[code] WinPFind35 logfile created on: 10/03/2008 19:15:12 WinPFind35U Version 1.0.5.0 Folder = C:\Documents and Settings\Leanne\Desktop\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 503.37 Mb Total Physical Memory | 100.98 Mb Available Physical Memory | 20.06% Memory free 1.20 Gb Paging File | 0.72 Gb Available in Paging File | 59.79% Paging File free Paging file location(s): C:\pagefile.sys 756 1512; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 52.80 Gb Total Space | 6.55 Gb Free Space | 12.40% Space Free | Partition Type: NTFS Unable to calculate disk information. E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LEANNE_LAPTOP Current User Name: Leanne Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] wltrysvc.exe -> %SystemRoot%\system32\WLTRYSVC.EXE -> [Ver = | Size = 65536 bytes | Modified Date = 06/12/2004 20:45:14 | Attr = ] bcmwltry.exe -> %SystemRoot%\system32\BCMWLTRY.EXE -> Dell Inc [Ver = 3.100.41.0 | Size = 872556 bytes | Modified Date = 06/12/2004 20:45:12 | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 12:31:10 | Attr = ] avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 24/10/2007 15:53:17 | Attr = ] avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 30/03/2007 17:17:54 | Attr = ] avgemc.exe -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 406528 bytes | Modified Date = 21/12/2007 21:43:06 | Attr = ] kservice.exe -> %ProgramFiles%\Kontiki\KService.exe -> Kontiki Inc. [Ver = 5.12.707.160 | Size = 3072184 bytes | Modified Date = 25/01/2008 10:08:20 | Attr = ] nicconfigsvc.exe -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> Dell Inc. [Ver = 1, 0, 0, 1 | Size = 356352 bytes | Modified Date = 09/06/2005 08:53:18 | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.1.8 | Size = 451136 bytes | Modified Date = 25/09/2006 13:54:22 | Attr = ] hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4410 | Size = 77824 bytes | Modified Date = 14/10/2005 20:46:34 | Attr = ] igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4410 | Size = 114688 bytes | Modified Date = 14/10/2005 20:50:30 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 04:25:21 | Attr = ] stsystra.exe -> %SystemRoot%\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4717.0 nd286 cp1 | Size = 393216 bytes | Modified Date = 09/09/2005 23:19:34 | Attr = ] wltray.exe -> %SystemRoot%\system32\WLTRAY.EXE -> Dell Inc [Ver = 3.100.41.0 | Size = 696425 bytes | Modified Date = 06/12/2004 20:45:14 | Attr = ] igfxsrvc.exe -> %SystemRoot%\system32\igfxsrvc.exe -> Intel Corporation [Ver = 3.0.0.4410 | Size = 159744 bytes | Modified Date = 14/10/2005 20:46:24 | Attr = ] syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 29/11/2005 04:56:30 | Attr = ] dlactrlw.exe -> %SystemRoot%\system32\DLA\DLACTRLW.EXE -> Sonic Solutions [Ver = 5.20.08a | Size = 122940 bytes | Modified Date = 08/09/2005 05:20:00 | Attr = ] gnotify.exe -> %ProgramFiles%\Google\Gmail Notifier\gnotify.exe -> Google Inc. [Ver = 1.0.25.0 | Size = 479232 bytes | Modified Date = 15/07/2005 21:48:33 | Attr = ] ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.1.8 | Size = 229952 bytes | Modified Date = 25/09/2006 13:54:24 | Attr = ] hpwuschd.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 04/08/2003 16:28:18 | Attr = ] hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/05/2004 14:18:56 | Attr = ] khost.exe -> %ProgramFiles%\Kontiki\KHost.exe -> Kontiki Inc. [Ver = 5.12.707.160 | Size = 1032376 bytes | Modified Date = 25/01/2008 10:08:20 | Attr = ] netwaiting.exe -> %ProgramFiles%\NetWaiting\netwaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 10/09/2003 02:24:00 | Attr = ] avgw.exe -> %ProgramFiles%\Grisoft\AVG7\avgw.