20:14 146,096 ----a-w c:\windows\system32\drivers\symfw.sys
2008-10-03 20:14 12,848 ----a-w c:\windows\system32\drivers\symdns.sys
2008-10-03 20:14 10,804 ----a-w c:\windows\system32\drivers\SymRedir.cat
2008-10-03 20:14 1,358 ----a-w c:\windows\system32\drivers\SymRedir.inf
2008-09-25 01:08 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore
2008-09-04 01:17 37,027 ----a-w c:\windows\atmoUn.exe
2005-11-29 04:38 774,144 ----a-w c:\program files\RngInterstitial.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winot73.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
S0 Winot73;Winot73;c:\windows\system32\Drivers\Winot73.sys []
S4 0085981219267762mcinstcleanup;McAfee Application Installer Cleanup (0085981219267762);c:\windows\TEMP\[u]0[/u]08598~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setup.exe
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
2008-11-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 17:13]
2008-11-18 c:\windows\Tasks\Norton Security Online - Run Full System Scan - Rachel.job
- c:\progra~1\Symantec\Norton AntiVirus\Navw32.exe [2007-01-14 03:09]
2008-11-20 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDetect.exe []
.
- - - - ORPHANS REMOVED - - - -
BHO-{863684D8-6AFD-4588-A48A-0151964D8208} - c:\windows\system32\hgGaaYPh.dll
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-19 18:47:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-11-19 18:51:50 - machine was rebooted [Administrator]
ComboFix-quarantined-files.txt 2008-11-20 00:51:47
Pre-Run: 51,349,487,616 bytes free
Post-Run: 52,591,882,240 bytes free
231 --- E O F --- 2008-11-20 00:40:14

Response Number 8

Name: jabuck
Date: November 19, 2008 at 19:17:41 Pacific

Reply:

Open Notepad and copy/paste everything between the X"s into it and make sure the first word (such as KILLALL, Or File, etc.) is at the very top of the page.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
KILLALL::
File::
c:\windows\system32\Drivers\Winot73.sys
C:\sqmnoopt06.sqm
C:\sqmdata06.sqm
C:\sqmnoopt05.sqm
C:\sqmdata05.sqm
C:\sqmnoopt04.sqm
C:\sqmdata04.sqm
C:\sqmnoopt03.sqm
C:\sqmdata03.sqm
C:\sqmnoopt02.sqm
C:\sqmdata02.sqm
C:\sqmnoopt01.sqm
C:\sqmdata01.sqm
C:\sqmnoopt00.sqm
C:\sqmdata00.sqm

Driver::
Winot73

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winot73.sys]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Go to File on the top bar and choose" Save As", Change the "Save As Type" to All Files, Name it CFScript.txt then save it to your desktop.
Then drag/drop the CFScript.txt onto ComboFix.exe (the red symbol on your desktop) if combofix does not auto start click "run".
Post a new Combofix log following the previous directions.
Empty the restore folder. Go to start>control panel>system>system restore tab>check the box beside "turn off system restore>apply (takes a minute)>ok. Go back and uncheck the box to turn system restore back on>apply>ok.

Download ATF Cleaner from this link:
http://www.majorgeeks.com/ATF_Cleaner_d4949.html
Run ATF-Cleaner
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
Please run Esets online scanner from this link:
ESET
1. Note: You will need to use Internet explorer for this scan
2. Tick the box next to YES, I accept the Terms of Use.
3. Click Start
4. When asked, allow the activex control to install
5. Click Start
6. Make sure that the option Remove found threats is unticked ( Iwant to see what is found first), and the option Scan unwanted applications is checked
7. Click Scan
8. Wait for the scan to finish
9. Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
10. Copy and paste that log in your next reply.

Response Number 9

Name: haze077
Date: November 19, 2008 at 21:57:53 Pacific

Reply:

Version 8.0.0.900
-------------
Engine: 2.0.0.704
-------------
Start of Scan
11/19/2008 11:40:09 PM

Your System Information :
CPU: Intel Pentium
IE: 7.0.5730.13
MEMORY FREE: 214064
MEMORY TOTAL: 653296
VIRTUAL FREE: 2005376
VIRTUAL TOTAL: 2097024
Windows XP 5.1 (2600) Home Edition Service Pack 2.0
-------------
Running processes: Process ID
-------------
[System Process] 0
System 4
smss.exe 412
csrss.exe 468
winlogon.exe 492
services.exe 536
lsass.exe 548
svchost.exe 720
svchost.exe 772
svchost.exe 812
svchost.exe 924
ccSvcHst.exe 1036
AppSvc32.exe 1100
spoolsv.exe 1352
AluSchedulerSvc.exe 1572
ccSvcHst.exe 1632
HPZipm12.exe 1692
sprtsvc.exe 1760
svchost.exe 1776
wdfmgr.exe 1804
explorer.exe 1344
alg.exe 2536
sprtcmd.exe 2840
ctfmon.exe 2856
YAHOOM~1.EXE 3024
ybrowser.exe 2976
ycommon.exe 3368
ybrwicon.exe 3500
iexplore.exe 3360
symlcsvc.exe 2196
wmiprvse.exe 3676
notepad.exe 2560
RegMech.exe 2648
-------------
Sections Scanned:
-------------
SL - 1
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\awapi4.dll
Value : Path = C:\Program Files\AnswerWorks 4.0 English Runtime
Parsed : c:\program files\answerworks 4.0 english runtime
SL - 2
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\awapi4.dll
Value : (default) = C:\Program Files\AnswerWorks 4.0 English Runtime\awApi4.dll
Parsed : c:\program files\answerworks 4.0 english runtime\awapi4.dll
SL - 3
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe
Value : (default) = C:\WINDOWS\system32\cmmgr32.exe
Parsed : c:\windows\system32\cmmgr32.exe
SL - 4
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mmjb.exe
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjb.exe
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjb.exe
SL - 5
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ORUN32.exe
Value : (default) = C:\WINDOWS\ORUN32.exe
Parsed : c:\windows\orun32.exe
WF - 6
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Letter Bd (True Type) = C:\WINDOWS\Fonts\SpLtFgBd.ttf
Parsed : c:\windows\fonts\spltfgbd.ttf
WF - 7
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Letter BI (True Type) = C:\WINDOWS\Fonts\SpLtFgBI.ttf
Parsed : c:\windows\fonts\spltfgbi.ttf
WF - 8
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Letter It (True Type) = C:\WINDOWS\Fonts\SpLtFgIt.ttf
Parsed : c:\windows\fonts\spltfgit.ttf
WF - 9
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Letter Rg (True Type) = C:\WINDOWS\Fonts\SpLtFgRg.ttf
Parsed : c:\windows\fonts\spltfgrg.ttf
WF - 10
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Times Bd (True Type) = C:\WINDOWS\Fonts\SpTmFgBd.ttf
Parsed : c:\windows\fonts\sptmfgbd.ttf
WF - 11
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Times BI (True Type) = C:\WINDOWS\Fonts\SpTmFgBI.ttf
Parsed : c:\windows\fonts\sptmfgbi.ttf
WF - 12
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Times It (True Type) = C:\WINDOWS\Fonts\SpTmFgIt.ttf
Parsed : c:\windows\fonts\sptmfgit.ttf
WF - 13
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : Fig Times Rg (True Type) = C:\WINDOWS\Fonts\SpTmFgRg.ttf
Parsed : c:\windows\fonts\sptmfgrg.ttf
WF - 14
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : DiagramTTUSCF (True Type) = C:\WINDOWS\Fonts\DiaTTUSA.ttf
Parsed : c:\windows\fonts\diattusa.ttf
WF - 15
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : DiagramTTOldstyle (True Type) = C:\WINDOWS\Fonts\DiaTTOld.ttf
Parsed : c:\windows\fonts\diattold.ttf
WF - 16
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : DiagramTTCrystals (True Type) = C:\WINDOWS\Fonts\DiaTTCry.ttf
Parsed : c:\windows\fonts\diattcry.ttf
WF - 17
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : DiagramTTHabsburg (True Type) = C:\WINDOWS\Fonts\DiaTTHab.ttf
Parsed : c:\windows\fonts\diatthab.ttf
WF - 18
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Value : DiagramTTBlindAll (True Type) = C:\WINDOWS\Fonts\Diablindall.ttf
Parsed : c:\windows\fonts\diablindall.ttf
HR - 19
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help
Value : acs_US.hlp = C:\Program Files\Common Files\AOL\ACS\US
Parsed : c:\program files\common files\aol\acs\us\acs_us.hlp
HR - 20
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help
Value : acs_US.cnt = C:\Program Files\Common Files\AOL\ACS\US
Parsed : c:\program files\common files\aol\acs\us\acs_us.cnt
HR - 21
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help
Value : acscommon_US.hlp = C:\Program Files\Common Files\AOL\ACS\US
Parsed : c:\program files\common files\aol\acs\us\acscommon_us.hlp
HR - 22
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help
Value : acscommon_US.cnt = C:\Program Files\Common Files\AOL\ACS\US
Parsed : c:\program files\common files\aol\acs\us\acscommon_us.cnt
HR - 23
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help
Value : acsdialer_US.hlp = C:\Program Files\Common Files\AOL\ACS\US
Parsed : c:\program files\common files\aol\acs\us\acsdialer_us.hlp
HR - 24
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help
Value : acsdialer_US.cnt = C:\Program Files\Common Files\AOL\ACS\US
Parsed : c:\program files\common files\aol\acs\us\acsdialer_us.cnt
SP - 25
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\DOCUME~1\Owner\LOCALS~1\Temp\DellSupport.exe = 00000001
Parsed : c:\docume~1\owner\locals~1\temp\dellsupport.exe
SP - 26
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\MMFWCtrl.ocx = 00000001
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmfwctrl.ocx
SP - 27
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\MMJBCtrl.ocx = 00000001
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjbctrl.ocx
SP - 28
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\MMRadioEngine.dll = 00000001
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmradioengine.dll
SP - 29
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\system32\BSZIP.DLL = 00000001
Parsed : c:\windows\system32\bszip.dll
SP - 30
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\Program Files\PartyGaming\PartyCasino\PartyCasino.ico = 00000001
Parsed : c:\program files\partygaming\partycasino\partycasino.ico
SP - 31
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\Program Files\PartyGaming\PartyCasino\preloader.html = 00000001
Parsed : c:\program files\partygaming\partycasino\preloader.html
SP - 32
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe = 00000001
Parsed : c:\program files\partygaming\partycasino\runcasino.exe
SP - 33
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\Program Files\PartyGaming\PartyCasino\images\lobby\version.txt = 00000001
Parsed : c:\program files\partygaming\partycasino\images\lobby\version.txt
SP - 34
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\system32\LegitCheckControl.DLL = 00000001
Parsed : c:\windows\system32\legitcheckcontrol.dll
SP - 35
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll = 00000001
Parsed : c:\windows\downloaded program files\msnpupld.dll
SP - 36
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.Windows.Forms.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\system.windows.forms.tlb
SP - 37
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.EnterpriseServices.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\system.enterpriseservices.tlb
SP - 38
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Microsoft.JScript.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\microsoft.jscript.tlb
SP - 39
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Microsoft.Vsa.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\microsoft.vsa.tlb
SP - 40
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.Drawing.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\system.drawing.tlb
SP - 41
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscoree.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\mscoree.tlb
SP - 42
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\mscorlib.tlb

Response Number 10

Name: haze077
Date: November 19, 2008 at 21:59:41 Pacific

Reply:

SP - 43
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\system.tlb
SP - 44
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb = 00001000
Parsed : c:\windows\microsoft.net\framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.tlb
SP - 45
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\MySpaceUploader.ocx = 00000001
Parsed : c:\windows\downloaded program files\myspaceuploader.ocx
SP - 46
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx = 00000001
Parsed : c:\windows\downloaded program files\photouploader5.ocx
SP - 47
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\tgctlsr.dll = 00000001
Parsed : c:\windows\downloaded program files\tgctlsr.dll
ARP - 48
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWaySearchAssistantDE
Value : UninstallString = rundll32 C:\PROGRA~1\MyWaySA\SrchAsDe\1.bin\desrcas.dll,O
Parsed : c:\progra~1\mywaysa\srchasde\1.bin\desrcas.dll
ARP - 49
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker
Value : InstallSourceFile = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pPokerSetup.exe
Parsed : c:\docume~1\rachel\locals~1\temp\ppokersetup.exe
ARP - 50
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2
ARP - 51
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Value : InstallFileName = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\SymSetup.exe
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\symsetup.exe
ARP - 52
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{075473F5-846A-448B-BCB3-104AA1760205}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pft498.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pft498.tmp
ARP - 53
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0DE6EDEC-6DB8-49BF-8977-A3892DCF9DA3}
Value : InstallSource = C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\Updt806\
Parsed : c:\docume~1\alluse~1\applic~1\symantec\liveup~1\downlo~1\updt806
ARP - 54
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Value : InstallSource = C:\WINDOWS\TEMP\IXP000.TMP\
Parsed : c:\windows\temp\ixp000.tmp
ARP - 55
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pftB26.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pftb26.tmp
ARP - 56
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
Value : UninstallString = regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
Parsed : c:\program files\google\googletoolbar3.dll
ARP - 57
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
Value : DisplayIcon = c:\program files\google\googletoolbar3.dll
Parsed : c:\program files\google\googletoolbar3.dll
ARP - 58
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\ccCommon\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\cccommon
ARP - 59
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{403EF592-953B-4794-BCEF-ECAB835C2095}
Value : InstallSource = C:\DELL\J6831\
Parsed : c:\dell\j6831
ARP - 60
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{48185814-A224-447A-81DA-71BD20580E1B}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Setup\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\setup
ARP - 61
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{490FD8DC-5AE2-41BC-AD6B-9DCFC818B609}
Value : InstallSource = C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\Updt855\
Parsed : c:\docume~1\alluse~1\applic~1\symantec\liveup~1\downlo~1\updt855
ARP - 62
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Setup\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\setup
ARP - 63
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Value : InstallSource = C:\dell\KC999\
Parsed : c:\dell\kc999
ARP - 64
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\IS87B.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\is87b.tmp
ARP - 65
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142030}
Value : InstallSource = C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\
Parsed : c:\documents and settings\owner\local settings\application data\{7148f0a6-6813-11d6-a77b-00b0d0142030}
ARP - 66
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\7zS48.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\7zs48.tmp
ARP - 67
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{77772678-817F-4401-9301-ED1D01A8DA56}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\SPBBC\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\spbbc
ARP - 68
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\gac1137.tmp.dir\Release_01_3062\
Parsed : c:\docume~1\rachel\locals~1\temp\gac1137.tmp.dir\release_01_3062
ARP - 69
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{830D8CBD-C668-49e2-A969-C2C2106332E0}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\NAV\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\nav
ARP - 70
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Value : InstallSource = c:\19d6caf6598c1c180c43\
Parsed : c:\19d6caf6598c1c180c43
ARP - 71
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\uiNPC\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\uinpc
ARP - 72
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\IXP224.TMP\
Parsed : c:\docume~1\rachel\locals~1\temp\ixp224.tmp
ARP - 73
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\{E3698C96-9B44-4CE3-B293-AB30C437428E}\
Parsed : c:\docume~1\rachel\locals~1\temp\{e3698c96-9b44-4ce3-b293-ab30c437428e}
ARP - 74
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pft551.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pft551.tmp
ARP - 75
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B12665F4-4E93-4AB4-B7FC-37053B524629}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pftE5F.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pfte5f.tmp
ARP - 76
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7C61755-DB48-4003-948F-3D34DB8EAF69}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\Redist\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\redist
ARP - 77
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Value : InstallSource = c:\52831b6b85eb42f3a68a66\
Parsed : c:\52831b6b85eb42f3a68a66
ARP - 78
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Value : InstallSource = C:\DOCUME~1\Owner\LOCALS~1\Temp\IXP000.TMP\
Parsed : c:\docume~1\owner\locals~1\temp\ixp000.tmp
ARP - 79
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\bye19.tmp\Disk1\
Parsed : c:\docume~1\rachel\locals~1\temp\bye19.tmp\disk1
ARP - 80
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Value : InstallSource = C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\Updt145\
Parsed : c:\docume~1\alluse~1\applic~1\symantec\liveup~1\downlo~1\updt145
ARP - 81
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\HelpMSI\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\helpmsi
ARP - 82
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\NAV\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\nav
ARP - 83
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E80F62FF-5D3C-4A19-8409-9721F2928206}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\7zS1A.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\7zs1a.tmp
ARP - 84
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\AppCore\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\appcore
ARP - 85
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4DB525F-A986-4249-B98B-42A8066251CA}
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\AV\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\av
ARP - 86
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
Value : C:\Documents and Settings\Owner\Application Data\Jasc Software Inc\Paint Shop Pro Studio\ = 1
Parsed : c:\documents and settings\owner\application data\jasc software inc\paint shop pro studio
ARP - 87
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
Value : C:\Documents and Settings\Owner\Application Data\Jasc Software Inc\ = 1
Parsed : c:\documents and settings\owner\application data\jasc software inc
ARP - 88
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
Value : C:\Program Files\MyWaySA\SrchAsDe\ =
Parsed : c:\program files\mywaysa\srchasde
ARP - 89
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
Value : C:\Program Files\MyWaySA\ =
Parsed : c:\program files\mywaysa
ARP - 90
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
Value : C:\Program Files\Norton Internet Security\ =
Parsed : c:\program files\norton internet security
ARP - 91
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
Value : C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support\ =
Parsed : c:\documents and settings\all users\start menu\programs\dell support
FX - 92
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav\OpenWithList
Value : default =
Parsed : c:\documents and settings\all users\start menu\programs\dell support
PS - 93
Location: C:\Documents and Settings\Rachel\Start Menu\PartyPoker.lnk
Value : Shortcut = c:\program files\partypoker\partypoker.exe
Parsed : c:\program files\partypoker\partypoker.exe
PS - 94
Location: C:\Documents and Settings\Rachel\Start Menu\Programs\Poker.com\Poker.com.lnk
Value : Shortcut = c:\program files\poker.com\poker.exe
Parsed : c:\program files\poker.com\poker.exe
PS - 95
Location: C:\Documents and Settings\Rachel\Start Menu\Programs\Poker.com\Uninstall.lnk
Value : Shortcut = c:\program files\poker.com\poker.exe
Parsed : c:\program files\poker.com\poker.exe
PS - 96
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Chaotic.lnk
Value : Shortcut = c:\program files\tc digital\chaotic\chaotic_patcher.exe
Parsed : c:\program files\tc digital\chaotic\chaotic_patcher.exe
PS - 97
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Poker.com\Poker.com.lnk
Value : Shortcut = c:\program files\poker.com\poker.exe
Parsed : c:\program files\poker.com\poker.exe
PS - 98
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Poker.com\Uninstall.lnk
Value : Shortcut = c:\program files\poker.com\poker.exe
Parsed : c:\program files\poker.com\poker.exe
CC - 99
Location: HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe\shell\Open\command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 100
Location: HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe\shell\Play\command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 101
Location: HKEY_CLASSES_ROOT\AudioCD\shell\play\command
Value : MPlayer2.BAK = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" /AudioCD "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 102
Location: HKEY_CLASSES_ROOT\AudioCD\shell\play\command
Value : iTunes_back = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" /AudioCD "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 103
Location: HKEY_CLASSES_ROOT\bwpfile\Shell\open\command
Value : (default) = C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\PrvCnt.exe "%1"
Parsed : c:\program files\kodak\kodak software updater\7288971\6.3.2.62-7288971l\program\prvcnt.exe
CC - 104
Location: HKEY_CLASSES_ROOT\CLSID\{00014C0D-B007-4448-B89B-4EC3E857961D}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 105
Location: HKEY_CLASSES_ROOT\CLSID\{00EF2092-6AC5-47c0-BD25-CF2D5D657FEB}\InprocServer32
Value : (default) = c:\program files\google\googletoolbar3.dll
Parsed : c:\program files\google\googletoolbar3.dll
CC - 106
Location: HKEY_CLASSES_ROOT\CLSID\{06ADA938-0FB0-4BC0-B19B-0A38AB17F182}\InprocServer32
Value : (default) = c:\program files\partygaming\PartyBingo\ImageOle.dll
Parsed : c:\program files\partygaming\partybingo\imageole.dll
CC - 107
Location: HKEY_CLASSES_ROOT\CLSID\{06ADA938-0FB0-4BC0-B19B-0A38AB17F182}\ToolboxBitmap32
Value : (default) = c:\program files\partygaming\PartyBingo\ImageOle.dll, 102
Parsed : c:\program files\partygaming\partybingo\imageole.dll
CC - 108
Location: HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\InprocServer32
Value : (default) = C:\WINDOWS\system32\plugin.ocx
Parsed : c:\windows\system32\plugin.ocx
CC - 109
Location: HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ToolboxBitmap32
Value : (default) = C:\WINDOWS\system32\plugin.ocx, 1
Parsed : c:\windows\system32\plugin.ocx

Response Number 11

Name: haze077
Date: November 19, 2008 at 22:00:40 Pacific

Reply:

CC - 110
Location: HKEY_CLASSES_ROOT\CLSID\{06f32e39-fce7-428d-86aa-f756f8dbe5da}\InprocServer32
Value : (default) = C:\WINDOWS\system32\fiwiax.dll
Parsed : c:\windows\system32\fiwiax.dll
CC - 111
Location: HKEY_CLASSES_ROOT\CLSID\{08bc134d-f595-41be-ba69-c729242529d7}\InprocServer32
Value : (default) = C:\WINDOWS\system32\frkqko.dll
Parsed : c:\windows\system32\frkqko.dll
CC - 112
Location: HKEY_CLASSES_ROOT\CLSID\{09E6F477-C3C3-4636-8BFD-2DDB36147FEC}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 113
Location: HKEY_CLASSES_ROOT\CLSID\{09E6F477-C3C3-4636-8BFD-2DDB36147FEC}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL, 605
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 114
Location: HKEY_CLASSES_ROOT\CLSID\{0C5D39B0-460B-11D4-ADE1-0050DACD3DB9}\InprocServer32
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\MMRadioEngine.dll
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmradioengine.dll
CC - 115
Location: HKEY_CLASSES_ROOT\CLSID\{0e31aecc-3496-4000-9119-cc2a55beee5b}\InprocServer32
Value : (default) = C:\WINDOWS\system32\vvzfvz.dll
Parsed : c:\windows\system32\vvzfvz.dll
CC - 116
Location: HKEY_CLASSES_ROOT\CLSID\{0FE9096F-7F7A-4e40-857C-E48A53440DFE}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 117
Location: HKEY_CLASSES_ROOT\CLSID\{10F34E64-BBB2-11D6-8A17-00E029570A3E}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\sa.dll
Parsed : c:\progra~1\americ~1.0\sa.dll
CC - 118
Location: HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\InprocServer32
Value : (default) = "C:\PROGRA~1\MSNMES~1\msgsc.dll"
Parsed : c:\progra~1\msnmes~1\msgsc.dll
CC - 119
Location: HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\LocalServer32
Value : (default) = "C:\PROGRA~1\MSNMES~1\msnmsgr.exe"
Parsed : c:\progra~1\msnmes~1\msnmsgr.exe
CC - 120
Location: HKEY_CLASSES_ROOT\CLSID\{1167C47F-01F9-4C08-8564-1D6C9BAAFB60}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\PATHFI~1.DLL
Parsed : c:\progra~1\americ~1.0\media\pathfi~1.dll
CC - 121
Location: HKEY_CLASSES_ROOT\CLSID\{138C7A3E-1D18-41AB-9683-E2C9DFF6E642}\InProcServer32
Value : (default) = C:\PROGRA~1\Yahoo!\Common\Yiesrvc1.DLL
Parsed : c:\progra~1\yahoo!\common\yiesrvc1.dll
CC - 122
Location: HKEY_CLASSES_ROOT\CLSID\{1774573d-4b77-4590-bcb5-fdc9f583eb95}\InprocServer32
Value : (default) = C:\WINDOWS\system32\yytfuk.dll
Parsed : c:\windows\system32\yytfuk.dll
CC - 123
Location: HKEY_CLASSES_ROOT\CLSID\{18477169-4752-41DC-AB0F-C50EBA75641D}\InprocServer32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPWz.dll
Parsed : c:\progra~1\common~1\aolshare\pictures\ygpwz.dll
CC - 124
Location: HKEY_CLASSES_ROOT\CLSID\{18477169-4752-41DC-AB0F-C50EBA75641D}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPWz.dll, 1
Parsed : c:\progra~1\common~1\aolshare\pictures\ygpwz.dll
CC - 125
Location: HKEY_CLASSES_ROOT\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\axtrack.dll
Parsed : c:\progra~1\americ~1.0\axtrack.dll
CC - 126
Location: HKEY_CLASSES_ROOT\CLSID\{189504B8-50D1-4AA8-B4D6-95C8F58A6414}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\sb.dll
Parsed : c:\progra~1\americ~1.0\sb.dll
CC - 127
Location: HKEY_CLASSES_ROOT\CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}\LocalServer32
Value : (default) = C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
Parsed : c:\progra~1\avg\avg8\aavgapi.exe
CC - 128
Location: HKEY_CLASSES_ROOT\CLSID\{1CB749C0-81EC-484E-B82C-ADD141FC6415}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\xanthe.dll
Parsed : c:\progra~1\americ~1.0\media\xanthe.dll
CC - 129
Location: HKEY_CLASSES_ROOT\CLSID\{1CB749C0-81EC-484E-B82C-ADD141FC6415}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\xanthe.dll, 101
Parsed : c:\progra~1\americ~1.0\media\xanthe.dll
CC - 130
Location: HKEY_CLASSES_ROOT\CLSID\{1EF2E5CB-646F-4F85-A355-8E328652CA60}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 131
Location: HKEY_CLASSES_ROOT\CLSID\{1fc22467-33fb-41cc-b53e-316cd05581b9}\InprocServer32
Value : (default) = C:\WINDOWS\system32\qzusym.dll
Parsed : c:\windows\system32\qzusym.dll
CC - 132
Location: HKEY_CLASSES_ROOT\CLSID\{205D2DFB-BBAD-4DC4-A0BB-CDA12A1639CE}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 133
Location: HKEY_CLASSES_ROOT\CLSID\{229b78d5-38f5-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 134
Location: HKEY_CLASSES_ROOT\CLSID\{229b78d5-38f5-11d5-9001-00c04f4c3b9f}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL, 104
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 135
Location: HKEY_CLASSES_ROOT\CLSID\{229b78df-38f5-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 136
Location: HKEY_CLASSES_ROOT\CLSID\{229b78e0-38f5-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 137
Location: HKEY_CLASSES_ROOT\CLSID\{229b78e1-38f5-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 138
Location: HKEY_CLASSES_ROOT\CLSID\{229b78e2-38f5-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 139
Location: HKEY_CLASSES_ROOT\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\InprocServer32
Value : (default) = c:\program files\google\googletoolbar3.dll
Parsed : c:\program files\google\googletoolbar3.dll
CC - 140
Location: HKEY_CLASSES_ROOT\CLSID\{23AA6EBC-86AA-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 141
Location: HKEY_CLASSES_ROOT\CLSID\{23AA6EBC-86AA-11D2-8F58-00E02916007D}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx, 4
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 142
Location: HKEY_CLASSES_ROOT\CLSID\{23AA6EBD-86AA-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 143
Location: HKEY_CLASSES_ROOT\CLSID\{27855D52-0913-4F88-A8CC-343D374E7CC9}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 144
Location: HKEY_CLASSES_ROOT\CLSID\{27855D52-0913-4F88-A8CC-343D374E7CC9}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx, 2
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 145
Location: HKEY_CLASSES_ROOT\CLSID\{293a27df-2753-4ca3-bc89-1dfb16c69bea}\InprocServer32
Value : (default) = C:\WINDOWS\system32\pzwgrr.dll
Parsed : c:\windows\system32\pzwgrr.dll
CC - 146
Location: HKEY_CLASSES_ROOT\CLSID\{2BAE89B0-68EF-4fab-AFF7-1E486D93F9EB}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\ae.dll
Parsed : c:\progra~1\americ~1.0\ae.dll
CC - 147
Location: HKEY_CLASSES_ROOT\CLSID\{3331ccbf-03da-40cd-9831-c28a01efb75c}\InprocServer32
Value : (default) = C:\WINDOWS\system32\axersz.dll
Parsed : c:\windows\system32\axersz.dll
CC - 148
Location: HKEY_CLASSES_ROOT\CLSID\{372E5402-BDA5-428d-88CE-187BCF91A343}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 149
Location: HKEY_CLASSES_ROOT\CLSID\{41d6c9e5-784e-4a99-967a-c37212be02a1}\InprocServer32
Value : (default) = C:\WINDOWS\system32\aqiwjd.dll
Parsed : c:\windows\system32\aqiwjd.dll
CC - 150
Location: HKEY_CLASSES_ROOT\CLSID\{42C419BE-9376-4b71-B8B3-335507A52569}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 151
Location: HKEY_CLASSES_ROOT\CLSID\{4528BBE0-4E08-11D5-AD55-00010333D0AD}\InprocServer32
Value : (default) = C:\PROGRA~1\Yahoo!\Common\yhexbmesus.dll
Parsed : c:\progra~1\yahoo!\common\yhexbmesus.dll
CC - 152
Location: HKEY_CLASSES_ROOT\CLSID\{4C171D40-8277-11D5-AD55-00010333D0AD}\InprocServer32
Value : (default) = C:\PROGRA~1\Yahoo!\Common\yhexbmesus.dll
Parsed : c:\progra~1\yahoo!\common\yhexbmesus.dll
CC - 153
Location: HKEY_CLASSES_ROOT\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
Value : (default) = C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
Parsed : c:\program files\mywaysa\srchasde\1.bin\desrcas.dll
CC - 154
Location: HKEY_CLASSES_ROOT\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
Value : (default) = C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
Parsed : c:\program files\mywaysa\srchasde\1.bin\desrcas.dll
CC - 155
Location: HKEY_CLASSES_ROOT\CLSID\{4E97BE17-3300-4A4F-B380-5988DD771F1F}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\ares.dll
Parsed : c:\progra~1\americ~1.0\media\ares.dll
CC - 156
Location: HKEY_CLASSES_ROOT\CLSID\{4E97BE17-3300-4A4F-B380-5988DD771F1F}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\ares.dll, 101
Parsed : c:\progra~1\americ~1.0\media\ares.dll
CC - 157
Location: HKEY_CLASSES_ROOT\CLSID\{504202e5-2a40-4d81-9e43-6e43517e9108}\InprocServer32
Value : (default) = C:\WINDOWS\system32\ranznr.dll
Parsed : c:\windows\system32\ranznr.dll
CC - 158
Location: HKEY_CLASSES_ROOT\CLSID\{50e43be6-6670-4dfe-b5b1-876e76f4751d}\InprocServer32
Value : (default) = C:\WINDOWS\system32\eylfpw.dll
Parsed : c:\windows\system32\eylfpw.dll
CC - 159
Location: HKEY_CLASSES_ROOT\CLSID\{5145942E-41DF-4658-B7C4-089F48E84A75}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\axtrack.dll
Parsed : c:\progra~1\americ~1.0\axtrack.dll
CC - 160
Location: HKEY_CLASSES_ROOT\CLSID\{51B3B655-7E45-4494-9983-4BACF0E0A834}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 161
Location: HKEY_CLASSES_ROOT\CLSID\{5788DAE8-4B72-4BE6-89A0-1E6123E4CBC2}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\cerberus.dll
Parsed : c:\progra~1\americ~1.0\media\cerberus.dll
CC - 162
Location: HKEY_CLASSES_ROOT\CLSID\{5788DAE8-4B72-4BE6-89A0-1E6123E4CBC2}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\cerberus.dll, 101
Parsed : c:\progra~1\americ~1.0\media\cerberus.dll
CC - 163
Location: HKEY_CLASSES_ROOT\CLSID\{57C368A7-F2E9-48C6-B0E2-C201751383C1}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 164
Location: HKEY_CLASSES_ROOT\CLSID\{60958b57-4f48-4c3a-a931-3c5d823b93f3}\InprocServer32
Value : (default) = C:\WINDOWS\system32\lylguw.dll
Parsed : c:\windows\system32\lylguw.dll
CC - 165
Location: HKEY_CLASSES_ROOT\CLSID\{61E15DE7-D229-4eb3-A460-40DCDDA60DA7}\InprocServer32
Value : (default) = C:\Program Files\America Online 9.0\abui.dll
Parsed : c:\program files\america online 9.0\abui.dll
CC - 166
Location: HKEY_CLASSES_ROOT\CLSID\{61E15DE7-D229-4eb3-A460-40DCDDA60DA7}\ToolboxBitmap32
Value : (default) = C:\Program Files\America Online 9.0\abui.dll, 1
Parsed : c:\program files\america online 9.0\abui.dll
CC - 167
Location: HKEY_CLASSES_ROOT\CLSID\{63435828-E10D-42d5-8859-C94796B7C22D}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 168
Location: HKEY_CLASSES_ROOT\CLSID\{63435828-E10D-42d5-8859-C94796B7C22D}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL, 101
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 169
Location: HKEY_CLASSES_ROOT\CLSID\{639A19DD-1D97-4A6E-A0D1-01E04FED563F}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 170
Location: HKEY_CLASSES_ROOT\CLSID\{6722bea8-096f-405b-8c30-f2e68c7983e5}\InprocServer32
Value : (default) = C:\WINDOWS\system32\sbatoo.dll
Parsed : c:\windows\system32\sbatoo.dll
CC - 171
Location: HKEY_CLASSES_ROOT\CLSID\{68b505a7-946f-44c1-860c-4759b9368b55}\InprocServer32
Value : (default) = C:\WINDOWS\system32\fhqilu.dll
Parsed : c:\windows\system32\fhqilu.dll
CC - 172
Location: HKEY_CLASSES_ROOT\CLSID\{6AD3B5BD-9A96-4ca2-9455-2034D05EB134}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 173
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5DC-7405-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 174
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5DC-7405-11D2-8F58-00E02916007D}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx, 1
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 175
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5DD-7405-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 176
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5E0-7405-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 177
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5E0-7405-11D2-8F58-00E02916007D}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx, 2
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 178
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5E1-7405-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 179
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5E4-7405-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 180
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5E4-7405-11D2-8F58-00E02916007D}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx, 3
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 181
Location: HKEY_CLASSES_ROOT\CLSID\{6B58B5E5-7405-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 182
Location: HKEY_CLASSES_ROOT\CLSID\{6B75345B-AA36-438A-BBE6-4078B4C6984D}\ToolboxBitmap32
Value : (default) = C:\Develop\HPSU_4_6\HpsuInstall\HP Common MM\_source\HPDeviceDetection.dll, 130
Parsed : c:\develop\hpsu_4_6\hpsuinstall\hp common mm\_source\hpdevicedetection.dll
CC - 183
Location: HKEY_CLASSES_ROOT\CLSID\{6bc02608-317e-43fd-9f5d-336c80bbd3b4}\InprocServer32
Value : (default) = C:\WINDOWS\system32\onhdlr.dll
Parsed : c:\windows\system32\onhdlr.dll
CC - 184
Location: HKEY_CLASSES_ROOT\CLSID\{6EB4349D-4333-442F-ACA4-4C72AF28B6ED}\InprocServer32
Value : (default) = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Parsed : c:\program files\yahoo!\companion\installs\cpn\yt.dll
CC - 185
Location: HKEY_CLASSES_ROOT\CLSID\{6F3F6DD7-B99F-46F7-8BA0-66BC0B529F8E}\InprocServer32
Value : (default) = C:\WINDOWS\system32\vtUmMFVn.dll
Parsed : c:\windows\system32\vtummfvn.dll
CC - 186
Location: HKEY_CLASSES_ROOT\CLSID\{7172D604-32E2-41d5-ABA0-6533DF0BD3D9}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 187
Location: HKEY_CLASSES_ROOT\CLSID\{756A2CB8-EC02-4DC8-8588-296C611A5365}\InprocServer32
Value : (default) = C:\Program Files\Common Files\aolshare\Coach\coachdm3.dll
Parsed : c:\program files\common files\aolshare\coach\coachdm3.dll
CC - 188
Location: HKEY_CLASSES_ROOT\CLSID\{756A2CB8-EC02-4DC8-8588-296C611A5365}\ToolboxBitmap32
Value : (default) = C:\Program Files\Common Files\aolshare\Coach\coachdm3.dll, 101
Parsed : c:\program files\common files\aolshare\coach\coachdm3.dll
CC - 189
Location: HKEY_CLASSES_ROOT\CLSID\{77F8D6E9-F0A7-8D50-B905-CAC75B2E221B}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 190
Location: HKEY_CLASSES_ROOT\CLSID\{77F8D6E9-F0A7-8D50-B905-CAC75B2E221B}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL, 605
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 191
Location: HKEY_CLASSES_ROOT\CLSID\{7C9688C3-7279-474D-ABA5-A632373D2CDB}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 192
Location: HKEY_CLASSES_ROOT\CLSID\{7dfea0b3-5b95-43a3-99d7-fb6e3fcccc5a}\InprocServer32
Value : (default) = C:\WINDOWS\system32\dlejvl.dll
Parsed : c:\windows\system32\dlejvl.dll
CC - 193
Location: HKEY_CLASSES_ROOT\CLSID\{84268CDA-5AE9-409C-94E9-B6FEB4B5A123}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 194
Location: HKEY_CLASSES_ROOT\CLSID\{84CBABC2-D3BE-4EEF-8394-121FAC215CEF}\InprocServer32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~3.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~3.dll
CC - 195
Location: HKEY_CLASSES_ROOT\CLSID\{8AB5F344-B600-11D6-8A15-00E029570A3E}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\sa.dll
Parsed : c:\progra~1\americ~1.0\sa.dll
CC - 196
Location: HKEY_CLASSES_ROOT\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 197
Location: HKEY_CLASSES_ROOT\CLSID\{8f523254-9460-4aa2-95c6-5f80aabc9f57}\InprocServer32
Value : (default) = C:\WINDOWS\system32\qezmwa.dll
Parsed : c:\windows\system32\qezmwa.dll
CC - 198
Location: HKEY_CLASSES_ROOT\CLSID\{90fbdfec-6497-4b22-a72d-01b278e316c1}\InprocServer32
Value : (default) = C:\WINDOWS\system32\pbhdsc.dll
Parsed : c:\windows\system32\pbhdsc.dll
CC - 199
Location: HKEY_CLASSES_ROOT\CLSID\{943742F6-3A40-43FF-97F4-A1750D97B200}\InprocServer32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~3.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~3.dll
CC - 200
Location: HKEY_CLASSES_ROOT\CLSID\{94bed98e-f795-4e28-b990-7b36cd471ff9}\InprocServer32
Value : (default) = C:\WINDOWS\system32\wocjov.dll
Parsed : c:\windows\system32\wocjov.dll
CC - 201
Location: HKEY_CLASSES_ROOT\CLSID\{951f57cb-19fe-4a8b-bba9-87c2b60e0d65}\InprocServer32
Value : (default) = C:\WINDOWS\system32\uenlyo.dll
Parsed : c:\windows\system32\uenlyo.dll
CC - 202
Location: HKEY_CLASSES_ROOT\CLSID\{98BFD494-F6AD-4794-9038-832C0654CC43}\InprocServer32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPUPF.dll
Parsed : c:\progra~1\common~1\aolshare\pictures\ygpupf.dll
CC - 203
Location: HKEY_CLASSES_ROOT\CLSID\{98BFD494-F6AD-4794-9038-832C0654CC43}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPUPF.dll, 101
Parsed : c:\progra~1\common~1\aolshare\pictures\ygpupf.dll
CC - 204
Location: HKEY_CLASSES_ROOT\CLSID\{9C572CC7-FE23-53F0-69EB-41A00D1771E9}\InprocServer32
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\BasicObjSerializer.dll
Parsed : c:\program files\musicmatch\musicmatch jukebox\basicobjserializer.dll
CC - 205
Location: HKEY_CLASSES_ROOT\CLSID\{9F62797E-1249-4596-9FF7-AC6D851A542A}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 206
Location: HKEY_CLASSES_ROOT\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07}\InprocServer32
Value : (default) = C:\Program Files\BearShare\RunMSC.dll
Parsed : c:\program files\bearshare\runmsc.dll
CC - 207
Location: HKEY_CLASSES_ROOT\CLSID\{9F9C4C5C-2BA8-4E00-A697-9F710BB1026B}\InprocServer32
Value : (default) = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Parsed : c:\program files\yahoo!\companion\installs\cpn\yt.dll
CC - 208
Location: HKEY_CLASSES_ROOT\CLSID\{A105BD70-BF56-4D10-BC91-41C88321F47C}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 209
Location: HKEY_CLASSES_ROOT\CLSID\{a276f2f4-5329-4564-92cb-103f07af0d49}\InprocServer32
Value : (default) = C:\WINDOWS\system32\vdwymv.dll
Parsed : c:\windows\system32\vdwymv.dll
CC - 210
Location: HKEY_CLASSES_ROOT\CLSID\{A4BA65D2-7484-49C0-8F7F-B76769283190}\LocalServer32
Value : (default) = C:\Program Files\MUSICMATCH\Musicmatch Music Services\mm_TDMEngine.exe
Parsed : c:\program files\musicmatch\musicmatch music services\mm_tdmengine.exe
CC - 211
Location: HKEY_CLASSES_ROOT\CLSID\{a77b00e2-a73d-4824-addc-0d2f6b1d0968}\InprocServer32
Value : (default) = C:\WINDOWS\system32\jaanhc.dll
Parsed : c:\windows\system32\jaanhc.dll
CC - 212
Location: HKEY_CLASSES_ROOT\CLSID\{A8ABE123-FAC4-41c1-ABA3-051B6F112B83}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 213
Location: HKEY_CLASSES_ROOT\CLSID\{A8ABE123-FAC4-41c1-ABA3-051B6F112B83}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL, 544
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 214
Location: HKEY_CLASSES_ROOT\CLSID\{A98ABF1C-107C-44E7-9254-2C3FF435D0C2}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\sb.dll
Parsed : c:\progra~1\americ~1.0\sb.dll
CC - 215
Location: HKEY_CLASSES_ROOT\CLSID\{AA97FD43-C2A3-4A5F-AB02-22EA41264832}\InProcServer32
Value : (default) = C:\WINDOWS\eqvwamkl.dll
Parsed : c:\windows\eqvwamkl.dll
CC - 216
Location: HKEY_CLASSES_ROOT\CLSID\{ABC0DABE-565B-4a71-BB5D-B8D1CE1F8981}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 217
Location: HKEY_CLASSES_ROOT\CLSID\{AC1AA6D1-05E2-4B26-B931-83045A797EC2}\InProcServer32
Value : (default) = C:\WINDOWS\eqvwamkl.dll
Parsed : c:\windows\eqvwamkl.dll
CC - 218
Location: HKEY_CLASSES_ROOT\CLSID\{acd76f9a-a162-41fd-9760-9f5b29d646c4}\InprocServer32
Value : (default) = C:\WINDOWS\system32\eumlhl.dll
Parsed : c:\windows\system32\eumlhl.dll
CC - 219
Location: HKEY_CLASSES_ROOT\CLSID\{AD41621C-A2DD-487D-A24B-8BE40116A5A3}\InprocServer32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~3.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~3.dll
CC - 220
Location: HKEY_CLASSES_ROOT\CLSID\{ADC4FE5F-9ACA-4551-8AD1-7B1DEF9D6BE8}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 221
Location: HKEY_CLASSES_ROOT\CLSID\{ADC4FE5F-9ACA-4551-8AD1-7B1DEF9D6BE8}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx, 3
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 222
Location: HKEY_CLASSES_ROOT\CLSID\{AED456C4-4866-4420-863F-35767EBED514}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 223
Location: HKEY_CLASSES_ROOT\CLSID\{b1dd52ca-5018-4330-bc00-0c0e1baabcb1}\InprocServer32
Value : (default) = C:\WINDOWS\system32\hrzqfm.dll
Parsed : c:\windows\system32\hrzqfm.dll
CC - 224
Location: HKEY_CLASSES_ROOT\CLSID\{B3E7BCF9-05C8-4233-BA88-37FDA4AD3147}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 225
Location: HKEY_CLASSES_ROOT\CLSID\{B3E7BCF9-05C8-4233-BA88-37FDA4AD3147}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL, 605
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 226
Location: HKEY_CLASSES_ROOT\CLSID\{B4E721A0-6AC4-40E6-94FC-CBD0D4279B5E}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 227
Location: HKEY_CLASSES_ROOT\CLSID\{B4F80028-5714-4B7B-B9B1-5748B204799A}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 228
Location: HKEY_CLASSES_ROOT\CLSID\{B617F87F-1856-43BC-ADEB-C43922F7A575}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 229
Location: HKEY_CLASSES_ROOT\CLSID\{B63C249D-7FA4-42a6-8AF1-D83AB0CE00B3}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 230
Location: HKEY_CLASSES_ROOT\CLSID\{B6F041A2-48B9-4d3f-A91D-90E17C505FD3}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 231
Location: HKEY_CLASSES_ROOT\CLSID\{B6F041A2-48B9-4d3f-A91D-90E17C505FD3}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL, 586
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 232
Location: HKEY_CLASSES_ROOT\CLSID\{b9280255-40d4-43ff-a99c-8f3b7c5d62f5}\InprocServer32
Value : (default) = C:\WINDOWS\system32\cfznqu.dll
Parsed : c:\windows\system32\cfznqu.dll
CC - 233
Location: HKEY_CLASSES_ROOT\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\axtrack.dll
Parsed : c:\progra~1\americ~1.0\axtrack.dll
CC - 234
Location: HKEY_CLASSES_ROOT\CLSID\{BB791C78-91E0-DB32-3A99-5EA102B313A3}\InProcServer32
Value : (default) = C:\Program Files\Symantec\LiveUpdate\LuComServerPS_2_6.DLL
Parsed : c:\program files\symantec\liveupdate\lucomserverps_2_6.dll
CC - 235
Location: HKEY_CLASSES_ROOT\CLSID\{BBE1C463-3DBE-4b29-976B-E1C75AFE1EDF}\InprocServer32
Value : (default) = C:\Program Files\Musicmatch\MUSICMATCH Music Services\MMDRMCtrlObj.dll
Parsed : c:\program files\musicmatch\musicmatch music services\mmdrmctrlobj.dll
CC - 236
Location: HKEY_CLASSES_ROOT\CLSID\{bc8a96c4-3909-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 237
Location: HKEY_CLASSES_ROOT\CLSID\{bc8a96c5-3909-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 238
Location: HKEY_CLASSES_ROOT\CLSID\{bc8a96c6-3909-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 239
Location: HKEY_CLASSES_ROOT\CLSID\{bc8a96c7-3909-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 240
Location: HKEY_CLASSES_ROOT\CLSID\{bc8a96c8-3909-11d5-9001-00c04f4c3b9f}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 241
Location: HKEY_CLASSES_ROOT\CLSID\{C3DB19A6-D5A2-11D2-8F58-00E02916007D}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 242
Location: HKEY_CLASSES_ROOT\CLSID\{C3DB19A6-D5A2-11D2-8F58-00E02916007D}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx, 5
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 243
Location: HKEY_CLASSES_ROOT\CLSID\{c48ccdd4-7bfd-4b6c-9fb1-b13d91548164}\InprocServer32
Value : (default) = C:\WINDOWS\system32\cjzfsq.dll
Parsed : c:\windows\system32\cjzfsq.dll
CC - 244
Location: HKEY_CLASSES_ROOT\CLSID\{CA1F27DD-4AF0-46c1-8CE5-54DEB2F8CF19}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll

Response Number 12

Name: haze077
Date: November 19, 2008 at 22:01:39 Pacific

Reply:

CC - 245
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 246
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 247
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 248
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 249
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 250
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 251
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 252
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 253
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 254
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 255
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 256
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 257
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 258
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 259
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 260
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 261
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 262
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 263
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 264
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 265
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 266
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 267
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 268
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 269
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 270
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 271
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 272
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 273
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 274
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 275
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 276
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 277
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 278
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 279
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 280
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 281
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 282
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 283
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 284
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 285
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 286
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 287
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 288
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 289
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 290
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 291
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 292
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 293
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 294
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 295
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 296
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 297
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 298
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 299
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 300
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 301
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 302
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 303
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 304
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 305
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 306
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 307
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 308
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 309
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0013-0001-FFFF-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 310
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 311
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 312
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 313
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 314
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 315
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 316
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 317
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 318
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 319
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 320
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 321
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 322
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 323
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 324
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 325
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 326
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 327
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 328
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 329
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 330
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 331
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 332
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 333
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 334
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 335
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 336
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 337
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 338
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 339
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 340
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 341
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 342
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 343
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 344
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 345
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 346
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 347
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 348
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 349
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 350
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll

Response Number 13

Name: haze077
Date: November 19, 2008 at 22:02:25 Pacific

Reply:

CC - 351
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 352
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 353
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 354
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 355
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 356
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 357
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 358
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 359
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 360
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 361
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 362
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 363
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 364
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 365
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 366
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 367
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 368
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 369
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 370
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 371
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 372
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 373
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 374
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 375
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 376
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 377
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 378
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 379
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 380
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 381
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 382
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 383
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 384
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 385
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 386
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 387
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 388
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 389
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 390
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 391
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 392
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 393
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 394
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 395
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 396
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 397
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 398
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 399
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 400
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 401
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 402
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 403
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 404
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 405
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 406
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 407
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 408
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 409
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 410
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 411
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 412
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 413
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 414
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 415
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 416
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 417
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 418
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 419
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 420
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 421
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 422
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 423
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 424
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 425
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 426
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 427
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 428
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 429
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 430
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 431
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 432
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 433
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 434
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 435
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 436
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 437
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 438
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 439
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 440
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 441
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 442
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 443
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 444
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 445
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 446
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 447
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 448
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 449
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 450
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 451
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 452
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 453
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 454
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 455
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 456
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 457
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 458
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 459
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 460
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 461
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 462
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 463
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 464
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 465
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 466
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 467
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 468
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 469
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 470
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 471
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 472
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 473
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 474
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 475
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll

Response Number 14

Name: haze077
Date: November 19, 2008 at 22:03:10 Pacific

Reply:

CC - 476
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 477
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 478
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 479
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 480
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 481
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 482
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 483
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 484
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 485
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 486
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 487
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 488
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 489
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 490
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 491
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 492
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 493
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 494
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 495
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 496
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 497
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 498
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 499
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 500
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 501
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 502
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 503
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 504
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 505
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 506
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 507
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 508
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 509
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 510
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 511
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 512
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 513
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 514
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 515
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 516
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 517
Location: HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 518
Location: HKEY_CLASSES_ROOT\CLSID\{CC2C83A6-9BE4-11D0-98E7-00C04FC2CAF5}\InprocServer32
Value : SystemDB = C:\WINDOWS\system32\system.mdw
Parsed : c:\windows\system32\system.mdw
CC - 519
Location: HKEY_CLASSES_ROOT\CLSID\{CE0E7204-D82C-4273-8A70-919963F4CFE0}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 520
Location: HKEY_CLASSES_ROOT\CLSID\{D2517915-48CE-4286-970F-921E881B8C5C}\InprocServer32
Value : (default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Parsed : c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
CC - 521
Location: HKEY_CLASSES_ROOT\CLSID\{D326DC3B-8ADF-456A-B1B7-8A9E37704C60}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 522
Location: HKEY_CLASSES_ROOT\CLSID\{D326DC3B-8ADF-456A-B1B7-8A9E37704C60}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx, 4
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 523
Location: HKEY_CLASSES_ROOT\CLSID\{D465B936-C361-4417-9AC5-35167066F84B}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 524
Location: HKEY_CLASSES_ROOT\CLSID\{D670D0B3-05AB-4115-9F87-D983EF1AC747}\InprocServer32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~1.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~1.dll
CC - 525
Location: HKEY_CLASSES_ROOT\CLSID\{D670D0B3-05AB-4115-9F87-D983EF1AC747}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~1.DLL, 101
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~1.dll
CC - 526
Location: HKEY_CLASSES_ROOT\CLSID\{d93c85c8-0104-416e-992e-01260880c9d2}\InprocServer32
Value : (default) = C:\WINDOWS\system32\zllphl.dll
Parsed : c:\windows\system32\zllphl.dll
CC - 527
Location: HKEY_CLASSES_ROOT\CLSID\{D9F99C6B-A3A6-11D4-AF64-444553546170}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 528
Location: HKEY_CLASSES_ROOT\CLSID\{D9F99C6B-A3A6-11D4-AF64-444553546170}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll, 101
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 529
Location: HKEY_CLASSES_ROOT\CLSID\{DA3C177A-D1DA-47f2-BBF0-E9710CA7253F}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 530
Location: HKEY_CLASSES_ROOT\CLSID\{E0CB08CE-AB3D-4779-9C77-62A439BFE6C3}\InprocServer32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~4.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~4.dll
CC - 531
Location: HKEY_CLASSES_ROOT\CLSID\{E0CB08CE-AB3D-4779-9C77-62A439BFE6C3}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~4.DLL, 101
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~4.dll
CC - 532
Location: HKEY_CLASSES_ROOT\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32
Value : (default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
CC - 533
Location: HKEY_CLASSES_ROOT\CLSID\{E3852604-B619-11d6-94EC-00047521F020}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\nmpxchat\nmpxchat.dll
Parsed : c:\progra~1\americ~1.0\media\nmpxchat\nmpxchat.dll
CC - 534
Location: HKEY_CLASSES_ROOT\CLSID\{E3852604-B619-11d6-94EC-00047521F020}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\nmpxchat\nmpxchat.dll, 101
Parsed : c:\progra~1\americ~1.0\media\nmpxchat\nmpxchat.dll
CC - 535
Location: HKEY_CLASSES_ROOT\CLSID\{E9348280-2D74-4933-BE25-73D946926795}\InprocServer32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 536
Location: HKEY_CLASSES_ROOT\CLSID\{E981D791-F499-4837-A483-5AB22F1C548F}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 537
Location: HKEY_CLASSES_ROOT\CLSID\{EB511AE4-87FE-4EFB-91A3-428B2F2601F7}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll
CC - 538
Location: HKEY_CLASSES_ROOT\CLSID\{ed84efe1-37db-4586-93c6-32b05e79dbe4}\InprocServer32
Value : (default) = C:\WINDOWS\system32\mstawd.dll
Parsed : c:\windows\system32\mstawd.dll
CC - 539
Location: HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\InprocServer32
Value : (default) = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Parsed : c:\program files\yahoo!\companion\installs\cpn\yt.dll
CC - 540
Location: HKEY_CLASSES_ROOT\CLSID\{EFAC012B-2A65-4D0B-9237-ADBADD94DFE9}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 541
Location: HKEY_CLASSES_ROOT\CLSID\{EFAC012B-2A65-4D0B-9237-ADBADD94DFE9}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx, 6
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 542
Location: HKEY_CLASSES_ROOT\CLSID\{F1DD8F2C-1A49-40F0-9649-ACB3AB7AF86A}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMFWCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmfwctrl.ocx
CC - 543
Location: HKEY_CLASSES_ROOT\CLSID\{F4F30C01-A7B4-492e-943E-58A7CF2D9DD6}\InprocServer32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 544
Location: HKEY_CLASSES_ROOT\CLSID\{FB215E25-F536-4B36-8262-ECF59601FAC1}\InprocServer32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 545
Location: HKEY_CLASSES_ROOT\CLSID\{FB215E25-F536-4B36-8262-ECF59601FAC1}\ToolboxBitmap32
Value : (default) = C:\PROGRA~1\MUSICM~1\MUSICM~3\MMJBCtrl.ocx, 11
Parsed : c:\progra~1\musicm~1\musicm~3\mmjbctrl.ocx
CC - 546
Location: HKEY_CLASSES_ROOT\CLSID\{fee9da59-8395-4cd3-aadf-f3db122600bc}\InprocServer32
Value : (default) = C:\WINDOWS\system32\wlwvyf.dll
Parsed : c:\windows\system32\wlwvyf.dll
CC - 547
Location: HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon
Value : (default) = C:\WINDOWS\system32\CMMGR32.EXE,1
Parsed : c:\windows\system32\cmmgr32.exe
CC - 548
Location: HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command
Value : (default) = C:\WINDOWS\system32\CMMGR32.exe "%1"
Parsed : c:\windows\system32\cmmgr32.exe
CC - 549
Location: HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command
Value : (default) = C:\WINDOWS\system32\CMMGR32.exe /settings "%1"
Parsed : c:\windows\system32\cmmgr32.exe
CC - 550
Location: HKEY_CLASSES_ROOT\MMJB.AUDIOCD\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,0
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 551
Location: HKEY_CLASSES_ROOT\MMJB.BPP\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmfwlaunch.exe,0
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmfwlaunch.exe
CC - 552
Location: HKEY_CLASSES_ROOT\MMJB.BPP\shell\Open\command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmfwlaunch.exe" "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmfwlaunch.exe
CC - 553
Location: HKEY_CLASSES_ROOT\MMJB.CDA\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 554
Location: HKEY_CLASSES_ROOT\MMJB.M3U\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 555
Location: HKEY_CLASSES_ROOT\MMJB.MMJB\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,0
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 556
Location: HKEY_CLASSES_ROOT\MMJB.MMO\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 557
Location: HKEY_CLASSES_ROOT\MMJB.MMO\shell\Open\command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 558
Location: HKEY_CLASSES_ROOT\MMJB.MMO\shell\Play\command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 559
Location: HKEY_CLASSES_ROOT\MMJB.MMZ\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\ti.exe,0
Parsed : c:\program files\musicmatch\musicmatch jukebox\ti.exe
CC - 560
Location: HKEY_CLASSES_ROOT\MMJB.MMZ\shell\Install\Command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\ti.exe" "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\ti.exe
CC - 561
Location: HKEY_CLASSES_ROOT\MMJB.MMZ\shell\Open\command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\ti.exe" "%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\ti.exe
CC - 562
Location: HKEY_CLASSES_ROOT\MMJB.MP3\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 563
Location: HKEY_CLASSES_ROOT\MMJB.PLS\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 564
Location: HKEY_CLASSES_ROOT\MMJB.WAV\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 565
Location: HKEY_CLASSES_ROOT\MMJB.WMA\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
CC - 566
Location: HKEY_CLASSES_ROOT\msbackupfile
Value : FriendlyTypeName = @%SystemRoot%\System32\ntbackup.exe,-40
Parsed : c:\windows\system32\ntbackup.exe
CC - 567
Location: HKEY_CLASSES_ROOT\msbackupfile\DefaultIcon
Value : (default) = %SystemRoot%\system32\ntbackup.exe,10
Parsed : c:\windows\system32\ntbackup.exe
CC - 568
Location: HKEY_CLASSES_ROOT\msbackupfile\Shell\Open\Command
Value : (default) = %SystemRoot%\system32\ntbackup.exe
Parsed : c:\windows\system32\ntbackup.exe
CC - 569
Location: HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0\0\win32
Value : (default) = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Parsed : c:\program files\yahoo!\companion\installs\cpn\yt.dll
CC - 570
Location: HKEY_CLASSES_ROOT\TypeLib\{00A987AE-587B-4343-B826-89F17AB41A03}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\MYCALE~1.DLL
Parsed : c:\progra~1\americ~1.0\mycale~1.dll
CC - 571
Location: HKEY_CLASSES_ROOT\TypeLib\{00A987AE-587B-4343-B826-89F17AB41A03}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\
Parsed : c:\progra~1\americ~1.0
CC - 572
Location: HKEY_CLASSES_ROOT\TypeLib\{06645894-E73C-413B-8704-71823A9C39B5}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\cerberus.dll
Parsed : c:\progra~1\americ~1.0\media\cerberus.dll
CC - 573
Location: HKEY_CLASSES_ROOT\TypeLib\{06645894-E73C-413B-8704-71823A9C39B5}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\
Parsed : c:\progra~1\americ~1.0\media
CC - 574
Location: HKEY_CLASSES_ROOT\TypeLib\{06DD38D0-D187-11CF-A80D-00C04FD74AD8}\1.0\0\win32
Value : (default) = C:\WINDOWS\system32\plugin.ocx
Parsed : c:\windows\system32\plugin.ocx
CC - 575
Location: HKEY_CLASSES_ROOT\TypeLib\{0B54F548-639F-462F-BCDE-9557B8AB378F}\1.0\0\win32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~4.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~4.dll
CC - 576
Location: HKEY_CLASSES_ROOT\TypeLib\{0B54F548-639F-462F-BCDE-9557B8AB378F}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\
Parsed : c:\progra~1\common~1\aolshare\pictures
CC - 577
Location: HKEY_CLASSES_ROOT\TypeLib\{0C5D39A3-460B-11D4-ADE1-0050DACD3DB9}\1.0\0\win32
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\MMRadioEngine.dll
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmradioengine.dll
CC - 578
Location: HKEY_CLASSES_ROOT\TypeLib\{155CD3DB-4B43-4CE6-8B51-9AAAB28B2B07}\1.0\0\win32
Value : (default) = C:\Program Files\MUSICMATCH\Musicmatch Music Services\mm_TDMEngine.exe
Parsed : c:\program files\musicmatch\musicmatch music services\mm_tdmengine.exe
CC - 579
Location: HKEY_CLASSES_ROOT\TypeLib\{16D7A93E-6087-4567-AFDA-B0005107771E}\1.0\0\win32
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection3.dll
Parsed : c:\program files\hewlett-packard\esupportdiags\hpbasicdetection3.dll
CC - 580
Location: HKEY_CLASSES_ROOT\TypeLib\{16D7A93E-6087-4567-AFDA-B0005107771E}\1.0\HELPDIR
Value : (default) = C:\Program Files\Hewlett-Packard\eSupportDiags\
Parsed : c:\program files\hewlett-packard\esupportdiags
CC - 581
Location: HKEY_CLASSES_ROOT\TypeLib\{16D8D842-6E64-489F-99BB-D6CEF503A74E}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\xanthe.dll
Parsed : c:\progra~1\americ~1.0\media\xanthe.dll
CC - 582
Location: HKEY_CLASSES_ROOT\TypeLib\{16D8D842-6E64-489F-99BB-D6CEF503A74E}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\
Parsed : c:\progra~1\americ~1.0\media
CC - 583
Location: HKEY_CLASSES_ROOT\TypeLib\{1B8B281E-F67E-4212-8D3B-C98B8AE18DA4}\1.0\0\win32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~1.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~1.dll
CC - 584
Location: HKEY_CLASSES_ROOT\TypeLib\{1B8B281E-F67E-4212-8D3B-C98B8AE18DA4}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\
Parsed : c:\progra~1\common~1\aolshare\pictures
CC - 585
Location: HKEY_CLASSES_ROOT\TypeLib\{213F7629-450D-4B3D-804E-715E4F95D8A8}\1.0\0\win32
Value : (default) = C:\WINDOWS\nfavxwdbxpw.dll
Parsed : c:\windows\nfavxwdbxpw.dll
CC - 586
Location: HKEY_CLASSES_ROOT\TypeLib\{2293FA8E-8FE7-4147-9706-BC1688C339A2}\1.0\0\win32
Value : (default) = C:\WINDOWS\system32\qdiagd.ocx
Parsed : c:\windows\system32\qdiagd.ocx
CC - 587
Location: HKEY_CLASSES_ROOT\TypeLib\{229B78B8-38F5-11D5-9001-00C04F4C3B9F}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\CDDBCO~1.DLL
Parsed : c:\progra~1\americ~1.0\media\cddbco~1.dll
CC - 588
Location: HKEY_CLASSES_ROOT\TypeLib\{229B78B8-38F5-11D5-9001-00C04F4C3B9F}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\
Parsed : c:\progra~1\americ~1.0\media
CC - 589
Location: HKEY_CLASSES_ROOT\TypeLib\{296802FE-345A-4CA4-B941-692B8622CC69}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\axtrack.dll
Parsed : c:\progra~1\americ~1.0\axtrack.dll
CC - 590
Location: HKEY_CLASSES_ROOT\TypeLib\{296802FE-345A-4CA4-B941-692B8622CC69}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\
Parsed : c:\progra~1\americ~1.0
CC - 591
Location: HKEY_CLASSES_ROOT\TypeLib\{2ACBD496-FD2D-43CF-8870-F349AC57307B}\1.0\0\win32
Value : (default) = C:\Program Files\Musicmatch\MUSICMATCH Music Services\MMDRMCtrlObj.dll
Parsed : c:\program files\musicmatch\musicmatch music services\mmdrmctrlobj.dll
CC - 592
Location: HKEY_CLASSES_ROOT\TypeLib\{307DE02D-679A-49B9-B582-6E623BE9386F}\1.0\0\win32
Value : (default) = C:\Program Files\Common Files\aolshare\Coach\coachdm3.dll
Parsed : c:\program files\common files\aolshare\coach\coachdm3.dll
CC - 593
Location: HKEY_CLASSES_ROOT\TypeLib\{307DE02D-679A-49B9-B582-6E623BE9386F}\1.0\HELPDIR
Value : (default) = C:\Program Files\Common Files\aolshare\Coach\
Parsed : c:\program files\common files\aolshare\coach
CC - 594
Location: HKEY_CLASSES_ROOT\TypeLib\{35A57663-BB23-4E81-89C6-B87F580FEC47}\1.0\0\win32
Value : (default) = C:\PROGRA~1\Yahoo!\Common\Yiesrvc1.DLL
Parsed : c:\progra~1\yahoo!\common\yiesrvc1.dll
CC - 595
Location: HKEY_CLASSES_ROOT\TypeLib\{39DC8E5F-A573-4D58-8A13-6877A3B672EA}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\sb.dll
Parsed : c:\progra~1\americ~1.0\sb.dll
CC - 596
Location: HKEY_CLASSES_ROOT\TypeLib\{39DC8E5F-A573-4D58-8A13-6877A3B672EA}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\
Parsed : c:\progra~1\americ~1.0
CC - 597
Location: HKEY_CLASSES_ROOT\TypeLib\{3E18E990-2533-11D4-8A2B-0090271D4F88}\3.0\0\win32
Value : (default) = C:\PROGRA~1\Yahoo!\Common\messmod.dll
Parsed : c:\progra~1\yahoo!\common\messmod.dll
CC - 598
Location: HKEY_CLASSES_ROOT\TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}\1.0\0\win32
Value : (default) = C:\Program Files\AVG\AVG8\aAvgApi.exe
Parsed : c:\program files\avg\avg8\aavgapi.exe
CC - 599
Location: HKEY_CLASSES_ROOT\TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}\1.0\HELPDIR
Value : (default) = C:\Program Files\AVG\AVG8\
Parsed : c:\program files\avg\avg8
CC - 600
Location: HKEY_CLASSES_ROOT\TypeLib\{3F8E02B4-6601-41A2-95E7-6BD102935C55}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\phobos.dll
Parsed : c:\progra~1\americ~1.0\media\phobos.dll

