I think I'm Hijacked [RESOLVED]

I see that the log has been edited but I don't understand what I'm supposed to do.Are these things I am supposed to remove?Or am I supposed to click the links to repair stuff?

THIS IS FROM A PANDA ACTIVE PRO SCAN THAT JUST COMPLETED 5 MINUTES AGO



Incident Status Location

Spyware:Cookie/QuestionMarket Disinfected C:\Documents and Settings\Dave\Cookies\dave@questionmarket[1].txt
Spyware:Cookie/RealMedia Disinfected C:\Documents and Settings\Dave\Cookies\dave@realmedia[2].txt
Spyware:Cookie/Traffic Marketplace Disinfected C:\Documents and Settings\Dave\Cookies\dave@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Disinfected C:\Documents and Settings\Dave\Cookies\dave@tribalfusion[2].txt
Spyware:Cookie/Adlandpro Disinfected C:\Documents and Settings\Dave\Cookies\[email protected][2].txt
Spyware:Cookie/QuestionMarket Disinfected C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\c28.5EC5108C01C7A972.history\00000007.bak
Virus:492 Renamed C:\Documents and Settings\Dave\Desktop\0ss-usa\oss-usa Products 1-5\Blog Empire for Profit\Blog empire Product.zip[layersmenu.inc.php]
Virus:492 Renamed C:\Documents and Settings\Dave\Desktop\0ss-usa\oss-usa Products 1-5\Blog Empire for Profit.zip[layersmenu.inc.php]
Virus:492 Renamed C:\Documents and Settings\Dave\Desktop\Master Resell Rights\85 Scripts\63\newsgroup.zip[layersmenu.inc.php]
Virus:492 Renamed C:\Documents and Settings\Dave\Desktop\Master Resell Rights\85 Scripts.zip[layersmenu.inc.php]
tHE VIRUSES WERE NOT REMOVED

Is anyone working on my problem?

I started this topic on June 7th and have yet to get any help.Should I post a new Hijack this log?I currently have Panda Internet security 2007 and it records something trying to connect to my system every hour on the hour or there abouts.Something is residing in my system and I don't know what but I sure could use some help here.Have I come to the wrong website?This was recommended to me by another Internet marketer who had his problem fixed here.I've tried to give you all the information you require.If somethings missing please let me know and I'll get it.

Hi dvdcnhm if you reply to your own topic you will be missed as the helpers here look for zero reply topics, as they assume that any topics with replies are being worked on.

But I am here now so please repost a new Hijackthis log and an uninstall list

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post

Here is the uninstall list.There are ALOT more things installed on my computer but these are what Hijack this came up with.

Adobe® Photoshop® Album Starter Edition 3.2
HijackThis 1.99.1
InstantFileRecovery 3.0
Microsoft Office Standard Edition 2003
MSXML 6.0 Parser
Panda ActiveScan
Panda ActiveScan Pro
Panda Internet Security 2007
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
SpellingBee
SUPERAntiSpyware Free Edition
Tubes Client
Tubes Platform
Uniblue RegistryBooster 2
Uniblue SpeedUpMyPC 3
Uniblue System Tweaker
Windows Internet Explorer 7

Heres the Hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 6:51:41 PM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Lenovo\PM Driver\PMSveH.exe
c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\WebProxy.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavBckPT.exe
C:\PROGRA~1\SHORTK~1\shortkey.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.lenovo.co...me/3000notebook
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
O4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [IBM Warranty Notification] "C:\Program Files\IBM\acp\ERTS0749\ERTS0749.exe /nointro"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Add Feed to Tristana RSS Reader - res://C:\Program Files\Tristana RSS Reader\Reader.exe/AddContent.js
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm....ntent/AcpIR.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1167732515218
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.c...rt/IbmEgath.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/...all/Crusher.cab
O16 - DPF: {BE415DD9-C50D-46AA-9B5D-37F2EEBBBFE6} (acpRunner Class) - https://www-307.ibm..../AcpControl.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoft...5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PM Driver\PMSveH.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE (file missing)
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

I can see nothing apparent so I will do a quick check

Download ComboFix from Here or Here to your Desktop.

• Double click combofix.exe and follow the prompts.
• When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Please include a new Hijackthis with the reply

ComboFix log

ComboFix 07-06-18.2 - C:\Documents and Settings\Dave\Desktop\ComboFix.exe
"Dave" - 2007-06-27 16:43:30 - Service Pack 2 NTFS


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\msxml3a.dll


((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))


2007-06-27 16:40 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 12:28 <DIR> d-------- C:\DOCUME~1\Dave\APPLIC~1\Adesso Systems
2007-06-26 12:26 <DIR> d-------- C:\Program Files\Adesso Systems
2007-06-19 21:19 159,744 --a------ C:\WINDOWS\system32\hasher.dll
2007-06-19 21:19 <DIR> d-------- C:\Program Files\Trisnap Technologies
2007-06-12 01:15 <DIR> d-------- C:\Program Files\MSXML 6.0
2007-06-11 20:08 48 --a------ C:\WINDOWS\system32\drivers\wnmsav.dat
2007-06-11 15:29 <DIR> d-------- C:\DOCUME~1\Dave\APPLIC~1\System Tweaker
2007-06-11 11:59 <DIR> d-------- C:\Program Files\Uniblue
2007-06-11 11:59 <DIR> d-------- C:\DOCUME~1\Dave\APPLIC~1\Uniblue
2007-06-10 13:39 <DIR> d-------- C:\Program Files\InstantFileRecovery
2007-06-09 19:29 <DIR> d-------- C:\WINDOWS\pss
2007-06-09 15:31 261 --a------ C:\WINDOWS\system32\PavCPL.dat
2007-06-09 15:11 71,680 --a------ C:\WINDOWS\system32\drivers\pavdrv51.sys
2007-06-09 15:11 256,196 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT
2007-06-09 15:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
2007-06-09 15:10 58,800 --a------ C:\WINDOWS\system32\drivers\APPFLT.SYS
2007-06-09 15:10 49,968 --a------ C:\WINDOWS\system32\drivers\dsaflt.sys
2007-06-09 15:10 446,464 --a------ C:\WINDOWS\system32\HHActiveX.dll
2007-06-09 15:10 36,016 --a------ C:\WINDOWS\system32\drivers\smsflt.sys
2007-06-09 15:10 29,360 --a------ C:\WINDOWS\system32\drivers\wnmflt.sys
2007-06-09 15:10 190,640 --a------ C:\WINDOWS\system32\drivers\idsflt.sys
2007-06-09 15:10 15,792 --a------ C:\WINDOWS\system32\drivers\fnetmon.sys
2007-06-09 15:10 142,128 --a------ C:\WINDOWS\system32\drivers\netimflt.sys
2007-06-09 15:10 121,392 --a------ C:\WINDOWS\system32\drivers\NETFLTDI.SYS
2007-06-09 15:09 63,024 --a------ C:\WINDOWS\system32\pavipc.dll
2007-06-09 15:09 50,736 --a------ C:\WINDOWS\system32\avldr.dll
2007-06-09 15:09 292,400 --a------ C:\WINDOWS\system32\PavSHook.dll
2007-06-09 15:09 17,792 --a------ C:\WINDOWS\system32\drivers\cpoint.sys
2007-06-09 15:09 161,328 --a------ C:\WINDOWS\system32\TpUtil.dll
2007-06-09 15:09 107,568 --a------ C:\WINDOWS\system32\SYSTOOLS.DLL
2007-06-09 15:09 <DIR> d-------- C:\WINDOWS\system32\PAV
2007-06-09 15:09 <DIR> d-------- C:\Program Files\Panda Software
2007-06-09 15:06 31,104 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys
2007-06-09 15:06 170,800 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2007-06-09 15:02 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2007-06-08 05:10 <DIR> d-------- C:\Program Files\SpellingBee
2007-06-07 23:02 69,632 --a------ C:\WINDOWS\system32\asprouni.exe
2007-06-07 23:01 <DIR> d-------- C:\WINDOWS\system32\ASPRO
2007-06-07 20:53 92,160 --a------ C:\WINDOWS\system32\evntwin.exe
2007-06-07 20:53 8,704 --a------ C:\WINDOWS\system32\snmptrap.exe
2007-06-07 20:53 6,144 --a------ C:\WINDOWS\system32\snmpmib.dll
2007-06-07 20:53 39,936 --a------ C:\WINDOWS\system32\hostmib.dll
2007-06-07 20:53 33,792 --a------ C:\WINDOWS\system32\lmmib2.dll
2007-06-07 20:53 33,280 --a------ C:\WINDOWS\system32\snmp.exe
2007-06-07 20:53 24,064 --a------ C:\WINDOWS\system32\evntcmd.exe
2007-06-07 20:53 101,888 --a------ C:\WINDOWS\system32\evntagnt.dll
2007-06-07 20:46 <DIR> d-------- C:\Program Files\Article Submitter
2007-06-07 04:58 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-06-07 02:32 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-06-07 02:31 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-06-07 02:31 <DIR> d-------- C:\DOCUME~1\Dave\APPLIC~1\SUPERAntiSpyware.com
2007-06-05 20:20 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-06-05 18:40 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-06-05 04:30 0 --a------ C:\WINDOWS\system32\SBRC.dat
2007-06-05 04:30 0 --a------ C:\WINDOWS\system32\SBFC.dat
2007-06-01 20:12 <DIR> d-------- C:\Program Files\QuickTime


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-26 16:27:17 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-25 20:14:00 -------- d-----w C:\Program Files\ShortKeys2
2007-06-24 07:39:18 5,427 ----a-w C:\WINDOWS\system32\EGATHDRV.SYS
2007-06-21 08:25:26 -------- d-----w C:\Program Files\TrojanHunter 4.6
2007-06-21 08:24:54 -------- d-----w C:\Program Files\Picasa2
2007-06-21 08:19:49 -------- d-----w C:\Program Files\Microsoft IntelliPoint
2007-06-21 08:16:13 -------- d-----w C:\Program Files\Google
2007-06-21 08:11:45 -------- d-----w C:\Program Files\Common Files\Lenovo
2007-06-14 22:56:59 -------- d-----w C:\Program Files\Citrix
2007-06-11 17:11:15 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-06-11 17:08:26 -------- d-----w C:\Program Files\Nvu
2007-06-10 08:23:16 -------- d-----w C:\DOCUME~1\Dave\APPLIC~1\OpenOffice.org2
2007-06-07 10:12:04 -------- d-----w C:\Program Files\Messenger
2007-06-07 06:29:18 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-06-06 19:21:09 -------- d-----w C:\Program Files\JV_Suite
2007-06-03 21:30:23 -------- d-----w C:\Program Files\Yahoo!
2007-06-03 21:30:20 -------- d-----w C:\Program Files\Common Files\Scanner
2007-06-03 21:29:53 -------- d-----w C:\DOCUME~1\Dave\APPLIC~1\Yahoo!
2007-05-20 18:38:43 45,056 ----a-w C:\WINDOWS\NCUNINST.EXE
2007-05-17 00:37:39 -------- d-----w C:\Program Files\Bryxen Software
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-13 05:01:11 -------- d-----w C:\Program Files\Sonic
2007-05-10 07:07:07 -------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 02:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 02:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 02:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 02:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 02:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 02:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 02:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 02:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-17 02:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-17 02:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2007-04-12 04:13:05 5 ----a-w C:\WINDOWS\Windows9XPx.dat
2007-02-27 07:58:14 168 --sh--r C:\WINDOWS\system32\6F4E33AEF6.sys
2007-02-27 16:33:41 12,208 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{5CA3D70E-1895-11CF-8E15-001234567890}=C:\WINDOWS\system32\dla\tfswshx.dll [2005-05-31 05:33]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 19:21]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll [2007-02-06 20:08]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-06-13 21:33]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-19 01:51]
"TPHOTKEY"="C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe" [2006-05-07 21:34]
"TPWAUDAP"="C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe" [2006-04-19 18:29]
"PMHandler"="C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe" [2006-08-22 03:54]
"AGRSMMSG"="AGRSMMSG.exe" [2006-08-30 03:40 C:\WINDOWS\AGRSMMSG.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 19:07]
"TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2006-12-10 19:36]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 20:15]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 14:44]
"LPManager"="C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-02-02 02:01]
"AMSG"="C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe" [2005-11-23 00:36]
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 20:24]
"ACTray"="C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe" [2006-12-25 10:34]
"ACWLIcon"="C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2006-12-25 10:29]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-02-20 21:18]
"cssauth"="C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" [2006-07-14 22:13]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 20:00]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2005-03-23 19:26]
"IBM Warranty Notification"="C:\Program Files\IBM\acp\ERTS0749\ERTS0749.exe" [2004-03-12 22:24]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.exe" [2007-04-27 20:44]
"SCANINICIO"="C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe" [2007-04-17 18:29]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 21:33]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-08 20:22]
"Uniblue SpeedUpMyPC"="C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe" [2007-05-23 14:03]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 00:05]
"Uniblue RegistryBooster2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-05-16 10:18]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideShutdownScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"=99 (0x63)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 12:55]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages scecli ACGina


Contents of the 'Scheduled Tasks' folder
2007-06-11 15:59:26 C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
2007-06-11 15:59:25 C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-27 16:49:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]
"ImagePath"="\"C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ComFiltr]
"ImagePath"="\??\C:\WINDOWS\system32\DRIVERS\COMFiltr.sys"

Completion time: 2007-06-27 16:49:48
C:\ComboFix-quarantined-files.txt ... 2007-06-27 16:49

--- E O F ---


HiJackThis Log 06/27/07

Logfile of HijackThis v1.99.1
Scan saved at 5:03:05 PM, on 6/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Lenovo\PM Driver\PMSveH.exe
c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PavBckPT.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\apvxdwin.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\WebProxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.lenovo.co...me/3000notebook
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
O4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [IBM Warranty Notification] "C:\Program Files\IBM\acp\ERTS0749\ERTS0749.exe /nointro"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Add Feed to Tristana RSS Reader - res://C:\Program Files\Tristana RSS Reader\Reader.exe/AddContent.js
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm....ntent/AcpIR.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1167732515218
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.c...rt/IbmEgath.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/...all/Crusher.cab
O16 - DPF: {BE415DD9-C50D-46AA-9B5D-37F2EEBBBFE6} (acpRunner Class) - https://www-307.ibm..../AcpControl.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoft...5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PM Driver\PMSveH.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE (file missing)
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

Still nothing readilly apparent so time for a deeper look

Download WinPFind3u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.

• Close ALL OTHER PROGRAMS.
• Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
• Now click the Run Scan button on the toolbar.
• Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

WinPFind3 logfile created on: 6/27/2007 5:44:45 PM
WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\Documents and Settings\Dave\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

502.11 Mb Total Physical Memory | 167.17 Mb Available Physical Memory | 33.29% Memory free
1.42 Gb Paging File | 0.76 Gb Available in Paging File | 53.91% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.66 Gb Total Space | 38.51 Gb Free Space | 55.29% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: LENOVO-774C8FFF
Current User Name: Dave
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
acprfmgrsvc.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -> [Ver = | Size = 53248 bytes | Modified Date = 12/25/2006 10:37:12 AM | Attr = ]
acsvc.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcSvc.exe -> Lenovo [Ver = 4, 21, 0, 0 | Size = 172032 bytes | Modified Date = 12/25/2006 10:38:34 AM | Attr = ]
actray.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACTray.exe -> [Ver = | Size = 409600 bytes | Modified Date = 12/25/2006 10:34:58 AM | Attr = ]
acwlicon.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACWLIcon.exe -> [Ver = | Size = 110592 bytes | Modified Date = 12/25/2006 10:29:04 AM | Attr = ]
agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.73 2.1.73 08/30/2006 16:40:02 | Size = 89542 bytes | Modified Date = 8/30/2006 3:40:04 AM | Attr = ]
amsg.exe -> %ProgramFiles%\ThinkVantage\AMSG\Amsg.exe -> LENOVO [Ver = 1, 0, 0, 0 | Size = 507904 bytes | Modified Date = 11/23/2005 12:36:32 AM | Attr = ]
apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.2.0.77764 | Size = 63712 bytes | Modified Date = 3/9/2007 11:09:58 AM | Attr = ]
avengine.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\AVENGINE.EXE -> Panda Software International [Ver = 2, 1, 24, 0 | Size = 96816 bytes | Modified Date = 3/15/2007 4:51:46 PM | Attr = ]
cssauth.exe -> %ProgramFiles%\Lenovo\Client Security Solution\cssauth.exe -> Lenovo Group Limited [Ver = 7.00.0052.00 | Size = 2341632 bytes | Modified Date = 7/14/2006 10:13:14 PM | Attr = ]
dkicon.exe -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkIcon.exe -> Diskeeper Corporation [Ver = 9.0.541.0 | Size = 196696 bytes | Modified Date = 5/18/2006 8:24:06 PM | Attr = ]
dkservice.exe -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkService.exe -> Diskeeper Corporation [Ver = 9.0.541.0 | Size = 622700 bytes | Modified Date = 5/24/2006 1:08:06 AM | Attr = ]
dot1xcfg.exe -> %ProgramFiles%\Intel\Wireless\Bin\Dot1XCfg.exe -> Intel Corporation [Ver = 10.5.0.3 | Size = 479232 bytes | Modified Date = 8/2/2006 4:27:54 AM | Attr = ]
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 10.5.0.20 | Size = 434176 bytes | Modified Date = 8/2/2006 4:39:20 AM | Attr = ]
googleupdater.exe -> %ProgramFiles%\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.0.755.22488.beta | Size = 123640 bytes | Modified Date = 2/6/2007 8:07:26 PM | Attr = ]
hkcmd.exe -> %System32%\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4543 | Size = 77824 bytes | Modified Date = 3/23/2006 12:13:00 AM | Attr = ]
igfxpers.exe -> %System32%\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4543 | Size = 118784 bytes | Modified Date = 3/23/2006 12:17:00 AM | Attr = ]
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 2:44:02 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 7:07:30 PM | Attr = ]
lpmgr.exe -> %ProgramFiles%\Lenovo\LenovoCare\LPMGR.EXE -> Lenovo Group Limited [Ver = 1, 0, 0, 2 | Size = 120368 bytes | Modified Date = 2/2/2007 2:01:00 AM | Attr = ]
mysqld-nt.exe -> %ProgramFiles%\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -> [Ver = | Size = 4149248 bytes | Modified Date = 4/27/2006 3:03:48 PM | Attr = ]
