[code] WinPFind35 logfile created on: 3/4/2008 6:47:54 PM WinPFind35U Version 1.0.3.0 Folder = C:\Documents and Settings\Kenneth Salter\Desktop\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 254.00 Mb Total Physical Memory | 55.29 Mb Available Physical Memory | 21.77% Memory free 624.89 Mb Paging File | 356.06 Mb Available in Paging File | 56.98% Paging File free Paging file location(s): C:\pagefile.sys 384 768; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.21 Gb Total Space | 13.63 Gb Free Space | 36.64% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: D27V9M41 Current User Name: Kenneth Salter Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] vsmon.exe -> %SystemRoot%\SYSTEM32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 75304 bytes | Modified Date = 11/14/2007 4:05:06 PM | Attr = ] acservice.exe -> %CommonProgramFiles%\ArcSoft\Connection Service\Bin\ACService.exe -> ArcSoft [Ver = 1.0.0.38 | Size = 109056 bytes | Modified Date = 12/12/2007 9:11:32 AM | Attr = ] applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 10/31/2007 2:09:16 PM | Attr = ] avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 2/29/2008 7:58:41 AM | Attr = ] avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 2/29/2008 7:58:45 AM | Attr = ] avgemc.exe -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 406528 bytes | Modified Date = 2/29/2008 7:58:41 AM | Attr = ] ofps.exe -> %SystemRoot%\SYSTEM32\Ofps.exe -> [Ver = | Size = 45056 bytes | Modified Date = 3/17/1999 10:37:28 AM | Attr = ] ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 2/26/2004 8:52:00 AM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 1:11:35 AM | Attr = ] avgcc.exe -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 2/29/2008 7:58:41 AM | Attr = ] zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 919016 bytes | Modified Date = 11/14/2007 4:05:06 PM | Attr = ] weather.exe -> %ProgramFiles%\AWS\WeatherBug\Weather.exe -> AWS Convergence Technologies, Inc. [Ver = 3, 0, 0, 18 | Size = 778240 bytes | Modified Date = 12/19/2001 3:23:10 PM | Attr = ] googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 7/3/2007 12:47:20 AM | Attr = ] webshots.scr -> %ProgramFiles%\Webshots\webshots.scr -> Webshots.com [Ver = 2.5.0.5135 | Size = 1646592 bytes | Modified Date = 1/25/2006 3:14:44 PM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.3.0 | Size = 310784 bytes | Modified Date = 3/1/2008 1:06:42 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (ACDaemon) ArcSoft Connect Daemon [Win32_Own | Auto | Running] -> %CommonProgramFiles%\ArcSoft\Connection Service\Bin\ACService.exe -> ArcSoft [Ver = 1.0.0.38 | Size = 109056 bytes | Modified Date = 12/12/2007 9:11:32 AM | Attr = ] (Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 10/31/2007 2:09:16 PM | Attr = ] (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 2/29/2008 7:58:41 AM | Attr = ] (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 2/29/2008 7:58:45 AM | Attr = ] (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 406528 bytes | Modified Date = 2/29/2008 7:58:41 AM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\SYSTEM32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 1:56:48 AM | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 1/31/2007 4:40:15 PM | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 12/11/2007 12:10:16 PM | Attr = ] (MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.1.00.13261 | Size = 53337 bytes | Modified Date = 1/26/2005 2:30:04 PM | Attr = ] (OmniForm Printer) OmniForm Printer [Win32_Own | Auto | Running] -> %SystemRoot%\SYSTEM32\Ofps.exe -> [Ver = | Size = 45056 bytes | Modified Date = 3/17/1999 10:37:28 AM | Attr = ] (PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.1.00.13261 | Size = 53337 bytes | Modified Date = 1/26/2005 2:25:34 PM | Attr = ] (SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.1.00.13261 | Size = 69718 bytes | Modified Date = 1/26/2005 2:20:14 PM | Attr = ] (SSScsiSV) SonicStage SCSI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SSScsiSV.exe -> Sony Corporation [Ver = 3.1.00.03110 | Size = 69632 bytes | Modified Date = 3/11/2005 4:43:08 AM | Attr = ] (UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 2/26/2004 8:52:00 AM | Attr = ] (vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %SystemRoot%\SYSTEM32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 75304 bytes | Modified Date = 11/14/2007 4:05:06 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 2/29/2008 7:58:41 AM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 1:11:35 AM | Attr = ] ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 919016 bytes | Modified Date = 11/14/2007 4:05:06 PM | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 7/3/2007 12:47:20 AM | Attr = ] Weather -> %ProgramFiles%\AWS\WeatherBug\Weather.exe -> AWS Convergence Technologies, Inc. [Ver = 3, 0, 0, 18 | Size = 778240 bytes | Modified Date = 12/19/2001 3:23:10 PM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Kenneth Salter Startup Folder > -> C:\Documents and Settings\Kenneth Salter\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\Webshots.lnk -> %ProgramFiles%\Webshots\Launcher.exe -> [Ver = | Size = 45056 bytes | Modified Date = 1/25/2006 3:12:40 PM | Attr = ] < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> -> -> File not found *MultiFile Done* -> -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Qualcomm\Eudora\EuShlExt.dll [Eudora's Shell Extension] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\SYSTEM32\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.4342 | Size = 348160 bytes | Modified Date = 10/19/2005 7:59:14 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < HOSTS File > (226969 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://my.att.net/ -> HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4241 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4338 domain(s) found. -> .[msn] -> My Computer -> certificate_hcs.net [https] -> Trusted sites -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {0347C33E-8762-4905-BF09-768834316C61} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\Smart Web Printing\hpswp_printenhancer.dll [HP Print Enhancer] -> Hewlett-Packard Co. [Ver = 2.15.7.0 | Size = 1298024 bytes | Modified Date = 3/2/2007 4:52:24 PM | Attr = R ] {053F9267-DC04-4294-A72C-58F732D338C0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\Smart Web Printing\hpswp_framework.dll [HP Print Clips] -> Hewlett-Packard Co. [Ver = 2.15.7.0 | Size = 177768 bytes | Modified Date = 3/2/2007 4:52:08 PM | Attr = R ] {5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\SYSTEM32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.05b | Size = 106548 bytes | Modified Date = 8/6/2003 1:04:00 AM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 1:11:33 AM | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar5.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R ] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 1121, 2472 | Size = 323568 bytes | Modified Date = 3/4/2008 6:10:46 PM | Attr = ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar5.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar5.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R ] WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar5.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{F5735C15-1FB2-41FE-BA12-242757E69DDE} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\NetZero\Toolbar.dll [ZeroBar] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {58ECB495-38F0-49cb-A538-10282ABF65E7}:{E763472E-A716-4CD9-89BD-DBDA6122F741} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\Smart Web Printing\hpswp_extensions.dll [HP Clipbook] -> Hewlett-Packard Co. [Ver = 2.15.7.0 | Size = 153192 bytes | Modified Date = 3/2/2007 4:53:20 PM | Attr = R ] {700259D7-1666-479a-93B1-3250410481E8}:{A93C41D8-01F8-4F8B-B14C-DE20B117E636} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\Smart Web Printing\hpswp_extensions.dll [HP Smart Select] -> Hewlett-Packard Co. [Ver = 2.15.7.0 | Size = 153192 bytes | Modified Date = 3/2/2007 4:53:20 PM | Attr = R ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\System32\msjava.dll [Web Browser Applet Control] -> File not found CmdMapping\\{B13B4423-2647-4cfc-A4B3-C7D56CB83487} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {878AA57B-5BF1-413E-ACBE-AB4794103551} -> (Broadcom 440x 10/100 Integrated Controller) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0000000A-0000-0010-8000-00AA00389B71}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB[Reg Error: Key does not exist or could not be opened.] -> {01113300-3E00-11D2-8470-0060089874ED}[HKEY_LOCAL_MACHINE] -> http://help.bellsouth.net/sdccommon/download/tgctlcm.cab[Support.com Configuration Class] -> {04E214E5-63AF-4236-83C6-A7ADCBF9BD02}[HKEY_LOCAL_MACHINE] -> http://housecall60.trendmicro.com/housecall/xscan60.cab[HouseCall Control] -> {0E8D0700-75DF-11D3-8B4A-0008C7450C4A}[HKEY_LOCAL_MACHINE] -> http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab[DjVuCtl Class] -> {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}[HKEY_LOCAL_MACHINE] -> http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab[CKAVWebScan Object] -> {11260943-421B-11D0-8EAC-0000C07D88CF}[HKEY_LOCAL_MACHINE] -> http://www.ipix.com/viewers/ipixx.cab[iPIX ActiveX Control] -> {166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://go.microsoft.com/fwlink/?linkid=39204[Windows Genuine Advantage Validation Tool] -> {193C772A-87BE-4B19-A7BB-445B226FE9A1}[HKEY_LOCAL_MACHINE] -> http://downloads.ewido.net/ewidoOnlineScan.cab[ewidoOnlineScan Control] -> {215B8138-A3CF-44C5-803F-8226143CFC0A}[HKEY_LOCAL_MACHINE] -> http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[Trend Micro ActiveX Scan Agent 6.6] -> {2359626E-7524-4F87-B04E-22CD38A0C88C}[HKEY_LOCAL_MACHINE] -> http://download.zonelabs.com/bin/free/cm/ICSCM.cab[ICSScannerLight Class] -> {341FF14B-00CB-49F5-A427-A164DF1D5E1F}[HKEY_LOCAL_MACHINE] -> http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab[MALPlaybackCtrl Class] -> {406B5949-7190-4245-91A9-30A17DE16AD0}[HKEY_LOCAL_MACHINE] -> http://photo.walgreens.com/WalgreensActivia.cab[Snapfish Activia] -> {51045741-8C4E-4EAC-8F03-08E43A6FBB29}[HKEY_LOCAL_MACHINE] -> http://aft.ancestry.com/aftfiles/files/install/AncestryFamilyTree.cab[Reg Error: Key does not exist or could not be opened.] -> {7F8C8173-AD80-4807-AA75-5672F22B4582}[HKEY_LOCAL_MACHINE] -> http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37390.cab[ICSScanner Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab[Java Plug-in 1.6.0_03] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {928626A3-6B98-11CF-90B4-00AA00A4011F}[HKEY_LOCAL_MACHINE] -> http://autos.msn.com/components/ocx/survid/MSSurVid.cab[SurroundVideoCtrl Object] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {A8683C98-5341-421B-B23C-8514C05354F1}[HKEY_LOCAL_MACHINE] -> http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab[FujifilmUploader Class] -> {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}[HKEY_LOCAL_MACHINE] -> http://ax.emsisoft.com/asquared.cab[a-squared Scanner] -> {BB47CA33-8B4D-11D0-9511-00C04FD9152D}[HKEY_LOCAL_MACHINE] -> http://autos.msn.com/components/ocx/exterior/Outside.cab[ExteriorSurround Object] -> {C02226EB-A5D7-4B1F-BD7E-635E46C2288D}[HKEY_LOCAL_MACHINE] -> http://download.toontown.com/sv1.0.14.22/ttinst.cab[Toontown Installer ActiveX Control] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> {E7D2588A-7FB5-47DC-8830-832605661009}[HKEY_LOCAL_MACHINE] -> https://livewc03.custhelp.com/7560-b440h-turbotax/rnl/java/RntX.cab[Live Collaboration] -> {EBF85371-A38F-485B-B28F-0B4C82D25937}[HKEY_LOCAL_MACHINE] -> http://update.hpphoto.com/download/HPSWUpdate.ocx[CUpdateCtl Object] -> [Files/Folders - Created Within 30 days] $VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Created Date = 2/29/2008 10:49:30 AM | Attr = RH ] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 2/29/2008 3:22:40 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 266407936 bytes | Modified Date = 3/4/2008 6:43:28 PM | Attr = HS] ie-spyad -> %SystemDrive%\ie-spyad -> [Folder | Created Date = 3/3/2008 9:52:53 PM | Attr = ] install.dat -> %SystemDrive%\install.dat -> [Ver = | Size = 164 bytes | Modified Date = 2/27/2008 9:34:52 PM | Attr = ] ioSpecial.ini -> %SystemDrive%\ioSpecial.ini -> [Ver = | Size = 125 bytes | Modified Date = 2/23/2008 8:44:53 PM | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 2/29/2008 4:19:19 PM | Attr = ] SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 2/28/2008 8:49:20 PM | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 2/26/2008 11:30:57 PM | Attr = ] avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 2/29/2008 7:58:48 AM | Attr = ] avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 2/29/2008 7:59:00 AM | Attr = ] avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 2/29/2008 7:59:01 AM | Attr = ] avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 2/29/2008 7:59:04 AM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Modified Date = 2/29/2008 7:59:03 AM | Attr = ] avgtdi.sys -> %SystemRoot%\System32\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 2/29/2008 7:59:03 AM | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 3711008 bytes | Modified Date = 3/4/2008 6:44:49 PM | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 44540 bytes | Modified Date = 3/4/2008 6:42:53 PM | Attr = HS] fysscilcaqrl.sys -> %SystemRoot%\System32\drivers\fysscilcaqrl.sys -> Panda Software International [Ver = 1, 0, 0, 5 | Size = 8576 bytes | Modified Date = 6/8/2007 9:44:36 AM | Attr = ] klif.sys -> %SystemRoot%\System32\drivers\klif.sys -> Kaspersky Lab [Ver = 7.0.0.122 | Size = 127768 bytes | Modified Date = 7/19/2007 3:10:28 PM | Attr = ] SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Modified Date = 6/5/2007 10:56:40 AM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Created Date = 2/29/2008 11:08:15 AM | Attr = ] fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] grep.exe -> %SystemRoot%\System32\grep.exe -> [Ver = | Size = 80412 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Modified Date = 9/24/2007 10:30:28 PM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 69632 bytes | Modified Date = 9/24/2007 11:31:42 PM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Modified Date = 9/24/2007 10:30:30 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 139264 bytes | Modified Date = 9/24/2007 11:31:42 PM | Attr = ] Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab -> [Folder | Created Date = 2/21/2008 8:36:34 PM | Attr = ] libeay32_0.9.6l.dll -> %SystemRoot%\System32\libeay32_0.9.6l.dll -> [Ver = | Size = 796048 bytes | Modified Date = 11/14/2007 4:04:46 PM | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 3/2/2008 8:45:52 PM | Attr = ] sed.exe -> %SystemRoot%\System32\sed.exe -> [Ver = | Size = 98816 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] swsc.exe -> %SystemRoot%\System32\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] VFind.exe -> %SystemRoot%\System32\VFind.exe -> [Ver = | Size = 49152 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [Ver = | Size = 353366 bytes | Modified Date = 3/4/2008 6:44:27 PM | Attr = ] vsinit.dll -> %SystemRoot%\System32\vsinit.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 157160 bytes | Modified Date = 11/14/2007 4:04:52 PM | Attr = ] vsmonapi.dll -> %SystemRoot%\System32\vsmonapi.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 103912 bytes | Modified Date = 11/14/2007 4:04:52 PM | Attr = ] vspubapi.dll -> %SystemRoot%\System32\vspubapi.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 275944 bytes | Modified Date = 11/14/2007 4:04:52 PM | Attr = ] vsregexp.dll -> %SystemRoot%\System32\vsregexp.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 71144 bytes | Modified Date = 11/14/2007 4:04:52 PM | Attr = ] vsutil.dll -> %SystemRoot%\System32\vsutil.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 472552 bytes | Modified Date = 11/14/2007 4:04:54 PM | Attr = ] vsxml.dll -> %SystemRoot%\System32\vsxml.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 99816 bytes | Modified Date = 11/14/2007 4:04:54 PM | Attr = ] zip.exe -> %SystemRoot%\System32\zip.exe -> [Ver = | Size = 68096 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] zlcomm.dll -> %SystemRoot%\System32\zlcomm.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 83432 bytes | Modified Date = 11/14/2007 4:04:56 PM | Attr = ] zlcommdb.dll -> %SystemRoot%\System32\zlcommdb.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 71144 bytes | Modified Date = 11/14/2007 4:04:56 PM | Attr = ] ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Modified Date = 3/25/2003 6:53:50 PM | Attr = ] BM37fe4076.xml -> %SystemRoot%\BM37fe4076.xml -> [Ver = | Size = 70934 bytes | Modified Date = 2/23/2008 7:23:01 AM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 2/29/2008 3:23:09 PM | Attr = ] ERUNT -> %SystemRoot%\ERUNT -> [Folder | Created Date = 2/28/2008 8:56:16 PM | Attr = ] hpoins14.dat.temp -> %SystemRoot%\hpoins14.dat.temp -> [Ver = | Size = 140577 bytes | Modified Date = 2/20/2008 9:42:20 AM | Attr = ] hpomdl14.dat.temp -> %SystemRoot%\hpomdl14.dat.temp -> [Ver = | Size = 2000 bytes | Modified Date = 6/5/2007 5:07:34 PM | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Modified Date = 8/31/2000 8:00:00 AM | Attr = ] pskt.ini -> %SystemRoot%\pskt.ini -> [Ver = | Size = 22 bytes | Modified Date = 2/23/2008 2:16:29 PM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 2/29/2008 7:35:47 AM | Attr = ] TEMP -> %SystemRoot%\TEMP -> [Folder | Created Date = 3/1/2008 6:08:29 PM | Attr = ] zllsputility.exe -> %SystemRoot%\zllsputility.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 75248 bytes | Modified Date = 11/14/2007 4:05:06 PM | Attr = ] AdwareAlert Scheduled Scan.job -> %SystemRoot%\tasks\AdwareAlert Scheduled Scan.job -> [Ver = | Size = 514 bytes | Modified Date = 3/4/2008 3:00:06 AM | Attr = ] [Files/Folders - Modified Within 30 days] $VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Modified Date = 3/3/2008 3:24:55 AM | Attr = RH ] 664f70ecb98bf8ee4539fc70c79ffe -> %SystemDrive%\664f70ecb98bf8ee4539fc70c79ffe -> [Folder | Modified Date = 3/2/2008 9:02:55 PM | Attr = ] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 3/4/2008 6:23:34 PM | Attr = H ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 2/29/2008 3:22:40 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 2/28/2008 6:53:26 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 266407936 bytes | Modified Date = 3/4/2008 6:43:28 PM | Attr = HS] ie-spyad -> %SystemDrive%\ie-spyad -> [Folder | Modified Date = 3/3/2008 9:52:55 PM | Attr = ] install.dat -> %SystemDrive%\install.dat -> [Ver = | Size = 164 bytes | Modified Date = 2/27/2008 9:34:52 PM | Attr = ] ioSpecial.ini -> %SystemDrive%\ioSpecial.ini -> [Ver = | Size = 125 bytes | Modified Date = 2/23/2008 8:44:53 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/4/2008 6:40:38 PM | Attr = R ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 3/1/2008 6:08:21 PM | Attr = ] Quick Scene -> %SystemDrive%\Quick Scene -> [Folder | Modified Date = 3/1/2008 7:13:57 PM | Attr = ] SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 2/28/2008 9:19:40 PM | Attr = ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 3/2/2008 6:21:18 PM | Attr = HS] Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 3/1/2008 4:22:00 PM | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 3/3/2008 3:24:55 AM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/4/2008 6:23:34 PM | Attr = ] avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 2/29/2008 7:58:48 AM | Attr = ] avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 2/29/2008 7:59:00 AM | Attr = ] avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 2/29/2008 7:59:01 AM | Attr = ] avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 2/29/2008 7:59:04 AM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Modified Date = 2/29/2008 7:59:03 AM | Attr = ] avgtdi.sys -> %SystemRoot%\System32\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 2/29/2008 7:59:03 AM | Attr = ] ETC -> %SystemRoot%\System32\drivers\ETC -> [Folder | Modified Date = 3/3/2008 9:40:03 PM | Attr = ] 8 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> hosts -> %SystemRoot%\System32\drivers\ETC\hosts -> [Ver = | Size = 226969 bytes | Modified Date = 3/3/2008 9:40:07 PM | Attr = R ] hosts.20080303-214002.backup -> %SystemRoot%\System32\drivers\ETC\hosts.20080303-214002.backup -> [Ver = | Size = 27 bytes | Modified Date = 3/1/2008 4:30:04 PM | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 3711008 bytes | Modified Date = 3/4/2008 6:44:49 PM | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 44540 bytes | Modified Date = 3/4/2008 6:42:53 PM | Attr = HS] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Modified Date = 3/2/2008 10:36:50 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 3/1/2008 9:27:00 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 3/3/2008 10:48:46 PM | Attr = ] CONFIG -> %SystemRoot%\System32\CONFIG -> [Folder | Modified Date = 3/2/2008 10:37:32 PM | Attr = ] dla -> %SystemRoot%\System32\dla -> [Folder | Modified Date = 3/2/2008 10:37:53 PM | Attr = ] DLLCACHE -> %SystemRoot%\System32\DLLCACHE -> [Folder | Modified Date = 3/2/2008 8:12:48 PM | Attr = RHS] DRIVERS -> %SystemRoot%\System32\DRIVERS -> [Folder | Modified Date = 3/4/2008 6:41:44 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 404712 bytes | Modified Date = 2/22/2008 7:37:21 PM | Attr = ] FxsTmp -> %SystemRoot%\System32\FxsTmp -> [Folder | Modified Date = 3/2/2008 1:05:04 PM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 3/2/2008 8:45:52 PM | Attr = ] INETSRV -> %SystemRoot%\System32\INETSRV -> [Folder | Modified Date = 3/2/2008 8:12:48 PM | Attr = ] Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab -> [Folder | Modified Date = 2/21/2008 8:36:34 PM | Attr = ] mapisvc.inf -> %SystemRoot%\System32\mapisvc.inf -> [Ver = | Size = 535 bytes | Modified Date = 2/22/2008 7:31:14 PM | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 3/2/2008 8:45:52 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 3/2/2008 6:21:18 PM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 3/2/2008 8:45:52 PM | Attr = ] vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [Ver = | Size = 353366 bytes | Modified Date = 3/4/2008 6:44:27 PM | Attr = ] WBEM -> %SystemRoot%\System32\WBEM -> [Folder | Modified Date = 3/2/2008 10:44:14 PM | Attr = ] WPA.DBL -> %SystemRoot%\System32\WPA.DBL -> [Ver = | Size = 1170 bytes | Modified Date = 3/4/2008 6:45:43 PM | Attr = ] zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat -> [Ver = | Size = 4212 bytes | Modified Date = 3/1/2008 9:28:47 PM | Attr = H ] ZoneLabs -> %SystemRoot%\System32\ZoneLabs -> [Folder | Modified Date = 3/2/2008 10:44:59 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/12/2008 