Response Number 15

Name: haze077
Date: November 19, 2008 at 22:04:14 Pacific

Reply:

CC - 601
Location: HKEY_CLASSES_ROOT\TypeLib\{3F8E02B4-6601-41A2-95E7-6BD102935C55}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\
Parsed : c:\progra~1\americ~1.0\media
CC - 602
Location: HKEY_CLASSES_ROOT\TypeLib\{42B37582-FBEB-4B41-AC93-F5F2CB652B06}\1.0\0\win32
Value : (default) = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
Parsed : c:\windows\downloaded program files\msnpupld.dll
CC - 603
Location: HKEY_CLASSES_ROOT\TypeLib\{46295CB8-D71B-11DA-8750-001185653D78}\1.0\0\win32
Value : (default) = c:\program files\google\googletoolbar3.dll
Parsed : c:\program files\google\googletoolbar3.dll
CC - 604
Location: HKEY_CLASSES_ROOT\TypeLib\{4D25F920-B9FE-4682-BF72-8AB8210D6D75}\1.0\0\win32
Value : (default) = C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
Parsed : c:\program files\mywaysa\srchasde\1.bin\desrcas.dll
CC - 605
Location: HKEY_CLASSES_ROOT\TypeLib\{4D25F920-B9FE-4682-BF72-8AB8210D6D75}\1.0\HELPDIR
Value : (default) = C:\Program Files\MyWaySA\SrchAsDe\1.bin\
Parsed : c:\program files\mywaysa\srchasde\1.bin
CC - 606
Location: HKEY_CLASSES_ROOT\TypeLib\{57B2FD05-64D4-4AD7-A92A-7C32FE50A0F4}\1.0\0\win32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPUPF.dll
Parsed : c:\progra~1\common~1\aolshare\pictures\ygpupf.dll
CC - 607
Location: HKEY_CLASSES_ROOT\TypeLib\{57B2FD05-64D4-4AD7-A92A-7C32FE50A0F4}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\
Parsed : c:\progra~1\common~1\aolshare\pictures
CC - 608
Location: HKEY_CLASSES_ROOT\TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}\1.0\0\win32
Value : (default) = C:\Program Files\AVG\AVG8\avgssie.dll
Parsed : c:\program files\avg\avg8\avgssie.dll
CC - 609
Location: HKEY_CLASSES_ROOT\TypeLib\{64E26A20-8A9E-4B33-9F8D-F3663F13811E}\1.0\0\win32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPWz.dll
Parsed : c:\progra~1\common~1\aolshare\pictures\ygpwz.dll
CC - 610
Location: HKEY_CLASSES_ROOT\TypeLib\{64E26A20-8A9E-4B33-9F8D-F3663F13811E}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\
Parsed : c:\progra~1\common~1\aolshare\pictures
CC - 611
Location: HKEY_CLASSES_ROOT\TypeLib\{6B58B5D9-7405-11D2-8F58-00E02916007D}\1.0\0\win32
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\MMJBCtrl.ocx
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjbctrl.ocx
CC - 612
Location: HKEY_CLASSES_ROOT\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}\1.0\0\win32
Value : (default) = c:\program files\partygaming\PartyBingo\ImageOle.dll
Parsed : c:\program files\partygaming\partybingo\imageole.dll
CC - 613
Location: HKEY_CLASSES_ROOT\TypeLib\{79C10055-C1B5-4754-AC44-003784AA3A44}\1.0\0\win32
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\YGPPIC~3.DLL
Parsed : c:\progra~1\common~1\aolshare\pictures\ygppic~3.dll
CC - 614
Location: HKEY_CLASSES_ROOT\TypeLib\{79C10055-C1B5-4754-AC44-003784AA3A44}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\COMMON~1\aolshare\pictures\
Parsed : c:\progra~1\common~1\aolshare\pictures
CC - 615
Location: HKEY_CLASSES_ROOT\TypeLib\{8D66A700-5DF0-4706-9ACA-FEB467A7A853}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\ares.dll
Parsed : c:\progra~1\americ~1.0\media\ares.dll
CC - 616
Location: HKEY_CLASSES_ROOT\TypeLib\{8D66A700-5DF0-4706-9ACA-FEB467A7A853}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\
Parsed : c:\progra~1\americ~1.0\media
CC - 617
Location: HKEY_CLASSES_ROOT\TypeLib\{8E926E2D-BF6C-11D2-A33D-00A0C94B8D0E}\1.0\0\win32
Value : (default) = C:\Program Files\Yahoo!\Messenger\stock.dll
Parsed : c:\program files\yahoo!\messenger\stock.dll
CC - 618
Location: HKEY_CLASSES_ROOT\TypeLib\{905D0DF2-3A0A-4D94-853C-54A12A745905}\1.0\0\win32
Value : (default) = C:\Program Files\BearShare\RunMSC.dll
Parsed : c:\program files\bearshare\runmsc.dll
CC - 619
Location: HKEY_CLASSES_ROOT\TypeLib\{AAAF0528-2124-4DBD-9C63-C91E8C938A01}\2.0\0\win32
Value : (default) = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
Parsed : c:\program files\google\googletoolbarnotifier\1.2.1128.5462\googletoolbarnotifier.exe
CC - 620
Location: HKEY_CLASSES_ROOT\TypeLib\{AAAF0528-2124-4DBD-9C63-C91E8C938A01}\2.0\HELPDIR
Value : (default) = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\
Parsed : c:\program files\google\googletoolbarnotifier\1.2.1128.5462
CC - 621
Location: HKEY_CLASSES_ROOT\TypeLib\{AD680209-3E87-428D-A4E7-C9D46EE39736}\1.0\0\win32
Value : (default) = C:\WINDOWS\fdkowvbp.dll
Parsed : c:\windows\fdkowvbp.dll
CC - 622
Location: HKEY_CLASSES_ROOT\TypeLib\{BFF38E2D-B1D9-48F9-B11D-4F8A150F1C84}\1.0\0\win32
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\MMFWCtrl.ocx
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmfwctrl.ocx
CC - 623
Location: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
Value : (default) = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll
Parsed : c:\program files\google\googletoolbarnotifier\1.2.1128.5462\swg.dll
CC - 624
Location: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\HELPDIR
Value : (default) = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\
Parsed : c:\program files\google\googletoolbarnotifier\1.2.1128.5462
CC - 625
Location: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\0\win32
Value : (default) = C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
Parsed : c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
CC - 626
Location: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\5.0\HELPDIR
Value : (default) = C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\
Parsed : c:\program files\google\googletoolbarnotifier\2.0.301.7164
CC - 627
Location: HKEY_CLASSES_ROOT\TypeLib\{CC491105-58FA-437F-A1CE-CC947B6AFE4F}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\ae.dll
Parsed : c:\progra~1\americ~1.0\ae.dll
CC - 628
Location: HKEY_CLASSES_ROOT\TypeLib\{CC491105-58FA-437F-A1CE-CC947B6AFE4F}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\
Parsed : c:\progra~1\americ~1.0
CC - 629
Location: HKEY_CLASSES_ROOT\TypeLib\{D0286C01-E069-4B7D-8F6A-FB924FCC1238}\1.0\0\win32
Value : (default) = C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
Parsed : c:\program files\yahoo!\browser\ysidebariebho.dll
CC - 630
Location: HKEY_CLASSES_ROOT\TypeLib\{DA2FAE70-6518-4700-A264-3500A380F695}\1.0\0\win32
Value : (default) = C:\Program Files\America Online 9.0\abui.dll
Parsed : c:\program files\america online 9.0\abui.dll
CC - 631
Location: HKEY_CLASSES_ROOT\TypeLib\{DA2FAE70-6518-4700-A264-3500A380F695}\1.0\HELPDIR
Value : (default) = C:\Program Files\America Online 9.0\
Parsed : c:\program files\america online 9.0
CC - 632
Location: HKEY_CLASSES_ROOT\TypeLib\{DCCAF17F-7581-4C86-9867-56D9405FAC3F}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\PATHFI~1.DLL
Parsed : c:\progra~1\americ~1.0\media\pathfi~1.dll
CC - 633
Location: HKEY_CLASSES_ROOT\TypeLib\{DCCAF17F-7581-4C86-9867-56D9405FAC3F}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\
Parsed : c:\progra~1\americ~1.0\media
CC - 634
Location: HKEY_CLASSES_ROOT\TypeLib\{E3852602-B619-11D6-94EC-00047521F020}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\nmpxchat\nmpxchat.dll
Parsed : c:\progra~1\americ~1.0\media\nmpxchat\nmpxchat.dll
CC - 635
Location: HKEY_CLASSES_ROOT\TypeLib\{E3852602-B619-11D6-94EC-00047521F020}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\media\nmpxchat\
Parsed : c:\progra~1\americ~1.0\media\nmpxchat
CC - 636
Location: HKEY_CLASSES_ROOT\TypeLib\{ECAD18F1-CA65-11D6-8A1B-00E029570A3E}\1.0\0\win32
Value : (default) = C:\PROGRA~1\AMERIC~1.0\sa.dll
Parsed : c:\progra~1\americ~1.0\sa.dll
CC - 637
Location: HKEY_CLASSES_ROOT\TypeLib\{ECAD18F1-CA65-11D6-8A1B-00E029570A3E}\1.0\HELPDIR
Value : (default) = C:\PROGRA~1\AMERIC~1.0\
Parsed : c:\progra~1\americ~1.0
CC - 638
Location: HKEY_CLASSES_ROOT\TypeLib\{FD609BF1-0E01-403F-8F20-EA238F5CDCC3}\1.0\0\win32
Value : (default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Parsed : c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
CC - 639
Location: HKEY_CLASSES_ROOT\webcal\shell\open\command
Value : (default) = rundll32.exe C:\PROGRA~1\AMERIC~1.0\WEBCAL~1.DLL,WebCalHandler %1
Parsed : c:\progra~1\americ~1.0\webcal~1.dll
CC - 640
Location: HKEY_CLASSES_ROOT\WPEDoc\DefaultIcon
Value : (default) = C:\Program Files\WordPerfect Office 12\Programs\WPENT120.DLL,0
Parsed : c:\program files\wordperfect office 12\programs\wpent120.dll
CC - 641
Location: HKEY_CLASSES_ROOT\WPSDoc\DefaultIcon
Value : (default) = C:\Program Files\WordPerfect Office 12\Programs\WPENT120.DLL,1
Parsed : c:\program files\wordperfect office 12\programs\wpent120.dll
CC - 642
Location: HKEY_CLASSES_ROOT\zapfile\DefaultIcon
Value : (default) = %SystemRoot%\system32\appmgr.dll,-218
Parsed : c:\windows\system32\appmgr.dll
DEEP - 643
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Alert\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\alert.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\alert.wav
DEEP - 644
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\BuddyIn\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\buddyin.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\buddyin.wav
DEEP - 645
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\BuddyOut\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\buddyout.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\buddyout.wav
DEEP - 646
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Drop\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\drop.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\drop.wav
DEEP - 647
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\File's Done\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\filedone.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\filedone.wav
DEEP - 648
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Goodbye\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\goodbye.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\goodbye.wav
DEEP - 649
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\IM\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\im.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\im.wav
DEEP - 650
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Inactivity45\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\inactive.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\inactive.wav
DEEP - 651
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\More Mail\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\moremail.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\moremail.wav
DEEP - 652
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\OCW\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\phonecall.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\phonecall.wav
DEEP - 653
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\PanelIn\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\panelin.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\panelin.wav
DEEP - 654
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\PanelOut\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\panelout.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\panelout.wav
DEEP - 655
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\popupblock\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\popupblock.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\popupblock.wav
DEEP - 656
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\rmblock\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\rmblock.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\rmblock.wav
DEEP - 657
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Slide\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\slider.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\slider.wav
DEEP - 658
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\TalkRing\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\TalkRing.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\talkring.wav
DEEP - 659
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Urgent\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\urgent.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\urgent.wav
DEEP - 660
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Welcome\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\welcome.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\welcome.wav
DEEP - 661
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\ygp\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\gotpics.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\gotpics.wav
DEEP - 662
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\Ygvm\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\ygvm.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\ygvm.wav
DEEP - 663
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\AppEvents\Schemes\Apps\AOL_US(Default Sounds)\You've Got Mail\.current
Value : (default) = C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\aolshare\sounds\US\Default\gotmail.wav
Parsed : c:\documents and settings\all users\application data\aol\c_america online 9.0\aolshare\sounds\us\default\gotmail.wav
DEEP - 664
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Jasc\Paint Shop Pro Studio 1\Installer
Value : CacheFolder = C:\Documents and Settings\Owner\Application Data\Jasc Software Inc\Paint Shop Pro Studio\Cache\
Parsed : c:\documents and settings\owner\application data\jasc software inc\paint shop pro studio\cache
DEEP - 665
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut1 = C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
Parsed : c:\documents and settings\default user\start menu\programs\windows media player.lnk
DEEP - 666
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut2 = C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk
Parsed : c:\documents and settings\owner\start menu\programs\accessories\entertainment\windows media player.lnk
DEEP - 667
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut3 = C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
Parsed : c:\documents and settings\owner\start menu\programs\windows media player.lnk
DEEP - 668
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\CurrentVersion\Explorer\PublishingWizard\PublishingWizard\Providers\Yahoo!
Value : IconPath = C:\Progra~1\Intern~1\Signup\Yahoo\ybrief.ico
Parsed : c:\progra~1\intern~1\signup\yahoo\ybrief.ico
DEEP - 669
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DOCUME~1\Owner\LOCALS~1\Temp\RarSFX0\updat32.exe = updat32
Parsed : c:\docume~1\owner\locals~1\temp\rarsfx0\updat32.exe
DEEP - 670
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DELL\WINCLEAN.exe = WINCLEAN
Parsed : c:\dell\winclean.exe
DEEP - 671
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe = mm_tray
Parsed : c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe
DEEP - 672
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe = <Musicmatch System Tray Application>
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
DEEP - 673
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\Norton Internet Security\cfgwiz.exe = Symantec Internal Component
Parsed : c:\program files\norton internet security\cfgwiz.exe
DEEP - 674
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\Norton Internet Security\UrlLstCk.exe = URL Check List
Parsed : c:\program files\norton internet security\urllstck.exe
DEEP - 675
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe = Norton Security Center Helper
Parsed : c:\program files\common files\symantec shared\security center\usrprmpt.exe
DEEP - 676
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\sysprep\factory.exe = Factory pre-installation utility
Parsed : c:\sysprep\factory.exe
DEEP - 677
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\Dell Support\DSAgnt.exe = Dell Support
Parsed : c:\program files\dell support\dsagnt.exe
DEEP - 678
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\America Online 9.0\aoltray.exe = AOL Tray Icon
Parsed : c:\program files\america online 9.0\aoltray.exe
DEEP - 679
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Program Files\AOL Companion\companion.exe = AOL Companion
Parsed : c:\program files\aol companion\companion.exe
DEEP - 680
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : c:\dell\fist\hardtack.exe = FIST - Device Manager Checker
Parsed : c:\dell\fist\hardtack.exe
DEEP - 681
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : c:\dell\fist\GtKeeper.exe = GtKeeper
Parsed : c:\dell\fist\gtkeeper.exe
DEEP - 682
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\dell\FIST\NobNT.exe = NobNT
Parsed : c:\dell\fist\nobnt.exe
DEEP - 683
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : c:\sysprep\sysprep.exe = sysprep utility
Parsed : c:\sysprep\sysprep.exe
DEEP - 684
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~nsu.tmp\Au_.exe = Au_
Parsed : c:\docume~1\admini~1\locals~1\temp\~nsu.tmp\au_.exe
DEEP - 685
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\WINDOWS\system32\CF29384.exe = Windows Command Processor
Parsed : c:\windows\system32\cf29384.exe
DEEP - 686
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\User Trusted External Applications
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjb.exe = Yes
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjb.exe
DEEP - 687
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\User Trusted External Applications
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\ti.exe = Yes
Parsed : c:\program files\musicmatch\musicmatch jukebox\ti.exe
DEEP - 688
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\User Trusted External Applications
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe = Yes
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 689
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : audio/mpeg = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 690
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : audio/wav = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 691
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : audio/x-mpegurl = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 692
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : audio/x-ms-wma = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 693
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : application/x-mmjb-mmz = "C:\Program Files\Musicmatch\Musicmatch Jukebox\ti.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\ti.exe
DEEP - 694
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : audio/x-scpls = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 695
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : application/x-mmjb-mmo = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 696
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : application/x-mmjb-mmjb = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 697
Location: HKEY_USERS\S-1-5-21-816694058-943382858-1426949272-500\Software\Netscape\Netscape Navigator\Viewers
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" /AudioCD
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 698
Location: HKEY_CURRENT_USER\AppEvents\Schemes\Apps\MSNMSGR\MSNMSGR_NewSMSMessage\.Current
Value : (default) = C:\Program Files\MSN Messenger\ring.wav
Parsed : c:\program files\msn messenger\ring.wav
DEEP - 699
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SysBA.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\sysba.exe
DEEP - 700
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SysBE.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\sysbe.exe
DEEP - 701
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\system32\PPHCLBEJ0EE1P.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\pphclbej0ee1p.exe
DEEP - 702
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\system32\BLPHCLBEJ0EE1P.SCR = 07/30/2008 11:44 PM
Parsed : c:\windows\system32\blphclbej0ee1p.scr
DEEP - 703
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\DOCUMENTS AND SETTINGS\Rachel\START MENU\Programs\Startup\POWERREG SCHEDULER.exe = 08/05/2008 6:39 PM
Parsed : c:\documents and settings\rachel\start menu\programs\startup\powerreg scheduler.exe
DEEP - 704
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\DOCUMENTS AND SETTINGS\KIDS\LOCAL SETTINGS\APPLICATION DATA\Skype\Phone\Skype.exe = 08/22/2008 10:32 AM
Parsed : c:\documents and settings\kids\local settings\application data\skype\phone\skype.exe
DEEP - 705
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\Rachel\Local Settings\Temp\IS87B.tmp\install.exe = 09/02/2008 7:01 PM
Parsed : c:\documents and settings\rachel\local settings\temp\is87b.tmp\install.exe
DEEP - 706
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\Rachel\Local Settings\Temp\{B2FF6E72-3053-47DB-979B-CB6696F3B7EF}\lusetup.exe = 11/13/2008 4:26 PM
Parsed : c:\documents and settings\rachel\local settings\temp\{b2ff6e72-3053-47db-979b-cb6696f3b7ef}\lusetup.exe
DEEP - 707
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\Rachel\Local Settings\Temp\7zS1A.tmp\LUMSIBOOT.exe = 11/13/2008 4:26 PM
Parsed : c:\documents and settings\rachel\local settings\temp\7zs1a.tmp\lumsiboot.exe
DEEP - 708
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt806\setup.exe = 11/13/2008 4:35 PM
Parsed : c:\documents and settings\all users\application data\symantec\liveupdate\downloads\updt806\setup.exe
DEEP - 709
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Updt855\setup.exe = 11/13/2008 4:45 PM
Parsed : c:\documents and settings\all users\application data\symantec\liveupdate\downloads\updt855\setup.exe
DEEP - 710
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\Install\WINDOWS-KB890830-V2.0.exe = 11/13/2008 10:16 PM
Parsed : c:\windows\softwaredistribution\download\install\windows-kb890830-v2.0.exe
DEEP - 711
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\2FC6C8E82B7C931E399EB1B3A5F2FF50\mrtstub.exe = 11/13/2008 10:16 PM
Parsed : c:\2fc6c8e82b7c931e399eb1b3a5f2ff50\mrtstub.exe
DEEP - 712
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\66B1D8E81A20B4B541AB3E558F2FD638\update\update.exe = 11/14/2008 1:20 AM
Parsed : c:\windows\softwaredistribution\download\66b1d8e81a20b4b541ab3e558f2fd638\update\update.exe
DEEP - 713
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\Rachel\Local Settings\Temp\JRE-6U7-WINDOWS-I586-P-IFTW_BDB28397.exe = 11/18/2008 7:09 AM
Parsed : c:\documents and settings\rachel\local settings\temp\jre-6u7-windows-i586-p-iftw_bdb28397.exe
DEEP - 714
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\Install\IE7-WINDOWSXP-X86-ENU.exe = 11/18/2008 7:17 AM
Parsed : c:\windows\softwaredistribution\download\install\ie7-windowsxp-x86-enu.exe
DEEP - 715
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\C7B73DEE1F661D36C4A5337B835491C0\update\iesetup.exe = 11/18/2008 7:17 AM
Parsed : c:\c7b73dee1f661d36c4a5337b835491c0\update\iesetup.exe
DEEP - 716
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\3ABC37138385E8D0FCDBC22410C512E3\update\update.exe = 11/18/2008 7:21 AM
Parsed : c:\windows\softwaredistribution\download\3abc37138385e8d0fcdbc22410c512e3\update\update.exe
DEEP - 717
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\Rachel\Local Settings\Temp\IE740.tmp\update\update.exe = 11/18/2008 7:25 AM
Parsed : c:\documents and settings\rachel\local settings\temp\ie740.tmp\update\update.exe
DEEP - 718
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\C7B73DEE1F661D36C4A5337B835491C0\update\nlsdl.exe = 11/18/2008 7:29 AM
Parsed : c:\c7b73dee1f661d36c4a5337b835491c0\update\nlsdl.exe
DEEP - 719
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\C3DDECED7E7539B6BCE7F631\update\update.exe = 11/18/2008 7:29 AM
Parsed : c:\c3ddeced7e7539b6bce7f631\update\update.exe
DEEP - 720
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\C7B73DEE1F661D36C4A5337B835491C0\update\idndl.exe = 11/18/2008 7:30 AM
Parsed : c:\c7b73dee1f661d36c4a5337b835491c0\update\idndl.exe
DEEP - 721
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\82CEC4A16BA5732B9257FB\update\update.exe = 11/18/2008 7:30 AM
Parsed : c:\82cec4a16ba5732b9257fb\update\update.exe
DEEP - 722
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\42607421AB11DDFDC35FB68DBC4729E9\update\update.exe = 11/18/2008 7:47 AM
Parsed : c:\windows\softwaredistribution\download\42607421ab11ddfdc35fb68dbc4729e9\update\update.exe
DEEP - 723
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\A1E5DCC7B283A6101269\mrtstub.exe = 11/18/2008 4:29 PM
Parsed : c:\a1e5dcc7b283a6101269\mrtstub.exe
DEEP - 724
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\Documents and Settings\Rachel\Local Settings\Temp\is-01SHC.tmp\MBAM-SETUP[1].TMP = 11/18/2008 6:31 PM
Parsed : c:\documents and settings\rachel\local settings\temp\is-01shc.tmp\mbam-setup[1].tmp
DEEP - 725
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\0D3B5D19CC06DB007BBE6584808BFA9E\update\update.exe = 11/18/2008 7:26 PM
Parsed : c:\windows\softwaredistribution\download\0d3b5d19cc06db007bbe6584808bfa9e\update\update.exe
DEEP - 726
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks
Value : C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\DC6733DAB87A46FA9320681DF7D8D3C5\update\update.exe = 11/18/2008 8:13 PM
Parsed : c:\windows\softwaredistribution\download\dc6733dab87a46fa9320681df7d8d3c5\update\update.exe
DEEP - 727
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\FileTypes
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe %1 = 08/07/2008 7:09 PM
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 728
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\QTFont.qfn = 07/29/2008 10:08 PM
Parsed : c:\windows\qtfont.qfn
DEEP - 729
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\system32\hPYaaGgh.ini = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\hpyaaggh.ini
DEEP - 730
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\system32\hPYaaGgh.ini2 = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\hpyaaggh.ini2
DEEP - 731
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\system32\lgujccgn.ini = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\lgujccgn.ini
DEEP - 732
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\JXIXJHCS.INI = 08/04/2008 6:20 AM
Parsed : c:\windows\system32\jxixjhcs.ini
DEEP - 733
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\RYFLKUVW.INI = 08/04/2008 6:20 AM
Parsed : c:\windows\system32\ryflkuvw.ini
DEEP - 734
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\RYFLKUVW.INI2 = 08/04/2008 6:20 AM
Parsed : c:\windows\system32\ryflkuvw.ini2
DEEP - 735
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\VRQHTXXR.INI = 08/04/2008 6:20 AM
Parsed : c:\windows\system32\vrqhtxxr.ini
DEEP - 736
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\WSEREWYJ.INI = 08/04/2008 6:20 AM
Parsed : c:\windows\system32\wserewyj.ini
DEEP - 737
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\YUHWCOXT.INI = 08/04/2008 6:20 AM
Parsed : c:\windows\system32\yuhwcoxt.ini
DEEP - 738
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\ALJHRCNX.INI2 = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\aljhrcnx.ini2
DEEP - 739
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\ALJHRCNX.TMP = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\aljhrcnx.tmp
DEEP - 740
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\AMMAGRRG.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\ammagrrg.ini
DEEP - 741
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\DLUTMMLN.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\dlutmmln.ini
DEEP - 742
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\DSYKVMQS.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\dsykvmqs.ini
DEEP - 743
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\EBJCNLLA.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\ebjcnlla.ini
DEEP - 744
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\FCGQSPYR.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\fcgqspyr.ini
DEEP - 745
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\GDSNAUJO.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\gdsnaujo.ini
DEEP - 746
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\IJWPKQPS.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\ijwpkqps.ini
DEEP - 747
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\JGCIBPED.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\jgcibped.ini
DEEP - 748
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\JLYMUEIG.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\jlymueig.ini
DEEP - 749
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\NGRPJPOT.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\ngrpjpot.ini
DEEP - 750
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\SILSAETU.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\silsaetu.ini

