[code] OTScanIt logfile created on: 4/7/2008 5:02:27 PM OTScanIt by OldTimer - Version 1.0.9.0 Folder = C:\Documents and Settings\User\Desktop\OTScanIt Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 511.48 Mb Total Physical Memory | 296.37 Mb Available Physical Memory | 57.94% Memory free 1.82 Gb Paging File | 1.64 Gb Available in Paging File | 90.14% Paging File free Paging file location(s): C:\pagefile.sys 1384 1768; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.26 Gb Total Space | 31.60 Gb Free Space | 84.82% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 55.91 Gb Total Space | 55.80 Gb Free Space | 99.81% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DELL-C74AAE9D92 Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 17272 bytes | Modified Date = 3/29/2008 2:11:18 PM | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 144760 bytes | Modified Date = 3/29/2008 2:37:02 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 77824 bytes | Modified Date = 7/28/2003 2:19:00 PM | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 79224 bytes | Modified Date = 3/29/2008 2:37:13 PM | Attr = ] yahoomessenger.exe -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,421 | Size = 4670704 bytes | Modified Date = 8/30/2007 5:43:18 PM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Modified Date = 4/4/2008 12:24:38 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (aawservice) Ad-Aware 2007 Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 3/19/2008 5:08:58 PM | Attr = ] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 17272 bytes | Modified Date = 3/29/2008 2:11:18 PM | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 144760 bytes | Modified Date = 3/29/2008 2:37:02 PM | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 247160 bytes | Modified Date = 3/29/2008 2:36:22 PM | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 345464 bytes | Modified Date = 3/29/2008 2:30:47 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/3/2004 6:56:50 PM | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found (NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 77824 bytes | Modified Date = 7/28/2003 2:19:00 PM | Attr = ] (setup_7.0.0.180_04.04.2008_21-34[1]) setup_7.0.0.180_04.04.2008_21-34[1] [Win32_Own | Disabled | Stopped] -> %AllUsersProfile%\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_04.04.2008_21-34[1].exe -> Kaspersky Lab [Ver = 7.0.0.180 | Size = 212992 bytes | Modified Date = 10/12/2007 4:29:52 PM | Attr = ] (TUWinStylerThemeSvc) TuneUp WinStyler Theme Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\TuneUp Utilities 2006\WinStylerThemeSvc.exe -> TuneUp Software GmbH [Ver = 1.0.0.174 | Size = 118272 bytes | Modified Date = 8/10/2005 11:17:28 PM | Attr = ] [Driver Services - Non-Microsoft Only] (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 26944 bytes | Modified Date = 3/29/2008 2:26:52 PM | Attr = ] (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Modified Date = 8/17/2001 11:20:04 AM | Attr = ] (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 20560 bytes | Modified Date = 3/29/2008 2:35:49 PM | Attr = ] (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 94544 bytes | Modified Date = 3/29/2008 2:35:21 PM | Attr = ] (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 23152 bytes | Modified Date = 3/29/2008 2:29:08 PM | Attr = ] (aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 75856 bytes | Modified Date = 3/29/2008 2:31:34 PM | Attr = ] (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 42912 bytes | Modified Date = 3/29/2008 2:27:33 PM | Attr = ] (ati2mtag) ati2mtag [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6462 | Size = 701440 bytes | Modified Date = 8/3/2004 5:29:28 PM | Attr = ] (BCMModem) BCM V.90 56K Modem [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BCMDM.sys -> BCM [Ver = 3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Modified Date = 8/17/2001 12:28:00 PM | Attr = ] (BOCDRIVE) BOClean Kernel Monitor. [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Comodo\CBOClean\BOCDRIVE.sys -> File not found (ctljystk) Creative SBLive! Gameport [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ctljystk.