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.502 | Size = 219136 bytes | Modified Date = 24/10/2007 15:53:41 | Attr = ] dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 29/10/2003 02:06:00 | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.5.0 | Size = 310272 bytes | Modified Date = 10/03/2008 02:34:14 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.12: 2008020121 | Size = 7655024 bytes | Modified Date = 08/02/2008 18:08:11 | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.5.0 | Size = 310272 bytes | Modified Date = 10/03/2008 02:34:14 | Attr = ] [Win32 Services - Non-Microsoft Only] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 12:31:10 | Attr = ] (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 24/10/2007 15:53:17 | Attr = ] (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 30/03/2007 17:17:54 | Attr = ] (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 406528 bytes | Modified Date = 21/12/2007 21:43:06 | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 05:00:00 | Attr = ] (DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [Ver = 1, 0, 0, 8 | Size = 76848 bytes | Modified Date = 07/03/2007 14:47:46 | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 04/01/2007 01:40:21 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 03/04/2005 23:41:10 | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.1.8 | Size = 451136 bytes | Modified Date = 25/09/2006 13:54:22 | Attr = ] (KService) KService [Win32_Own | Auto | Running] -> %ProgramFiles%\Kontiki\KService.exe -> Kontiki Inc. [Ver = 5.12.707.160 | Size = 3072184 bytes | Modified Date = 25/01/2008 10:08:20 | Attr = ] (NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> Dell Inc. [Ver = 1, 0, 0, 1 | Size = 356352 bytes | Modified Date = 09/06/2005 08:53:18 | Attr = ] (vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 75304 bytes | Modified Date = 14/11/2007 16:05:06 | Attr = ] (wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> %SystemRoot%\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe -> File not found [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 09:25:42 | Attr = ] {0228e555-4f9c-4e35-a3ec-b109a192b4c2} -> %ProgramFiles%\Google\Gmail Notifier\gnotify.exe -> Google Inc. [Ver = 1.0.25.0 | Size = 479232 bytes | Modified Date = 15/07/2005 21:48:33 | Attr = ] 4oD -> %ProgramFiles%\Kontiki\KHost.exe -> Kontiki Inc. [Ver = 5.12.707.160 | Size = 1032376 bytes | Modified Date = 25/01/2008 10:08:20 | Attr = ] AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 21/12/2007 21:43:02 | Attr = ] Dell Wireless Manager UI -> %SystemRoot%\system32\WLTRAY.EXE -> Dell Inc [Ver = 3.100.41.0 | Size = 696425 bytes | Modified Date = 06/12/2004 20:45:14 | Attr = ] DLA -> %SystemRoot%\system32\DLA\DLACTRLW.EXE -> Sonic Solutions [Ver = 5.20.08a | Size = 122940 bytes | Modified Date = 08/09/2005 05:20:00 | Attr = ] dscactivate -> %ProgramFiles%\Dell Support Center\gs_agent\custom\dsca.exe -> [Ver = 1.0.2767.18581 | Size = 16384 bytes | Modified Date = 15/11/2007 09:24:00 | Attr = ] HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/05/2004 14:18:56 | Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd.exe -> Hewlett-Packard [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 04/08/2003 16:28:18 | Attr = ] igfxhkcmd -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4410 | Size = 77824 bytes | Modified Date = 14/10/2005 20:46:34 | Attr = ] igfxpers -> %SystemRoot%\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4410 | Size = 114688 bytes | Modified Date = 14/10/2005 20:50:30 | Attr = ] igfxtray -> %SystemRoot%\system32\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4410 | Size = 94208 bytes | Modified Date = 14/10/2005 20:49:46 | Attr = ] ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 249856 bytes | Modified Date = 10/06/2005 10:44:02 | Attr = ] ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 10/06/2005 10:44:02 | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.1.8 | Size = 229952 bytes | Modified Date = 25/09/2006 13:54:24 | Attr = ] Part browse safe hold -> %AllUsersProfile%\Application Data\Audio 4 part browse\does save.exe -> [Ver = | Size = 4515328 bytes | Modified Date = 10/03/2008 18:37:51 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 24/09/2006 02:24:54 | Attr = ] SigmatelSysTrayApp -> %SystemRoot%\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4717.0 nd286 cp1 | Size = 393216 bytes | Modified Date = 09/09/2005 23:19:34 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 22/02/2008 04:25:21 | Attr = ] SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 