Response Number 16

Name: haze077
Date: November 19, 2008 at 22:05:41 Pacific

Reply:

DEEP - 751
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\UENONWXL.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\uenonwxl.ini
DEEP - 752
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\USBGVJVB.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\usbgvjvb.ini
DEEP - 753
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\WFDMDJGO.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\wfdmdjgo.ini
DEEP - 754
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\XQMOUDGU.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\xqmoudgu.ini
DEEP - 755
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Hidden
Value : C:\WINDOWS\SYSTEM32\YUNQVRAV.INI = 08/24/2008 8:10 PM
Parsed : c:\windows\system32\yunqvrav.ini
DEEP - 756
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\nfavxwdbxpw.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\nfavxwdbxpw.dll
DEEP - 757
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll = 07/29/2008 10:08 PM
Parsed : c:\program files\mywaysa\srchasde\1.bin\desrcas.dll
DEEP - 758
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\dla\tfswshx.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\dla\tfswshx.dll
DEEP - 759
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\hgGaaYPh.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\hggaayph.dll
DEEP - 760
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = 07/29/2008 10:08 PM
Parsed : c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
DEEP - 761
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : c:\program files\Google\googletoolbar3.dll = 07/29/2008 10:08 PM
Parsed : c:\program files\google\googletoolbar3.dll
DEEP - 762
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll = 07/29/2008 10:08 PM
Parsed : c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
DEEP - 763
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\mqxdab.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\mqxdab.dll
DEEP - 764
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll = 07/29/2008 10:08 PM
Parsed : c:\program files\yahoo!\browser\ysidebariebho.dll
DEEP - 765
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\hgGvuUOG.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\hggvuuog.dll
DEEP - 766
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\fdkowvbp.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\fdkowvbp.dll
DEEP - 767
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe = 07/29/2008 10:08 PM
Parsed : c:\program files\partygaming\partycasino\runcasino.exe
DEEP - 768
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\AVG\AVG8\avgssie.dll = 07/29/2008 10:20 PM
Parsed : c:\program files\avg\avg8\avgssie.dll
DEEP - 769
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\AVG\AVG8\avgtoolbar.dll = 07/29/2008 10:20 PM
Parsed : c:\program files\avg\avg8\avgtoolbar.dll
DEEP - 770
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\wvUkLFYr.dll = 07/30/2008 6:24 PM
Parsed : c:\windows\system32\wvuklfyr.dll
DEEP - 771
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\zushuz.dll = 07/30/2008 6:24 PM
Parsed : c:\windows\system32\zushuz.dll
DEEP - 772
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\zlhraq.dll = 08/01/2008 0:11 AM
Parsed : c:\windows\system32\zlhraq.dll
DEEP - 773
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\aqiwjd.dll = 08/02/2008 1:19 PM
Parsed : c:\windows\system32\aqiwjd.dll
DEEP - 774
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\frkqko.dll = 08/04/2008 5:11 AM
Parsed : c:\windows\system32\frkqko.dll
DEEP - 775
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\pzwgrr.dll = 08/04/2008 2:07 PM
Parsed : c:\windows\system32\pzwgrr.dll
DEEP - 776
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\SiteAdvisor\6261\SiteAdv.dll = 08/04/2008 7:33 PM
Parsed : c:\program files\siteadvisor\6261\siteadv.dll
DEEP - 777
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\wlwvyf.dll = 08/05/2008 7:10 PM
Parsed : c:\windows\system32\wlwvyf.dll
DEEP - 778
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll = 08/05/2008 7:33 PM
Parsed : c:\program files\mcafee\siteadvisor\mcieplg.dll
DEEP - 779
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\vvzfvz.dll = 08/06/2008 8:47 PM
Parsed : c:\windows\system32\vvzfvz.dll
DEEP - 780
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\pkjvfp.dll = 08/07/2008 7:05 PM
Parsed : c:\windows\system32\pkjvfp.dll
DEEP - 781
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\yytfuk.dll = 08/08/2008 7:04 PM
Parsed : c:\windows\system32\yytfuk.dll
DEEP - 782
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\wocjov.dll = 08/09/2008 7:06 PM
Parsed : c:\windows\system32\wocjov.dll
DEEP - 783
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\fiwiax.dll = 08/10/2008 7:05 PM
Parsed : c:\windows\system32\fiwiax.dll
DEEP - 784
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\crdcmr.dll = 08/11/2008 8:10 PM
Parsed : c:\windows\system32\crdcmr.dll
DEEP - 785
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\mstawd.dll = 08/12/2008 7:23 PM
Parsed : c:\windows\system32\mstawd.dll
DEEP - 786
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\reapjf.dll = 08/16/2008 4:25 PM
Parsed : c:\windows\system32\reapjf.dll
DEEP - 787
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\qzusym.dll = 08/17/2008 4:35 PM
Parsed : c:\windows\system32\qzusym.dll
DEEP - 788
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\jaanhc.dll = 08/18/2008 5:16 PM
Parsed : c:\windows\system32\jaanhc.dll
DEEP - 789
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\eylfpw.dll = 08/19/2008 6:29 PM
Parsed : c:\windows\system32\eylfpw.dll
DEEP - 790
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\vdwymv.dll = 08/20/2008 6:35 PM
Parsed : c:\windows\system32\vdwymv.dll
DEEP - 791
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\gqvutm.dll = 08/21/2008 6:44 PM
Parsed : c:\windows\system32\gqvutm.dll
DEEP - 792
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\ranznr.dll = 08/22/2008 6:40 PM
Parsed : c:\windows\system32\ranznr.dll
DEEP - 793
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\pbhdsc.dll = 08/24/2008 7:30 PM
Parsed : c:\windows\system32\pbhdsc.dll
DEEP - 794
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\onhdlr.dll = 08/25/2008 8:27 PM
Parsed : c:\windows\system32\onhdlr.dll
DEEP - 795
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\sbatoo.dll = 08/26/2008 8:06 PM
Parsed : c:\windows\system32\sbatoo.dll
DEEP - 796
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\hrzqfm.dll = 08/27/2008 7:42 PM
Parsed : c:\windows\system32\hrzqfm.dll
DEEP - 797
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\nnnlmLdc.dll = 08/28/2008 6:15 PM
Parsed : c:\windows\system32\nnnlmldc.dll
DEEP - 798
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\zllphl.dll = 08/28/2008 8:44 PM
Parsed : c:\windows\system32\zllphl.dll
DEEP - 799
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\qezmwa.dll = 08/30/2008 8:23 AM
Parsed : c:\windows\system32\qezmwa.dll
DEEP - 800
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\axersz.dll = 08/30/2008 8:51 PM
Parsed : c:\windows\system32\axersz.dll
DEEP - 801
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\midylz.dll = 09/01/2008 8:50 PM
Parsed : c:\windows\system32\midylz.dll
DEEP - 802
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\cjuixp.dll = 09/02/2008 8:58 PM
Parsed : c:\windows\system32\cjuixp.dll
DEEP - 803
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\lylguw.dll = 09/03/2008 4:59 PM
Parsed : c:\windows\system32\lylguw.dll
DEEP - 804
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\yaywwUlI.dll = 09/03/2008 5:10 PM
Parsed : c:\windows\system32\yaywwuli.dll
DEEP - 805
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\cjzfsq.dll = 09/03/2008 8:52 PM
Parsed : c:\windows\system32\cjzfsq.dll
DEEP - 806
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\pbbzyp.dll = 09/05/2008 0:35 AM
Parsed : c:\windows\system32\pbbzyp.dll
DEEP - 807
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\ejhwfb.dll = 09/05/2008 10:21 PM
Parsed : c:\windows\system32\ejhwfb.dll
DEEP - 808
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\efcCuRjj.dll = 09/06/2008 2:05 PM
Parsed : c:\windows\system32\efccurjj.dll
DEEP - 809
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll = 09/09/2008 8:13 PM
Parsed : c:\program files\yahoo!\companion\installs\cpn\yt.dll
DEEP - 810
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\vtUmMFVn.dll = 09/10/2008 6:04 AM
Parsed : c:\windows\system32\vtummfvn.dll
DEEP - 811
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\uarywn.dll = 09/10/2008 6:12 AM
Parsed : c:\windows\system32\uarywn.dll
DEEP - 812
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\dlejvl.dll = 09/11/2008 6:29 AM
Parsed : c:\windows\system32\dlejvl.dll
DEEP - 813
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\cfznqu.dll = 09/11/2008 6:07 PM
Parsed : c:\windows\system32\cfznqu.dll
DEEP - 814
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\uenlyo.dll = 09/12/2008 6:29 PM
Parsed : c:\windows\system32\uenlyo.dll
DEEP - 815
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\mykwzk.dll = 09/13/2008 6:16 PM
Parsed : c:\windows\system32\mykwzk.dll
DEEP - 816
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\eumlhl.dll = 09/16/2008 1:10 PM
Parsed : c:\windows\system32\eumlhl.dll
DEEP - 817
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\cpetur.dll = 09/24/2008 8:04 PM
Parsed : c:\windows\system32\cpetur.dll
DEEP - 818
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\fhqilu.dll = 09/24/2008 8:09 PM
Parsed : c:\windows\system32\fhqilu.dll
DEEP - 819
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\ocktbp.dll = 10/22/2008 8:19 PM
Parsed : c:\windows\system32\ocktbp.dll
DEEP - 820
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\xexnmx.dll = 10/23/2008 8:26 PM
Parsed : c:\windows\system32\xexnmx.dll
DEEP - 821
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\ydmgpn.dll = 10/24/2008 8:22 PM
Parsed : c:\windows\system32\ydmgpn.dll
DEEP - 822
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\chkwmr.dll = 10/25/2008 9:11 PM
Parsed : c:\windows\system32\chkwmr.dll
DEEP - 823
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\dvvhvd.dll = 10/26/2008 8:30 PM
Parsed : c:\windows\system32\dvvhvd.dll
DEEP - 824
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\ynumsd.dll = 10/27/2008 9:05 PM
Parsed : c:\windows\system32\ynumsd.dll
DEEP - 825
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\Yahoo!\Common\Yiesrvc1.DLL = 11/13/2008 2:17 PM
Parsed : c:\program files\yahoo!\common\yiesrvc1.dll
DEEP - 826
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\WINDOWS\system32\oizzyg.dll = 11/13/2008 3:36 PM
Parsed : c:\windows\system32\oizzyg.dll
DEEP - 827
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper
Value : C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll = 11/18/2008 7:19 AM
Parsed : c:\program files\java\jre1.6.0_07\bin\ssv.dll
DEEP - 828
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe = 07/29/2008 10:08 PM
Parsed : c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe
DEEP - 829
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe = 07/29/2008 10:08 PM
Parsed : c:\program files\musicmatch\musicmatch jukebox\mimboot.exe
DEEP - 830
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\lphclbej0ee1p.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\lphclbej0ee1p.exe
DEEP - 831
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\rhcgbej0ee1p\rhcgbej0ee1p.exe = 07/29/2008 10:08 PM
Parsed : c:\program files\rhcgbej0ee1p\rhcgbej0ee1p.exe
DEEP - 832
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\VAV\vav.exe = 07/29/2008 10:08 PM
Parsed : c:\program files\vav\vav.exe
DEEP - 833
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\ngccjugl.dll,b = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\ngccjugl.dll
DEEP - 834
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\Sys1.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\sys1.exe
DEEP - 835
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\Sys2.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\sys2.exe
DEEP - 836
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\Sys4.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\sys4.exe
DEEP - 837
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\Sys5.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\sys5.exe
DEEP - 838
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\SysA.exe = 07/29/2008 10:08 PM
Parsed : c:\windows\sysa.exe
DEEP - 839
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Documents and Settings\Rachel\Start Menu\Programs\Startup\PowerReg Scheduler.exe = 07/29/2008 10:08 PM
Parsed : c:\documents and settings\rachel\start menu\programs\startup\powerreg scheduler.exe
DEEP - 840
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\wnslvxtf.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\wnslvxtf.dll
DEEP - 841
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\eqvwamkl.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\eqvwamkl.dll
DEEP - 842
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\hgGvuUOG.dll = 07/29/2008 10:08 PM
Parsed : c:\windows\system32\hggvuuog.dll
DEEP - 843
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\AVG\AVG8\avgtray.exe = 07/29/2008 10:19 PM
Parsed : c:\program files\avg\avg8\avgtray.exe
DEEP - 844
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\SYSTEM32\NGCCJUGL.DLL = 07/29/2008 10:28 PM
Parsed : c:\windows\system32\ngccjugl.dll
DEEP - 845
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\schjxixj.dll,b = 07/30/2008 7:12 PM
Parsed : c:\windows\system32\schjxixj.dll
DEEP - 846
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\PROGRA~1\Symantec\LIVEUP~1\LUSetup.exe -s -a -q -log -version = 07/30/2008 7:15 PM
Parsed : c:\progra~1\symantec\liveup~1\lusetup.exe
DEEP - 847
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\txocwhuy.dll,b = 08/02/2008 8:29 AM
Parsed : c:\windows\system32\txocwhuy.dll
DEEP - 848
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\rxxthqrv.dll,b = 08/02/2008 1:31 PM
Parsed : c:\windows\system32\rxxthqrv.dll
DEEP - 849
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\jyweresw.dll,b = 08/03/2008 11:55 AM
Parsed : c:\windows\system32\jyweresw.dll
DEEP - 850
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\depbicgj.dll,b = 08/04/2008 11:59 AM
Parsed : c:\windows\system32\depbicgj.dll
DEEP - 851
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\PC Tools AntiVirus\PCTAV.exe /MONITORSCAN = 08/04/2008 3:52 PM
Parsed : c:\program files\pc tools antivirus\pctav.exe
DEEP - 852
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\SiteAdvisor\6261\SiteAdv.exe = 08/04/2008 7:33 PM
Parsed : c:\program files\siteadvisor\6261\siteadv.exe
DEEP - 853
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\uteaslis.dll,b = 08/05/2008 7:02 PM
Parsed : c:\windows\system32\uteaslis.dll
DEEP - 854
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\topjprgn.dll,b = 08/06/2008 7:01 PM
Parsed : c:\windows\system32\topjprgn.dll
DEEP - 855
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe = 08/07/2008 6:51 PM
Parsed : c:\program files\hewlett-packard\hp software update\hpwuschd.exe
DEEP - 856
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\grrgamma.dll,b = 08/07/2008 7:02 PM
Parsed : c:\windows\system32\grrgamma.dll
DEEP - 857
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe 1010011 = 08/07/2008 8:16 PM
Parsed : c:\windows\system32\macromed\shockwave 10\postupdate.exe
DEEP - 858
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\sqmvkysd.dll,b = 08/09/2008 8:51 AM
Parsed : c:\windows\system32\sqmvkysd.dll
DEEP - 859
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\gieumylj.dll,b = 08/10/2008 8:08 AM
Parsed : c:\windows\system32\gieumylj.dll
DEEP - 860
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\ugduomqx.dll,b = 08/10/2008 7:41 PM
Parsed : c:\windows\system32\ugduomqx.dll
DEEP - 861
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\spqkpwji.dll,b = 08/11/2008 7:07 PM
Parsed : c:\windows\system32\spqkpwji.dll
DEEP - 862
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\xncrhjla.dll,b = 08/12/2008 7:06 PM
Parsed : c:\windows\system32\xncrhjla.dll
DEEP - 863
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\varvqnuy.dll,b = 08/16/2008 4:29 PM
Parsed : c:\windows\system32\varvqnuy.dll
DEEP - 864
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\ojuansdg.dll,b = 08/17/2008 4:26 PM
Parsed : c:\windows\system32\ojuansdg.dll
DEEP - 865
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\rypsqgcf.dll,b = 08/18/2008 5:13 PM
Parsed : c:\windows\system32\rypsqgcf.dll
DEEP - 866
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\ogjdmdfw.dll,b = 08/19/2008 6:32 PM
Parsed : c:\windows\system32\ogjdmdfw.dll
DEEP - 867
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\allncjbe.dll,b = 08/20/2008 6:38 PM
Parsed : c:\windows\system32\allncjbe.dll
DEEP - 868
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\bvjvgbsu.dll,b = 08/21/2008 6:36 PM
Parsed : c:\windows\system32\bvjvgbsu.dll
DEEP - 869
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\nlmmtuld.dll,b = 08/22/2008 6:40 PM
Parsed : c:\windows\system32\nlmmtuld.dll
DEEP - 870
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\lxwnoneu.dll,b = 08/24/2008 7:33 PM
Parsed : c:\windows\system32\lxwnoneu.dll
DEEP - 871
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\PROGRAM FILES\PC TOOLS ANTIVIRUS\PCTAV.exe = 08/24/2008 8:02 PM
Parsed : c:\program files\pc tools antivirus\pctav.exe
DEEP - 872
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\businfdb.dll,b = 08/25/2008 8:30 PM
Parsed : c:\windows\system32\businfdb.dll
DEEP - 873
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\tcvcatie.dll,b = 08/27/2008 5:14 PM
Parsed : c:\windows\system32\tcvcatie.dll
DEEP - 874
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\bgxlkkod.dll,b = 08/27/2008 9:19 PM
Parsed : c:\windows\system32\bgxlkkod.dll
DEEP - 875
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\yucidlub.dll,b = 08/29/2008 6:41 PM
Parsed : c:\windows\system32\yucidlub.dll
DEEP - 876
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\ojhkxvnb.dll,b = 08/31/2008 8:25 AM
Parsed : c:\windows\system32\ojhkxvnb.dll
DEEP - 877
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\qrbjkmha.dll,b = 09/01/2008 7:21 PM
Parsed : c:\windows\system32\qrbjkmha.dll
DEEP - 878
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\xlklpneh.dll,b = 09/01/2008 8:53 PM
Parsed : c:\windows\system32\xlklpneh.dll
DEEP - 879
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\khehsaev.dll,b = 09/02/2008 8:51 PM
Parsed : c:\windows\system32\khehsaev.dll
DEEP - 880
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\afouqbgk.dll,b = 09/03/2008 5:01 PM
Parsed : c:\windows\system32\afouqbgk.dll
DEEP - 881
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\bykgcssx.dll,b = 09/03/2008 8:52 PM
Parsed : c:\windows\system32\bykgcssx.dll
DEEP - 882
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\qajlbfsb.dll,b = 09/04/2008 9:02 PM
Parsed : c:\windows\system32\qajlbfsb.dll
DEEP - 883
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\ijbhohob.dll,b = 09/05/2008 8:58 PM
Parsed : c:\windows\system32\ijbhohob.dll
DEEP - 884
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\vbtjprxc.dll,b = 09/10/2008 6:09 AM
Parsed : c:\windows\system32\vbtjprxc.dll
DEEP - 885
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\hsokpvav.dll,b = 09/11/2008 2:29 PM
Parsed : c:\windows\system32\hsokpvav.dll
DEEP - 886
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\rhtqcvgd.dll,b = 09/11/2008 6:07 PM
Parsed : c:\windows\system32\rhtqcvgd.dll
DEEP - 887
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\vxfafgrg.dll,b = 09/12/2008 6:31 PM
Parsed : c:\windows\system32\vxfafgrg.dll
DEEP - 888
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\upkxltet.dll,b = 09/14/2008 10:14 AM
Parsed : c:\windows\system32\upkxltet.dll
DEEP - 889
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\lwopyyqv.dll,b = 09/16/2008 12:10 AM
Parsed : c:\windows\system32\lwopyyqv.dll
DEEP - 890
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\klvxaukt.dll,b = 09/17/2008 3:52 PM
Parsed : c:\windows\system32\klvxaukt.dll
DEEP - 891
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\mxfcaeqd.dll,b = 10/02/2008 12:03 AM
Parsed : c:\windows\system32\mxfcaeqd.dll
DEEP - 892
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\lrlxdhbq.dll,b = 10/22/2008 8:18 PM
Parsed : c:\windows\system32\lrlxdhbq.dll
DEEP - 893
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\cqundkdp.dll,b = 10/24/2008 6:10 AM
Parsed : c:\windows\system32\cqundkdp.dll
DEEP - 894
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\towlgsrd.dll,b = 10/24/2008 8:25 PM
Parsed : c:\windows\system32\towlgsrd.dll
DEEP - 895
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\qekevqrq.dll,b = 10/26/2008 4:29 AM
Parsed : c:\windows\system32\qekevqrq.dll
DEEP - 896
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : C:\WINDOWS\system32\rojvonnf.dll,b = 10/28/2008 8:22 AM
Parsed : c:\windows\system32\rojvonnf.dll
DEEP - 897
Location: HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup
Value : cmd.exe /C del C:\Program Files\Yahoo!\Messenger\ypagerps.dll = 11/09/2008 11:34 PM
Parsed : c:\program files\yahoo!\messenger\ypagerps.dll
DEEP - 898
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Class
Value : MMJB.MP3 = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe %1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 899
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Hidden
Value : C:\WINDOWS\QTFont.qfn = 07/29/2008 10:09 PM
Parsed : c:\windows\qtfont.qfn
DEEP - 900
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Hidden
Value : C:\WINDOWS\system32\hPYaaGgh.ini = 07/29/2008 10:09 PM
Parsed : c:\windows\system32\hpyaaggh.ini

