[code] WinPFind35 logfile created on: 2008-02-29 03:03:26 WinPFind35U Version 1.0.2.1 Folder = C:\Documents and Settings\user\Desktop\WinPFind35u Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd 511.17 Mb Total Physical Memory | 270.78 Mb Available Physical Memory | 52.97% Memory free 1.22 Gb Paging File | 0.78 Gb Available in Paging File | 64.02% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 38.09 Gb Total Space | 16.63 Gb Free Space | 43.66% Space Free | Partition Type: NTFS Drive D: | 36.44 Gb Total Space | 29.91 Gb Free Space | 82.09% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-8823FF3BFD Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4188 | Size = 512000 bytes | Modified Date = 2007-12-21 10:57:27 | Attr = ] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4188 | Size = 512000 bytes | Modified Date = 2007-12-21 10:57:27 | Attr = ] nod32kui.exe -> %ProgramFiles%\ESET\nod32kui.exe -> Eset [Ver = 2, 70, 31 | Size = 949376 bytes | Modified Date = 2008-02-29 10:51:03 | Attr = ] dna.exe -> %ProgramFiles%\BitTorrent_DNA\dna.exe -> [Ver = | Size = 286016 bytes | Modified Date = 2007-11-07 14:30:16 | Attr = ] nmbgmonitor.exe -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> Nero AG [Ver = 1, 5, 3, 0 | Size = 139264 bytes | Modified Date = 2006-11-17 10:04:20 | Attr = ] nmindexstoresvr.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexStoreSvr.exe -> Nero AG [Ver = 1, 5, 3, 0 | Size = 884736 bytes | Modified Date = 2006-11-17 09:58:32 | Attr = ] lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.124.1 | Size = 61440 bytes | Modified Date = 2006-10-20 04:52:24 | Attr = ] frameworkservice.exe -> %ProgramFiles%\Network Associates\Common Framework\FrameworkService.exe -> Network Associates, Inc. [Ver = 3.5.0.412 | Size = 102463 bytes | Modified Date = 2004-08-06 18:50:00 | Attr = ] mcshield.exe -> %ProgramFiles%\Network Associates\VirusScan\Mcshield.exe -> Network Associates, Inc. [Ver = 8.0.0.251 | Size = 221191 bytes | Modified Date = 2004-08-18 23:00:00 | Attr = ] vstskmgr.exe -> %ProgramFiles%\Network Associates\VirusScan\VsTskMgr.exe -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 28672 bytes | Modified Date = 2004-08-18 23:00:00 | Attr = ] nod32krn.exe -> %ProgramFiles%\ESET\nod32krn.exe -> Eset [Ver = 2, 70, 31 | Size = 552064 bytes | Modified Date = 2008-02-29 10:51:03 | Attr = ] hpzipm12.exe -> %SystemRoot%\system32\HPZipm12.exe -> HP [Ver = 10, 1, 1, 5 | Size = 69632 bytes | Modified Date = 2006-03-04 12:03:10 | Attr = ] naprdmgr.exe -> %ProgramFiles%\Network Associates\Common Framework\naPrdMgr.exe -> Network Associates, Inc. [Ver = 3.5.0.412 | Size = 237623 bytes | Modified Date = 2004-08-06 18:50:00 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.12: 2008020121 | Size = 7655024 bytes | Modified Date = 2008-02-11 05:54:44 | Attr = ] ymsgr_tray.exe -> %ProgramFiles%\Yahoo!\Messenger\Ymsgr_tray.exe -> Yahoo! Inc. [Ver = 8,1,0,0 | Size = 103664 bytes | Modified Date = 2007-08-31 08:43:18 | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.2.1 | Size = 310272 bytes | Modified Date = 2008-02-28 02:40:40 | Attr = ] [Win32 Services - Non-Microsoft Only] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4188 | Size = 512000 bytes | Modified Date = 2007-12-21 10:57:27 | Attr = ] (ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [Ver = 5.13.0027 | Size = 593920 bytes | Modified Date = 2007-12-21 13:05:00 | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 2004-08-04 00:56:50 | Attr = ] (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.124.1 | Size = 61440 bytes | Modified Date = 2006-10-20 04:52:24 | Attr = ] (McAfeeFramework) McAfee Framework Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Network Associates\Common Framework\FrameworkService.exe -> Network Associates, Inc. [Ver = 3.5.0.412 | Size = 102463 bytes | Modified Date = 2004-08-06 18:50:00 | Attr = ] (McShield) Network Associates McShield [Win32_Own | Auto | Running] -> %ProgramFiles%\Network Associates\VirusScan\Mcshield.exe -> Network Associates, Inc. [Ver = 8.0.0.251 | Size = 221191 bytes | Modified Date = 2004-08-18 23:00:00 | Attr = ] (McTaskManager) Network Associates Task Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\Network Associates\VirusScan\VsTskMgr.exe -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 28672 bytes | Modified Date = 2004-08-18 23:00:00 | Attr = ] (NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 2, 0 | Size = 774144 bytes | Modified Date = 2006-11-11 11:18:02 | Attr = ] (NOD32krn) NOD32 Kernel Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\nod32krn.exe -> Eset [Ver = 2, 70, 31 | Size = 552064 bytes | Modified Date = 2008-02-29 10:51:03 | Attr = ] (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Unknown | Running] -> -> File not found (PSEXESVC) PsExec [Win32_Own | Unknown | Stopped] -> -> File not found [Driver Services - Non-Microsoft Only] (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (AMON) AMON [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\amon.sys -> Eset [Ver = 2, 70, 31 | Size = 512096 bytes | Modified Date = 2008-02-29 10:51:04 | Attr = ] (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6764 | Size = 2843136 bytes | Modified Date = 2007-12-21 11:53:20 | Attr = ] (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (Changer) Changer [Kernel | System | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (DataMan) DataMan USB Infrared Adapter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\DataMan.sys -> DataMan Heightech Technology Inc. [Ver = 1.00.0.2 | Size = 10880 bytes | Modified Date = 2003-01-01 13:08:54 | Attr = R ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 2004-08-03 23:07:18 | Attr = ] (dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 2004-08-03 23:07:18 | Attr = ] (dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 2001-08-23 23:00:00 | Attr = ] (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (FETND5BV) VIA Rhine-Family Fast Ethernet Adapter Driver Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\fetnd5bv.sys -> VIA Technologies, Inc. [Ver = 3.54.00.0439 | Size = 42496 bytes | Modified Date = 2005-11-16 14:51:42 | Attr = R ] (FETNDIS) VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\fetnd5.sys -> VIA Technologies, Inc. [Ver = 2.66 | Size = 27165 bytes | Modified Date = 2001-08-17 20:13:08 | Attr = ] (HdAudAddService) ATI Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\AtiHdAud.sys -> ATI Research Inc. [Ver = 5.00.40001.08 | Size = 84992 bytes | Modified Date = 2006-12-29 00:44:44 | Attr = R ] (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 2005-01-08 08:07:18 | Attr = ] (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5345 built by: WinDDK | Size = 4405248 bytes | Modified Date = 2006-12-21 16:26:00 | Attr = R ] (IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (NaiAvFilter1) NaiAvFilter1 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\naiavf5x.sys -> Network Associates, Inc. [Ver = 8.0.0.251 | Size = 108256 bytes | Modified Date = 2004-08-18 23:00:00 | Attr = ] (NaiAvTdi1) NaiAvTdi1 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mvstdi5x.sys -> Network Associates, Inc. [Ver = 8.0.0.251 | Size = 58016 bytes | Modified Date = 2004-08-18 23:00:00 | Attr = ] (nod32drv) nod32drv [Kernel | System | Running] -> %SystemRoot%\system32\drivers\nod32drv.sys -> [Ver = | Size = 15424 bytes | Modified Date = 2008-02-29 10:51:02 | Attr = ] (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 2001-08-23 23:00:00 | Attr = ] (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Modified Date = 2007-03-29 19:00:00 | Attr = ] (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 2007-11-13 18:25:53 | Attr = ] (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (videX32) videX32 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\videX32.sys -> VIA Technologies, Inc. [Ver = 6.0.3790.160 | Size = 9216 bytes | Modified Date = 2006-10-17 20:22:26 | Attr = R ] (vmfilter303) vmfilter303 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\vmfilter303.sys -> Vimicro Corporation [Ver = 1.4.060423.01 | Size = 428160 bytes | Modified Date = 2006-04-25 10:57:42 | Attr = R ] (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found (xfilt) VIA SATA IDE Hot-plug Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\xfilt.sys -> VIA Technologies,Inc [Ver = 6.0.5728.160 | Size = 17920 bytes | Modified Date = 2006-10-18 17:39:58 | Attr = R ] (ZSMC303) A4 TECH PC Camera H [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbVM303.sys -> Vimicro Corporation [Ver = 3, 6, 831, 17 | Size = 392058 bytes | Modified Date = 2006-08-31 10:30:18 | Attr = R ] (EntDrv51) EntDrv51 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\EntDrv51.sys -> Network Associates, Inc [Ver = 8.0.0.240 | Size = 8320 bytes | Modified Date = 2004-08-18 23:00:00 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 505c8166 -> %SystemRoot%\system32\cduchtuu.dll -> [Ver = | Size = 85056 bytes | Modified Date = 2008-02-29 03:32:55 | Attr = ] BigDog303 -> %SystemRoot%\VM303_STI.EXE -> File not found BM536fb2fa -> %SystemRoot%\system32\kgtyhjuu.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-29 03:32:31 | Attr = ] nod32kui -> %ProgramFiles%\ESET\nod32kui.exe -> Eset [Ver = 2, 70, 31 | Size = 949376 bytes | Modified Date = 2008-02-29 10:51:03 | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> Nero AG [Ver = 1, 5, 3, 0 | Size = 139264 bytes | Modified Date = 2006-11-17 10:04:20 | Attr = ] BitTorrent DNA -> %ProgramFiles%\BitTorrent_DNA\dna.exe -> [Ver = | Size = 286016 bytes | Modified Date = 2007-11-07 14:30:16 | Attr = ] Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,421 | Size = 4670704 bytes | Modified Date = 2007-08-31 08:43:18 | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Kodak EasyShare software.lnk -> %ProgramFiles%\Kodak\Kodak EasyShare software\bin\EasyShare.exe -> Eastman Kodak Company [Ver = 6, 40, 53, 95 | Size = 282624 bytes | Modified Date = 2007-09-19 20:33:46 | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Yahoo! Messenger.lnk -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,421 | Size = 4670704 bytes | Modified Date = 2007-08-31 08:43:18 | Attr = ] < user Startup Folder > -> C:\Documents and Settings\user\Start Menu\Programs\Startup -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4176 | Size = 122880 bytes | Modified Date = 2007-12-21 10:58:55 | Attr = ] gzlggssn -> gzlggssn.dll -> File not found < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.yahoo.com/ -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Bar -> http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR -> HKEY_CURRENT_USER\: Main\\Search Page -> http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.msn.com -> HKEY_CURRENT_USER\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> HKEY_CURRENT_USER\: SearchURL\\ -> http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR[ ] -> HKEY_CURRENT_USER\: URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL [] -> File not found HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 5, 30, 1 | Size = 808472 bytes | Modified Date = 2007-05-31 05:18:26 | Attr = ] HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {00A6FAF1-072E-44cf-8957-5838F569A31D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL [MyWebSearch Search Assistant BHO] -> File not found {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [&Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2007, 5, 30, 1 | Size = 808472 bytes | Modified Date = 2007-05-31 05:18:26 | Attr = ] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 2006-10-23 15:08:42 | Attr = ] {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Winamp Toolbar\winamptb.dll [Winamp Toolbar BHO] -> AOL LLC [Ver = 5.1.6.2 | Size = 1135968 bytes | Modified Date = 2007-10-05 04:06:20 | Attr = ] {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 2006-11-01 04:33:52 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 2007-07-12 19:00:35 | Attr = ] {CCE02C9C-E50A-4486-9ED7-C1C5D1132493} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\awvtt.dll [Reg Error: Value does not exist or could not be read.] -> File not found {dd167537-5973-4e23-8552-f79c5a653d7c} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\wquirpun.