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3712 bytes | Modified Date = 8/17/2001 7:19:20 AM | Attr = ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/3/2004 5:07:18 PM | Attr = ] (dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/3/2004 5:07:18 PM | Attr = ] (dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/23/2001 7:00:00 AM | Attr = ] (E100B) Intel(R) PRO Network Connection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\e100b325.sys -> Intel Corporation [Ver = 8.0.47.0 built by: WinDDK | Size = 165496 bytes | Modified Date = 11/16/2007 6:55:00 PM | Attr = ] (EL90XBC) 3Com EtherLink XL 90XB/C Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\el90xbc5.sys -> 3Com Corporation [Ver = 4.05.00.0000 | Size = 66591 bytes | Modified Date = 8/17/2001 7:11:06 AM | Attr = ] (emu10k) Creative SB Live! (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\emu10k1m.sys -> Creative Technology Ltd. [Ver = 5.12.01.3300 built by: WinDDK | Size = 283904 bytes | Modified Date = 8/17/2001 7:19:26 AM | Attr = ] (emu10k1) Creative Interface Manager Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ctlfacem.sys -> Creative Technology Ltd. [Ver = 5.12.01.2108 built by: WinDDK | Size = 6912 bytes | Modified Date = 8/17/2001 7:19:28 AM | Attr = ] (klif) klif [File_System | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> Kaspersky Lab [Ver = 7.0.0.144 | Size = 134160 bytes | Modified Date = 7/5/2007 2:34:52 PM | Attr = ] (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 1341339 bytes | Modified Date = 7/28/2003 2:19:00 PM | Attr = ] (PRISM_USB) Linksys Wireless-B USB Network Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LSPMUSB.sys -> Cisco-Linksys, LLC. [Ver = 3.01.03 | Size = 666624 bytes | Modified Date = 10/1/2003 11:47:14 PM | Attr = R ] (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/23/2001 7:00:00 AM | Attr = ] (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 6:25:53 AM | Attr = ] (sfman) Creative SoundFont Manager Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sfmanm.sys -> Creative Technology Ltd. [Ver = 4.10.3300 | Size = 36480 bytes | Modified Date = 8/17/2001 7:19:34 AM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 79224 bytes | Modified Date = 3/29/2008 2:37:13 PM | Attr = ] NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 49152 bytes | Modified Date = 7/28/2003 2:19:00 PM | Attr = ] < RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> SpeedStartup -> %ProgramFiles%\Speed Startup\speedstartup.exe [C:\Program Files\Speed Startup\speedstartup.exe runonce] -> [Ver = | Size = 2363896 bytes | Modified Date = 3/31/2008 6:12:16 PM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> SpeedStartup -> %ProgramFiles%\Speed Startup\speedstartup.exe [C:\Program Files\Speed Startup\speedstartup.exe bootup] -> [Ver = | Size = 2363896 bytes | Modified Date = 3/31/2008 6:12:16 PM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < User Startup Folder > -> C:\Documents and Settings\User\Start Menu\Programs\Startup -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.msn.com/ -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.msn.com/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {7E30D1BE-4CD9-4641-AC7F-18F051F5829A} -> (Linksys Wireless-B USB Network Adapter v3.0) -> {9AA2155D-46FC-42F5-A4AC-9BB9DE3D6A22} -> (3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible)) -> {D31D469A-1C5B-4A83-8A9B-7CD3B086B5DF} -> (Intel(R) PRO/100 VE Network Connection) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab[ActiveScan 2.0 Installer Class] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/as2stubie.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/as2stubie.dll\\.Owner -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/as2stubie.dll\\{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libcomm.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libcomm.dll\\.Owner -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libcomm.dll\\{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\\.Owner -> Unknown Owner -> [Files/Folders - Created Within 30 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 4/5/2008 9:56:48 AM | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 4/4/2008 11:31:55 PM | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 4/5/2008 8:57:41 AM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 4/5/2008 12:03:42 PM | Attr = ] ac97intc.sys -> %SystemRoot%\System32\dllcache\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Created Date = 3/18/2008 6:37:43 AM | Attr = ] bcmdm.sys -> %SystemRoot%\System32\dllcache\bcmdm.sys -> BCM [Ver = 3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Created Date = 3/18/2008 6:37:20 AM | Attr = ] e100b325.sys -> %SystemRoot%\System32\dllcache\e100b325.sys -> Intel Corporation [Ver = 8.0.47.0 built by: WinDDK | Size = 165496 bytes | Created Date = 3/18/2008 6:38:04 AM | Attr = ] aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 26944 bytes | Created Date = 4/4/2008 8:51:02 PM | Attr = ] ac97intc.sys -> %SystemRoot%\System32\drivers\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Created Date = 3/18/2008 6:37:43 AM | Attr = ] aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 20560 bytes | Created Date = 4/4/2008 8:51:00 PM | Attr = ] aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Created Date = 4/4/2008 8:51:00 PM | Attr = ] aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 94544 bytes | Created Date = 4/4/2008 8:51:00 PM | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 23152 bytes | Created Date = 4/4/2008 8:51:03 PM | Attr = ] aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 75856 bytes | Created Date = 4/4/2008 8:51:00 PM | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 42912 bytes | Created Date = 4/4/2008 8:51:03 PM | Attr = ] BCMDM.sys -> %SystemRoot%\System32\drivers\BCMDM.sys -> BCM [Ver = 3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Created Date = 3/18/2008 6:37:20 AM | Attr = ] e100b325.sys -> %SystemRoot%\System32\drivers\e100b325.sys -> Intel Corporation [Ver = 8.0.47.0 built by: WinDDK | Size = 165496 bytes | Created Date = 3/18/2008 6:38:04 AM | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 964640 bytes | Created Date = 4/4/2008 7:05:30 PM | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 13352 bytes | Created Date = 4/4/2008 7:05:30 PM | Attr = HS] klif.sys -> %SystemRoot%\System32\drivers\klif.sys -> Kaspersky Lab [Ver = 7.0.0.144 | Size = 134160 bytes | Created Date = 4/4/2008 7:05:27 PM | Attr = ] accserv.mib -> %SystemRoot%\System32\accserv.mib -> [Ver = | Size = 15597 bytes | Created Date = 4/3/2008 8:33:06 PM | Attr = ] actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 4/4/2008 8:50:33 PM | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 1146232 bytes | Created Date = 4/4/2008 8:50:33 PM | Attr = ] authserv.mib -> %SystemRoot%\System32\authserv.mib -> [Ver = | Size = 16617 bytes | Created Date = 4/3/2008 8:33:06 PM | Attr = ] AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 95608 bytes | Created Date = 4/4/2008 8:51:00 PM | Attr = ] dhcp.mib -> %SystemRoot%\System32\dhcp.mib -> [Ver = | Size = 4597 bytes | Created Date = 4/3/2008 8:33:06 PM | Attr = ] ftp.mib -> %SystemRoot%\System32\ftp.mib -> [Ver = | Size = 6179 bytes | Created Date = 4/3/2008 8:33:07 PM | Attr = ] hostmib.mib -> %SystemRoot%\System32\hostmib.mib -> [Ver = | Size = 48593 bytes | Created Date = 4/3/2008 8:33:07 PM | Attr = ] http.mib -> %SystemRoot%\System32\http.mib -> [Ver = | Size = 20079 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] inetsrv.mib -> %SystemRoot%\System32\inetsrv.mib -> [Ver = | Size = 698 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] ipforwd.mib -> %SystemRoot%\System32\ipforwd.mib -> [Ver = | Size = 15799 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] lmmib2.mib -> %SystemRoot%\System32\lmmib2.mib -> [Ver = | Size = 26100 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] mcastmib.mib -> %SystemRoot%\System32\mcastmib.mib -> [Ver = | Size = 30448 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] mib_ii.mib -> %SystemRoot%\System32\mib_ii.mib -> [Ver = | Size = 107882 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] mipx.mib -> %SystemRoot%\System32\mipx.mib -> [Ver = | Size = 21386 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] mripsap.mib -> %SystemRoot%\System32\mripsap.mib -> [Ver = | Size = 10313 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] msft.mib -> %SystemRoot%\System32\msft.mib -> [Ver = | Size = 581 bytes | Created Date = 4/3/2008 8:33:08 PM | Attr = ] msipbtp.mib -> %SystemRoot%\System32\msipbtp.mib -> [Ver = | Size = 13767 bytes | Created Date = 4/3/2008 8:33:09 PM | Attr = ] msiprip2.mib -> %SystemRoot%\System32\msiprip2.mib -> [Ver = | Size = 34317 bytes | Created Date = 4/3/2008 8:33:09 PM | Attr = ] nipx.mib -> %SystemRoot%\System32\nipx.mib -> [Ver = | Size = 38608 bytes | Created Date = 4/3/2008 8:33:09 PM | Attr = ] PROUnstl.exe -> %SystemRoot%\System32\PROUnstl.exe -> Intel Corporation [Ver = 10.0.4.0 | Size = 248448 bytes | Created Date = 3/18/2008 4:43:23 PM | Attr = ] smi.mib -> %SystemRoot%\System32\smi.mib -> [Ver = | Size = 4332 bytes | Created Date = 4/3/2008 8:33:09 PM | Attr = ] wfospf.mib -> %SystemRoot%\System32\wfospf.mib -> [Ver = | Size = 49275 bytes | Created Date = 4/3/2008 8:33:09 PM | Attr = ] wins.mib -> %SystemRoot%\System32\wins.mib -> [Ver = | Size = 26236 bytes | Created Date = 4/3/2008 8:33:09 PM | Attr = ] CMDLIC.DLL -> %SystemRoot%\CMDLIC.DLL -> COMODO [Ver = 1.0.1.2 | Size = 208896 bytes | Created Date = 4/4/2008 7:44:14 PM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 4/5/2008 9:57:24 AM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 335 bytes | Created Date = 4/3/2008 9:22:31 PM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 4/4/2008 4:44:53 PM | Attr = ] UNBOC.EXE -> %SystemRoot%\UNBOC.EXE -> COMODO [Ver = 4.25.001 | Size = 238848 bytes | Created Date = 4/4/2008 7:44:15 PM | Attr = ] 1-Click Maintenance.job -> %SystemRoot%\tasks\1-Click Maintenance.job -> [Ver = | Size = 388 bytes | Created Date = 4/4/2008 5:09:42 PM | Attr = ] Uniblue SpyEraser Nag.job -> %SystemRoot%\tasks\Uniblue SpyEraser Nag.job -> [Ver = | Size = 262 bytes | Created Date = 4/4/2008 6:59:34 PM | Attr = ] Uniblue SpyEraser.job -> %SystemRoot%\tasks\Uniblue SpyEraser.job -> [Ver = | Size = 336 bytes | Created Date = 4/4/2008 6:59:34 PM | Attr = ] [Files/Folders - Modified Within 30 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 4/7/2008 5:52:14 AM | Attr = HS] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 4/5/2008 9:56:48 AM | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 4/4/2008 11:31:55 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 4/6/2008 10:21:39 AM | Attr = R ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 4/5/2008 8:57:41 AM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 4/6/2008 6:40:32 AM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 4/5/2008 12:03:42 PM | Attr = ] aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 26944 bytes | Modified Date = 3/29/2008 2:26:52 PM | Attr = ] aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 20560 bytes | Modified Date = 3/29/2008 2:35:49 PM | Attr = ] aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 94544 bytes | Modified Date = 3/29/2008 2:35:21 PM | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 23152 bytes | Modified Date = 3/29/2008 2:29:08 PM | Attr = ] aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 75856 bytes | Modified Date = 3/29/2008 2:31:34 PM | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1169.0 | Size = 42912 bytes | Modified Date = 3/29/2008 2:27:33 PM | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 964640 bytes | Modified Date = 4/7/2008 4:56:26 PM | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 13352 bytes | Modified Date = 4/7/2008 6:47:15 AM | Attr = HS] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 1146232 bytes | Modified Date = 3/29/2008 2:45:49 PM | Attr = ] AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1169, 0 | Size = 95608 bytes | Modified Date = 3/29/2008 2:23:22 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 3/18/2008 2:02:42 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 4/6/2008 9:12:48 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 4/4/2008 6:04:05 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2626 bytes | Modified Date = 4/4/2008 8:51:02 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 4/6/2008 12:07:13 PM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 4/6/2008 12:07:07 PM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 3/18/2008 1:58:47 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 113376 bytes | Modified Date = 3/18/2008 2:23:22 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 72356 bytes | Modified Date = 4/4/2008 6:30:31 AM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 444858 bytes | Modified Date = 4/4/2008 6:30:31 AM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 523874 bytes | Modified Date = 4/4/2008 6:30:31 AM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 3/18/2008 4:42:33 PM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Modified Date = 4/5/2008 4:39:25 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 4/4/2008 6:30:32 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 4/7/2008 4:48:56 PM | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Modified Date = 3/18/2008 1:58:36 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 4/4/2008 3:13:57 PM | Attr = H ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 3/18/2008 2:42:29 PM | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 4/7/2008 4:48:12 PM | Attr = S] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 4/3/2008 8:27:44 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 4/5/2008 11:24:50 AM | Attr = S] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 4/5/2008 9:57:24 AM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 4/3/2008 8:27:48 PM | Attr = ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 3/18/2008 2:01:48 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 4/6/2008 12:07:01 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 4/4/2008 8:06:24 PM | Attr = HS] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 3/18/2008 2:42:32 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 335 bytes | Modified Date = 4/3/2008 9:22:31 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 3/18/2008 4:42:51 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 4/6/2008 8:28:22 PM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 4/4/2008 4:46:50 PM | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 4/3/2008 8:43:06 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 209 bytes | Modified Date = 4/7/2008 4:49:17 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 4/6/2008 12:07:11 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 4/4/2008 6:59:34 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 4/7/2008 4:51:45 PM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 589 bytes | Modified Date = 4/7/2008 4:49:16 PM | Attr = ] 1-Click Maintenance.job -> %SystemRoot%\tasks\1-Click Maintenance.job -> [Ver = | Size = 388 bytes | Modified Date = 4/4/2008 5:16:47 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 4/7/2008 4:48:24 PM | Attr = H ] Uniblue SpyEraser Nag.job -> %SystemRoot%\tasks\Uniblue SpyEraser Nag.job -> [Ver = | Size = 262 bytes | Modified Date = 4/4/2008 6:59:35 PM | Attr = ] Uniblue SpyEraser.job -> %SystemRoot%\tasks\Uniblue SpyEraser.job -> [Ver = | Size = 336 bytes | Modified Date = 4/4/2008 6:59:34 PM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4617 bytes | Modified Date = 4/4/2008 10:58:22 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4232 bytes | Modified Date = 4/4/2008 10:58:22 PM | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 8206 bytes | Modified Date = 4/4/2008 6:30:29 AM | Attr = ] vmpremov.exe -> C:\Documents and Settings\User\Local Settings\Temp\vmpremov.exe -> Viewpoint Corporation [Ver = 3, 2, 2, 26 | Size = 61440 bytes | Modified Date = 2/20/2004 3:45:30 PM | Attr = ] 5 C:\Documents and Settings\User\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\*.tmp -> sofhehqxAAE9D92.dll -> C:\Documents and Settings\User\Local Settings\Temp\sofhehqxAAE9D92.dll -> [Ver = | Size = 53248 bytes | Modified Date = 4/7/2008 5:01:23 PM | Attr = ] 5 C:\Documents and Settings\User\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\*.tmp -> Perflib_Perfdata_940.dat -> C:\Documents and Settings\User\Local Settings\Temp\Perflib_Perfdata_940.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/7/2008 4:54:46 PM | Attr = ] 5 C:\Documents and Settings\User\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\*.tmp -> Perflib_Perfdata_154.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_154.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/6/2008 10:31:37 AM | Attr = ] Perflib_Perfdata_1ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1ec.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/6/2008 6:40:35 AM | Attr = ] Perflib_Perfdata_20c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_20c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/7/2008 5:31:11 AM | Attr = ] Perflib_Perfdata_260.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_260.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/5/2008 9:05:51 PM | Attr = ] Perflib_Perfdata_578.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_578.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/7/2008 4:48:24 PM | Attr = ] Perflib_Perfdata_668.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_668.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/6/2008 10:31:15 AM | Attr = ] Perflib_Perfdata_7a4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7a4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/6/2008 9:51:41 AM | Attr = ] Perflib_Perfdata_7a8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7a8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/5/2008 9:03:07 PM | Attr = ] 1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> [CatchMe Rootkit Scan by GMER] < Windows folder & sub-folders > scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 < Document and Settings folder & sub folders > scanning hidden files ... C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\User\Favorites\ TigerDirect.url:favicon 2104 bytes C:\Documents and Settings\User\Favorites\http--www.answersthatwork.com-Tasklist_pages-tasklist.htm.url:favicon 894 bytes C:\Documents and Settings\User\Favorites\Pricewatch Find and Buy all types of Monitors - cheap prices.url:favicon 1406 bytes C:\Documents and Settings\User\My Documents\My Pictures\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\User\My Documents\My Pictures\toots\Thumbs.db:encryptable 0 bytes scan completed successfully hidden files: 14 < End of report > [/code]