Response Number 17

Name: haze077
Date: November 19, 2008 at 22:10:03 Pacific

Reply:

DEEP - 900
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Hidden
Value : C:\WINDOWS\system32\hPYaaGgh.ini = 07/29/2008 10:09 PM
Parsed : c:\windows\system32\hpyaaggh.ini
DEEP - 901
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Hidden
Value : C:\WINDOWS\system32\hPYaaGgh.ini2 = 07/29/2008 10:09 PM
Parsed : c:\windows\system32\hpyaaggh.ini2
DEEP - 902
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Hidden
Value : C:\WINDOWS\system32\lgujccgn.ini = 07/29/2008 10:09 PM
Parsed : c:\windows\system32\lgujccgn.ini
DEEP - 903
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe = 1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe
DEEP - 904
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe = 1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mimboot.exe
DEEP - 905
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\Documents and Settings\Rachel\Start Menu\Programs\Startup\PowerReg Scheduler.exe = 200
Parsed : c:\documents and settings\rachel\start menu\programs\startup\powerreg scheduler.exe
DEEP - 906
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\wnslvxtf.dll = 252
Parsed : c:\windows\wnslvxtf.dll
DEEP - 907
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\eqvwamkl.dll = 252
Parsed : c:\windows\eqvwamkl.dll
DEEP - 908
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\hgGvuUOG.dll = 254
Parsed : c:\windows\system32\hggvuuog.dll
DEEP - 909
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\Program Files\AVG\AVG8\avgtray.exe = 1
Parsed : c:\program files\avg\avg8\avgtray.exe
DEEP - 910
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\PROGRA~1\Symantec\LIVEUP~1\LUSetup.exe -s -a -q -log -version = 2
Parsed : c:\progra~1\symantec\liveup~1\lusetup.exe
DEEP - 911
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\Program Files\PC Tools AntiVirus\PCTAV.exe /MONITORSCAN = 1
Parsed : c:\program files\pc tools antivirus\pctav.exe
DEEP - 912
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\Program Files\SiteAdvisor\6261\SiteAdv.exe = 1
Parsed : c:\program files\siteadvisor\6261\siteadv.exe
DEEP - 913
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\uteaslis.dll,b = 1
Parsed : c:\windows\system32\uteaslis.dll
DEEP - 914
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe = 1
Parsed : c:\program files\hewlett-packard\hp software update\hpwuschd.exe
DEEP - 915
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe 1010011 = 12
Parsed : c:\windows\system32\macromed\shockwave 10\postupdate.exe
DEEP - 916
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\ugduomqx.dll,b = 1
Parsed : c:\windows\system32\ugduomqx.dll
DEEP - 917
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\ojhkxvnb.dll,b = 1
Parsed : c:\windows\system32\ojhkxvnb.dll
DEEP - 918
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\khehsaev.dll,b = 1
Parsed : c:\windows\system32\khehsaev.dll
DEEP - 919
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\qajlbfsb.dll,b = 1
Parsed : c:\windows\system32\qajlbfsb.dll
DEEP - 920
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\hsokpvav.dll,b = 1
Parsed : c:\windows\system32\hsokpvav.dll
DEEP - 921
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\upkxltet.dll,b = 1
Parsed : c:\windows\system32\upkxltet.dll
DEEP - 922
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\mxfcaeqd.dll,b = 1
Parsed : c:\windows\system32\mxfcaeqd.dll
DEEP - 923
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\qekevqrq.dll,b = 1
Parsed : c:\windows\system32\qekevqrq.dll
DEEP - 924
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : C:\WINDOWS\system32\rojvonnf.dll,b = 1
Parsed : c:\windows\system32\rojvonnf.dll
DEEP - 925
Location: HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run
Value : cmd.exe /C del C:\Program Files\Yahoo!\Messenger\ypagerps.dll = 12
Parsed : c:\program files\yahoo!\messenger\ypagerps.dll
DEEP - 926
Location: HKEY_CURRENT_USER\Software\Full Tilt Poker\ProChat
Value : Path = C:\Program Files\Full Tilt Poker\ProChatLog\
Parsed : c:\program files\full tilt poker\prochatlog
DEEP - 927
Location: HKEY_CURRENT_USER\Software\Jasc\Paint Shop Photo Album 5 Dell Edition\Install
Value : FavoritesFile = C:\Program Files\Jasc Software Inc\Paint Shop Photo Album 5\System\favorite.txt
Parsed : c:\program files\jasc software inc\paint shop photo album 5\system\favorite.txt
DEEP - 928
Location: HKEY_CURRENT_USER\Software\Jasc\Paint Shop Pro Studio 1\FileLocations\TempFiles\0
Value : Dir = C:\Documents and Settings\Rachel\Local Settings\Temp\Temp Files
Parsed : c:\documents and settings\rachel\local settings\temp\temp files
DEEP - 929
Location: HKEY_CURRENT_USER\Software\Jasc\Paint Shop Pro Studio 1\Installer
Value : CacheFolder = C:\Documents and Settings\Owner\Application Data\Jasc Software Inc\Paint Shop Pro Studio\Cache\
Parsed : c:\documents and settings\owner\application data\jasc software inc\paint shop pro studio\cache
DEEP - 930
Location: HKEY_CURRENT_USER\Software\Jasc\Paint Shop Pro Studio 1\WorkspaceMRU
Value : File1 = C:\DOCUME~1\Rachel\LOCALS~1\Temp\JSC2F.tmp
Parsed : c:\docume~1\rachel\locals~1\temp\jsc2f.tmp
DEEP - 931
Location: HKEY_CURRENT_USER\Software\Listen\Rhapsody\Log
Value : FileLogFileName = C:\Documents and Settings\Rachel\Application Data\Real\Rhapsody\log.txt
Parsed : c:\documents and settings\rachel\application data\real\rhapsody\log.txt
DEEP - 932
Location: HKEY_CURRENT_USER\Software\Listen\Rhapsody\Log
Value : HtmlFileLogFileName = C:\Documents and Settings\Rachel\Application Data\Real\Rhapsody\log.htm
Parsed : c:\documents and settings\rachel\application data\real\rhapsody\log.htm
DEEP - 933
Location: HKEY_CURRENT_USER\Software\Macromedia\FlashPlayerUpdate
Value : Path = C:\DOCUME~1\Rachel\LOCALS~1\Temp\FlashPlayerUpdate.exe
Parsed : c:\docume~1\rachel\locals~1\temp\flashplayerupdate.exe
DEEP - 934
Location: HKEY_CURRENT_USER\Software\Microsoft\Keyboard\Native Media Players\QuickTime Player
Value : ExePath = C:\Program Files\QuickT
Parsed : c:\program files\quickt
DEEP - 935
Location: HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut1 = C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
Parsed : c:\documents and settings\default user\start menu\programs\windows media player.lnk
DEEP - 936
Location: HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut2 = C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk
Parsed : c:\documents and settings\owner\start menu\programs\accessories\entertainment\windows media player.lnk
DEEP - 937
Location: HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut3 = C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
Parsed : c:\documents and settings\owner\start menu\programs\windows media player.lnk
DEEP - 938
Location: HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut5 = C:\Documents and Settings\Rachel\Desktop\Windows Media Player.lnk
Parsed : c:\documents and settings\rachel\desktop\windows media player.lnk
DEEP - 939
Location: HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Setup\CreatedLinks
Value : Shortcut7 = C:\Documents and Settings\Rachel\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
Parsed : c:\documents and settings\rachel\application data\microsoft\internet explorer\quick launch\windows media player.lnk
DEEP - 940
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
Value : File2 = C:\Documents and Settings\Rachel\My Documents\My Pictures\untitled.bmp
Parsed : c:\documents and settings\rachel\my documents\my pictures\untitled.bmp
DEEP - 941
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
Value : File4 = C:\Documents and Settings\Rachel\My Documents\cisi2.bmp
Parsed : c:\documents and settings\rachel\my documents\cisi2.bmp
DEEP - 942
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : a = C:\Documents and Settings\Rachel\My Documents\JR-fall08Arlington[1]
Parsed : c:\documents and settings\rachel\my documents\jr-fall08arlington[1
DEEP - 943
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : c = C:\Documents and Settings\Rachel\My Documents\SRBooksF08[1]
Parsed : c:\documents and settings\rachel\my documents\srbooksf08[1
DEEP - 944
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : d = C:\Documents and Settings\Rachel\My Documents\RachelMilnerResume
Parsed : c:\documents and settings\rachel\my documents\rachelmilnerresume
DEEP - 945
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : e = C:\Documents and Settings\All Users\Documents\RachelMilnerResume
Parsed : c:\documents and settings\all users\documents\rachelmilnerresume
DEEP - 946
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : f = C:\Documents and Settings\Rachel\My Documents\jo res
Parsed : c:\documents and settings\rachel\my documents\jo res
DEEP - 947
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : g = C:\Documents and Settings\Rachel\My Documents\jo letter
Parsed : c:\documents and settings\rachel\my documents\jo letter
DEEP - 948
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : h = C:\Documents and Settings\Rachel\My Documents\coverletter
Parsed : c:\documents and settings\rachel\my documents\coverletter
DEEP - 949
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : i = C:\Documents and Settings\Rachel\My Documents\JoEllen_Baty[1]
Parsed : c:\documents and settings\rachel\my documents\joellen_baty[1
DEEP - 950
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Value : j = C:\Documents and Settings\Rachel\My Documents\JRBooksF08[1]
Parsed : c:\documents and settings\rachel\my documents\jrbooksf08[1
DEEP - 951
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\bmp
Value : a = C:\Documents and Settings\Rachel\My Documents\My Pictures\cissy.bmp
Parsed : c:\documents and settings\rachel\my documents\my pictures\cissy.bmp
DEEP - 952
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\bmp
Value : b = C:\Documents and Settings\Rachel\My Documents\cisi2.bmp
Parsed : c:\documents and settings\rachel\my documents\cisi2.bmp
DEEP - 953
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\bmp
Value : d = C:\Documents and Settings\Rachel\My Documents\My Pictures\shiloh's helmet.bmp
Parsed : c:\documents and settings\rachel\my documents\my pictures\shiloh's helmet.bmp
DEEP - 954
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\bmp
Value : e = C:\Documents and Settings\Rachel\My Documents\My Pictures\untitled.bmp
Parsed : c:\documents and settings\rachel\my documents\my pictures\untitled.bmp
DEEP - 955
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\dmg
Value : a = C:\Documents and Settings\Rachel\My Documents\1500_772_EN.dmg
Parsed : c:\documents and settings\rachel\my documents\1500_772_en.dmg
DEEP - 956
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\doc
Value : a = C:\Documents and Settings\Rachel\My Documents\RachelMilnerResume.doc
Parsed : c:\documents and settings\rachel\my documents\rachelmilnerresume.doc
DEEP - 957
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\doc
Value : b = C:\Documents and Settings\Rachel\My Documents\coverletter.doc
Parsed : c:\documents and settings\rachel\my documents\coverletter.doc
DEEP - 958
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\doc
Value : d = C:\Documents and Settings\Rachel\My Documents\jo letter.doc
Parsed : c:\documents and settings\rachel\my documents\jo letter.doc
DEEP - 959
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\doc
Value : e = C:\Documents and Settings\Rachel\My Documents\Jo Resume.doc
Parsed : c:\documents and settings\rachel\my documents\jo resume.doc
DEEP - 960
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe
Value : b = C:\Documents and Settings\Rachel\My Documents\ComboFix1.exe
Parsed : c:\documents and settings\rachel\my documents\combofix1.exe
DEEP - 961
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe
Value : c = C:\Documents and Settings\Rachel\Desktop\SDFix.exe
Parsed : c:\documents and settings\rachel\desktop\sdfix.exe
DEEP - 962
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe
Value : j = C:\Documents and Settings\Rachel\My Documents\My Pictures\AV2009Install_77052209.exe
Parsed : c:\documents and settings\rachel\my documents\my pictures\av2009install_77052209.exe
DEEP - 963
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\gif
Value : a = C:\Documents and Settings\Rachel\My Documents\My Pictures\i108827157_10404.gif
Parsed : c:\documents and settings\rachel\my documents\my pictures\i108827157_10404.gif
DEEP - 964
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\gif
Value : b = C:\Documents and Settings\Rachel\My Documents\My Pictures\dudegraphic146.gif
Parsed : c:\documents and settings\rachel\my documents\my pictures\dudegraphic146.gif
DEEP - 965
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\gif
Value : c = C:\Documents and Settings\Rachel\My Documents\My Pictures\dudegraphic58.gif
Parsed : c:\documents and settings\rachel\my documents\my pictures\dudegraphic58.gif
DEEP - 966
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\gif
Value : d = C:\Documents and Settings\Rachel\My Documents\My Pictures\igotgame-2.gif
Parsed : c:\documents and settings\rachel\my documents\my pictures\igotgame-2.gif
DEEP - 967
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\htm
Value : a = C:\Documents and Settings\Rachel\My Documents\Create Resume - External App.htm
Parsed : c:\documents and settings\rachel\my documents\create resume
DEEP - 968
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\jpg
Value : b = C:\Documents and Settings\Rachel\My Documents\noah6.jpg
Parsed : c:\documents and settings\rachel\my documents\noah6.jpg
DEEP - 969
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\jpg
Value : e = C:\Documents and Settings\Rachel\My Documents\noah4.jpg
Parsed : c:\documents and settings\rachel\my documents\noah4.jpg
DEEP - 970
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\jpg
Value : g = C:\Documents and Settings\Rachel\My Documents\noah7.jpg
Parsed : c:\documents and settings\rachel\my documents\noah7.jpg
DEEP - 971
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\lnk
Value : a = C:\Documents and Settings\Rachel\Recent\CD Drive.lnk
Parsed : c:\documents and settings\rachel\recent\cd drive.lnk
DEEP - 972
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\lnk
Value : c = C:\Documents and Settings\KIDS\My Documents\My Pictures\Sample Pictures.lnk
Parsed : c:\documents and settings\kids\my documents\my pictures\sample pictures.lnk
DEEP - 973
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\mp3
Value : h = C:\Documents and Settings\Rachel\My Documents\LimeWire\Saved\m. ward - greatest hits.mp3
Parsed : c:\documents and settings\rachel\my documents\limewire\saved\m. ward
DEEP - 974
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\SONIC
Value : a = C:\Documents and Settings\Rachel\My Documents\budda.SONIC
Parsed : c:\documents and settings\rachel\my documents\budda.sonic
DEEP - 975
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\txt
Value : a = C:\Documents and Settings\Rachel\Desktop\CFScript.txt
Parsed : c:\documents and settings\rachel\desktop\cfscript.txt
DEEP - 976
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\wpd
Value : a = C:\Documents and Settings\Rachel\My Documents\malikandshilohinvite.wpd
Parsed : c:\documents and settings\rachel\my documents\malikandshilohinvite.wpd
DEEP - 977
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\wpd
Value : b = C:\Documents and Settings\Rachel\My Documents\RESUME.wpd
Parsed : c:\documents and settings\rachel\my documents\resume.wpd
DEEP - 978
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\wpg
Value : a = C:\Documents and Settings\Rachel\My Documents\My Pictures\occ-1001-03,02.wpg
Parsed : c:\documents and settings\rachel\my documents\my pictures\occ-1001-03
DEEP - 979
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\wpg
Value : b = C:\Documents and Settings\Rachel\My Documents\My Pictures\PUMPKIN.wpg
Parsed : c:\documents and settings\rachel\my documents\my pictures\pumpkin.wpg
DEEP - 980
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\wpg
Value : c = C:\Documents and Settings\Rachel\My Documents\My Pictures\BORDER.wpg
Parsed : c:\documents and settings\rachel\my documents\my pictures\border.wpg
DEEP - 981
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PublishingWizard\PublishingWizard\Providers\Yahoo!
Value : IconPath = C:\Progra~1\Intern~1\Signup\Yahoo\ybrief.ico
Parsed : c:\progra~1\intern~1\signup\yahoo\ybrief.ico
DEEP - 982
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Value : i = "C:\Documents and Settings\Rachel\Recent\CD Drive.lnk"\1
Parsed : c:\documents and settings\rachel\recent\cd drive.lnk
DEEP - 983
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\32788R22FWJFW\nircmd.com = NirCmd
Parsed : c:\32788r22fwjfw\nircmd.com
DEEP - 984
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\32788R22FWJFW\hidec.exe = hidec
Parsed : c:\32788r22fwjfw\hidec.exe
DEEP - 985
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\32788R22FWJFW\NirCmd.cfexe = NirCmd
Parsed : c:\32788r22fwjfw\nircmd.cfexe
DEEP - 986
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\WINDOWS\system32\CF29384.exe = Windows Command Processor
Parsed : c:\windows\system32\cf29384.exe
DEEP - 987
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\ComboFix\nircmd.com = NirCmd
Parsed : c:\combofix\nircmd.com
DEEP - 988
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\ComboFix\ERUNT.cfexe = ERUNT
Parsed : c:\combofix\erunt.cfexe
DEEP - 989
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\ComboFix\NirCmd.cfexe = NirCmd
Parsed : c:\combofix\nircmd.cfexe
DEEP - 990
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\WINDOWS\system32\CF5962.exe = Windows Command Processor
Parsed : c:\windows\system32\cf5962.exe
DEEP - 991
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DOCUME~1\Rachel\LOCALS~1\temp\Wise~tmp.exe = Rhapsody
Parsed : c:\docume~1\rachel\locals~1\temp\wise~tmp.exe
DEEP - 992
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DOCUME~1\Rachel\LOCALS~1\Temp\GLB7.tmp = Rhapsody
Parsed : c:\docume~1\rachel\locals~1\temp\glb7.tmp
DEEP - 993
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DOCUME~1\Rachel\LOCALS~1\temp\Rhapsody\rhaphlpr.exe = Rhapsody Helper
Parsed : c:\docume~1\rachel\locals~1\temp\rhapsody\rhaphlpr.exe
DEEP - 994
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Documents and Settings\Rachel\Application Data\Real\Rhapsody\~Upg0\WMFSDK11\WMFDist11-WindowsXP-X86-ENU.exe = Windows Media Component Setup Application
Parsed : c:\documents and settings\rachel\application data\real\rhapsody\~upg0\wmfsdk11\wmfdist11-windowsxp-x86-enu.exe
DEEP - 995
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\Documents and Settings\Rachel\Application Data\Real\Rhapsody\~Upg0\WMFSDK11\windowsmedia11-kb929399-v2-x86-intl.exe = Hotfix Package
Parsed : c:\documents and settings\rachel\application data\real\rhapsody\~upg0\wmfsdk11\windowsmedia11-kb929399-v2-x86-intl.exe
DEEP - 996
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : c:\88f9fec2ae66886729\update\update.exe = Windows Service Pack Setup
Parsed : c:\88f9fec2ae66886729\update\update.exe
DEEP - 997
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\WINDOWS\system32\CF15153.exe = Windows Command Processor
Parsed : c:\windows\system32\cf15153.exe
DEEP - 998
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\ComboFix\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe = Win32 Cabinet Self-Extractor
Parsed : c:\combofix\windowsxp-kb310994-sp2-home-bootdisk-enu.exe
DEEP - 999
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DOCUME~1\Rachel\LOCALS~1\Temp\is-BBGN1.tmp\rminstall[1].tmp = Setup/Uninstall
Parsed : c:\docume~1\rachel\locals~1\temp\is-bbgn1.tmp\rminstall[1].tmp
DEEP - 1000
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
Value : C:\DOCUME~1\Rachel\LOCALS~1\Temp\is-7HETK.tmp\rminstall[1].tmp = Setup/Uninstall
Parsed : c:\docume~1\rachel\locals~1\temp\is-7hetk.tmp\rminstall[1].tmp