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 90176 bytes | Modified Date = 2008-02-29 03:35:32 | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> AOL LLC [Ver = 5.1.6.2 | Size = 1135968 bytes | Modified Date = 2007-10-05 04:06:20 | Attr = ] {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 5, 30, 1 | Size = 808472 bytes | Modified Date = 2007-05-31 05:18:26 | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> AOL LLC [Ver = 5.1.6.2 | Size = 1135968 bytes | Modified Date = 2007-10-05 04:06:20 | Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 5, 30, 1 | Size = 808472 bytes | Modified Date = 2007-05-31 05:18:26 | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! Services] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 2006-11-01 04:33:52 | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 2006-11-01 04:33:52 | Attr = ] < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Winamp Toolbar Search -> %AllUsersProfile%\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htm -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SV1 -> -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {DF61F82B-33F7-47CD-AD9D-EEFDCBEC7D6D} -> (VIA Rhine II Fast Ethernet Adapter) -> {F69CF778-AD82-4882-85BE-66D7ED43B433} -> () -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> Protocol_Catalog9\Catalog_Entries\000000000001 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000002 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000003 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000004 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000005 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000006 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000007 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000008 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000009 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000010 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000011 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000012 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000013 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000014 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000015 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000016 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000017 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000018 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000019 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000020 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000021 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000022 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000023 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000024 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000025 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000026 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000027 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000028 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000029 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000030 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000031 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000032 -> %SystemRoot%\system32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 27, 2 | Size = 1828176 bytes | Modified Date = 2007-09-14 05:31:38 | Attr = R ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0B79F48A-E8D6-11DB-9283-E25056D89593}[HKEY_LOCAL_MACHINE] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.1] -> {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll[Installation Support] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> [Files/Folders - Created Within 30 days] ATI -> %SystemDrive%\ATI -> [Folder | Created Date = 2008-02-13 16:41:49 | Attr = ] avenger -> %SystemDrive%\avenger -> [Folder | Created Date = 2008-02-29 12:53:27 | Attr = ] Combo-Fix -> %SystemDrive%\Combo-Fix -> [Folder | Created Date = 2008-02-29 05:11:27 | Attr = ] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 2008-02-29 05:12:28 | Attr = ] ioSpecial.ini -> %SystemDrive%\ioSpecial.ini -> [Ver = | Size = 125 bytes | Modified Date = 2008-02-28 13:59:59 | Attr = ] m.dmp -> %SystemDrive%\m.dmp -> [Ver = | Size = 1138688 bytes | Modified Date = 2008-02-02 01:50:18 | Attr = ] amon.sys -> %SystemRoot%\System32\drivers\amon.sys -> Eset [Ver = 2, 70, 31 | Size = 512096 bytes | Modified Date = 2008-02-29 10:51:04 | Attr = ] nod32drv.sys -> %SystemRoot%\System32\drivers\nod32drv.sys -> [Ver = | Size = 15424 bytes | Modified Date = 2008-02-29 10:51:02 | Attr = ] amp3dj.ocx -> %SystemRoot%\System32\amp3dj.ocx -> MultiMedia Soft [Ver = 3, 3, 0, 0 | Size = 425984 bytes | Modified Date = 2007-04-27 04:23:34 | Attr = ] ARProgBar.ocx -> %SystemRoot%\System32\ARProgBar.ocx -> Alvaro Redondo [Ver = 2.00.0002 | Size = 69632 bytes | Modified Date = 2001-07-01 13:04:30 | Attr = ] AudioCtl.dll -> %SystemRoot%\System32\AudioCtl.dll -> Guangming Software [Ver = 2.0.2007.118 | Size = 2301952 bytes | Modified Date = 2007-01-20 11:50:12 | Attr = ] bass.dll -> %SystemRoot%\System32\bass.dll -> Un4seen Developments [Ver = 2.3 | Size = 92728 bytes | Modified Date = 2006-06-13 11:56:46 | Attr = ] basscd.dll -> %SystemRoot%\System32\basscd.dll -> Un4seen Developments [Ver = 2.3 | Size = 16952 bytes | Modified Date = 2006-06-28 08:22:22 | Attr = ] basswma.dll -> %SystemRoot%\System32\basswma.dll -> Un4seen Developments [Ver = 2.3 | Size = 14904 bytes | Modified Date = 2006-11-26 07:20:14 | Attr = ] CDGShow.ocx -> %SystemRoot%\System32\CDGShow.ocx -> Invicion Inc. [Ver = 1.04 | Size = 94208 bytes | Modified Date = 2007-05-29 06:04:08 | Attr = ] CDGSource.ax -> %SystemRoot%\System32\CDGSource.ax -> DOBLON [Ver = 1.0.15 | Size = 720896 bytes | Modified Date = 2005-05-25 05:45:50 | Attr = ] cduchtuu.dll -> %SystemRoot%\System32\cduchtuu.dll -> [Ver = | Size = 85056 bytes | Modified Date = 2008-02-29 03:32:55 | Attr = ] CJ60Lib.dll -> %SystemRoot%\System32\CJ60Lib.dll -> Code Jockey: http://www.codejockeys.com/kstowell/ [Ver = 6, 0, 0, 7 | Size = 253952 bytes | Modified Date = 2004-06-22 07:20:56 | Attr = ] fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Modified Date = 2000-09-01 | Attr = ] grep.exe -> %SystemRoot%\System32\grep.exe -> [Ver = | Size = 80412 bytes | Modified Date = 2000-09-01 | Attr = ] gzlggssn.dllbox -> %SystemRoot%\System32\gzlggssn.dllbox -> [Ver = | Size = 21108 bytes | Modified Date = 2008-02-29 11:46:45 | Attr = HS] IMGRES.dll -> %SystemRoot%\System32\IMGRES.dll -> [Ver = | Size = 28672 bytes | Modified Date = 2007-06-12 03:26:18 | Attr = ] imon.dll -> %SystemRoot%\System32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] javaperm.hlp -> %SystemRoot%\System32\javaperm.hlp -> [Ver = | Size = 11403 bytes | Modified Date = 1998-12-07 08:56:02 | Attr = ] javasec.hlp -> %SystemRoot%\System32\javasec.hlp -> [Ver = | Size = 21444 bytes | Modified Date = 1998-12-07 08:56:02 | Attr = ] javasup.vxd -> %SystemRoot%\System32\javasup.vxd -> [Ver = | Size = 7311 bytes | Modified Date = 1998-12-07 09:18:04 | Attr = ] kgtyhjuu.dll -> %SystemRoot%\System32\kgtyhjuu.