[code] WinPFind35 logfile created on: 1/29/2008 7:30:24 PM WinPFind35U Version Beta40 Folder = C:\Documents and Settings\Owner\Desktop\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) 765.98 Mb Total Physical Memory | 418.82 Mb Available Physical Memory | 54.68% Memory free 1.83 Gb Paging File | 1.52 Gb Available in Paging File | 83.43% Paging File free Paging file location(s): C:\pagefile.sys 1147 1147; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 33.27 Gb Total Space | 15.85 Gb Free Space | 47.63% Space Free | Partition Type: NTFS Drive D: | 4.87 Gb Total Space | 3.17 Gb Free Space | 65.11% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded Computer Name: HOMEPC Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] itouch.exe -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.22.289 | Size = 892928 bytes | Modified Date = 3/18/2004 9:33:26 AM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 1:11:35 AM | Attr = ] s3apphk.exe -> %System32%\S3apphk.exe -> [Ver = | Size = 28672 bytes | Modified Date = 3/16/2002 12:51:02 AM | Attr = ] ps2.exe -> %System32%\ps2.EXE -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 81920 bytes | Modified Date = 7/3/2001 10:13:56 PM | Attr = ] hpsysdrv.exe -> %SystemRoot%\system\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 5/7/1998 6:04:38 PM | Attr = ] flymonitor.exe -> %ProgramFiles%\Leapfrog\FlyWorld\bin\FLYMonitor.exe -> LeapFrog Enterprises, Inc. [Ver = 1, 0, 0, 1 | Size = 669000 bytes | Modified Date = 11/15/2007 2:32:48 PM | Attr = ] tfswctrl.exe -> %System32%\dla\tfswctrl.exe -> VERITAS Software, Inc. [Ver = 1.03.01a | Size = 102455 bytes | Modified Date = 3/14/2002 12:25:00 PM | Attr = ] avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 4:25:42 AM | Attr = ] avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.1.321 | Size = 227856 bytes | Modified Date = 12/18/2007 12:43:32 AM | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 7:31:10 AM | Attr = ] avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.1.321 | Size = 227856 bytes | Modified Date = 12/18/2007 12:43:32 AM | Attr = ] nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9147 | Size = 155715 bytes | Modified Date = 9/18/2006 3:25:10 PM | Attr = ] winpfind35u.exe -> %UserDesktop%\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 307200 bytes | Modified Date = 1/29/2008 11:17:26 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 7:31:10 AM | Attr = ] (AVP) Kaspersky Internet Security 7.0 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.1.321 | Size = 227856 bytes | Modified Date = 12/18/2007 12:43:32 AM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9147 | Size = 155715 bytes | Modified Date = 9/18/2006 3:25:10 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 4:25:42 AM | Attr = ] Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_SL.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 10/10/2007 7:51:55 PM | Attr = ] AVP -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.1.321 | Size = 227856 bytes | Modified Date = 12/18/2007 12:43:32 AM | Attr = ] dla -> %System32%\dla\tfswctrl.exe -> VERITAS Software, Inc. [Ver = 1.03.01a | Size = 102455 bytes | Modified Date = 3/14/2002 12:25:00 PM | Attr = ] FlyMonitor -> %ProgramFiles%\Leapfrog\FlyWorld\bin\FLYMonitor.exe -> LeapFrog Enterprises, Inc. [Ver = 1, 0, 0, 1 | Size = 669000 bytes | Modified Date = 11/15/2007 2:32:48 PM | Attr = ] HotKeysCmds -> %System32%\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.3889 | Size = 118784 bytes | Modified Date = 8/20/2004 2:51:14 PM | Attr = ] hpsysdrv -> %SystemRoot%\system\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 5/7/1998 6:04:38 PM | Attr = ] IgfxTray -> %System32%\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.3889 | Size = 155648 bytes | Modified Date = 8/20/2004 2:55:14 PM | Attr = ] NvCplDaemon -> %System32%\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.10.9147 | Size = 7630848 bytes | Modified Date = 9/18/2006 3:25:01 PM | Attr = ] NvMediaCenter -> %System32%\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.10.9147 | Size = 86016 bytes | Modified Date = 9/18/2006 3:25:07 PM | Attr = ] nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1519616 bytes | Modified Date = 9/18/2006 3:25:13 PM | Attr = ] PreloadApp -> %SystemDrive%\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -> File not found PS2 -> %System32%\ps2.EXE -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 81920 bytes | Modified Date = 7/3/2001 10:13:56 PM | Attr = ] Recguard -> %SystemRoot%\SMINST\Recguard.exe -> [Ver = 1, 0, 0, 1 | Size = 212992 bytes | Modified Date = 12/19/2001 1:39:26 AM | Attr = ] S3apphk -> %System32%\S3apphk.exe -> [Ver = | Size = 28672 bytes | Modified Date = 3/16/2002 12:51:02 AM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 1:11:35 AM | Attr = ] TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> File not found zBrowser Launcher -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.22.289 | Size = 892928 bytes | Modified Date = 3/18/2004 9:33:26 AM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Microsoft Works Update Detection -> %ProgramFiles%\Microsoft Works\WkDetect.exe -> File not found MoneyAgent -> %ProgramFiles%\Microsoft Money\System\Money Express.exe -> File not found SeaMonkey Quick Launch -> %ProgramFiles%\mozilla.org\SeaMonkey\SeaMonkey.exe -> File not found SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 6, 0, 1000 | Size = 1310720 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] Zero Knowledge Freedom -> %ProgramFiles%\Zero Knowledge\Freedom\Freedom.exe -> File not found < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll -> Kaspersky Lab [Ver = 7.0.1.321 | Size = 84496 bytes | Modified Date = 12/18/2007 12:44:42 AM | Attr = ] *MultiFile Done* -> -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 7:29:58 AM | Attr = ] {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 282624 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.3889 | Size = 344064 bytes | Modified Date = 8/20/2004 2:50:54 PM | Attr = ] klogon -> %System32%\klogon.dll -> Kaspersky Lab [Ver = 7.0.1.321 | Size = 219664 bytes | Modified Date = 12/18/2007 12:44:54 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://srch-us5.hpwis.com/ -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://srch-us5.hpwis.com/ -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.netflix.com/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4122 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 10:08:42 PM | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ] {56071E0D-C61B-11D3-B41C-00E02927A304} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Zero Knowledge\Freedom\FreeBHOR.dll [ZKBho Class] -> Zero-Knowledge Systems Inc. [Ver = 3.2.2002.0304 | Size = 143415 bytes | Modified Date = 3/5/2002 12:42:04 AM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 1:11:33 AM | Attr = ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\hp\EXPLOREBAR\HPTOOLKT.DLL [&hp toolkit] -> Hewlett-Packard Company [Ver = 1.0.0.1 | Size = 61440 bytes | Modified Date = 3/1/2002 2:35:18 AM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found ShellBrowser\\{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\hp\EXPLOREBAR\HPTOOLKT.DLL [&hp toolkit] -> Hewlett-Packard Company [Ver = 1.0.0.1 | Size = 61440 bytes | Modified Date = 3/1/2002 2:35:18 AM | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 1:11:34 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 1:11:33 AM | Attr = ] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:BandCLSID -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll [Web Anti-Virus statistics] -> Kaspersky Lab [Ver = 7.0.1.321 | Size = 223760 bytes | Modified Date = 12/18/2007 12:45:00 AM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{17A27031-71FC-11d4-815C-005004D0F1FA} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Search -> -> File not found Add to Anti-Banner -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm -> [Ver = | Size = 1325 bytes | Modified Date = 12/18/2007 12:32:44 AM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> Extension\.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 10:56:24 PM | Attr = ] < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {205E7F52-DE07-4A74-A741-60DADF7E8AEC} -> () -> {70F5B6C6-61E7-4330-B106-5D55B2FF7DC0} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab[Office Genuine Advantage Validation Tool] -> {0E8D0700-75DF-11D3-8B4A-0008C7450C4A}[HKEY_LOCAL_MACHINE] -> http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab[DjVuCtl Class] -> {166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {233C1507-6A77-46A4-9443-F871F945D258}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170536381394[WUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {95D88B35-A521-472B-A182-BB1A98356421}[HKEY_LOCAL_MACHINE] -> http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab[Pearson Installation Assistant 2] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> {E6D23284-0E9B-417D-A782-03E4487FC947}[HKEY_LOCAL_MACHINE] -> http://asp.mathxl.com/books/_Players/MathPlayer.cab[Pearson