[code] WinPFind35 logfile created on: 2/16/2008 12:41:32 AM WinPFind35U Version Beta51 Folder = C:\Documents and Settings\JODENE\Desktop\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 510.00 Mb Total Physical Memory | 211.12 Mb Available Physical Memory | 41.40% Memory free 1.22 Gb Paging File | 0.87 Gb Available in Paging File | 71.67% Paging File free Paging file location(s): C:\pagefile.sys 0 0; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71.03 Gb Total Space | 53.10 Gb Free Space | 74.75% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 39.10 Mb Total Space | 31.94 Mb Free Space | 81.69% Space Free | Partition Type: FAT Drive F: | 3.42 Gb Total Space | 0.43 Gb Free Space | 12.67% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JOHNNOY Current User Name: JODENE Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 2/12/2008 6:39:00 PM | Attr = ] lexbces.exe -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 9.45 | Size = 311296 bytes | Modified Date = 3/4/2004 10:30:48 PM | Attr = ] lexpps.exe -> %SystemRoot%\system32\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 9.45 | Size = 174592 bytes | Modified Date = 3/4/2004 10:26:20 PM | Attr = ] aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2/11/2008 2:53:55 PM | Attr = ] isafe.exe -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\iSafe.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 259624 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] sprtsvc.exe -> %ProgramFiles%\Dell Support Center\bin\sprtsvc.exe -> SupportSoft, Inc. [Ver = 7.0.585.0 | Size = 202544 bytes | Modified Date = 11/15/2007 9:23:56 AM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 12:11:35 AM | Attr = ] smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 5 | Size = 1404928 bytes | Modified Date = 10/14/2004 7:42:54 PM | Attr = ] issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 4:50:18 PM | Attr = ] hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 126976 bytes | Modified Date = 10/19/2005 8:59:12 AM | Attr = ] dmxlauncher.exe -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 86016 bytes | Modified Date = 1/27/2005 1:02:00 AM | Attr = ] tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ] pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 10/31/2003 8:42:40 PM | Attr = ] cavtray.exe -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 230952 bytes | Modified Date = 1/23/2007 11:11:40 AM | Attr = ] cavrid.exe -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRid.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 185896 bytes | Modified Date = 1/23/2007 11:11:40 AM | Attr = ] apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.2.0.77764 | Size = 63712 bytes | Modified Date = 3/9/2007 10:09:58 AM | Attr = ] realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.4279 | Size = 185896 bytes | Modified Date = 11/19/2007 4:08:54 PM | Attr = ] dsagnt.exe -> %ProgramFiles%\DellSupport\DSAgnt.exe -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 10:09:36 AM | Attr = ] aim6.exe -> %ProgramFiles%\AIM6\aim6.exe -> AOL LLC [Ver = 1.4.9.1 | Size = 50736 bytes | Modified Date = 4/27/2007 4:17:26 PM | Attr = ] sprtcmd.exe -> %ProgramFiles%\Dell Support Center\bin\sprtcmd.exe -> SupportSoft, Inc. [Ver = 7.0.585.0 | Size = 202544 bytes | Modified Date = 11/15/2007 9:23:56 AM | Attr = ] aoltray.exe -> %ProgramFiles%\America Online 9.0\aoltray.exe -> America Online, Inc. [Ver = 9.00.001 | Size = 156784 bytes | Modified Date = 9/1/2004 11:56:34 AM | Attr = H ] dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = R ] dlbcserv.exe -> %ProgramFiles%\Dell Photo Printer 720\dlbcserv.exe -> [Ver = 1.0.0.1 | Size = 315392 bytes | Modified Date = 1/9/2005 5:42:54 AM | Attr = ] aolsoftware.exe -> %ProgramFiles%\AIM6\aolsoftware.exe -> America Online, Inc. [Ver = 1.5.6.1 | Size = 50736 bytes | Modified Date = 9/25/2006 7:52:48 PM | Attr = ] nintendowfcreg.exe -> %ProgramFiles%\WiFiConnector\NintendoWFCReg.exe -> [Ver = 1, 0, 0, 33 | Size = 1073152 bytes | Modified Date = 4/19/2006 9:45:34 PM | Attr = ] vetmsg.exe -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 202280 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309248 bytes | Modified Date = 2/13/2008 10:50:32 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 2/12/2008 6:39:00 PM | Attr = ] (AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2/11/2008 2:53:55 PM | Attr = ] (CAISafe) CAISafe [Win32_Own | Auto | Running] -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\iSafe.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 259624 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = ] (DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [Ver = 1, 0, 0, 8 | Size = 76848 bytes | Modified Date = 3/7/2007 2:47:46 PM | Attr = ] (LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 9.45 | Size = 311296 bytes | Modified Date = 3/4/2004 10:30:48 PM | Attr = ] (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell Support Center\bin\sprtsvc.exe -> SupportSoft, Inc. [Ver = 7.0.585.0 | Size = 202544 bytes | Modified Date = 11/15/2007 9:23:56 AM | Attr = ] (VETMSGNT) VET Message Service [Win32_Own | Auto | Running] -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 202280 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] (vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> Zone Labs Inc. [Ver = 5.1.039.004 | Size = 919320 bytes | Modified Date = 1/26/2005 3:47:24 AM | Attr = ] (YPCService) YPCService [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\YPcservice.exe -> Yahoo! Inc. [Ver = 2003, 5, 19, 1 | Size = 86016 bytes | Modified Date = 5/19/2003 5:07:38 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Adobe Photo Downloader -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.2.0.77764 | Size = 63712 bytes | Modified Date = 3/9/2007 10:09:58 AM | Attr = ] Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_SL.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 10/10/2007 7:51:55 PM | Attr = ] C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe -> -> File not found CaAvTray -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 230952 bytes | Modified Date = 1/23/2007 11:11:40 AM | Attr = ] CAVRID -> %ProgramFiles%\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRid.exe -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 185896 bytes | Modified Date = 1/23/2007 11:11:40 AM | Attr = ] dla -> %SystemRoot%\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ] DMXLauncher -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 86016 bytes | Modified Date = 1/27/2005 1:02:00 AM | Attr = ] dscactivate -> %ProgramFiles%\Dell Support Center\gs_agent\custom\dsca.exe -> [Ver = 1.0.2767.18581 | Size = 16384 bytes | Modified Date = 11/15/2007 9:24:00 AM | Attr = ] HotKeysCmds -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 126976 bytes | Modified Date = 10/19/2005 8:59:12 AM | Attr = ] IgfxTray -> %SystemRoot%\system32\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 155648 bytes | Modified Date = 10/19/2005 8:59:14 AM | Attr = ] ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 7/27/2004 4:50:42 PM | Attr = ] ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 4:50:18 PM | Attr = ] NeroFilterCheck -> %SystemRoot%\system32\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 12:50:42 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5 | Size = 98304 bytes | Modified Date = 10/10/2005 12:06:13 AM | Attr = ] RemoteControl -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 10/31/2003 8:42:40 PM | Attr = ] SoundMAXPnP -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 5 | Size = 1404928 bytes | Modified Date = 10/14/2004 7:42:54 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 12:11:35 AM | Attr = ] TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.4279 | Size = 185896 bytes | Modified Date = 11/19/2007 4:08:54 PM | Attr = ] Zone Labs Client -> %ProgramFiles%\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe -> Computer Associates [Ver = 5.1.039.004 | Size = 722712 bytes | Modified Date = 1/26/2005 3:43:54 AM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Aim6 -> %ProgramFiles%\AIM6\aim6.exe -> AOL LLC [Ver = 1.4.9.1 | Size = 50736 bytes | Modified Date = 4/27/2007 4:17:26 PM | Attr = ] DellSupport -> %ProgramFiles%\DellSupport\DSAgnt.exe -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 10:09:36 AM | Attr = ] DellSupportCenter -> %ProgramFiles%\Dell Support Center\bin\sprtcmd.exe -> SupportSoft, Inc. [Ver = 7.0.585.0 | Size = 202544 bytes | Modified Date = 11/15/2007 9:23:56 AM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 11/4/1999 2:06:48 PM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk -> %ProgramFiles%\America Online 9.0\aoltray.exe -> America Online, Inc. [Ver = 9.00.001 | Size = 156784 bytes | Modified Date = 9/1/2004 11:56:34 AM | Attr = H ] %AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = R ] %AllUsersProfile%\Start Menu\Programs\Startup\dlbcserv.lnk -> %ProgramFiles%\Dell Photo Printer 720\dlbcserv.exe -> [Ver = 1.0.0.1 | Size = 315392 bytes | Modified Date = 1/9/2005 5:42:54 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> %CommonProgramFiles%\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> Intuit, Inc. [Ver = 15.0 R2 | Size = 806912 bytes | Modified Date = 11/11/2004 11:59:36 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Run Nintendo Wi-Fi USB Connector Registration Tool.lnk -> %ProgramFiles%\WiFiConnector\NintendoWFCReg.exe -> [Ver = 1, 0, 0, 33 | Size = 1073152 bytes | Modified Date = 4/19/2006 9:45:34 PM | Attr = ] < JODENE Startup Folder > -> C:\Documents and Settings\JODENE\Start Menu\Programs\Startup -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 2/11/2008 2:53:48 PM | Attr = ] {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> xlibgfl254.dll -> xlibgfl254.dll -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *System* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\System -> kdwrc.exe -> kdwrc.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 282624 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] igfxcui -> %SystemRoot%\system32\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.4342 | Size = 348160 bytes | Modified Date = 10/19/2005 8:59:14 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> < HOSTS File > (4102 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.optonline.net/ -> HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5457 domain(s) found. -> 114 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 11:08:42 PM | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 12:04:00 AM | Attr = ] {5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 12:11:33 AM | Attr = ] < Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2003, 6, 23, 1 | Size = 274503 bytes | Modified Date = 6/23/2003 2:30:02 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{D7F30B62-8269-41AF-9539-B2697FA7D77E} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 12:11:34 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 12:11:33 AM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> YPC 3.0.0 -> Yahoo! Parental Controls -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {CE3C2157-3BF2-49D8-9559-9CD55519A7CC} -> (Broadcom 440x 10/100 Integrated Controller) -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> Protocol_Catalog9\Catalog_Entries\000000000001 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000002 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000003 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000004 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000005 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000006 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000007 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000008 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000009 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000010 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000011 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000012 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000013 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000014 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000015 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000016 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000017 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000018 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000019 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000020 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000021 -> %SystemRoot%\system32\VetRedir.dll -> Computer Associates International, Inc. [Ver = Version 11.0.8.1 | Size = 75304 bytes | Modified Date = 1/23/2007 11:11:41 AM | Attr = ] < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089}[HKEY_LOCAL_MACHINE] -> http://office.microsoft.com/templates/ieawsdc.cab[Microsoft Office Template and Media Control] -> {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}[HKEY_LOCAL_MACHINE] -> http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab[CKAVWebScan Object] -> {166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab[Windows Genuine Advantage Validation Tool] -> {233C1507-6A77-46A4-9443-F871F945D258}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll[Installation Support] -> {33564D57-0000-0010-8000-00AA00389B71}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB[Reg Error: Key does not exist or could not be opened.] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {A17E30C4-A9BA-11D4-8673-60DB54C10000}[HKEY_LOCAL_MACHINE] -> http://download.yahoo.com/dl/installs/ymail/ymmapi.dll[Yahoo! MailTo] -> {B9191F79-5613-4C76-AA2A-398534BB8999}[HKEY_LOCAL_MACHINE] -> http://download.yahoo.com/dl/installs/yab_af.cab[YAddBook Class] -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] -> {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab[Java Plug-in 1.5.0_10] -> {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab[Java Plug-in 1.5.0_11] -> {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab[Java Plug-in 1.6.0_01] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {D18F962A-3722-4B59-B08D-28BB9EB2281E}[HKEY_LOCAL_MACHINE] -> http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab[PhotosCtrl Class] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> [Files/Folders - Created Within 30 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 2/14/2008 8:35:13 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 534843392 bytes | Modified Date = 2/15/2008 6:32:32 PM | Attr = HS] SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Modified Date = 6/5/2007 10:56:40 AM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Created Date = 2/13/2008 10:50:41 PM | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Modified Date = 8/2/2006 12:39:06 PM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 2/13/2008 10:50:47 PM | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 2/13/2008 10:50:47 PM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 2/13/2008 10:50:48 PM | Attr = ] ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Modified Date = 3/25/2003 6:53:50 PM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 2/14/2008 8:36:17 PM | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 2/15/2008 7:23:01 PM | Attr = ] [Files/Folders - Modified Within 30 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 2/14/2008 8:35:13 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 534843392 bytes | Modified Date = 2/15/2008 6:32:32 PM | Attr = HS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2/13/2008 8:21:43 PM | Attr = R ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2/15/2008 7:23:01 PM | Attr = ] AWRTRD.sys -> %SystemRoot%\System32\drivers\AWRTRD.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 8320 bytes | Modified Date = 2/12/2008 6:39:36 PM | Attr = ] NSDriver.sys -> %SystemRoot%\System32\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 9344 bytes | Modified Date = 2/12/2008 6:39:36 PM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Modified Date = 2/14/2008 12:08:23 AM | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 2/15/2008 6:33:55 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 2/14/2008 12:09:08 AM | Attr = ] dla -> %SystemRoot%\System32\dla -> [Folder | Modified Date = 2/14/2008 12:09:24 AM | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 2/14/2008 12:54:24 AM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 2/13/2008 10:50:47 PM | Attr = ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 2/12/2008 6:39:35 PM | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 2/13/2008 10:50:47 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 2/12/2008 9:12:19 PM | Attr = ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Modified Date = 2/14/2008 12:11:18 AM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 2/13/2008 10:50:48 PM | Attr = ] vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [Ver = | Size = 891 bytes | Modified Date = 2/15/2008 6:33:26 PM | Attr = H ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 2/14/2008 12:11:49 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 2/15/2008 6:43:29 PM | Attr = ] ZoneLabs -> %SystemRoot%\System32\ZoneLabs -> [Folder | Modified Date = 2/14/2008 12:12:02 AM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/15/2008 4:55:58 PM | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 2/14/2008 12:01:55 AM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 2/14/2008 12:02:12 AM | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2/15/2008 6:32:35 PM | Attr = S] CAVTemp -> %SystemRoot%\CAVTemp -> [Folder | Modified Date = 2/16/2008 12:21:42 AM | Attr = ] dellstat.ini -> %SystemRoot%\dellstat.ini -> [Ver = | Size = 452 bytes | Modified Date = 2/13/2008 6:05:23 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2/15/2008 7:23:05 PM | Attr = S] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 2/14/2008 8:36:17 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2/15/2008 7:23:03 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2/13/2008 8:21:55 PM | Attr = HS] Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 2/15/2008 9:38:05 PM | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 2/15/2008 7:23:05 PM | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 2/12/2008 5:20:04 PM | Attr = ] PhotoSnapViewer.INI -> %SystemRoot%\PhotoSnapViewer.INI -> [Ver = | Size = 151 bytes | Modified Date = 1/19/2008 4:05:46 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2/16/2008 12:39:54 AM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/12/2008 9:26:28 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 2/14/2008 12:08:17 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 2/15/2008 6:32:35 PM | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2/16/2008 12:25:39 AM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 774 bytes | Modified Date = 2/13/2008 11:03:22 PM | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 341 bytes | Modified Date = 2/11/2008 5:21:23 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2/15/2008 6:32:53 PM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 46059 bytes | Modified Date = 2/15/2008 6:34:07 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 46059 bytes | Modified Date = 2/15/2008 6:34:07 PM | Attr = ] yjsplery.dll -> C:\Documents and Settings\JODENE\Local Settings\Temp\yjsplery.dll -> [Ver = | Size = 53248 bytes | Modified Date = 2/16/2008 12:39:52 AM | Attr = ] 1 C:\Documents and Settings\JODENE\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\JODENE\Local Settings\Temp\*.tmp -> < End of report > [/code]