5:02:14 PM | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 3/2/2008 10:24:22 PM | Attr = ] ArtGalry.cag -> %SystemRoot%\ArtGalry.cag -> [Ver = | Size = 111616 bytes | Modified Date = 2/17/2008 6:18:56 PM | Attr = ] BM37fe4076.xml -> %SystemRoot%\BM37fe4076.xml -> [Ver = | Size = 70934 bytes | Modified Date = 2/23/2008 7:23:01 AM | Attr = ] BOOTSTAT.DAT -> %SystemRoot%\BOOTSTAT.DAT -> [Ver = | Size = 2048 bytes | Modified Date = 3/4/2008 6:43:31 PM | Attr = S] cdPlayer.ini -> %SystemRoot%\cdPlayer.ini -> [Ver = | Size = 5678 bytes | Modified Date = 2/10/2008 12:57:51 PM | Attr = ] Config -> %SystemRoot%\Config -> [Folder | Modified Date = 3/2/2008 8:12:50 PM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2/23/2008 8:07:50 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 3/2/2008 10:25:15 PM | Attr = S] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 3/1/2008 4:28:01 PM | Attr = ] ERUNT -> %SystemRoot%\ERUNT -> [Folder | Modified Date = 2/28/2008 8:56:32 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2/22/2008 7:31:20 PM | Attr = R S] hpoins14.dat -> %SystemRoot%\hpoins14.dat -> [Ver = | Size = 140692 bytes | Modified Date = 2/20/2008 9:45:34 AM | Attr = ] hpoins14.dat.temp -> %SystemRoot%\hpoins14.dat.temp -> [Ver = | Size = 140577 bytes | Modified Date = 2/20/2008 9:42:20 AM | Attr = ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 2/12/2008 10:02:48 PM | Attr = ] INF -> %SystemRoot%\INF -> [Folder | Modified Date = 3/2/2008 8:45:44 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/4/2008 6:23:35 PM | Attr = HS] Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 3/4/2008 6:47:24 PM | Attr = ] Kenneth Salter.pcb -> %SystemRoot%\Kenneth Salter.pcb -> [Ver = | Size = 8192 bytes | Modified Date = 2/17/2008 6:32:33 PM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 3/2/2008 8:12:46 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/4/2008 6:41:07 PM | Attr = ] pskt.ini -> %SystemRoot%\pskt.ini -> [Ver = | Size = 22 bytes | Modified Date = 2/23/2008 2:16:29 PM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 2/29/2008 7:35:47 AM | Attr = ] ShellNew -> %SystemRoot%\ShellNew -> [Folder | Modified Date = 2/22/2008 7:31:23 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 3/2/2008 10:36:32 PM | Attr = ] SYSTEM -> %SystemRoot%\SYSTEM -> [Folder | Modified Date = 3/2/2008 8:12:50 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 243 bytes | Modified Date = 3/1/2008 6:05:03 PM | Attr = ] SYSTEM32 -> %SystemRoot%\SYSTEM32 -> [Folder | Modified Date = 3/4/2008 6:40:45 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2/28/2008 6:53:30 PM | Attr = S] TEMP -> %SystemRoot%\TEMP -> [Folder | Modified Date = 3/4/2008 6:44:46 PM | Attr = ] WIN.INI -> %SystemRoot%\WIN.INI -> [Ver = | Size = 837 bytes | Modified Date = 2/27/2008 9:37:10 PM | Attr = ] AdwareAlert Scheduled Scan.job -> %SystemRoot%\tasks\AdwareAlert Scheduled Scan.job -> [Ver = | Size = 514 bytes | Modified Date = 3/4/2008 3:00:06 AM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 3/1/2008 5:05:01 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/4/2008 6:43:56 PM | Attr = H ] about.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\about.dat -> [Ver = | Size = 1528 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] college.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\college.dat -> [Ver = | Size = 327746 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] moreinfo.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\moreinfo.dat -> [Ver = | Size = 102 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] ylpgscat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ylpgscat.dat -> [Ver = | Size = 12283223 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8454 bytes | Modified Date = 12/1/2007 12:15:10 AM | Attr = ] < End of report > [/code]