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-29 03:32:31 | Attr = ] LameEncoderX.ocx -> %SystemRoot%\System32\LameEncoderX.ocx -> Mind and Motion Technologies [Ver = 1, 0, 0, 1 | Size = 188416 bytes | Modified Date = 2005-08-16 18:57:38 | Attr = ] MoviePlayer.ocx -> %SystemRoot%\System32\MoviePlayer.ocx -> Viscom Software www.viscomsoft.com [Ver = 2, 0, 0, 0 | Size = 122880 bytes | Modified Date = 2006-01-05 10:56:20 | Attr = ] mp3sentry.dll -> %SystemRoot%\System32\mp3sentry.dll -> [Ver = | Size = 57344 bytes | Modified Date = 2007-06-19 05:02:04 | Attr = ] PawLib.dll -> %SystemRoot%\System32\PawLib.dll -> [Ver = 1, 0, 0, 1 | Size = 704512 bytes | Modified Date = 2005-05-25 05:45:02 | Attr = ] PowerPlayCDG.ocx -> %SystemRoot%\System32\PowerPlayCDG.ocx -> DOBLON [Ver = 1.0.12 | Size = 53248 bytes | Modified Date = 2005-06-13 07:46:58 | Attr = ] Scroll.ocx -> %SystemRoot%\System32\Scroll.ocx -> Invicion [Ver = 1, 0, 0, 2 | Size = 274432 bytes | Modified Date = 2005-08-27 08:21:46 | Attr = ] sed.exe -> %SystemRoot%\System32\sed.exe -> [Ver = | Size = 98816 bytes | Modified Date = 2000-09-01 | Attr = ] swdmp3.oca -> %SystemRoot%\System32\swdmp3.oca -> [Ver = | Size = 25088 bytes | Modified Date = 2005-12-20 18:07:30 | Attr = ] swdwma9.ocx -> %SystemRoot%\System32\swdwma9.ocx -> Streamware Development [Ver = 1, 5, 0, 9 | Size = 221184 bytes | Modified Date = 2005-07-30 09:41:20 | Attr = ] swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Modified Date = 2000-09-01 | Attr = ] swsc.exe -> %SystemRoot%\System32\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Modified Date = 2000-09-01 | Attr = ] swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Modified Date = 2000-09-01 | Attr = ] uuthcudc.ini -> %SystemRoot%\System32\uuthcudc.ini -> [Ver = | Size = 1243795 bytes | Modified Date = 2008-02-29 01:21:25 | Attr = HS] vbzip10.dll -> %SystemRoot%\System32\vbzip10.dll -> Info-ZIP [Ver = 2.3 | Size = 147456 bytes | Modified Date = 2008-02-28 14:46:58 | Attr = ] VFind.exe -> %SystemRoot%\System32\VFind.exe -> [Ver = | Size = 49152 bytes | Modified Date = 2000-09-01 | Attr = ] viscomqtde.ax -> %SystemRoot%\System32\viscomqtde.ax -> Viscom Software www.viscomsoft.com [Ver = 1.0 | Size = 139264 bytes | Modified Date = 2006-01-05 10:59:36 | Attr = ] wquirpun.dll -> %SystemRoot%\System32\wquirpun.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-02-29 03:35:32 | Attr = ] Xshow.ocx -> %SystemRoot%\System32\Xshow.ocx -> Softuarium [Ver = 4.0.0.0 | Size = 821248 bytes | Modified Date = 2006-11-19 10:28:08 | Attr = ] zip.exe -> %SystemRoot%\System32\zip.exe -> [Ver = | Size = 68096 bytes | Modified Date = 2000-09-01 | Attr = ] zonedoff.reg -> %SystemRoot%\System32\zonedoff.reg -> [Ver = | Size = 113 bytes | Modified Date = 1998-12-07 08:56:04 | Attr = ] zonedon.reg -> %SystemRoot%\System32\zonedon.reg -> [Ver = | Size = 113 bytes | Modified Date = 1998-12-07 08:56:04 | Attr = ] ativpsrm.bin -> %SystemRoot%\ativpsrm.bin -> [Ver = | Size = 0 bytes | Modified Date = 2008-02-13 16:54:27 | Attr = ] jautoexp.dat -> %SystemRoot%\jautoexp.dat -> [Ver = | Size = 6550 bytes | Modified Date = 1998-12-07 08:53:04 | Attr = ] mdm.ini -> %SystemRoot%\mdm.ini -> [Ver = | Size = 185 bytes | Modified Date = 2008-02-21 18:17:50 | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Modified Date = 2000-09-01 | Attr = ] PROTOCOL.INI -> %SystemRoot%\PROTOCOL.INI -> [Ver = | Size = 0 bytes | Modified Date = 2008-02-02 01:49:25 | Attr = ] PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Modified Date = 2008-02-29 05:11:48 | Attr = ] pskt.ini -> %SystemRoot%\pskt.ini -> [Ver = | Size = 22 bytes | Modified Date = 2008-02-29 13:00:50 | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] ATI -> %AllUsersProfile%\Application Data\ATI -> [Folder | Created Date = 2008-02-13 16:54:56 | Attr = ] BigFishGamesCache -> %AllUsersProfile%\Application Data\BigFishGamesCache -> [Folder | Created Date = 2008-02-02 02:26:43 | Attr = ] Globe7 -> %AppData%\Globe7 -> [Folder | Created Date = 2008-02-22 22:19:47 | Attr = ] Ohana Games -> %AppData%\Ohana Games -> [Folder | Created Date = 2008-02-01 05:39:45 | Attr = ] Seven Zip -> %UserProfile%\Local Settings\Application Data\Seven Zip -> [Folder | Created Date = 2008-02-13 15:26:42 | Attr = ] WMTools Downloaded Files -> %UserProfile%\Local Settings\Application Data\WMTools Downloaded Files -> [Folder | Created Date = 2008-02-08 15:45:51 | Attr = ] 4043014_1.jpg -> %UserProfile%\My Documents\4043014_1.jpg -> [Ver = | Size = 47482 bytes | Modified Date = 2008-02-04 02:35:41 | Attr = ] Backup_of_Grad-cover1.cdr -> %UserProfile%\My Documents\Backup_of_Grad-cover1.cdr -> [Ver = | Size = 10463104 bytes | Modified Date = 2008-02-11 06:23:56 | Attr = ] Backup_of_song cover -> %UserProfile%\My Documents\Backup_of_song cover -> [Ver = | Size = 1653298 bytes | Modified Date = 2008-02-11 04:50:52 | Attr = ] clicky-pressed.gif -> %UserProfile%\My Documents\clicky-pressed.gif -> [Ver = | Size = 600 bytes | Modified Date = 2008-02-15 06:06:59 | Attr = ] Grad-cover1.cdr -> %UserProfile%\My Documents\Grad-cover1.cdr -> [Ver = | Size = 10463100 bytes | Modified Date = 2008-02-11 06:32:06 | Attr = ] gradpic.xls -> %UserProfile%\My Documents\gradpic.xls -> [Ver = | Size = 2058752 bytes | Modified Date = 2008-02-17 06:32:23 | Attr = ] Ira's movie.avi -> %UserProfile%\My Documents\Ira's movie.avi -> [Ver = | Size = 2982313996 bytes | Modified Date = 2008-02-13 15:36:05 | Attr = ] Ira's movie1.mpg -> %UserProfile%\My Documents\Ira's movie1.mpg -> [Ver = | Size = 100272128 bytes | Modified Date = 2008-02-13 16:15:12 | Attr = ] jikjik_ree.sav -> %UserProfile%\My Documents\jikjik_ree.sav -> [Ver = | Size = 30652 bytes | Modified Date = 2008-02-07 16:48:11 | Attr = ] las nieves map.ppt -> %UserProfile%\My Documents\las nieves map.ppt -> [Ver = | Size = 20939264 bytes | Modified Date = 2008-02-17 14:25:39 | Attr = ] LimeWire -> %UserProfile%\My Documents\LimeWire -> [Folder | Created Date = 2008-02-27 13:19:45 | Attr = ] 1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> limewire.m3u -> %UserProfile%\My Documents\limewire.m3u -> [Ver = | Size = 267 bytes | Modified Date = 2008-02-05 12:34:34 | Attr = ] ok..doc -> %UserProfile%\My Documents\ok..doc -> [Ver = | Size = 28160 bytes | Modified Date = 2008-02-28 08:06:50 | Attr = ] Rat.xls -> %UserProfile%\My Documents\Rat.xls -> [Ver = | Size = 24064 bytes | Modified Date = 2008-02-14 14:28:57 | Attr = ] song cover -> %UserProfile%\My Documents\song cover -> [Ver = | Size = 1653284 bytes | Modified Date = 2008-02-11 04:58:53 | Attr = ] Adobe Reader 8.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 8.lnk -> [Ver = | Size = 1729 bytes | Modified Date = 2008-02-18 23:22:51 | Attr = ] DivX Converter.lnk -> %AllUsersProfile%\Desktop\DivX Converter.lnk -> [Ver = | Size = 806 bytes | Modified Date = 2008-02-13 16:18:42 | Attr = ] Nero Home Essentials SE.lnk -> %AllUsersProfile%\Desktop\Nero Home Essentials SE.lnk -> [Ver = | Size = 2261 bytes | Modified Date = 2008-02-07 15:39:09 | Attr = ] ATF-Cleaner.exe -> %UserProfile%\Desktop\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 2008-02-29 05:44:18 | Attr = ] avenger -> %UserProfile%\Desktop\avenger -> [Folder | Created Date = 2008-02-29 12:47:22 | Attr = ] CCleaner.lnk -> %UserProfile%\Desktop\CCleaner.lnk -> [Ver = | Size = 1548 bytes | Modified Date = 2008-02-28 18:54:58 | Attr = ] CDGRip.lnk -> %UserProfile%\Desktop\CDGRip.lnk -> [Ver = | Size = 1541 bytes | Modified Date = 2008-02-23 16:02:38 | Attr = ] DivX Movies.lnk -> %UserProfile%\Desktop\DivX Movies.lnk -> [Ver = | Size = 1422 bytes | Modified Date = 2008-02-13 16:19:19 | Attr = ] Help and Support Center.lnk -> %UserProfile%\Desktop\Help and Support Center.lnk -> [Ver = | Size = 1264 bytes | Modified Date = 2008-02-29 03:29:34 | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 2008-02-28 17:01:08 | Attr = ] ira.avi -> %UserProfile%\Desktop\ira.avi -> [Ver = | Size = 1560874 bytes | Modified Date = 2008-02-13 16:09:17 | Attr = ] IslandWars2.lnk -> %UserProfile%\Desktop\IslandWars2.lnk -> [Ver = | Size = 732 bytes | Modified Date = 2008-02-28 14:03:07 | Attr = ] NOD32.exe -> %UserProfile%\Desktop\NOD32.exe -> [Ver = | Size = 12079720 bytes | Modified Date = 2008-02-29 10:48:56 | Attr = ] NOD32.FiX.v2.1-nsane.exe -> %UserProfile%\Desktop\NOD32.FiX.v2.1-nsane.exe -> nsane productions [Ver = NOD32 FiX v2.1 | Size = 303123 bytes | Modified Date = 2008-02-29 10:44:33 | Attr = ] skulpic.jpg -> %UserProfile%\Desktop\skulpic.jpg -> [Ver = | Size = 206999 bytes | Modified Date = 2008-01-31 14:35:01 | Attr = ] Thanks To You .doc -> %UserProfile%\Desktop\Thanks To You .doc -> [Ver = | Size = 23040 bytes | Modified Date = 2008-02-05 22:19:51 | Attr = ] Windows Update.lnk -> %UserProfile%\Desktop\Windows Update.lnk -> [Ver = | Size = 1264 bytes | Modified Date = 2008-02-29 03:29:36 | Attr = ] WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Created Date = 2008-02-29 05:57:34 | Attr = ] Yahoo! Messenger.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Yahoo! Messenger.lnk -> [Ver = | Size = 824 bytes | Modified Date = 2007-10-03 13:45:16 | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Created Date = 2008-02-18 23:21:48 | Attr = ] [Files/Folders - Modified Within 30 days] ATI -> %SystemDrive%\ATI -> [Folder | Modified Date = 2008-02-13 16:41:49 | Attr = ] avenger -> %SystemDrive%\avenger -> [Folder | Modified Date = 2008-02-29 12:53:27 | Attr = ] Combo-Fix -> %SystemDrive%\Combo-Fix -> [Folder | Modified Date = 2008-02-29 05:12:10 | Attr = ] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 2008-02-29 05:13:17 | Attr = ] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 2008-02-28 19:03:03 | Attr = H ] ioSpecial.ini -> %SystemDrive%\ioSpecial.ini -> [Ver = | Size = 125 bytes | Modified Date = 2008-02-28 13:59:59 | Attr = ] logfile -> %SystemDrive%\logfile -> [Ver = | Size = 156161 bytes | Modified Date = 2008-02-29 13:01:01 | Attr = ] m.dmp -> %SystemDrive%\m.dmp -> [Ver = | Size = 1138688 bytes | Modified Date = 2008-02-02 01:50:18 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2008-02-29 13:13:51 | Attr = R ] QUARANTINE -> %SystemDrive%\QUARANTINE -> [Folder | Modified Date = 2008-02-29 02:19:03 | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2008-02-29 12:52:54 | Attr = ] amon.sys -> %SystemRoot%\System32\drivers\amon.sys -> Eset [Ver = 2, 70, 31 | Size = 512096 bytes | Modified Date = 2008-02-29 10:51:04 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 2008-02-02 16:05:49 | Attr = ] hosts.ics -> %SystemRoot%\System32\drivers\etc\hosts.ics -> [Ver = | Size = 447 bytes | Modified Date = 2008-02-29 03:49:55 | Attr = ] nod32drv.sys -> %SystemRoot%\System32\drivers\nod32drv.sys -> [Ver = | Size = 15424 bytes | Modified Date = 2008-02-29 10:51:02 | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2008-02-29 10:10:11 | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 2008-02-29 13:01:17 | Attr = ] cduchtuu.dll -> %SystemRoot%\System32\cduchtuu.dll -> [Ver = | Size = 85056 bytes | Modified Date = 2008-02-29 03:32:55 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 2008-02-28 16:35:04 | Attr = ] crash -> %SystemRoot%\System32\crash -> [Ver = | Size = 4096 bytes | Modified Date = 2008-02-13 13:52:07 | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 2008-02-28 19:03:02 | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 2008-02-29 02:29:46 | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 2008-02-29 12:53:27 | Attr = ] gzlggssn.dllbox -> %SystemRoot%\System32\gzlggssn.dllbox -> [Ver = | Size = 21108 bytes | Modified Date = 2008-02-29 11:46:45 | Attr = HS] imon.dll -> %SystemRoot%\System32\imon.dll -> Eset [Ver = 2, 70, 31 | Size = 298104 bytes | Modified Date = 2008-02-29 10:51:05 | Attr = ] kgtyhjuu.dll -> %SystemRoot%\System32\kgtyhjuu.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-29 03:32:31 | Attr = ] KGyGaAvL.sys -> %SystemRoot%\System32\KGyGaAvL.sys -> [Ver = | Size = 3350 bytes | Modified Date = 2008-02-28 12:12:53 | Attr = HS] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Modified Date = 2008-02-02 02:59:20 | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 59440 bytes | Modified Date = 2008-02-29 10:03:36 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 395200 bytes | Modified Date = 2008-02-29 10:03:36 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 462344 bytes | Modified Date = 2008-02-29 10:03:09 | Attr = ] uuthcudc.ini -> %SystemRoot%\System32\uuthcudc.ini -> [Ver = | Size = 1243795 bytes | Modified Date = 2008-02-29 01:21:25 | Attr = HS] vbzip10.dll -> %SystemRoot%\System32\vbzip10.dll -> Info-ZIP [Ver = 2.3 | Size = 147456 bytes | Modified Date = 2008-02-28 14:46:58 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 2008-02-28 16:33:35 | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 2008-02-13 16:31:38 | Attr = ] wquirpun.dll -> %SystemRoot%\System32\wquirpun.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-02-29 03:35:32 | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2008-02-13 22:43:13 | Attr = H ] 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 2008-02-13 16:52:28 | Attr = R S] ativpsrm.bin -> %SystemRoot%\ativpsrm.bin -> [Ver = | Size = 0 bytes | Modified Date = 2008-02-13 16:54:27 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2008-02-29 13:00:45 | Attr = S] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2008-02-28 19:39:12 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2008-02-29 01:23:12 | Attr = S] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2008-02-28 17:21:18 | Attr = R S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 2008-02-29 04:08:07 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2008-02-28 16:30:50 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2008-02-28 19:03:04 | Attr = HS] java -> %SystemRoot%\java -> [Folder | Modified Date = 2008-02-07 14:34:18 | Attr = ] mdm.ini -> %SystemRoot%\mdm.ini -> [Ver = | Size = 185 bytes | Modified Date = 2008-02-21 18:17:50 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 2008-02-28 19:39:12 | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 2008-02-07 14:45:22 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 2008-02-13 15:18:24 | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 752 bytes | Modified Date = 2008-02-07 14:51:46 | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 2008-02-07 14:51:46 | Attr = ] popcinfo.dat -> %SystemRoot%\popcinfo.dat -> [Ver = | Size = 44 bytes | Modified Date = 2008-02-29 08:22:18 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2008-02-29 03:01:42 | Attr = ] PROTOCOL.INI -> %SystemRoot%\PROTOCOL.INI -> [Ver = | Size = 0 bytes | Modified Date = 2008-02-02 01:49:25 | Attr = ] PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Modified Date = 2008-02-29 05:11:48 | Attr = ] pskt.ini -> %SystemRoot%\pskt.ini -> [Ver = | Size = 22 bytes | Modified Date = 2008-02-29 13:00:50 | Attr = ] randseed.rnd -> %SystemRoot%\randseed.rnd -> [Ver = | Size = 512 bytes | Modified Date = 2008-02-29 09:16:24 | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2008-02-28 16:33:34 | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 2008-02-07 14:44:40 | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 2008-02-29 01:21:25 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2008-02-07 15:43:05 | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2008-02-29 02:56:07 | Attr = ] Thumbs.db -> %SystemRoot%\Thumbs.db -> [Ver = | Size = 8192 bytes | Modified Date = 2008-02-17 15:51:53 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 1309 bytes | Modified Date = 2008-02-07 14:50:32 | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 117 bytes | Modified Date = 2008-02-29 01:54:24 | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1097 bytes | Modified Date = 2008-02-29 10:31:09 | Attr = ] EasyShare Registration Task.job -> %SystemRoot%\tasks\EasyShare Registration Task.job -> [Ver = | Size = 434 bytes | Modified Date = 2008-02-19 14:10:13 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2008-02-29 13:00:47 | Attr = H ] Uniblue SpyEraser Nag.job -> %SystemRoot%\tasks\Uniblue SpyEraser Nag.job -> [Ver = | Size = 262 bytes | Modified Date = 2008-02-22 16:09:00 | Attr = ] hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 1301 bytes | Modified Date = 2008-02-22 02:54:40 | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6632 bytes | Modified Date = 2008-02-29 13:02:12 | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 6632 bytes | Modified Date = 2008-02-29 13:02:12 | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 8206 bytes | Modified Date = 2007-09-30 12:40:39 | Attr = ] A~NSISu_.exe -> C:\Documents and Settings\user\Local Settings\Temp\A~NSISu_.exe -> Lime Wire LLC [Ver = 4.16.6 | Size = 123009 bytes | Modified Date = 2008-02-27 13:19:37 | Attr = ] 2 C:\Documents and Settings\user\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\user\Local Settings\Temp\*.tmp -> fsgk32.exe -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe -> F-Secure Corp. [Ver = 7.50.13332.1 | Size = 368640 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] fssm32.exe -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe -> F-Secure Corp. [Ver = 7.50.13332.1 | Size = 446464 bytes | Modified Date = 2008-02-29 01:22:45 | Attr = ] lsse.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Spyware\lsse.dll -> Lavasoft [Ver = 1.0.35.0 | Size = 184320 bytes | Modified Date = 2008-02-29 01:22:45 | Attr = ] AVPFPI0.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\AVPFPI0.dll -> Kaspersky Lab [Ver = 7.0.171.8410 | Size = 147538 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] avpproxy.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\avpproxy.dll -> F-Secure Corporation [Ver = 1.2.12160 | Size = 77910 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] daas_s.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\daas_s.dll -> F-Secure Corporation [Ver = 6.00.12471 | Size = 500120 bytes | Modified Date = 2007-05-07 16:38:46 | Attr = ] DFFPI.DLL -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\DFFPI.DLL -> F-Secure Corporation [Ver = 1.02.37 | Size = 151552 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] fm4av.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fm4av.dll -> [Ver = | Size = 486912 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] fpinor.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fpinor.dll -> F-Secure Corporation [Ver = 1.20.13100 | Size = 113664 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] fsbl.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbl.dll -> F-Secure Corporation [Ver = 1, 0, 0, 1 | Size = 49152 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] fsbld.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbld.dll -> F-Secure Corporation [Ver = 1, 0, 0, 64 | Size = 524288 bytes | Modified Date = 2008-02-29 01:23:10 | Attr = ] fsgkiapi.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgkiapi.dll -> F-Secure Corp. [Ver = 7.50.13330.18100 | Size = 68096 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] FSHKE.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FSHKE.dll -> F-Secure Corporation [Ver = 1, 0, 0, 4 | Size = 61440 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] FSLFPI.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FSLFPI.dll -> F-Secure Corporation [Ver = 2.04.02 | Size = 237664 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] fssubmit.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.dll -> F-Secure Corporation [Ver = 1.0.11 | Size = 651264 bytes | Modified Date = 2008-02-29 01:22:45 | Attr = ] lsse.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\lsse.dll -> Lavasoft [Ver = 1.0.35.0 | Size = 184320 bytes | Modified Date = 2008-02-29 01:22:45 | Attr = ] Nse_w32.dll -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll -> [Ver = | Size = 506936 bytes | Modified Date = 2008-02-29 13:20:48 | Attr = ] segrules.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\segrules.dat -> [Ver = | Size = 707 bytes | Modified Date = 2008-02-29 13:06:02 | Attr = ] ext.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\ext.dat -> [Ver = | Size = 444 bytes | Modified Date = 2008-02-29 01:22:53 | Attr = ] fshke.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\fshke.dat -> [Ver = | Size = 84 bytes | Modified Date = 2008-02-29 01:22:58 | Attr = ] orion.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\orion.dat -> [Ver = | Size = 758338 bytes | Modified Date = 2008-02-29 13:14:31 | Attr = ] orioneng.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\orioneng.dat -> [Ver = | Size = 1325 bytes | Modified Date = 2008-02-29 13:14:31 | Attr = ] orionfin.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\orionfin.dat -> [Ver = | Size = 1599 bytes | Modified Date = 2008-02-29 13:14:31 | Attr = ] perf.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\perf.dat -> [Ver = | Size = 128 bytes | Modified Date = 2008-02-29 02:59:41 | Attr = ] sae.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\sae.dat -> [Ver = | Size = 243 bytes | Modified Date = 2008-02-29 01:22:53 | Attr = ] sai.dat -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\sai.dat -> [Ver = | Size = 1348 bytes | Modified Date = 2008-02-29 01:22:53 | Attr = ] FS@swdb.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Spyware\FS@swdb.ini -> [Ver = | Size = 205 bytes | Modified Date = 2008-02-29 01:22:05 | Attr = ] FS@av.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@av.ini -> [Ver = | Size = 203 bytes | Modified Date = 2008-02-29 01:22:53 | Attr = ] FS@avpe.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@avpe.ini -> [Ver = | Size = 205 bytes | Modified Date = 2008-02-29 13:14:11 | Attr = ] FS@bleng.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@bleng.ini -> [Ver = | Size = 241 bytes | Modified Date = 2008-02-29 01:23:10 | Attr = ] FS@hkeng.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@hkeng.ini -> [Ver = | Size = 206 bytes | Modified Date = 2008-02-29 01:22:58 | Attr = ] FS@libra.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@libra.ini -> [Ver = | Size = 206 bytes | Modified Date = 2008-02-29 13:14:51 | Attr = ] FS@ols3bin.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@ols3bin.ini -> [Ver = | Size = 175 bytes | Modified Date = 2008-02-29 01:22:44 | Attr = ] FS@orion.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@orion.ini -> [Ver = | Size = 206 bytes | Modified Date = 2008-02-29 13:14:31 | Attr = ] FS@peg.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@peg.ini -> [Ver = | Size = 204 bytes | Modified Date = 2008-02-29 13:20:48 | Attr = ] verdicts.ini -> C:\Documents and Settings\user\Local Settings\Temp\OnlineScanner\Anti-Virus\verdicts.ini -> [Ver = | Size = 2539 bytes | Modified Date = 2008-02-29 13:14:17 | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Modified Date = 2008-02-18 23:22:33 | Attr = ] ATI -> %AllUsersProfile%\Application Data\ATI -> [Folder | Modified Date = 2008-02-13 16:54:57 | Attr = ] Avira -> %AllUsersProfile%\Application Data\Avira -> [Folder | Modified Date = 2008-02-29 10:28:07 | Attr = ] BigFishGamesCache -> %AllUsersProfile%\Application Data\BigFishGamesCache -> [Folder | Modified Date = 2008-02-02 02:43:35 | Attr = ] Escape From Paradise -> %AllUsersProfile%\Application Data\Escape From Paradise -> [Folder | Modified Date = 2008-02-02 02:44:55 | Attr = ] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Modified Date = 2008-02-28 13:50:35 | Attr = ] @Alternate Data Stream - 109 bytes -> %AllUsersProfile%\Application Data\TEMP:4B7BEAFF @Alternate Data Stream - 119 bytes -> %AllUsersProfile%\Application Data\TEMP:9E3E060F @Alternate Data Stream - 133 bytes -> %AllUsersProfile%\Application Data\TEMP:A2ADBD5A @Alternate Data Stream - 117 bytes -> %AllUsersProfile%\Application Data\TEMP:F851032E BitTorrent -> %AppData%\BitTorrent -> [Folder | Modified Date = 2008-02-06 09:16:10 | Attr = ] BitTorrent DNA -> %AppData%\BitTorrent DNA -> [Folder | Modified Date = 2008-02-29 03:01:28 | Attr = ] Globe7 -> %AppData%\Globe7 -> [Folder | Modified Date = 2008-02-22 22:19:51 | Attr = ] LimeWire -> %AppData%\LimeWire -> [Folder | Modified Date = 2008-02-28 13:51:31 | Attr = ] Ohana Games -> %AppData%\Ohana Games -> [Folder | Modified Date = 2008-02-01 05:39:45 | Attr = ] Skype -> %AppData%\Skype -> [Folder | Modified Date = 2008-02-17 01:23:29 | Attr = ] uTorrent -> %AppData%\uTorrent -> [Folder | Modified Date = 2008-02-20 17:27:51 | Attr = ] Ahead -> %UserProfile%\Local Settings\Application Data\Ahead -> [Folder | Modified Date = 2008-02-11 02:18:25 | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 17408 bytes | Modified Date = 2008-02-21 16:52:29 | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 2641876 bytes | Modified Date = 2008-02-18 09:33:07 | Attr = H ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 2008-02-29 05:05:52 | Attr = ] Seven Zip -> %UserProfile%\Local Settings\Application Data\Seven Zip -> [Folder | Modified Date = 2008-02-13 15:26:42 | Attr = ] WMTools Downloaded Files -> %UserProfile%\Local Settings\Application Data\WMTools Downloaded Files -> [Folder | Modified Date = 2008-02-17 14:59:38 | Attr = ] ESBK.mb -> %AllUsersProfile%\Documents\ESBK.mb -> [Ver = | Size = 1120256 bytes | Modified Date = 2008-02-29 09:12:20 | Attr = R ] ESBK.mbb -> %AllUsersProfile%\Documents\ESBK.mbb -> [Ver = | Size = 2324480 bytes | Modified Date = 2008-02-29 09:12:20 | Attr = R ] 4043014_1.jpg -> %UserProfile%\My Documents\4043014_1.jpg -> [Ver = | Size = 47482 bytes | Modified Date = 2008-02-04 02:35:41 | Attr = ] Backup_of_Grad-cover1.cdr -> %UserProfile%\My Documents\Backup_of_Grad-cover1.cdr -> [Ver = | Size = 10463104 bytes | Modified Date = 2008-02-11 06:23:56 | Attr = ] Backup_of_song cover -> %UserProfile%\My Documents\Backup_of_song cover -> [Ver = | Size = 1653298 bytes | Modified Date = 2008-02-11 