[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2007-06-11 AM 4:25:42 | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5145 | Size = 339968 bytes | Modified Date = 2005-04-11 PM 12:00:00 | Attr = ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 2007-01-15 AM 11:28:58 | Attr = ]
Cpqset -> %ProgramFiles%\HPQ\Default Settings\Cpqset.exe -> [Ver = | Size = 233534 bytes | Modified Date = 2005-02-17 PM 4:01:20 | Attr = ]
eabconfg.cpl -> %ProgramFiles%\HPQ\Quick Launch Buttons\eabservr.exe -> Hewlett-Packard [Ver = 5, 1, 1, 2 | Size = 290816 bytes | Modified Date = 2004-12-03 PM 3:24:20 | Attr = ]
HP Software Update -> %ProgramFiles%\Hp\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 49152 bytes | Modified Date = 2005-05-12 AM 12:12:54 | Attr = ]
hpWirelessAssistant -> %ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe -> Hewlett-Packard Company [Ver = 1, 1, 1, 2 | Size = 794624 bytes | Modified Date = 2005-04-01 PM 5:11:14 | Attr = ]
icq.com -> %System32%\dobypqqc.dll [rundll32.exe "C:\WINDOWS\system32\dobypqqc.dll",forkonce] -> [Ver = | Size = 128576 bytes | Modified Date = 2007-06-27 PM 2:25:50 | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 4.7.0.42 | Size = 278528 bytes | Modified Date = 2004-10-13 PM 6:04:14 | Attr = ]
LSBWatcher -> %SystemDrive%\hp\drivers\hplsbwatcher\lsburnwatcher.exe -> Hewlett-Packard Company [Ver = 4, 10, 14, 0 | Size = 253952 bytes | Modified Date = 2004-10-14 PM 3:54:32 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 2005-04-29 AM 8:02:28 | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 2007-03-14 AM 3:43:44 | Attr = ]
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.13.0.1 02Feb05 | Size = 692316 bytes | Modified Date = 2005-02-02 AM 7:11:12 | Attr = ]
SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.13.0.1 02Feb05 | Size = 102492 bytes | Modified Date = 2005-02-02 AM 7:12:22 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 8, 0, 1002 | Size = 1314816 bytes | Modified Date = 2007-05-23 AM 10:12:46 | Attr = ]
Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,402 | Size = 4670968 bytes | Modified Date = 2007-06-11 PM 6:16:12 | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\Hp\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 282624 bytes | Modified Date = 2005-05-12 AM 12:23:26 | Attr = ]
< User Startup > -> C:\Documents and Settings\Brenda Mayorga\Start Menu\Programs\Startup ->
%UserStartup%\wkcalrem.LNK -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkCalRem.exe -> Microsoft® Corporation [Ver = 8.04.0623.0 | Size = 15360 bytes | Modified Date = 2004-06-23 PM 2:23:00 | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 2007-05-30 AM 7:29:58 | Attr = ]
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKLM] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 2006-12-20 PM 1:55:48 | Attr = ]
{DC192567-65F9-4AB6-ADB7-E13575F81726} [HKLM] -> %System32%\vtuspol.dll [] -> File not found
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 2007-04-19 PM 1:41:36 | Attr = ]
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4114 | Size = 46080 bytes | Modified Date = 2005-04-11 AM 8:31:30 | Attr = ]
vtuspol -> vtuspol.dll -> File not found
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> ÿÿÿÿ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 0 ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL ->
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop ->
HKLM: Main\\Default_Search_URL ->
http://www.google.com/ie ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar ->
http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html ->
HKLM: Search Page ->
http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL ->
http://www.google.com/ie ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Start Page ->
http://yahoo.com/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->