29/11/2005 04:56:30 | Attr = ] ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 919016 bytes | Modified Date = 14/11/2007 16:05:06 | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe -> File not found BurnBird -> %AppData%\chic htm\Multi Pile Online.exe -> [Ver = | Size = 434688 bytes | Modified Date = 01/03/2008 16:39:54 | Attr = ] ModemOnHold -> %ProgramFiles%\NetWaiting\netwaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 10/09/2003 02:24:00 | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 04/11/1999 15:06:48 | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 29/10/2003 02:06:00 | Attr = ] < Leanne Startup Folder > -> C:\Documents and Settings\Leanne\Start Menu\Programs\Startup -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 12:29:58 | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxdev.dll -> Intel Corporation [Ver = 3.0.0.4410 | Size = 135168 bytes | Modified Date = 14/10/2005 20:45:38 | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoCDBurning -> 0 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < HOSTS File > (4102 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://google.seekgoouk.com -> HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 6, 6, 1 | Size = 439872 bytes | Modified Date = 06/06/2006 08:28:44 | Attr = ] HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {00C6482D-C502-44C8-8409-FCE54AD9C208} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\TechSmith\SnagIt 7\SnagItBHO.dll [HelperObject Class] -> TechSmith Corporation [Ver = 1.0.1 | Size = 49152 bytes | Modified Date = 10/10/2003 06:00:00 | Attr = ] {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2006, 6, 6, 1 | Size = 439872 bytes | Modified Date = 06/06/2006 08:28:44 | Attr = ] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 6.0.1.2003110300 | Size = 54248 bytes | Modified Date = 03/11/2003 14:17:44 | Attr = ] {5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> Sonic Solutions [Ver = 5.20.08a | Size = 110652 bytes | Modified Date = 08/09/2005 05:20:00 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22/02/2008 04:25:19 | Attr = ] < Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yhexbmesuk.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2005, 5, 11, 1 | Size = 316552 bytes | Modified Date = 31/07/2005 10:12:14 | Attr = ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yhexbmesuk.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2005, 5, 11, 1 | Size = 316552 bytes | Modified Date = 31/07/2005 10:12:14 | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {0BF43445-2F28-4351-9252-17FE6E806AA0} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\TechSmith\SnagIt 7\SnagItIEAddin.dll [SnagIt] -> TechSmith Corporation [Ver = 1.0.3 | Size = 143360 bytes | Modified Date = 10/10/2003 06:00:00 | Attr = ] {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 6, 6, 1 | Size = 439872 bytes | Modified Date = 06/06/2006 08:28:44 | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 6, 6, 1 | Size = 439872 bytes | Modified Date = 06/06/2006 08:28:44 | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 04:25:19 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22/02/2008 04:25:19 | Attr = ] {4528BBE0-4E08-11D5-AD55-00010333D0AD}:{4C171D40-8277-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yhexbmesuk.dll [Messenger] -> Yahoo! Inc. [Ver = 2005, 5, 11, 1 | Size = 316552 bytes | Modified Date = 31/07/2005 10:12:14 | Attr = ] {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}:Exec -> %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [PartyPoker.com] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22/02/2008 04:25:19 | Attr = ] CmdMapping\\{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yhexbmesuk.