MathXL Player] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> [Files/Folders - Created Within 30 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 803262464 bytes | Created Date = 1/24/2008 8:26:00 PM | Attr = HS] kav -> %SystemDrive%\kav -> [Folder | Created Date = 1/24/2008 5:58:17 PM | Attr = ] logfile.dat -> %SystemDrive%\logfile.dat -> [Ver = | Size = 682 bytes | Created Date = 1/1/2008 8:31:16 PM | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 1/25/2008 9:02:21 PM | Attr = ] AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 1/24/2008 5:53:58 PM | Attr = ] fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 2236448 bytes | Created Date = 1/24/2008 6:03:22 PM | Attr = HS] fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 29900 bytes | Created Date = 1/24/2008 6:03:22 PM | Attr = HS] fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 73248 bytes | Created Date = 1/24/2008 6:03:22 PM | Attr = HS] fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 7532 bytes | Created Date = 1/24/2008 6:03:22 PM | Attr = HS] FlyUsb.sys -> %System32%\drivers\FlyUsb.sys -> LeapFrog [Ver = 1.0.0.6 | Size = 18560 bytes | Created Date = 1/1/2008 8:31:15 PM | Attr = ] klick.dat -> %System32%\drivers\klick.dat -> [Ver = | Size = 85860 bytes | Created Date = 1/24/2008 6:04:58 PM | Attr = ] klin.dat -> %System32%\drivers\klin.dat -> [Ver = | Size = 91492 bytes | Created Date = 1/24/2008 6:04:58 PM | Attr = ] SDTHOOK.SYS -> %System32%\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Created Date = 1/25/2008 6:15:02 AM | Attr = ] ActiveScan -> %System32%\ActiveScan -> [Folder | Created Date = 1/25/2008 5:39:15 AM | Attr = ] 4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 1/25/2008 5:40:07 AM | Attr = ] DRVSTORE -> %System32%\DRVSTORE -> [Folder | Created Date = 1/1/2008 8:31:14 PM | Attr = ] Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 1/25/2008 5:39:21 AM | Attr = ] java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Created Date = 1/23/2008 6:08:50 PM | Attr = ] javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Created Date = 1/23/2008 6:08:50 PM | Attr = ] javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 139264 bytes | Created Date = 1/23/2008 6:08:50 PM | Attr = ] pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 1/25/2008 5:39:19 AM | Attr = ] swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.11 | Size = 156160 bytes | Created Date = 1/25/2008 9:02:11 PM | Attr = ] swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 1/25/2008 9:02:11 PM | Attr = ] swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 1/25/2008 9:02:11 PM | Attr = ] Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 1/25/2008 5:39:21 AM | Attr = ] VFind.exe -> %System32%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 1/25/2008 9:02:11 PM | Attr = ] ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 1/25/2008 5:40:06 AM | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 1/25/2008 9:03:17 PM | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 1/25/2008 9:02:11 PM | Attr = ] TEMP -> %SystemRoot%\TEMP -> [Folder | Created Date = 1/25/2008 10:31:31 PM | Attr = ] {5D946D0D-9437-4E15-AC1F-F9BCF0B32561}_WiseFW.ini -> %SystemRoot%\{5D946D0D-9437-4E15-AC1F-F9BCF0B32561}_WiseFW.ini -> [Ver = | Size = 444 bytes | Created Date = 1/1/2008 8:30:02 PM | Attr = ] [Files/Folders - Modified Within 30 days] BOOT.INI -> %SystemDrive%\BOOT.INI -> [Ver = | Size = 199 bytes | Modified Date = 1/24/2008 8:24:51 PM | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 1/24/2008 6:05:14 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 1/24/2008 6:49:04 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 803262464 bytes | Modified Date = 1/27/2008 10:01:11 PM | Attr = HS] kav -> %SystemDrive%\kav -> [Folder | Modified Date = 1/27/2008 9:13:48 PM | Attr = ] logfile.dat -> %SystemDrive%\logfile.dat -> [Ver = | Size = 682 bytes | Modified Date = 1/15/2008 3:54:08 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 1/25/2008 9:08:53 PM | Attr = R ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 1/27/2008 11:37:40 AM | Attr = ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 1/24/2008 4:16:38 PM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 1/27/2008 11:31:48 AM | Attr = ] etc -> %System32%\drivers\etc -> [Folder | Modified Date = 1/27/2008 11:30:14 AM | Attr = ] hosts -> %System32%\drivers\etc\hosts -> [Ver = | Size = 27 bytes | Modified Date = 1/27/2008 11:30:14 AM | Attr = ] fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 2236448 bytes | Modified Date = 1/29/2008 7:27:05 PM | Attr = HS] fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 29900 bytes | Modified Date = 1/27/2008 10:00:30 PM | Attr = HS] fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 73248 bytes | Modified Date = 1/29/2008 7:30:00 PM | Attr = HS] fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 7532 bytes | Modified Date = 1/27/2008 10:00:30 PM | Attr = HS] klick.dat -> %System32%\drivers\klick.dat -> [Ver = | Size = 85860 bytes | Modified Date = 1/24/2008 6:04:58 PM | Attr = ] klin.dat -> %System32%\drivers\klin.dat -> [Ver = | Size = 91492 bytes | Modified Date = 1/24/2008 6:04:58 PM | Attr = ] ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 1/25/2008 9:05:30 AM | Attr = ] 4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 1/27/2008 10:03:38 PM | Attr = ] config -> %System32%\config -> [Folder | Modified Date = 1/27/2008 11:27:36 AM | Attr = ] CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 1/24/2008 6:00:49 PM | Attr = ] dla -> %System32%\dla -> [Folder | Modified Date = 1/25/2008 9:07:01 AM | Attr = ] dllcache -> %System32%\dllcache -> [Folder | Modified Date = 1/10/2008 3:01:23 AM | Attr = RHS] drivers -> %System32%\drivers -> [Folder | Modified Date = 1/27/2008 11:21:12 AM | Attr = ] DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 1/1/2008 8:31:14 PM | Attr = ] Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 1/25/2008 5:39:21 AM | Attr = ] nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 81191 bytes | Modified Date = 1/27/2008 10:01:52 PM | Attr = ] pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 1/25/2008 5:39:21 AM | Attr = ] perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 55124 bytes | Modified Date = 1/1/2008 8:34:50 PM | Attr = ] perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 386202 bytes | Modified Date = 1/1/2008 8:34:50 PM | Attr = ] Restore -> %System32%\Restore -> [Folder | Modified Date = 1/24/2008 4:16:38 PM | Attr = ] Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 1/25/2008 5:39:21 AM | Attr = ] wbem -> %System32%\wbem -> [Folder | Modified Date = 1/25/2008 9:13:03 AM | Attr = ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 1/27/2008 10:04:18 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 1/9/2008 5:57:34 AM | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 1/25/2008 8:26:13 AM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 1/27/2008 10:01:13 PM | Attr = S] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 1/25/2008 8:27:08 AM | Attr = S] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 1/27/2008 11:27:20 AM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 1/25/2008 8:52:20 AM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 1/10/2008 3:01:16 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 1/25/2008 5:40:27 AM | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 1/27/2008 11:26:33 AM | Attr = HS] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 1/29/2008 7:28:14 PM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 1/24/2008 6:08:15 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 1/25/2008 9:05:16 AM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 1/25/2008 9:05:21 AM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 1/27/2008 11:31:48 AM | Attr = ] system32 -> %System32% -> [Folder | Modified Date = 1/25/2008 10:28:29 PM | Attr = ] TEMP -> %SystemRoot%\TEMP -> [Folder | Modified Date = 1/29/2008 7:23:58 PM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 839 bytes | Modified Date = 1/25/2008 5:51:27 AM | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 1/1/2008 8:30:36 PM | Attr = ] {5D946D0D-9437-4E15-AC1F-F9BCF0B32561}_WiseFW.ini -> %SystemRoot%\{5D946D0D-9437-4E15-AC1F-F9BCF0B32561}_WiseFW.ini -> [Ver = | Size = 444 bytes | Modified Date = 1/1/2008 8:30:42 PM | Attr = ] avast! Antivirus.job -> %SystemRoot%\tasks\avast! Antivirus.job -> [Ver = | Size = 292 bytes | Modified Date = 1/24/2008 2:05:02 AM | Attr = ] CleanUp!.job -> %SystemRoot%\tasks\CleanUp!.job -> [Ver = | Size = 262 bytes | Modified Date = 1/25/2008 2:10:00 AM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 1/27/2008 10:01:38 PM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4096 bytes | Modified Date = 1/25/2008 10:32:57 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4096 bytes | Modified Date = 1/25/2008 10:32:57 PM | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 11090 bytes | Modified Date = 2/5/2007 5:24:30 PM | Attr = ] < End of report > [/code]