Response Number 18

Name: haze077
Date: November 19, 2008 at 22:10:51 Pacific

Reply:

DEEP - 1001
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\User Trusted External Applications
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe = Yes
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1002
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\User Trusted External Applications
Value : C:\Program Files\Musicmatch\Musicmatch Jukebox\mmfwlaunch.exe = Yes
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmfwlaunch.exe
DEEP - 1003
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\User Trusted External Applications
Value : C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\PrvCnt.exe = Yes
Parsed : c:\program files\kodak\kodak software updater\7288971\6.3.2.62-7288971l\program\prvcnt.exe
DEEP - 1004
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers
Value : audio/wav = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1005
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers
Value : audio/x-scpls = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1006
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers
Value : application/x-mmjb-mmo = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1007
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers
Value : application/x-mmjb-mmjb = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1008
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe" /AudioCD
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1009
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers
Value : application/x-mmjb-bpp = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmfwlaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmfwlaunch.exe
DEEP - 1010
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers
Value : application/x-bwpreview = C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\PrvCnt.exe
Parsed : c:\program files\kodak\kodak software updater\7288971\6.3.2.62-7288971l\program\prvcnt.exe
DEEP - 1011
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers.BAK
Value : audio/x-ms-wma = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjb.exe
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjb.exe
DEEP - 1012
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers.BAK
Value : audio/mpeg = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjb.exe
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjb.exe
DEEP - 1013
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers.BAK
Value : audio/x-mpegurl = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjb.exe
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjb.exe
DEEP - 1014
Location: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers.BAK
Value : audio/wav = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1015
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference
Value : ProjectSavePath = C:\Documents and Settings\Rachel\My Documents\jo music.SONIC
Parsed : c:\documents and settings\rachel\my documents\jo music.sonic
DEEP - 1016
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 01 = C:\Documents and Settings\Rachel\My Documents\cd1.SONIC
Parsed : c:\documents and settings\rachel\my documents\cd1.sonic
DEEP - 1017
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 02 = C:\Documents and Settings\Rachel\My Documents\mixedcd.SONIC
Parsed : c:\documents and settings\rachel\my documents\mixedcd.sonic
DEEP - 1018
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 03 = C:\Documents and Settings\Rachel\My Documents\slowjams3.SONIC
Parsed : c:\documents and settings\rachel\my documents\slowjams3.sonic
DEEP - 1019
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 04 = C:\Documents and Settings\Rachel\My Documents\jo music.SONIC
Parsed : c:\documents and settings\rachel\my documents\jo music.sonic
DEEP - 1020
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 05 = C:\Documents and Settings\Rachel\My Documents\MyProject.sonic
Parsed : c:\documents and settings\rachel\my documents\myproject.sonic
DEEP - 1021
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 06 = C:\Documents and Settings\Rachel\My Documents\jo rock 2.SONIC
Parsed : c:\documents and settings\rachel\my documents\jo rock 2.sonic
DEEP - 1022
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 07 = C:\Documents and Settings\Rachel\My Documents\jo rock.SONIC
Parsed : c:\documents and settings\rachel\my documents\jo rock.sonic
DEEP - 1023
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 08 = C:\Documents and Settings\Rachel\My Documents\jrachel.SONIC
Parsed : c:\documents and settings\rachel\my documents\jrachel.sonic
DEEP - 1024
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 09 = C:\Documents and Settings\Rachel\My Documents\jo cd.SONIC
Parsed : c:\documents and settings\rachel\my documents\jo cd.sonic
DEEP - 1025
Location: HKEY_CURRENT_USER\Software\Sonic\MediaHub\Preference\Recent
Value : 10 = C:\Documents and Settings\Rachel\My Documents\the soundtrack.SONIC
Parsed : c:\documents and settings\rachel\my documents\the soundtrack.sonic
DEEP - 1026
Location: HKEY_LOCAL_MACHINE\SOFTWARE\America Online\Common\WanAtw
Value : 0 = C:\Program Files\America Online 9.0
Parsed : c:\program files\america online 9.0
DEEP - 1027
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\JavaVM\MSJavaVM\InstallInfo
Value : VerifyFile = %systemroot%\system32\msjava.dll
Parsed : c:\windows\system32\msjava.dll
DEEP - 1028
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\MUSICMATCH Jukebox
Value : LocalizedString = @C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjbloc.dll, -8305
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjbloc.dll
DEEP - 1029
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\MUSICMATCH Jukebox\DefaultIcon
Value : (default) = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,1
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1030
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\MUSICMATCH Jukebox\InstallInfo
Value : HideIconsCommand = "C:\Program Files\Musicmatch\Musicmatch Jukebox\refreshicon.exe" /h
Parsed : c:\program files\musicmatch\musicmatch jukebox\refreshicon.exe
DEEP - 1031
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\MUSICMATCH Jukebox\InstallInfo
Value : ShowIconsCommand = "C:\Program Files\Musicmatch\Musicmatch Jukebox\refreshicon.exe" /s
Parsed : c:\program files\musicmatch\musicmatch jukebox\refreshicon.exe
DEEP - 1032
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\MUSICMATCH Jukebox\InstallInfo
Value : ReinstallCommand = "C:\Program Files\Musicmatch\Musicmatch Jukebox\refreshicon.exe" /i
Parsed : c:\program files\musicmatch\musicmatch jukebox\refreshicon.exe
DEEP - 1033
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\MUSICMATCH Jukebox\shell\open\command
Value : (default) = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe""%1"
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1034
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Dell\America Online 9.0
Value : ProductPath = c:\program files\America Online 9.0\aol.exe
Parsed : c:\program files\america online 9.0\aol.exe
DEEP - 1035
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Dell\America Online 9.0
Value : IconPath = c:\Windows\System32\OOBE\Images\AOLFINI.jpg
Parsed : c:\windows\system32\oobe\images\aolfini.jpg
DEEP - 1036
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Dell\MMJBPLUS
Value : ProductPath = c:\program files\MusicMatch\Musicmatch Jukebox\mmjb.exe
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjb.exe
DEEP - 1037
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Dell\MMJBPLUS
Value : IconPath = c:\program files\MusicMatch\MMJB.jpg
Parsed : c:\program files\musicmatch\mmjb.jpg
DEEP - 1038
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Dell\RadioMX
Value : ProductPath = c:\program files\MusicMatch\Musicmatch Jukebox\mmjb.exe
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjb.exe
DEEP - 1039
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Dell\RadioMX
Value : IconPath = c:\program files\MusicMatch\MMJB.jpg
Parsed : c:\program files\musicmatch\mmjb.jpg
DEEP - 1040
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Google\Google Toolbar\Brokers\CLSID
Value : {44295CB8-D71B-11DA-8750-001185653D78} = c:\program files\google\googletoolbar3.dll
Parsed : c:\program files\google\googletoolbar3.dll
DEEP - 1041
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Google\Google Toolbar\Brokers\Interface
Value : {45295CB8-D71B-11DA-8750-001185653D78} = c:\program files\google\googletoolbar3.dll
Parsed : c:\program files\google\googletoolbar3.dll
DEEP - 1042
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Google\Google Toolbar\Brokers\TypeLib
Value : {46295CB8-D71B-11DA-8750-001185653D78} = c:\program files\google\googletoolbar3.dll
Parsed : c:\program files\google\googletoolbar3.dll
DEEP - 1043
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Google\NavClient\Obsolete
Value : c:\program files\google\googletoolbar1.dll = c:\program files\google\googletoolbar1.dll
Parsed : c:\program files\google\googletoolbar1.dll
DEEP - 1044
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Intel\PROSetWired\NCS
Value : CD_Source = C:\DELL\J6831\
Parsed : c:\dell\j6831
DEEP - 1045
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Intel\PROSetWired\NCS\ANS
Value : CD_Source = C:\DELL\J6831\
Parsed : c:\dell\j6831
DEEP - 1046
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Intel\PROSetWired\NCS\PROSet\PROComps\{9E405FDB-1820-459D-8631-EDCFFFF5357F}\DiagnosticsLogInformation
Value : FilePath = C:\Program Files\Intel\PROSetWired\NCS\PROSet\8023\DiagLog.Log
Parsed : c:\program files\intel\prosetwired\ncs\proset\8023\diaglog.log
DEEP - 1047
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Jasc\Paint Shop Photo Album 5 Dell Edition\5.0\Install
Value : TrialPage = C:\Program Files\Jasc Software Inc\Paint Shop Photo Album 5\system\order.html
Parsed : c:\program files\jasc software inc\paint shop photo album 5\system\order.html
DEEP - 1048
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Jasc\Paint Shop Photo Album 5 Dell Edition\5.0\Install
Value : QuickTourDir = C:\Program Files\Jasc Software Inc\Paint Shop Photo Album 5\ProductTour
Parsed : c:\program files\jasc software inc\paint shop photo album 5\producttour
DEEP - 1049
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Magnet\Handlers\Bearshare
Value : DefaultIcon = "C:\Program Files\BearShare\BearShare.exe",-130
Parsed : c:\program files\bearshare\bearshare.exe
DEEP - 1050
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Magnet\Handlers\Bearshare
Value : ShellExecute = "C:\Program Files\BearShare\BearShare.exe" -noinstcheck -spawnedfromurl %1
Parsed : c:\program files\bearshare\bearshare.exe
DEEP - 1051
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup
Value : JITSetupPage = file://%SystemRoot%\web\iejit.htm
Parsed : c:\windows\web\iejit.htm
DEEP - 1052
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6FDD5236-C9F0-49ef-935D-385F5E21991A}
Value : HotIcon = C:\Program Files\Poker.com\poker.dll,101
Parsed : c:\program files\poker.com\poker.dll
DEEP - 1053
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6FDD5236-C9F0-49ef-935D-385F5E21991A}
Value : Icon = C:\Program Files\Poker.com\poker.dll,102
Parsed : c:\program files\poker.com\poker.dll
DEEP - 1054
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6FDD5236-C9F0-49ef-935D-385F5E21991A}
Value : Exec = C:\Program Files\Poker.com\poker.exe
Parsed : c:\program files\poker.com\poker.exe
DEEP - 1055
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer
Value : MetadataTemplatesDir = C:\Program Files\Windows Media Player\Templates
Parsed : c:\program files\windows media player\templates
DEEP - 1056
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Groups\Video\DVR-MS
Value : RequiredFile = C:\WINDOWS\system32\enable.dvd
Parsed : c:\windows\system32\enable.dvd
DEEP - 1057
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Groups\Video\DVD
Value : RequiredFile = C:\WINDOWS\system32\enable.dvd
Parsed : c:\windows\system32\enable.dvd
DEEP - 1058
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Groups\Video\DVR-MS
Value : RequiredFile = C:\WINDOWS\system32\enable.dvd
Parsed : c:\windows\system32\enable.dvd
DEEP - 1059
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\DeluxeCD\Providers\Provider0000
Value : ProviderLogo = %SystemRoot%\System32\tunes.bmp
Parsed : c:\windows\system32\tunes.bmp
DEEP - 1060
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\DeluxeCD\Providers\Provider0001
Value : ProviderLogo = %SystemRoot%\System32\n2k.bmp
Parsed : c:\windows\system32\n2k.bmp
DEEP - 1061
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2
Value : %SystemRoot%\system32\sticpl.cpl = 00000002
Parsed : c:\windows\system32\sticpl.cpl
DEEP - 1062
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MMJBPlayCDAudioOnArrival
Value : DefaultIcon = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,0
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1063
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MMJBPlayMediaOnArrival
Value : DefaultIcon = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjblaunch.exe,0
Parsed : c:\program files\musicmatch\musicmatch jukebox\mmjblaunch.exe
DEEP - 1064
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DocFolderPaths
Value : Owner = C:\Documents and Settings\Owner\My Documents
Parsed : c:\documents and settings\owner\my documents
DEEP - 1065
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WebView\TemplateMacros\BACKGROUNDIMAGE
Value : (default) = %SystemRoot%\Web\wvleft.bmp
Parsed : c:\windows\web\wvleft.bmp
DEEP - 1066
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WebView\TemplateMacros\LOGOLINE
Value : (default) = %SystemRoot%\Web\wvline.gif
Parsed : c:\windows\web\wvline.gif
DEEP - 1067
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225F1372AE269C3479A5EC7239B96615
Value : C725F9608B16A36418771226C4727F61 = C:\DOCUME~1\Owner\LOCALS~1\Temp\
Parsed : c:\docume~1\owner\locals~1\temp
DEEP - 1068
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DEE68F0FC3313E4CAD8E4C3EBCBEC40
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2text.dll
DEEP - 1069
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50BBD0A1CB1FD3648A16157120DF2829
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2tnef.dll
DEEP - 1070
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50E357748DE0DD840851872431DDB49B
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2rtf.dll
DEEP - 1071
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53DE6260589A37946977BC82BB681915
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\ccL35.dll
Parsed : c:\program files\common files\symantec shared\ccl35.dll
DEEP - 1072
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C8EE70DEF2AB5F40B2D9A03B9304AF9
Value : AA098A591B3B6B44C9818A7FBAE37ECF = C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\de.lproj\QuickTimeLocalized.dll
Parsed : c:\program files\quicktime\qtsystem\quicktime.resources\de.lproj\quicktimelocalized.dll
DEEP - 1073
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60434BE1B38A51D46826A26C0D4B5B71
Value : FF26F08EC3D591A4489079122F292860 = C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\LuRegManifests\LuMui.lrm
Parsed : c:\documents and settings\all users\application data\symantec\liveupdate\luregmanifests\lumui.lrm
DEEP - 1074
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6925106EE9D0AF740BCCD43F8907862F
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2tar.dll
DEEP - 1075
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B8760239075CDA43837B6E980B8E590
Value : DF5E4AFA07DE29D4990D61F25DD69C68 = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Parsed : c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
DEEP - 1076
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EEA3CF07EBD65C48A3FE380BC2FF61E
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2lz.dll
DEEP - 1077
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A49D32BE8B456A4082564C1A24C6D03
Value : ACCE4E7AE8A48524E88CD2CC5F1B3102 = C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller\
Parsed : c:\documents and settings\all users\application data\windowsliveinstaller
DEEP - 1078
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\91F31ECC41B96D243A45422551C96C23
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2zip.dll
DEEP - 1079
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\956B95676BE85A84DA3C38A66DE87EF4
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2rar.dll
DEEP - 1080
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AD75C6970AA8CF4089B95C6DC849917
Value : DDE7F2BCF1D91C3409CFF425AE1E271A = C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp
Parsed : c:\windows\microsoft.net\framework\v1.1.4322\updates\m886903\m886903uninstall.msp
DEEP - 1081
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8DC89FAF3F52B3448C6E06B118C405E
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2amg.dll
DEEP - 1082
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE842139D531885469A1CDC35A26B1F4
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll
Parsed : c:\program files\common files\symantec shared\decomposers\decsdk.dll
DEEP - 1083
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B40BC6C649F2F7C4687C4B3131C6A7D3
Value : 7D449D87B79A4004BAA05BDA60389904 = C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
Parsed : c:\program files\mywaysa\srchasde\desrcas.dll
DEEP - 1084
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4A229A3D0B04D1159F1000CF41B67A0
Value : 192F91FAF22F89746926253550EAE984 = C:\DOCUME~1\Owner\LOCALS~1\Temp\
Parsed : c:\docume~1\owner\locals~1\temp
DEEP - 1085
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB26CE3D008E2FA499FDEE6A7A5B9335
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2cab.dll
DEEP - 1086
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BE6AEA47C44CE854791235345CE87CE6
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2lha.dll
DEEP - 1087
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C14F730BB123BF148A79DCB8A3F78B05
Value : C725F9608B16A36418771226C4727F61 = C:\DOCUME~1\Owner\LOCALS~1\Temp\
Parsed : c:\docume~1\owner\locals~1\temp
DEEP - 1088
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C1AC78A74A3296B4BA739BA5E5766344
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2ss.dll
DEEP - 1089
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C1D015D543A678D4088D751CA77430A5
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2arj.dll
DEEP - 1090
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D1D90BD1E2AB8AC40A3DC6FC6302C737
Value : 00000000000000000000000000000000 = C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
Parsed : c:\documents and settings\all users\application data\microsoft\identitycrl\ppcrlconfig.dll
DEEP - 1091
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2EEB513BDC48C443B0FFC4606A08DFF
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2id.dll
DEEP - 1092
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D7863D51280E55349C5BC5E1E944E912
Value : 3C013253B64E3D24F8234527F1DD279D = C:\Documents and Settings\All Users\Desktop\NetZero - First Month Free!.exe
Parsed : c:\documents and settings\all users\desktop\netzero
DEEP - 1093
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DE6692E1170B7234EB5CFD71486A1C3F
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2gzip.dll
DEEP - 1094
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F42B98E5315CA254F98CB0E739C7CEA1
Value : 00000000000000000000000000000000 = C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll
Parsed : c:\program files\common files\symantec shared\decomposers\dec2.dll
DEEP - 1095
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E23E40C6140D434FA9B96967D309AFE\InstallProperties
Value : InstallSource = c:\52831b6b85eb42f3a68a66\
Parsed : c:\52831b6b85eb42f3a68a66
DEEP - 1096
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0EA0DB261BE4BBB4F8346B04C0F8BEC2\InstallProperties
Value : InstallSource = C:\dell\KC999\
Parsed : c:\dell\kc999
DEEP - 1097
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\164AFE3E38BEB3C4C974C2D1850A5155\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\HelpMSI\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\helpmsi
DEEP - 1098
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\295FE304B3594974CBFECEBA38C50259\InstallProperties
Value : InstallSource = C:\DELL\J6831\
Parsed : c:\dell\j6831
DEEP - 1099
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\29FE602138E29584CABC02843CBCD76A\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pftB26.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pftb26.tmp
DEEP - 1100
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\41858184422AA74418AD17DB0285E0B1\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Setup\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\setup
DEEP - 1101
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4F56621B39E44BA47BCF7350B3256492\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pftE5F.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pfte5f.tmp
DEEP - 1102
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\55716C7B84BD300449F8D343BDE8FA96\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\Redist\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\redist
DEEP - 1103
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B3B5BFE082A52E4EBC136E4FE3EC2B1\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\AppCore\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\appcore
DEEP - 1104
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5F374570A648B844CB3B01A41A672050\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pft498.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pft498.tmp
DEEP - 1105
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61DC2AA5F6073f14785CB2A530F1B2B3\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Setup\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\setup
DEEP - 1106
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7D52C05A9E261154DA07E8D25A7EB9D7\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\IXP224.TMP\
Parsed : c:\docume~1\rachel\locals~1\temp\ixp224.tmp
DEEP - 1107
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\87627777F71810443910DED1108AAD65\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\SPBBC\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\spbbc
DEEP - 1108
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410203\InstallProperties
Value : InstallSource = C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\
Parsed : c:\documents and settings\owner\local settings\application data\{7148f0a6-6813-11d6-a77b-00b0d0142030}
DEEP - 1109
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9399EE5EF9522ED40832C5941EA6F434\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\NAV\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\nav
DEEP - 1110
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9F2FDFE0D6387BE43AD230B83D1FBFA2\InstallProperties
Value : InstallSource = C:\WINDOWS\TEMP\IXP000.TMP\
Parsed : c:\windows\temp\ixp000.tmp

Response Number 19

Name: haze077
Date: November 19, 2008 at 22:11:39 Pacific

Reply:

DEEP - 1111
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ACCE4E7AE8A48524E88CD2CC5F1B3102\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\{E3698C96-9B44-4CE3-B293-AB30C437428E}\
Parsed : c:\docume~1\rachel\locals~1\temp\{e3698c96-9b44-4ce3-b293-ab30c437428e}
DEEP - 1112
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\7zS48.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\7zs48.tmp
DEEP - 1113
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B9C807BA8C799CA498B9BD2F62CA3928\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\pft551.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\pft551.tmp
DEEP - 1114
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CBA921A9A35A90242AE15DEDFD7BCC8A\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\uiNPC\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\uinpc
DEEP - 1115
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CD8DF0942EA5CB14DAB6D9FC8C816B90\InstallProperties
Value : InstallSource = C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\Updt855\
Parsed : c:\docume~1\alluse~1\applic~1\symantec\liveup~1\downlo~1\updt855
DEEP - 1116
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CEDE6ED08BD6FB9498773A98D2FCD93A\InstallProperties
Value : InstallSource = C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\Updt806\
Parsed : c:\docume~1\alluse~1\applic~1\symantec\liveup~1\downlo~1\updt806
DEEP - 1117
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D6461317C3DC4F04799BDCE9E42626FE\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\IS87B.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\is87b.tmp
DEEP - 1118
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D9BD4ABD15EE44944A9189BAF121948C\InstallProperties
Value : InstallSource = C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\Updt145\
Parsed : c:\docume~1\alluse~1\applic~1\symantec\liveup~1\downlo~1\updt145
DEEP - 1119
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DBC8D038866C2e949A962C2C0136230E\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\NAV\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\nav
DEEP - 1120
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217\InstallProperties
Value : InstallSource = c:\19d6caf6598c1c180c43\
Parsed : c:\19d6caf6598c1c180c43
DEEP - 1121
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDE7F2BCF1D91C3409CFF425AE1E271A\InstallProperties
Value : InstallSource = C:\DOCUME~1\Owner\LOCALS~1\Temp\IXP000.TMP\
Parsed : c:\docume~1\owner\locals~1\temp\ixp000.tmp
DEEP - 1122
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F525BD4F689A94249BB8248A602615AC\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\AV\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\av
DEEP - 1123
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F6E5AFE77F47BFA4A8AEAA97B03D7AD6\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\gac1137.tmp.dir\Release_01_3062\
Parsed : c:\docume~1\rachel\locals~1\temp\gac1137.tmp.dir\release_01_3062
DEEP - 1124
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FE2DACC32FFC736428AAAAFB7320283D\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\SOSNSO_Y10.2\Support\ccCommon\
Parsed : c:\docume~1\rachel\locals~1\temp\sosnso_y10.2\support\cccommon
DEEP - 1125
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FF26F08EC3D591A4489079122F292860\InstallProperties
Value : InstallSource = C:\DOCUME~1\Rachel\LOCALS~1\Temp\7zS1A.tmp\
Parsed : c:\docume~1\rachel\locals~1\temp\7zs1a.tmp
DEEP - 1126
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-816694058-943382858-1426949272-1006\Components\225FC5D4BDB0C57489E7F551CC1D0133
Value : F60730A4A3057304AAD2F5728467D401 = C:\DOCUME~1\Rachel\LOCALS~1\Temp\gtb2k1033.exe
Parsed : c:\docume~1\rachel\locals~1\temp\gtb2k1033.exe
DEEP - 1127
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
Value : Directory = %SystemRoot%\History
Parsed : c:\windows\history
DEEP - 1128
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
Value : ServicePackCachePath = c:\windows\ServicePackFiles\ServicePackCache
Parsed : c:\windows\servicepackfiles\servicepackcache
DEEP - 1129
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SMDEn
Value : OEM0 = %ALLUSERSPROFILE%\Desktop\Dell Jukebox by MusicMatch.lnk
Parsed : c:\documents and settings\all users\desktop\dell jukebox by musicmatch.lnk
DEEP - 1130
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\Sus
Value : CurrentCacheFile = C:\WINDOWS\SoftwareDistribution\EventCache\{6DB79DE3-F650-41E1-82A5-990E40EB8A38}.bin
Parsed : c:\windows\softwaredistribution\eventcache\{6db79de3-f650-41e1-82a5-990e40eb8a38}.bin
DEEP - 1131
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\WU
Value : CurrentCacheFile = C:\WINDOWS\SoftwareDistribution\EventCache\{88C99D0F-B8F4-4D88-A8D3-89A0D9A74482}.bin
Parsed : c:\windows\softwaredistribution\eventcache\{88c99d0f-b8f4-4d88-a8d3-89a0d9a74482}.bin
DEEP - 1132
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager
Value : Log.Filename = C:\WINDOWS\system32\Wmdm.log
Parsed : c:\windows\system32\wmdm.log
DEEP - 1133
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Asr\Commands
Value : ASR format utility for volumes = %SystemRoot%\system32\asr_fmt.exe /backup
Parsed : c:\windows\system32\asr_fmt.exe
DEEP - 1134
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Asr\Commands
Value : ASR protected file utility = %SystemRoot%\system32\asr_pfu.exe /backup
Parsed : c:\windows\system32\asr_pfu.exe
DEEP - 1135
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Asr\Commands
Value : ASR utility for Logical Disk Manager = %SystemRoot%\system32\asr_ldm.exe /backup
Parsed : c:\windows\system32\asr_ldm.exe
DEEP - 1136
Location: HKEY_LOCAL_MACHINE\SOFTWARE\MyWaySA\SearchAssistantDE
Value : Dir = C:\Program Files\MyWaySA\SrchAsDe\
Parsed : c:\program files\mywaysa\srchasde
DEEP - 1137
Location: HKEY_LOCAL_MACHINE\SOFTWARE\SupportSoft\ProviderList\DellSupportCenter\users\SYSTEM\JobCache
Value : C:\Documents and Settings\All Users\Application Data\SupportSoft\dellsupportcenter\SYSTEM\data\sprt_job\19035178-fb21-4d9b-b165-de73503d728f.9\{19035178-fb21-4d9b-b165-de73503d728f}.jdn = d06e5c3d
Parsed : c:\documents and settings\all users\application data\supportsoft\dellsupportcenter\system\data\sprt_job\19035178-fb21-4d9b-b165-de73503d728f.9\{19035178-fb21-4d9b-b165-de73503d728f}.jdn
DEEP - 1138
Location: HKEY_LOCAL_MACHINE\SOFTWARE\SupportSoft\ProviderList\DellSupportCenter\users\SYSTEM\JobCache
Value : C:\Documents and Settings\All Users\Application Data\SupportSoft\dellsupportcenter\SYSTEM\data\sprt_job\29448dc2-9322-4499-b6e8-af732be0ddd1.3\{29448dc2-9322-4499-b6e8-af732be0ddd1}.jdn = 0cba63b7
Parsed : c:\documents and settings\all users\application data\supportsoft\dellsupportcenter\system\data\sprt_job\29448dc2-9322-4499-b6e8-af732be0ddd1.3\{29448dc2-9322-4499-b6e8-af732be0ddd1}.jdn
DEEP - 1139
Location: HKEY_LOCAL_MACHINE\SOFTWARE\SupportSoft\ProviderList\DellSupportCenter\users\SYSTEM\JobCache
Value : C:\Documents and Settings\All Users\Application Data\SupportSoft\dellsupportcenter\SYSTEM\data\sprt_job\415ba785-a12a-4346-93b7-5536215fe53e.2\{415ba785-a12a-4346-93b7-5536215fe53e}.jdn = fb09702e
Parsed : c:\documents and settings\all users\application data\supportsoft\dellsupportcenter\system\data\sprt_job\415ba785-a12a-4346-93b7-5536215fe53e.2\{415ba785-a12a-4346-93b7-5536215fe53e}.jdn
DEEP - 1140
Location: HKEY_LOCAL_MACHINE\SOFTWARE\SupportSoft\ProviderList\DellSupportCenter\users\SYSTEM\JobCache
Value : C:\Documents and Settings\All Users\Application Data\SupportSoft\dellsupportcenter\SYSTEM\data\sprt_job\81cde678-1b27-4763-9e22-49d8065c6453.4\{81cde678-1b27-4763-9e22-49d8065c6453}.jdn = da6edb27
Parsed : c:\documents and settings\all users\application data\supportsoft\dellsupportcenter\system\data\sprt_job\81cde678-1b27-4763-9e22-49d8065c6453.4\{81cde678-1b27-4763-9e22-49d8065c6453}.jdn
DEEP - 1141
Location: HKEY_LOCAL_MACHINE\SOFTWARE\SupportSoft\ProviderList\DellSupportCenter\users\SYSTEM\JobCache
Value : C:\Documents and Settings\All Users\Application Data\SupportSoft\dellsupportcenter\SYSTEM\data\sprt_job\daa16f47-4cee-4a76-bb2a-c137990edfde.2\{daa16f47-4cee-4a76-bb2a-c137990edfde}.jdn = 1dd5e484
Parsed : c:\documents and settings\all users\application data\supportsoft\dellsupportcenter\system\data\sprt_job\daa16f47-4cee-4a76-bb2a-c137990edfde.2\{daa16f47-4cee-4a76-bb2a-c137990edfde}.jdn
DEEP - 1142
Location: HKEY_LOCAL_MACHINE\SOFTWARE\SupportSoft\ProviderList\DellSupportCenter\users\SYSTEM\JobCache
Value : C:\Documents and Settings\All Users\Application Data\SupportSoft\dellsupportcenter\SYSTEM\data\sprt_job\e36daa33-d3ed-4f98-b8f0-d637e37abf9b.2\{e36daa33-d3ed-4f98-b8f0-d637e37abf9b}.jdn = d0667641
Parsed : c:\documents and settings\all users\application data\supportsoft\dellsupportcenter\system\data\sprt_job\e36daa33-d3ed-4f98-b8f0-d637e37abf9b.2\{e36daa33-d3ed-4f98-b8f0-d637e37abf9b}.jdn
DEEP - 1143
Location: HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\Uninstaller\Yahoo! Companion
Value : Full_Path = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Parsed : c:\program files\yahoo!\companion\installs\cpn\yt.dll
-------------
Version 8.0.0.900
-------------

End of Scan
11/19/2008 11:40:44 PM

Your System Information :
MEMORY FREE: 209368
MEMORY TOTAL: 653296
VIRTUAL FREE: 1987280
VIRTUAL TOTAL: 2097024

Response Number 20

Name: jabuck
Date: November 20, 2008 at 03:31:05 Pacific

Reply:

Please post the requested new Combofix log.
Run an online scan with Kaspersky from the following link:
Kaspersky Online Scanner
Note: If you have used this particular scanner before, you MAY HAVE TO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component
1. Click Accept, when prompted to download and install the program files and database of malware definitions.
2. Click Run at the Security prompt.
The program will then begin downloading and installing and will also update the database.
Please be patient as this can take several minutes.
3.Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
4. Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
5. Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
6. Click View scan report at the bottom.
7. Click the Save Report As... button.
8. Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.
**Note**
To optimize scanning time and produce a more sensible report for review:
Close any open programs.
Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

Response Number 21

Name: haze077
Date: November 20, 2008 at 05:06:45 Pacific

Reply:

ComboFix 08-11-18.A2 - Rachel 2008-11-19 22:56:34.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.316 [GMT -6:00]
Running from: c:\documents and settings\Rachel\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Rachel\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\sqmdata00.sqm
C:\sqmdata01.sqm
C:\sqmdata02.sqm
C:\sqmdata03.sqm
C:\sqmdata04.sqm
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt00.sqm
C:\sqmnoopt01.sqm
C:\sqmnoopt02.sqm
C:\sqmnoopt03.sqm
C:\sqmnoopt04.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
c:\windows\system32\Drivers\Winot73.sys
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\sqmdata00.sqm
C:\sqmdata01.sqm
C:\sqmdata02.sqm
C:\sqmdata03.sqm
C:\sqmdata04.sqm
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt00.sqm
C:\sqmnoopt01.sqm
C:\sqmnoopt02.sqm
C:\sqmnoopt03.sqm
C:\sqmnoopt04.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_WINOT73
-------\Service_Winot73

((((((((((((((((((((((((( Files Created from 2008-10-20 to 2008-11-20 )))))))))))))))))))))))))))))))
.
2008-11-19 21:58 . 2008-11-19 22:03 <DIR> d-------- c:\program files\Best Buy Digital Music Store Powered by Rhapsody
2008-11-19 21:55 . 2008-11-19 22:03 4 --a------ c:\windows\system32\40C906
2008-11-19 08:46 . 2008-11-19 08:46 <DIR> d-------- c:\windows\ERUNT
2008-11-19 08:39 . 2008-11-19 09:07 <DIR> d-------- C:\SDFix
2008-11-19 08:37 . 2004-12-14 10:07 229,376 -ra------ c:\windows\system32\hpovst08.dll
2008-11-19 08:11 . 2008-11-19 08:11 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard
2008-11-19 08:07 . 2004-09-29 12:12 278,584 --a------ c:\windows\system32\HPZidr12.dll
2008-11-19 08:07 . 2004-09-29 12:15 204,800 --a------ c:\windows\system32\HPZipr12.dll
2008-11-19 08:07 . 2004-09-29 12:09 94,208 --a------ c:\windows\system32\HPZipt12.dll
2008-11-19 08:07 . 2004-09-29 12:14 69,632 --a------ c:\windows\system32\HPZipm12.exe
2008-11-19 08:07 . 2004-09-29 12:08 61,440 --a------ c:\windows\system32\HPZinw12.exe
2008-11-19 08:07 . 2004-09-29 12:09 57,344 --a------ c:\windows\system32\HPZisn12.dll
2008-11-19 07:42 . 2004-12-14 10:07 21,744 -ra------ c:\windows\system32\drivers\HPZius12.sys
2008-11-18 21:53 . 2008-11-18 21:53 <DIR> d-------- c:\documents and settings\Rachel\Application Data\HP
2008-11-18 21:53 . 2008-11-18 21:55 112,316 --a------ c:\windows\hpoins07.dat
2008-11-18 21:53 . 2005-12-16 16:17 51,120 --a------ c:\windows\system32\drivers\HPZid412.sys
2008-11-18 21:53 . 2005-12-16 16:17 21,124 --------- c:\windows\hpomdl07.dat
2008-11-18 21:53 . 2005-12-16 16:17 16,496 --a------ c:\windows\system32\drivers\HPZipr12.sys
2008-11-18 21:51 . 2004-12-14 10:07 581,632 -ra------ c:\windows\system32\hpotscl.dll
2008-11-18 21:51 . 2004-12-14 10:07 278,528 -ra------ c:\windows\system32\hpgwiamd.dll
2008-11-18 21:51 . 2004-12-14 10:07 274,432 -ra------ c:\windows\system32\HPZc3212.dll
2008-11-18 21:51 . 2005-12-16 16:18 98,304 --a------ c:\windows\system32\hpzjsn01.dll
2008-11-18 21:50 . 2005-12-16 16:17 393,216 --a------ c:\windows\system32\hpzcon12.dll
2008-11-18 21:50 . 2005-12-16 16:17 196,608 --a------ c:\windows\system32\hpzcoi12.dll
2008-11-18 21:45 . 2008-11-18 21:53 <DIR> d-------- c:\temp\HP_WebRelease
2008-11-18 18:32 . 2008-11-18 18:32 <DIR> d-------- c:\documents and settings\Rachel\Application Data\Malwarebytes
2008-11-18 18:31 . 2008-11-18 18:31 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-18 18:31 . 2008-11-18 18:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-18 18:31 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-18 18:31 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-18 15:46 . 2008-11-18 15:52 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Yahoo!
2008-11-18 15:43 . 2005-07-19 14:09 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Symantec
2008-11-18 15:43 . 2005-07-19 14:01 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Jasc Software Inc
2008-11-18 15:43 . 2008-11-18 15:43 <DIR> d-------- c:\documents and settings\Administrator
2008-11-18 13:27 . 2008-07-30 17:42 23,888 --a------ c:\windows\system32\drivers\COH_Mon.sys
2008-11-18 13:27 . 2008-07-30 17:28 10,537 --a------ c:\windows\system32\drivers\COH_Mon.cat
2008-11-18 13:27 . 2008-07-30 17:28 706 --a------ c:\windows\system32\drivers\COH_Mon.inf
2008-11-18 07:33 . 2008-10-03 11:41 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2008-11-18 07:33 . 2007-04-17 03:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-18 07:33 . 2007-03-07 23:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-18 07:33 . 2008-08-26 01:24 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2008-11-18 07:33 . 2008-08-26 01:24 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-18 07:33 . 2008-08-26 01:24 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2008-11-18 07:33 . 2008-08-26 01:24 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2008-11-18 07:33 . 2008-08-26 01:24 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-18 07:33 . 2008-08-25 02:38 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2008-11-18 07:18 . 2008-11-18 07:18 <DIR> d-------- c:\program files\Sun
2008-11-17 21:32 . 2008-11-17 21:32 <DIR> d-------- c:\program files\NickOnline
2008-11-17 17:01 . 2008-11-17 17:01 664 --a------ c:\windows\system32\d3d9caps.dat
2008-11-14 03:09 . 2008-11-14 03:09 197 --a------ c:\windows\system32\MRT.INI
2008-11-14 01:20 . 2008-11-18 20:29 <DIR> d-------- c:\windows\system32\CatRoot_bak
2008-11-13 22:26 . 2008-05-01 08:30 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2008-11-13 22:13 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-10-22 19:30 . 2008-10-22 19:30 262,144 --a------ C:\ntuser.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-20 04:01 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-19 20:54 --------- d-----w c:\program files\Full Tilt Poker
2008-11-19 14:30 --------- d-----w c:\program files\Hp
2008-11-19 14:17 --------- d-----w c:\program files\Hewlett-Packard
2008-11-19 03:04 --------- d-----w c:\program files\Google
2008-11-18 19:27 --------- d-----w c:\program files\Symantec
2008-11-18 13:17 --------- d-----w c:\program files\Java
2008-11-13 22:42 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2008-11-13 22:42 123,952 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2008-11-13 22:42 10,671 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2008-11-13 22:40 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-11-13 20:17 --------- d-----w c:\documents and settings\Rachel\Application Data\Yahoo!
2008-11-13 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\yahoo!
2008-11-03 00:23 --------- d-----w c:\documents and settings\Rachel\Application Data\Viewpoint
2008-10-29 00:33 --------- d-----w c:\program files\LimeWire
2008-10-29 00:07 --------- d-----w c:\program files\PC Tools AntiVirus
2008-10-28 20:20 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-10-25 10:38 --------- d-----w c:\documents and settings\Rachel\Application Data\AdobeUM
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-03 20:14 39,984 ----a-w c:\windows\system32\drivers\symids.sys
2008-10-03 20:14 37,936 ----a-w c:\windows\system32\drivers\symndisv.sys
2008-10-03 20:14 35,120 ----a-w c:\windows\system32\drivers\symndis.sys
2008-10-03 20:14 27,696 ----a-w c:\windows\system32\drivers\symredrv.sys
2008-10-03 20:14 187,952 ----a-w c:\windows\system32\drivers\symtdi.sys
2008-10-03 20:14 146,096 ----a-w c:\windows\system32\drivers\symfw.sys
2008-10-03 20:14 12,848 ----a-w c:\windows\system32\drivers\symdns.sys
2008-10-03 20:14 10,804 ----a-w c:\windows\system32\drivers\SymRedir.cat
2008-10-03 20:14 1,358 ----a-w c:\windows\system32\drivers\SymRedir.inf
2008-09-25 01:08 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore
2008-09-04 01:17 37,027 ----a-w c:\windows\atmoUn.exe
2005-11-29 04:38 774,144 ----a-w c:\program files\RngInterstitial.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2008-02-29 4670704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
S4 0085981219267762mcinstcleanup;McAfee Application Installer Cleanup (0085981219267762);c:\windows\TEMP\[u]0[/u]08598~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
2008-11-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 17:13]
2008-11-18 c:\windows\Tasks\Norton Security Online - Run Full System Scan - Rachel.job
- c:\progra~1\Symantec\Norton AntiVirus\Navw32.exe [2007-01-14 03:09]
2008-11-20 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDetect.exe []
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-19 23:04:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
r Running Proce
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\wdfmgr.exe
.
**************************************************************************
.
Completion time: 2008-11-19 23:11:10 - machine was rebooted [Rachel]
ComboFix-quarantined-files.txt 2008-11-20 05:11:05
ComboFix2.txt 2008-11-20 00:51:50
Pre-Run: 51,675,082,752 bytes free
Post-Run: 51,718,242,304 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
212 --- E O F --- 2008-11-20 00:40:14

Response Number 22

Name: jabuck
Date: November 20, 2008 at 16:37:13 Pacific

Reply:

Please post the requested Eset scan from response #8.

Google Ads

Spybot S&D version 1.6

Stop Zilla

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Google Ads

Results for: Virus alert next to clock

virus alert next to clock.

Summary

www.computing.net/answers/security/virus-alert-next-to-clock/23547.html

VIRUS ALERT! next to clock

Summary

www.computing.net/answers/security/virus-alert-next-to-clock/23644.html

VIRUS ALERT! next to clock...

Summary

www.computing.net/answers/security/virus-alert-next-to-clock/23394.html

Explore Similar Topics

PFT498.TEMP

reset parcial CC640 software hp

microsoft.windows.system nodispscrsavpage virus

malwarebytes anti-malware hijack display proper...

Hijack.DisplayProperties

Ask a Question!

From the Geek Dictionary
HSF - Short for Heatsink and Fan. A cooling device which makes use of a chunk of...

Weekly Poll
Would you play for PlayStation Network?

Poll Finishes In 4 Days.
Discuss in The Lounge
Poll History

Recent Posts
New ethernet card / old network?

need to load 2003 server on lx6810

Harddrive freezes when accessed, Files intact

Screen White

PC Automatically Boots Up

All Awaiting Reply

Tom's News
Our Top 11 Favorite Super Bowl TV Commercials

Artist Uses Floppy Disks to Create Paintings

VIDEO: An HD Tour of the Space Station

Samsung Launching AMOLED Phone Next Week?

Man Fined $1.5M for Leaked Mario Game Upload

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE