[code] OTScanIt logfile created on: 5/30/2008 2:09:59 PM OTScanIt by OldTimer - Version 1.0.15.4 Folder = C:\Documents and Settings\owner\Desktop\OTScanIt Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 167.42 Mb Available Physical Memory | 32.83% Memory free 1.22 Gb Paging File | 0.88 Gb Available in Paging File | 72.10% Paging File free Paging file location(s): C:\pagefile.sys 0 0; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 298.09 Gb Total Space | 130.83 Gb Free Space | 43.89% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XPHOMESP2 Current User Name: owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] igfxtray.exe -> %SystemRoot%\system32\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 155648 bytes | Modified Date = 6/21/2005 5:48:18 PM | Attr = ] hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 126976 bytes | Modified Date = 6/21/2005 5:44:34 PM | Attr = ] soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 11/17/2006 6:42:52 AM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr = ] wkufind.exe -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkUFind.exe -> Microsoft® Corporation [Ver = 7.00.0724.0 | Size = 28672 bytes | Modified Date = 7/24/2002 9:20:02 PM | Attr = ] pdvd8serv.exe -> %ProgramFiles%\CyberLink\PowerDVD8\PDVD8Serv.exe -> Cyberlink Corp. [Ver = 8.00.1418 | Size = 83240 bytes | Modified Date = 3/20/2008 8:23:22 PM | Attr = ] avgwdsvc.exe -> %SystemDrive%\PROGRA~1\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.100 | Size = 282904 bytes | Modified Date = 5/29/2008 7:37:31 AM | Attr = ] mediaserver.exe -> %ProgramFiles%\TVersity\Media Server\MediaServer.exe -> [Ver = | Size = 724992 bytes | Modified Date = 12/30/2007 3:42:34 PM | Attr = ] aolload.exe -> %CommonProgramFiles%\AOL\Loader\aolload.exe -> AOL LLC [Ver = 9.3.2.2 | Size = 10800 bytes | Modified Date = 11/3/2006 3:17:27 AM | Attr = ] viewpointservice.exe -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 5:38:08 PM | Attr = ] avgrsx.exe -> %SystemDrive%\PROGRA~1\AVG\AVG8\avgrsx.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.84 | Size = 311576 bytes | Modified Date = 5/29/2008 7:37:33 AM | Attr = ] viewmgr.exe -> %ProgramFiles%\Viewpoint\Viewpoint Manager\ViewMgr.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 112336 bytes | Modified Date = 1/4/2007 5:38:18 PM | Attr = ] tversity.exe -> %ProgramFiles%\TVersity\Media Server\TVersity.exe -> [Ver = 3, 1, 0, 4 | Size = 2021616 bytes | Modified Date = 12/28/2007 9:20:12 PM | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.14: 2008040413 | Size = 7660656 bytes | Modified Date = 4/30/2008 6:45:01 PM | Attr = ] avgscanx.exe -> %SystemDrive%\PROGRA~1\AVG\AVG8\avgscanx.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 580888 bytes | Modified Date = 5/29/2008 7:37:31 AM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.15.4 | Size = 374784 bytes | Modified Date = 5/28/2008 9:25:08 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (AresChatServer) Ares Chatroom server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Ares\chatServer.exe -> Ares Development Group [Ver = 2.0.7.3029 | Size = 263168 bytes | Modified Date = 3/19/2007 9:19:14 PM | Attr = ] (avg8wd) AVG8 WatchDog [Win32_Own | Auto | Running] -> %SystemDrive%\PROGRA~1\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.100 | Size = 282904 bytes | Modified Date = 5/29/2008 7:37:31 AM | Attr = ] (AVP) Kaspersky Anti-Virus 7.0 [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.1.325 | Size = 227856 bytes | Modified Date = 2/8/2008 6:36:14 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ] (MSDTC) Distributed Transaction Coordinator [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\msdtc -> [Folder | Modified Date = 10/8/2004 6:52:48 AM | Attr = ] (TVersityMediaServer) TVersityMediaServer [Win32_Own | Auto | Running] -> %ProgramFiles%\TVersity\Media Server\MediaServer.exe -> [Ver = | Size = 724992 bytes | Modified Date = 12/30/2007 3:42:34 PM | Attr = ] (Viewpoint Manager Service) Viewpoint Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 5:38:08 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 5/11/2007 3:06:32 AM | Attr = ] AVG8_TRAY -> %SystemDrive%\PROGRA~1\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.94 | Size = 1177368 bytes | Modified Date = 5/29/2008 7:37:32 AM | Attr = ] HotKeysCmds -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> Intel Corporation [Ver = 3.0.0.4342 | Size = 126976 bytes | Modified Date = 6/21/2005 5:44:34 PM | Attr = ] IgfxTray -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> Intel Corporation [Ver = 3.0.0.4342 | Size = 155648 bytes | Modified Date = 6/21/2005 5:48:18 PM | Attr = ] Microsoft Works Update Detection -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkUFind.exe [C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe] -> Microsoft® Corporation [Ver = 7.00.0724.0 | Size = 28672 bytes | Modified Date = 7/24/2002 9:20:02 PM | Attr = ] PDVD8LanguageShortcut -> %ProgramFiles%\CyberLink\PowerDVD8\Language\Language.exe ["C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"] -> [Ver = 8.00.1204 | Size = 50472 bytes | Modified Date = 12/14/2007 11:36:42 AM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Computer, Inc. [Ver = 7.1.5 | Size = 282624 bytes | Modified Date = 2/16/2007 11:54:04 AM | Attr = ] RemoteControl8 -> %ProgramFiles%\CyberLink\PowerDVD8\PDVD8Serv.exe ["C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"] -> Cyberlink Corp. [Ver = 8.00.1418 | Size = 83240 bytes | Modified Date = 3/20/2008 8:23:22 PM | Attr = ] SoundMan -> SOUNDMAN.EXE [SOUNDMAN.EXE] -> File not found SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Aim6 -> %ProgramFiles%\AIM6\aim6.exe ["C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp] -> AOL LLC [Ver = 1.4.9.1 | Size = 50528 bytes | Modified Date = 1/3/2008 12:15:06 PM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < owner Startup Folder > -> C:\Documents and Settings\owner\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\MagicDisc.lnk -> %ProgramFiles%\MagicDisc\MagicDisc.exe -> [Ver = | Size = 534016 bytes | Modified Date = 9/26/2006 9:59:14 AM | Attr = ] < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> avgrsstx.dll -> %SystemRoot%\system32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Modified Date = 5/29/2008 7:37:51 AM | Attr = ] *MultiFile Done* -> -> < IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ -> Your Image File Name Here without a path -> [Debugger] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorerhack.exe -> explorerhack.exe -> File not found *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> logonui.exe -> File not found *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> -> File not found Control_RunDLL "sysdm.cpl" -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.4342 | Size = 348160 bytes | Modified Date = 6/21/2005 5:44:12 PM | Attr = ] klogon -> %SystemRoot%\system32\klogon.dll -> Kaspersky Lab [Ver = 7.0.1.325 | Size = 219664 bytes | Modified Date = 2/8/2008 6:37:44 PM | Attr = ] WgaLogon -> -> File not found < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoToolbarCustomize -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 12 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomHL-DT-ST_DVD-ROM_GDR8162B_______________0015____\5&300afdb3&0&0.0.0 [IDE\CdRomHL-DT-ST_DVD-ROM_GDR8162B_______________0015____\5&300afdb3&0&0.0.0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> IDE\CdRomATAPI_DVD_DC_16X8X5_____________________100_____\5&300afdb3&0&0.1.0 [IDE\CdRomATAPI_DVD_DC_16X8X5_____________________100_____\5&300afdb3&0&0.1.0] -> File not found < Drives - Autoruns > -> -> AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 10/8/2004 6:55:49 AM | Attr = ] < HOSTS File > (23 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> //@install.mar@ .[msni] -> My Computer -> //@mail.mar@ .[msni] -> Local intranet -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 11:08:42 PM | Attr = ] {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Winamp Toolbar\winamptb.dll [Winamp Toolbar BHO] -> AOL LLC [Ver = 5.1.6.2 | Size = 1135968 bytes | Modified Date = 10/4/2007 4:06:20 PM | Attr = ] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BitComet\tools\BitCometBHO_1.2.2.28.dll [BitComet Helper] -> BitComet [Ver = 20080228 | Size = 468280 bytes | Modified Date = 2/29/2008 4:49:22 AM | Attr = ] {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.90 | Size = 419096 bytes | Modified Date = 5/29/2008 7:37:34 AM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> AOL LLC [Ver = 5.1.6.2 | Size = 1135968 bytes | Modified Date = 10/4/2007 4:06:20 PM | Attr = ] {F8AD5AA5-D966-4667-9DAF-2561D68B2012} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll [Viewpoint Toolbar] -> Viewpoint Corporation [Ver = 3, 8, 0, 73 | Size = 327759 bytes | Modified Date = 11/28/2007 7:58:26 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> AOL LLC [Ver = 5.1.6.2 | Size = 1135968 bytes | Modified Date = 10/4/2007 4:06:20 PM | Attr = ] WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> AOL LLC [Ver = 5.1.6.2 | Size = 1135968 bytes | Modified Date = 10/4/2007 4:06:20 PM | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:BandCLSID -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Web Anti-Virus statistics] -> Kaspersky Lab [Ver = 7.0.1.325 | Size = 223760 bytes | Modified Date = 2/8/2008 6:37:52 PM | Attr = ] {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [BitComet] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ] CmdMapping\\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Web Anti-Virus statistics] -> Kaspersky Lab [Ver = 7.0.1.325 | Size = 223760 bytes | Modified Date = 2/8/2008 6:37:52 PM | Attr = ] CmdMapping\\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} [HKEY_LOCAL_MACHINE] -> [BitComet] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &D&ownload &with BitComet -> res://%ProgramFiles%\BitComet\BitComet.exe/AddLink.htm -> File not found &D&ownload all video with BitComet -> res://%ProgramFiles%\BitComet\BitComet.exe/AddVideo.htm -> File not found &D&ownload all with BitComet -> res://%ProgramFiles%\BitComet\BitComet.exe/AddAllLink.htm -> File not found &Winamp Toolbar Search -> %AllUsersProfile%\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html -> [Ver = | Size = 747 bytes | Modified Date = 9/7/2006 4:59:50 PM | Attr = ] E&xport to Microsoft Excel -> -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SV1 -> -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {63AFC453-5576-4967-AA3C-E5BB9872831D} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> AVG Technologies CZ, s.r.o. [Ver = | Size = 79128 bytes | Modified Date = 5/29/2008 7:37:37 AM | Attr = ] msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}[HKEY_LOCAL_MACHINE] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.3] -> {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab[Java Plug-in 1.5.0_11] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\.Owner -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\{D27CDB6E-AE6D-11CF-96B8-444553540000} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> [Files/Folders - Created Within 30 days] $AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [Folder | Created Date = 5/29/2008 7:42:32 AM | Attr = H ] Avenger -> %SystemDrive%\Avenger -> [Folder | Created Date = 5/29/2008 5:48:45 PM | Attr = ] fixwareout -> %SystemDrive%\fixwareout -> [Folder | Created Date = 5/19/2008 5:20:52 PM | Attr = ] fsaua.data -> %SystemDrive%\fsaua.data -> [Folder | Created Date = 5/29/2008 6:29:31 PM | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Created Date = 5/29/2008 7:37:39 AM | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 5618689 bytes | Created Date = 5/29/2008 7:37:39 AM | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 24165863 bytes | Created Date = 5/29/2008 7:37:40 AM | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 66038 bytes | Created Date = 5/29/2008 7:37:40 AM | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 838585 bytes | Created Date = 5/29/2008 7:37:40 AM | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.58 | Size = 96520 bytes | Created Date = 5/29/2008 7:37:44 AM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 8.0.0.46 | Size = 26184 bytes | Created Date = 5/29/2008 7:37:42 AM | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 9354272 bytes | Created Date = 5/28/2008 11:05:47 PM | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 94964 bytes | Created Date = 5/28/2008 11:05:47 PM | Attr = HS] fidbox2.dat -> %SystemRoot%\System32\drivers\fidbox2.dat -> [Ver = | Size = 26656 bytes | Created Date = 5/28/2008 11:05:47 PM | Attr = HS] fidbox2.idx -> %SystemRoot%\System32\drivers\fidbox2.idx -> [Ver = | Size = 3068 bytes | Created Date = 5/28/2008 11:05:47 PM | Attr = HS] klick.dat -> %SystemRoot%\System32\drivers\klick.dat -> [Ver = | Size = 88262 bytes | Created Date = 5/28/2008 11:07:00 PM | Attr = ] klin.dat -> %SystemRoot%\System32\drivers\klin.dat -> [Ver = | Size = 96966 bytes | Created Date = 5/28/2008 11:07:00 PM | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Created Date = 5/29/2008 7:37:51 AM | Attr = ] bitcometres.dll -> %SystemRoot%\System32\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Created Date = 5/7/2008 7:00:40 PM | Attr = ] blackster.scr -> %SystemRoot%\System32\blackster.scr -> Peter's Productions [Ver = 2.00.0002 | Size = 160256 bytes | Created Date = 5/28/2008 9:14:17 PM | Attr = ] [Files/Folders - Modified Within 30 days] $AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [Folder | Modified Date = 5/30/2008 1:52:34 PM | Attr = H ] Avenger -> %SystemDrive%\Avenger -> [Folder | Modified Date = 5/29/2008 5:49:28 PM | Attr = ] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 5/29/2008 7:36:06 AM | Attr = HS] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 5/29/2008 11:23:57 PM | Attr = ] fixwareout -> %SystemDrive%\fixwareout -> [Folder | Modified Date = 5/19/2008 5:28:56 PM | Attr = ] fsaua.data -> %SystemDrive%\fsaua.data -> [Folder | Modified Date = 5/29/2008 6:29:31 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 534827008 bytes | Modified Date = 5/29/2008 8:20:57 PM | Attr = HS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 5/29/2008 5:48:45 PM | Attr = R ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 5/29/2008 6:54:41 AM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 5/29/2008 6:18:25 PM | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Modified Date = 5/30/2008 1:10:50 PM | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 5618689 bytes | Modified Date = 5/29/2008 7:37:40 AM | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 24165863 bytes | Modified Date = 5/30/2008 1:10:46 PM | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 66038 bytes | Modified Date = 5/30/2008 9:05:29 AM | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 838585 bytes | Modified Date = 5/29/2008 7:40:03 AM | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.58 | Size = 96520 bytes | Modified Date = 5/29/2008 7:37:44 AM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 8.0.0.46 | Size = 26184 bytes | Modified Date = 5/29/2008 7:37:42 AM | Attr = ] fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [Ver = | Size = 9354272 bytes | Modified Date = 5/30/2008 2:10:25 PM | Attr = HS] fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [Ver = | Size = 94964 bytes | Modified Date = 5/29/2008 8:20:07 PM | Attr = HS] fidbox2.dat -> %SystemRoot%\System32\drivers\fidbox2.dat -> [Ver = | Size = 26656 bytes | Modified Date = 5/30/2008 2:09:11 PM | Attr = HS] fidbox2.idx -> %SystemRoot%\System32\drivers\fidbox2.idx -> [Ver = | Size = 3068 bytes | Modified Date = 5/29/2008 8:20:07 PM | Attr = HS] kl1.sys -> %SystemRoot%\System32\drivers\kl1.sys -> Kaspersky Lab [Ver = 6.1.30.0 | Size = 112144 bytes | Modified Date = 5/28/2008 11:22:20 PM | Attr = ] klick.dat -> %SystemRoot%\System32\drivers\klick.dat -> [Ver = | Size = 88262 bytes | Modified Date = 5/28/2008 11:20:59 PM | Attr = ] klin.dat -> %SystemRoot%\System32\drivers\klin.dat -> [Ver = | Size = 96966 bytes | Modified Date = 5/28/2008 11:20:59 PM | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.80 | Size = 10520 bytes | Modified Date = 5/29/2008 7:37:51 AM | Attr = ] bitcometres.dll -> %SystemRoot%\System32\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Modified Date = 5/7/2008 7:00:40 PM | Attr = ] blackster.scr -> %SystemRoot%\System32\blackster.scr -> Peter's Productions [Ver = 2.00.0002 | Size = 160256 bytes | Modified Date = 5/29/2008 10:55:08 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 5/29/2008 6:29:09 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 5/14/2008 3:04:07 AM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 5/29/2008 5:48:45 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 5/29/2008 6:54:41 AM | Attr = ] tversity.cookies -> %SystemRoot%\System32\tversity.cookies -> [Ver = | Size = 593 bytes | Modified Date = 5/30/2008 12:00:18 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2278 bytes | Modified Date = 5/28/2008 10:58:59 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 5/13/2008 10:12:55 PM | Attr = H ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 5/29/2008 8:21:00 PM | Attr = S] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 5/29/2008 6:32:22 PM | Attr = S] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 5/28/2008 11:06:14 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 5/29/2008 7:37:24 AM | Attr = HS] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 5/29/2008 11:14:31 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 5/30/2008 12:00:07 PM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 5/18/2008 10:56:29 PM | Attr = H ] Resources -> %SystemRoot%\Resources -> [Folder | Modified Date = 5/29/2008 6:52:58 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 5/29/2008 6:18:25 PM | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 5/30/2008 2:10:39 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 5/29/2008 8:21:10 PM | Attr = H ] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 5/29/2008 6:24:33 PM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4096 bytes | Modified Date = 5/29/2008 8:19:55 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4096 bytes | Modified Date = 5/29/2008 8:19:55 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 6/7/2007 12:03:10 AM | Attr = ] opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 6/7/2007 12:03:10 AM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus -> [Folder | Modified Date = 5/29/2008 6:50:47 PM | Attr = ] fsgk32.exe -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 413696 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fssm32.exe -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 494592 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta -> [Folder | Modified Date = 5/29/2008 6:31:40 PM | Attr = ] fsgk32.exe -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgk32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 413696 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fssm32.exe -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fssm32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 494592 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus -> [Folder | Modified Date = 5/29/2008 6:50:47 PM | Attr = ] AVPFPI0.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\AVPFPI0.dll -> Kaspersky Lab [Ver = 7.0.171.8410 | Size = 147538 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] avpproxy.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\avpproxy.dll -> F-Secure Corporation [Ver = 1.2.12160 | Size = 77910 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] daas_s.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\daas_s.dll -> F-Secure Corporation [Ver = 6.00.14023 | Size = 495616 bytes | Modified Date = 2/27/2008 3:59:28 PM | Attr = ] fm4av.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fm4av.dll -> [Ver = | Size = 514048 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fpinor.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fpinor.dll -> F-Secure Corporation [Ver = 1.20.13330 | Size = 113664 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fsbl.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbl.dll -> F-Secure Corporation [Ver = 1, 0, 0, 1 | Size = 49152 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fsbld.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbld.dll -> F-Secure Corporation [Ver = 1, 0, 0, 68 | Size = 544768 bytes | Modified Date = 5/29/2008 6:31:18 PM | Attr = ] fsecr32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsecr32.dll -> F-Secure Corporation [Ver = 2.08.8110 | Size = 262144 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsgkiapi.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgkiapi.dll -> F-Secure Corp. [Ver = 7.60.13372.8144 | Size = 82432 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fsmart.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsmart.dll -> F-Secure Corporation [Ver = 1, 0, 0, 29 | Size = 147456 bytes | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] fspe32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fspe32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 385024 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fssubmit.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.dll -> F-Secure Corporation [Ver = 1.0.11 | Size = 651264 bytes | Modified Date = 5/29/2008 6:31:20 PM | Attr = ] fsup32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsup32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 577536 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupcx32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupcx32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 73728 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupfg32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupfg32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 98304 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupmw32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupmw32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 86016 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupnp32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupnp32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 98304 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupux32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupux32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 90112 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupwu32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupwu32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 90112 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsusscr.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsusscr.dll -> F-Secure Corporation [Ver = 2.30.14193 | Size = 884736 bytes | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] Nse_w32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll -> Norman ASA [Ver = 5,92,06 | Size = 588856 bytes | Modified Date = 5/29/2008 6:31:17 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta -> [Folder | Modified Date = 5/29/2008 6:31:40 PM | Attr = ] AVPFPI0.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\AVPFPI0.dll -> Kaspersky Lab [Ver = 7.0.171.8410 | Size = 147538 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] avpproxy.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\avpproxy.dll -> F-Secure Corporation [Ver = 1.2.12160 | Size = 77910 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fm4av.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fm4av.dll -> [Ver = | Size = 514048 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fpinor.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fpinor.dll -> F-Secure Corporation [Ver = 1.20.13330 | Size = 113664 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fsbl.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsbl.dll -> F-Secure Corporation [Ver = 1, 0, 0, 1 | Size = 49152 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] fsgkiapi.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgkiapi.dll -> F-Secure Corp. [Ver = 7.60.13372.8144 | Size = 82432 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin -> [Folder | Modified Date = 5/29/2008 6:31:29 PM | Attr = ] fsecr32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsecr32.dll -> F-Secure Corporation [Ver = 2.08.8110 | Size = 262144 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fspe32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fspe32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 385024 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsup32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsup32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 577536 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupcx32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupcx32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 73728 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupfg32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupfg32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 98304 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupmw32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupmw32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 86016 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupnp32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupnp32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 98304 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupux32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupux32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 90112 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupwu32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupwu32.dll -> F-Secure Corporation [Ver = 1.4.420 | Size = 90112 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\mlcwin -> [Folder | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] fsmart.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsmart.dll -> F-Secure Corporation [Ver = 1, 0, 0, 29 | Size = 147456 bytes | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] fsusscr.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsusscr.dll -> F-Secure Corporation [Ver = 2.30.14193 | Size = 884736 bytes | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb -> [Folder | Modified Date = 5/29/2008 6:31:17 PM | Attr = ] Nse_w32.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\Nse_w32.dll -> Norman ASA [Ver = 5,92,06 | Size = 588856 bytes | Modified Date = 5/29/2008 6:31:17 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin -> [Folder | Modified Date = 5/29/2008 6:31:21 PM | Attr = ] fssubmit.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\fssubmit.dll -> F-Secure Corporation [Ver = 1.0.11 | Size = 651264 bytes | Modified Date = 5/29/2008 6:31:20 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_bl\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_bl -> [Folder | Modified Date = 5/29/2008 6:31:19 PM | Attr = ] fsblu.dll -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_bl\fsblu.dll -> F-Secure Corporation [Ver = 1, 0, 0, 68 | Size = 544768 bytes | Modified Date = 5/29/2008 6:31:18 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus -> [Folder | Modified Date = 5/29/2008 6:50:47 PM | Attr = ] ext.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ext.dat -> [Ver = | Size = 444 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] fsedb.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsedb.dat -> [Ver = | Size = 855850 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupdllb.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupdllb.dat -> [Ver = | Size = 422594 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupplgn.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupplgn.dat -> [Ver = | Size = 226 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsuptmpl.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsuptmpl.dat -> [Ver = | Size = 5828 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] perf.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\perf.dat -> [Ver = | Size = 128 bytes | Modified Date = 5/29/2008 8:19:24 PM | Attr = ] sae.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\sae.dat -> [Ver = | Size = 243 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] sai.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\sai.dat -> [Ver = | Size = 1348 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc -> [Folder | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] ext.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc\ext.dat -> [Ver = | Size = 444 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] sae.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc\sae.dat -> [Ver = | Size = 243 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] sai.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc\sai.dat -> [Ver = | Size = 1348 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin -> [Folder | Modified Date = 5/29/2008 6:31:29 PM | Attr = ] fsedb.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsedb.dat -> [Ver = | Size = 855850 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupdllb.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupdllb.dat -> [Ver = | Size = 422594 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsupplgn.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupplgn.dat -> [Ver = | Size = 226 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] fsuptmpl.dat -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsuptmpl.dat -> [Ver = | Size = 5828 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus -> [Folder | Modified Date = 5/29/2008 6:50:47 PM | Attr = ] FS@av.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@av.ini -> [Ver = | Size = 203 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] FS@avpe.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@avpe.ini -> [Ver = | Size = 205 bytes | Modified Date = 5/29/2008 6:30:47 PM | Attr = ] FS@bleng.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@bleng.ini -> [Ver = | Size = 241 bytes | Modified Date = 5/29/2008 6:31:18 PM | Attr = ] FS@corp.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@corp.ini -> [Ver = | Size = 176 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] FS@hydra.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@hydra.ini -> [Ver = | Size = 250 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] FS@mlc.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@mlc.ini -> [Ver = | Size = 204 bytes | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] FS@ols.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@ols.ini -> [Ver = | Size = 168 bytes | Modified Date = 5/29/2008 6:31:20 PM | Attr = ] FS@peg.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@peg.ini -> [Ver = | Size = 204 bytes | Modified Date = 5/29/2008 6:31:17 PM | Attr = ] verdicts.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\Anti-Virus\verdicts.ini -> [Ver = | Size = 2539 bytes | Modified Date = 5/29/2008 6:30:50 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc -> [Folder | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] FS@av.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avmisc\FS@av.ini -> [Ver = | Size = 203 bytes | Modified Date = 5/29/2008 6:31:13 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avpe\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avpe -> [Folder | Modified Date = 5/29/2008 6:30:51 PM | Attr = ] FS@avpe.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avpe\FS@avpe.ini -> [Ver = | Size = 205 bytes | Modified Date = 5/29/2008 6:30:47 PM | Attr = ] verdicts.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\avpe\verdicts.ini -> [Ver = | Size = 2539 bytes | Modified Date = 5/29/2008 6:30:50 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta -> [Folder | Modified Date = 5/29/2008 6:31:40 PM | Attr = ] FS@corp.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\FS@corp.ini -> [Ver = | Size = 176 bytes | Modified Date = 5/29/2008 6:31:39 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin -> [Folder | Modified Date = 5/29/2008 6:31:29 PM | Attr = ] FS@hydra.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\FS@hydra.ini -> [Ver = | Size = 250 bytes | Modified Date = 5/29/2008 6:31:28 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\mlcwin -> [Folder | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] FS@mlc.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\FS@mlc.ini -> [Ver = | Size = 204 bytes | Modified Date = 5/29/2008 6:31:36 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb -> [Folder | Modified Date = 5/29/2008 6:31:17 PM | Attr = ] FS@peg.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\FS@peg.ini -> [Ver = | Size = 204 bytes | Modified Date = 5/29/2008 6:31:17 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin -> [Folder | Modified Date = 5/29/2008 6:31:21 PM | Attr = ] FS@ols.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\FS@ols.ini -> [Ver = | Size = 168 bytes | Modified Date = 5/29/2008 6:31:20 PM | Attr = ] C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_bl\ -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_bl -> [Folder | Modified Date = 5/29/2008 6:31:19 PM | Attr = ] FS@bleng.ini -> C:\Documents and Settings\owner\Local Settings\Temp\OnlineScanner\updates\ols_bl\FS@bleng.ini -> [Ver = | Size = 241 bytes | Modified Date = 5/29/2008 6:31:18 PM | Attr = ] [Manual Scans] < HKEY_CURRENT_USER\Control Panel\International > HKEY_CURRENT_USER\Control Panel\International\ -> -> HKEY_CURRENT_USER\Control Panel\International\\iCountry -> 1 -> HKEY_CURRENT_USER\Control Panel\International\\iCurrDigits -> 2 -> HKEY_CURRENT_USER\Control Panel\International\\iCurrency -> 0 -> HKEY_CURRENT_USER\Control Panel\International\\iDate -> 0 -> HKEY_CURRENT_USER\Control Panel\International\\iDigits -> 2 -> HKEY_CURRENT_USER\Control Panel\International\\iLZero -> 1 -> HKEY_CURRENT_USER\Control Panel\International\\iMeasure -> 1 -> HKEY_CURRENT_USER\Control Panel\International\\iNegCurr -> 0 -> HKEY_CURRENT_USER\Control Panel\International\\iTime -> 0 -> HKEY_CURRENT_USER\Control Panel\International\\iTLZero -> 0 -> HKEY_CURRENT_USER\Control Panel\International\\Locale -> 00000409 -> HKEY_CURRENT_USER\Control Panel\International\\s1159 -> AM -> HKEY_CURRENT_USER\Control Panel\International\\s2359 -> PM -> HKEY_CURRENT_USER\Control Panel\International\\sCountry -> United States -> HKEY_CURRENT_USER\Control Panel\International\\sCurrency -> $ -> HKEY_CURRENT_USER\Control Panel\International\\sDate -> / -> HKEY_CURRENT_USER\Control Panel\International\\sDecimal -> C:\WINDOWS\system32\. [.] -> [Folder | Modified Date = 5/29/2008 6:18:25 PM | Attr = ] HKEY_CURRENT_USER\Control Panel\International\\sLanguage -> ENU -> *sLongDate* -> HKEY_CURRENT_USER\Control Panel\International\\sLongDate -> dddd -> -> File not found MMMM dd -> -> File not found yyyy -> -> File not found *MultiFile Done* -> -> HKEY_CURRENT_USER\Control Panel\International\\sShortDate -> M/d/yyyy -> HKEY_CURRENT_USER\Control Panel\International\\sTime -> . [:] -> [Folder | Modified Date = 5/29/2008 6:18:24 PM | Attr = ] HKEY_CURRENT_USER\Control Panel\International\\sTimeFormat -> HH:mm: VIRUS ALERT! -> HKEY_CURRENT_USER\Control Panel\International\\iTimePrefix -> 0 -> HKEY_CURRENT_USER\Control Panel\International\\sMonDecimalSep -> C:\WINDOWS\system32\. [.] -> [Folder | Modified Date = 5/29/2008 6:18:25 PM | Attr = ] HKEY_CURRENT_USER\Control Panel\International\\iNegNumber -> 1 -> HKEY_CURRENT_USER\Control Panel\International\\sNativeDigits -> 0123456789 -> HKEY_CURRENT_USER\Control Panel\International\\NumShape -> 1 -> HKEY_CURRENT_USER\Control Panel\International\\iCalendarType -> 1 -> HKEY_CURRENT_USER\Control Panel\International\\iFirstDayOfWeek -> 6 -> HKEY_CURRENT_USER\Control Panel\International\\iFirstWeekOfYear -> 0 -> *sGrouping* -> HKEY_CURRENT_USER\Control Panel\International\\sGrouping -> 3 -> -> File not found 0 -> -> File not found *MultiFile Done* -> -> *sMonGrouping* -> HKEY_CURRENT_USER\Control Panel\International\\sMonGrouping -> 3 -> -> File not found 0 -> -> File not found *MultiFile Done* -> -> HKEY_CURRENT_USER\Control Panel\International\\sPositiveSign -> -> HKEY_CURRENT_USER\Control Panel\International\\sNegativeSign -> - -> HKEY_CURRENT_USER\Control Panel\International\Geo\ -> -> < End of report > [/code]