04:50:52 | Attr = ] clicky-pressed.gif -> %UserProfile%\My Documents\clicky-pressed.gif -> [Ver = | Size = 600 bytes | Modified Date = 2008-02-15 06:06:59 | Attr = ] Grad-cover1.cdr -> %UserProfile%\My Documents\Grad-cover1.cdr -> [Ver = | Size = 10463100 bytes | Modified Date = 2008-02-11 06:32:06 | Attr = ] gradpic.xls -> %UserProfile%\My Documents\gradpic.xls -> [Ver = | Size = 2058752 bytes | Modified Date = 2008-02-17 06:32:23 | Attr = ] graduation.cdr -> %UserProfile%\My Documents\graduation.cdr -> [Ver = | Size = 60779754 bytes | Modified Date = 2008-01-30 22:30:15 | Attr = ] Ira's movie.avi -> %UserProfile%\My Documents\Ira's movie.avi -> [Ver = | Size = 2982313996 bytes | Modified Date = 2008-02-13 15:36:05 | Attr = ] Ira's movie1.mpg -> %UserProfile%\My Documents\Ira's movie1.mpg -> [Ver = | Size = 100272128 bytes | Modified Date = 2008-02-13 16:15:12 | Attr = ] jikjik_ree.sav -> %UserProfile%\My Documents\jikjik_ree.sav -> [Ver = | Size = 30652 bytes | Modified Date = 2008-02-07 16:48:11 | Attr = ] las nieves map.ppt -> %UserProfile%\My Documents\las nieves map.ppt -> [Ver = | Size = 20939264 bytes | Modified Date = 2008-02-17 14:25:39 | Attr = ] LimeWire -> %UserProfile%\My Documents\LimeWire -> [Folder | Modified Date = 2008-02-27 13:23:21 | Attr = ] 1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> limewire.m3u -> %UserProfile%\My Documents\limewire.m3u -> [Ver = | Size = 267 bytes | Modified Date = 2008-02-05 12:34:34 | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 2008-02-21 14:03:31 | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 2008-02-20 06:00:13 | Attr = R ] My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [Ver = | Size = 567 bytes | Modified Date = 2008-02-07 13:21:27 | Attr = ] My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Modified Date = 2008-02-18 07:08:32 | Attr = R ] NeroVision -> %UserProfile%\My Documents\NeroVision -> [Folder | Modified Date = 2008-02-13 16:28:01 | Attr = ] ok..doc -> %UserProfile%\My Documents\ok..doc -> [Ver = | Size = 28160 bytes | Modified Date = 2008-02-28 08:06:50 | Attr = ] phil iri.xls -> %UserProfile%\My Documents\phil iri.xls -> [Ver = | Size = 28672 bytes | Modified Date = 2008-02-28 07:31:19 | Attr = ] Rat.xls -> %UserProfile%\My Documents\Rat.xls -> [Ver = | Size = 24064 bytes | Modified Date = 2008-02-14 14:28:57 | Attr = ] School ID.xls -> %UserProfile%\My Documents\School ID.xls -> [Ver = | Size = 9341440 bytes | Modified Date = 2008-02-03 12:37:34 | Attr = ] song cover -> %UserProfile%\My Documents\song cover -> [Ver = | Size = 1653284 bytes | Modified Date = 2008-02-11 04:58:53 | Attr = ] Thumbs.db -> %UserProfile%\My Documents\Thumbs.db -> [Ver = | Size = 147456 bytes | Modified Date = 2008-02-28 12:10:05 | Attr = HS] @Alternate Data Stream - 0 bytes -> %UserProfile%\My Documents\Thumbs.db:encryptable Adobe Reader 8.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 8.lnk -> [Ver = | Size = 1729 bytes | Modified Date = 2008-02-18 23:22:51 | Attr = ] DivX Converter.lnk -> %AllUsersProfile%\Desktop\DivX Converter.lnk -> [Ver = | Size = 806 bytes | Modified Date = 2008-02-13 16:18:42 | Attr = ] DivX Player.lnk -> %AllUsersProfile%\Desktop\DivX Player.lnk -> [Ver = | Size = 795 bytes | Modified Date = 2008-02-13 16:18:55 | Attr = ] Nero Home Essentials SE.lnk -> %AllUsersProfile%\Desktop\Nero Home Essentials SE.lnk -> [Ver = | Size = 2261 bytes | Modified Date = 2008-02-07 15:39:09 | Attr = ] Nero StartSmart Essentials.lnk -> %AllUsersProfile%\Desktop\Nero StartSmart Essentials.lnk -> [Ver = | Size = 2361 bytes | Modified Date = 2008-02-07 15:39:09 | Attr = ] Skype.lnk -> %AllUsersProfile%\Desktop\Skype.lnk -> [Ver = | Size = 2257 bytes | Modified Date = 2008-02-17 01:21:55 | Attr = ] ATF-Cleaner.exe -> %UserProfile%\Desktop\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 2008-02-29 05:44:18 | Attr = ] avenger -> %UserProfile%\Desktop\avenger -> [Folder | Modified Date = 2008-02-29 12:47:22 | Attr = ] CCleaner.lnk -> %UserProfile%\Desktop\CCleaner.lnk -> [Ver = | Size = 1548 bytes | Modified Date = 2008-02-28 18:54:58 | Attr = ] CDGRip.lnk -> %UserProfile%\Desktop\CDGRip.lnk -> [Ver = | Size = 1541 bytes | Modified Date = 2008-02-23 16:02:38 | Attr = ] CorelDRAW X3.lnk -> %UserProfile%\Desktop\CorelDRAW X3.lnk -> [Ver = | Size = 2549 bytes | Modified Date = 2008-02-27 15:14:46 | Attr = ] DivX Movies.lnk -> %UserProfile%\Desktop\DivX Movies.lnk -> [Ver = | Size = 1422 bytes | Modified Date = 2008-02-13 16:19:19 | Attr = ] Help and Support Center.lnk -> %UserProfile%\Desktop\Help and Support Center.lnk -> [Ver = | Size = 1264 bytes | Modified Date = 2008-02-29 03:29:34 | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 2008-02-28 17:01:08 | Attr = ] ira.avi -> %UserProfile%\Desktop\ira.avi -> [Ver = | Size = 1560874 bytes | Modified Date = 2008-02-13 16:09:17 | Attr = ] IslandWars2.lnk -> %UserProfile%\Desktop\IslandWars2.lnk -> [Ver = | Size = 732 bytes | Modified Date = 2008-02-28 14:03:07 | Attr = ] Kodak Pictures -> %UserProfile%\Desktop\Kodak Pictures -> [Folder | Modified Date = 2008-02-28 07:29:09 | Attr = ] NOD32.exe -> %UserProfile%\Desktop\NOD32.exe -> [Ver = | Size = 12079720 bytes | Modified Date = 2008-02-29 10:48:56 | Attr = ] NOD32.FiX.v2.1-nsane.exe -> %UserProfile%\Desktop\NOD32.FiX.v2.1-nsane.exe -> nsane productions [Ver = NOD32 FiX v2.1 | Size = 303123 bytes | Modified Date = 2008-02-29 10:44:33 | Attr = ] skulpic.jpg -> %UserProfile%\Desktop\skulpic.jpg -> [Ver = | Size = 206999 bytes | Modified Date = 2008-01-31 14:35:01 | Attr = ] Thanks To You .doc -> %UserProfile%\Desktop\Thanks To You .doc -> [Ver = | Size = 23040 bytes | Modified Date = 2008-02-05 22:19:51 | Attr = ] Thumbs.db -> %UserProfile%\Desktop\Thumbs.db -> [Ver = | Size = 113152 bytes | Modified Date = 2008-02-06 12:34:21 | Attr = HS] @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable Windows Update.lnk -> %UserProfile%\Desktop\Windows Update.lnk -> [Ver = | Size = 1264 bytes | Modified Date = 2008-02-29 03:29:36 | Attr = ] WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Modified Date = 2008-02-29 12:57:07 | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 2008-02-18 23:22:46 | Attr = ] Ahead -> %CommonProgramFiles%\Ahead -> [Folder | Modified Date = 2008-02-07 15:35:40 | Attr = ] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 2008-02-07 14:49:47 | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 2008-02-07 14:49:53 | Attr = ] < End of report > [/code]