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2005, 5, 11, 1 | Size = 316552 bytes | Modified Date = 31/07/2005 10:12:14 | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {175A4315-0930-4E26-850F-4BA9586FCFA4} -> (Dell Wireless 1370 WLAN Mini-PCI Card) -> {F6C88C28-B727-4622-8631-F42FCA8F80EF} -> (Broadcom 440x 10/100 Integrated Controller) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> cetihpz:{CF184AD3-CDCB-4168-A3F7-8E447D129300} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll[CZipHandler Object] -> Hewlett-Packard Company [Ver = 2.1.5 | Size = 81920 bytes | Modified Date = 12/05/2004 14:18:56 | Attr = ] ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://go.microsoft.com/fwlink/?LinkID=39204[Windows Genuine Advantage Validation Tool] -> {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll[YInstStarter Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] -> {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab[Java Plug-in 1.5.0_03] -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] -> {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab[Java Plug-in 1.5.0_09] -> {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab[Java Plug-in 1.5.0_11] -> {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab[Java Plug-in 1.6.0_01] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> {D821DC4A-0814-435E-9820-661C543A4679}[HKEY_LOCAL_MACHINE] -> http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx[CRLDownloadWrapper Class] -> [Files/Folders - Created Within 30 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 07/03/2008 19:21:18 | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 527892480 bytes | Created Date = 03/03/2008 22:42:05 | Attr = HS] logs -> %SystemDrive%\logs -> [Folder | Created Date = 04/03/2008 22:07:24 | Attr = ] NoLopBackups -> %SystemDrive%\NoLopBackups -> [Folder | Created Date = 03/03/2008 00:12:48 | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 09/03/2008 19:19:31 | Attr = ] Skillb -> %SystemDrive%\Skillb -> [Folder | Created Date = 19/02/2008 18:46:37 | Attr = ] ASPI32.SYS -> %SystemRoot%\System32\drivers\ASPI32.SYS -> Adaptec [Ver = 4.71 (0002) built by: WinDDK | Size = 16512 bytes | Created Date = 12/02/2008 23:16:45 | Attr = ] AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 02/03/2008 23:10:05 | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 14432288 bytes | Created Date = 07/03/2008 18:40:14 | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 85748 bytes | Created Date = 07/03/2008 18:40:14 | Attr = HS] klif.sys -> %SystemRoot%\System32\drivers\klif.sys -> Kaspersky Lab [Ver = 7.0.0.122 | Size = 127768 bytes | Created Date = 07/03/2008 18:34:44 | Attr = ] ltdolsphgdyj.sys -> %SystemRoot%\System32\drivers\ltdolsphgdyj.sys -> Panda Software International [Ver = 1, 0, 0, 5 | Size = 8576 bytes | Created Date = 04/03/2008 22:30:20 | Attr = ] SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Created Date = 04/03/2008 22:32:01 | Attr = ] vacs2xkd.sys -> %SystemRoot%\System32\drivers\vacs2xkd.sys -> Eugene V. Muzychenko [Ver = 4.8.0.1957 | Size = 42880 bytes | Created Date = 12/02/2008 23:16:43 | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Created Date = 04/03/2008 22:12:07 | Attr = ] 8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 04/03/2008 22:13:20 | Attr = ] fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] grep.exe -> %SystemRoot%\System32\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 07/03/2008 18:30:17 | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 07/03/2008 18:30:17 | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 07/03/2008 18:30:17 | Attr = ] libeay32_0.9.6l.dll -> %SystemRoot%\System32\libeay32_0.9.6l.dll -> [Ver = | Size = 796048 bytes | Created Date = 07/03/2008 18:34:25 | Attr = ] sed.exe -> %SystemRoot%\System32\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] swsc.exe -> %SystemRoot%\System32\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] VFind.exe -> %SystemRoot%\System32\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [Ver = | Size = 353366 bytes | Created Date = 07/03/2008 18:34:08 | Attr = ] vsdata.dll -> %SystemRoot%\System32\vsdata.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 83432 bytes | Created Date = 07/03/2008 18:33:35 | Attr = ] vsdatant.sys -> %SystemRoot%\System32\vsdatant.sys -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 394952 bytes | Created Date = 07/03/2008 18:34:08 | Attr = ] vsinit.dll -> %SystemRoot%\System32\vsinit.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 157160 bytes | Created Date = 07/03/2008 18:33:35 | Attr = ] vsmonapi.dll -> %SystemRoot%\System32\vsmonapi.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 103912 bytes | Created Date = 07/03/2008 18:34:09 | Attr = ] vspubapi.dll -> %SystemRoot%\System32\vspubapi.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 275944 bytes | Created Date = 07/03/2008 18:34:09 | Attr = ] vsregexp.dll -> %SystemRoot%\System32\vsregexp.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 71144 bytes | Created Date = 07/03/2008 18:34:24 | Attr = ] vsutil.dll -> %SystemRoot%\System32\vsutil.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 472552 bytes | Created Date = 07/03/2008 18:33:35 | Attr = ] vswmi.dll -> %SystemRoot%\System32\vswmi.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 46568 bytes | Created Date = 07/03/2008 18:34:12 | Attr = ] vsxml.dll -> %SystemRoot%\System32\vsxml.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 99816 bytes | Created Date = 07/03/2008 18:34:10 | Attr = ] WNASPI32.DLL -> %SystemRoot%\System32\WNASPI32.DLL -> Jukka Poikolainen Software [Ver = 5, 0, 0, 1 | Size = 22528 bytes | Created Date = 12/02/2008 23:16:45 | Attr = ] zip.exe -> %SystemRoot%\System32\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] zlcomm.dll -> %SystemRoot%\System32\zlcomm.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 83432 bytes | Created Date = 07/03/2008 18:34:20 | Attr = ] zlcommdb.dll -> %SystemRoot%\System32\zlcommdb.dll -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 71144 bytes | Created Date = 07/03/2008 18:34:20 | Attr = ] zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat -> [Ver = | Size = 4212 bytes | Created Date = 07/03/2008 18:35:15 | Attr = H ] ZoneLabs -> %SystemRoot%\System32\ZoneLabs -> [Folder | Created Date = 07/03/2008 18:34:10 | Attr = ] zpeng24.dll -> %SystemRoot%\System32\zpeng24.dll -> Python Software Foundation [Ver = 2.4.2 | Size = 1086952 bytes | Created Date = 07/03/2008 18:34:11 | Attr = ] ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 04/03/2008 22:13:19 | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 07/03/2008 19:22:06 | Attr = ] Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Created Date = 07/03/2008 18:33:35 | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 09/03/2008 19:19:24 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 07/03/2008 18:18:48 | Attr = ] zllsputility.exe -> %SystemRoot%\zllsputility.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 75248 bytes | Created Date = 07/03/2008 18:35:03 | Attr = ] [Files/Folders - Modified Within 30 days] 17ca07acc452e639137011c9b8ed22e0 -> %SystemDrive%\17ca07acc452e639137011c9b8ed22e0 -> [Folder | Modified Date = 04/03/2008 22:33:14 | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 07/03/2008 18:28:24 | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 08/03/2008 14:39:37 | Attr = H ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 07/03/2008 19:21:18 | Attr = ] FileMonk.cfg -> %SystemDrive%\FileMonk.cfg -> [Ver = | Size = 8 bytes | Modified Date = 02/03/2008 17:28:32 | Attr = H ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 527892480 bytes | Modified Date = 10/03/2008 18:21:40 | Attr = HS] logs -> %SystemDrive%\logs -> [Folder | Modified Date = 05/03/2008 18:09:28 | Attr = ] NoLopBackups -> %SystemDrive%\NoLopBackups -> [Folder | Modified Date = 03/03/2008 00:14:51 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 07/03/2008 18:34:10 | Attr = R ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 09/03/2008 19:32:57 | Attr = ] Skillb -> %SystemDrive%\Skillb -> [Folder | Modified Date = 19/02/2008 18:47:21 | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 10/03/2008 18:36:13 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 10/03/2008 19:15:31 | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 4102 bytes | Modified Date = 01/03/2008 16:40:11 | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 14432288 bytes | Modified Date = 09/03/2008 23:53:45 | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 85748 bytes | Modified Date = 09/03/2008 23:53:45 | Attr = HS] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Modified Date = 05/03/2008 00:11:38 | Attr = ] 8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 09/03/2008 23:53:32 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 05/03/2008 00:12:08 | Attr = ] DLA -> %SystemRoot%\System32\DLA -> [Folder | Modified Date = 05/03/2008 00:12:26 | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 12/02/2008 23:17:23 | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 09/03/2008 19:21:29 | Attr = ] FxsTmp -> %SystemRoot%\System32\FxsTmp -> [Folder | Modified Date = 09/03/2008 00:33:11 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22/02/2008 01:23:35 | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Modified Date = 22/02/2008 02:33:31 | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22/02/2008 01:23:39 | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 22/02/2008 02:33:32 | Attr = ] vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [Ver = | Size = 353366 bytes | Modified Date = 10/03/2008 18:24:43 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 05/03/2008 00:15:23 | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 10/03/2008 18:35:50 | Attr = ] zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat -> [Ver = | Size = 4212 bytes | Modified Date = 07/03/2008 18:37:41 | Attr = H ] ZoneLabs -> %SystemRoot%\System32\ZoneLabs -> [Folder | Modified Date = 07/03/2008 18:35:09 | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 12/02/2008 18:43:09 | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 05/03/2008 00:04:44 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 10/03/2008 18:21:42 | Attr = S] Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 21/02/2008 23:16:05 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 07/03/2008 19:23:03 | Attr = S] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 09/03/2008 19:20:13 | Attr = ] FILMNK.CFG -> %SystemRoot%\FILMNK.CFG -> [Ver = | Size = 8 bytes | Modified Date = 02/03/2008 17:28:32 | Attr = H ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 12/02/2008 21:52:36 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 07/03/2008 18:34:52 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 08/03/2008 11:15:31 | Attr = HS] Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 10/03/2008 19:04:43 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 10/03/2008 19:08:44 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 07/03/2008 18:25:17 | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 05/03/2008 00:11:31 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 09/03/2008 19:28:59 | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 09/03/2008 19:34:15 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 03/03/2008 00:14:51 | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 10/03/2008 19:08:19 | Attr = ] Thumbs.db -> %SystemRoot%\Thumbs.db -> [Ver = | Size = 7680 bytes | Modified Date = 05/03/2008 18:43:32 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1048 bytes | Modified Date = 07/03/2008 18:28:24 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 10/03/2008 18:22:00 | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4232 bytes | Modified Date = 07/03/2008 18:27:10 | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5360 bytes | Modified Date = 07/03/2008 18:27:09 | Attr = ] swt-gdip-win32-3430.dll -> C:\Documents and Settings\Leanne\Local Settings\Temp\swt-gdip-win32-3430.dll -> Eclipse Foundation [Ver = 3.430 | Size = 77824 bytes | Modified Date = 09/03/2008 19:41:19 | Attr = ] swt-win32-3430.dll -> C:\Documents and Settings\Leanne\Local Settings\Temp\swt-win32-3430.dll -> Eclipse Foundation [Ver = 3.430 | Size = 323584 bytes | Modified Date = 09/03/2008 19:40:54 | Attr = ] 1 C:\Documents and Settings\Leanne\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Leanne\Local Settings\Temp\*.tmp -> Perflib_Perfdata_220.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_220.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/03/2008 18:22:33 | Attr = ] 2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> < End of report > [/code]