natspeak.exe -> %ProgramFiles%\Nuance\NaturallySpeaking9\Program\natspeak.exe -> Nuance Communications, Inc. [Ver = 9.10.000.141 | Size = 2332264 bytes | Modified Date = 2/8/2007 1:48:54 AM | Attr = ]
pavbckpt.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PavBckPT.exe -> Panda Software International, S.L. [Ver = 1, 0, 0, 17 | Size = 108080 bytes | Modified Date = 4/20/2007 2:33:54 PM | Attr = ]
pavfnsvr.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PAVFNSVR.EXE -> Panda Software International [Ver = 8.12.03.00 | Size = 173616 bytes | Modified Date = 4/4/2007 11:44:58 AM | Attr = ]
pavprsrv.exe -> %CommonProgramFiles%\Panda Software\PavShld\PavPrSrv.exe -> Panda Software International [Ver = 1.3.1.0 | Size = 41520 bytes | Modified Date = 2/19/2007 8:21:52 AM | Attr = ]
pavsrv51.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PAVSRV51.EXE -> Panda Software International [Ver = 2, 1, 18, 0 | Size = 136752 bytes | Modified Date = 2/15/2007 8:00:56 PM | Attr = ]
picasamediadetector.exe -> %ProgramFiles%\Picasa2\PicasaMediaDetector.exe -> Google Inc. [Ver = 2.6.36.21 | Size = 366400 bytes | Modified Date = 2/20/2007 9:18:34 PM | Attr = ]
pmhandler.exe -> %ProgramFiles%\Lenovo\PM Driver\PMHandler.exe -> Lenovo [Ver = 1, 0, 0, 9 | Size = 33128 bytes | Modified Date = 8/22/2006 3:54:08 AM | Attr = ]
pmsveh.exe -> %ProgramFiles%\Lenovo\PM Driver\PMSveH.exe -> Lenovo [Ver = 1, 0, 0, 8 | Size = 57344 bytes | Modified Date = 5/24/2006 5:33:32 PM | Attr = ]
psctrls.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PsCtrlS.exe -> Panda Software International [Ver = 3.05.02.00 | Size = 165424 bytes | Modified Date = 4/4/2007 11:45:08 AM | Attr = ]
pshost.exe -> %ProgramFiles%\panda software\panda internet security 2007\FIREWALL\PSHost.exe -> Panda Software International [Ver = 1, 0, 0, 20 | Size = 226864 bytes | Modified Date = 4/4/2007 11:45:08 AM | Attr = ]
psimsvc.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PsImSvc.exe -> Panda Software International [Ver = 2, 7, 53, 0 | Size = 108080 bytes | Modified Date = 2/6/2007 6:44:12 PM | Attr = ]
pskmssvc.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe -> Panda Software International [Ver = 1, 4, 3, 1 | Size = 67120 bytes | Modified Date = 1/15/2007 2:42:16 PM | Attr = ]
registrybooster.exe -> %ProgramFiles%\Uniblue\RegistryBooster 2\RegistryBooster.exe -> Uniblue Software [Ver = 2.0.1041.3208 | Size = 1856544 bytes | Modified Date = 5/16/2007 10:18:00 AM | Attr = ]
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 10.5.0.4 | Size = 327680 bytes | Modified Date = 8/2/2006 4:24:22 AM | Attr = ]
rrservice.exe -> %ProgramFiles%\Lenovo\Rescue and Recovery\rrservice.exe -> Lenovo Group Limited [Ver = 3,10,17,0 | Size = 1974272 bytes | Modified Date = 7/14/2006 10:01:00 PM | Attr = ]
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 10.5.0.34 | Size = 937984 bytes | Modified Date = 8/2/2006 4:31:22 AM | Attr = ]
scheduler_proxy.exe -> %CommonProgramFiles%\Lenovo\Scheduler\scheduler_proxy.exe -> Lenovo Group Limited [Ver = 4,0,111,0 | Size = 536576 bytes | Modified Date = 12/10/2006 7:36:32 PM | Attr = ]
shortkey.exe -> %ProgramFiles%\ShortKeys2\shortkey.exe -> Insight Software Solutions [Ver = 2.1.5.1 | Size = 2023424 bytes | Modified Date = 10/10/2005 2:56:34 PM | Attr = ]
speedupmypc.exe -> %ProgramFiles%\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -> Uniblue Software [Ver = 3.5.2325.31 | Size = 8631840 bytes | Modified Date = 5/23/2007 2:03:52 PM | Attr = ]
srvload.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\SrvLoad.exe -> Panda Software International [Ver = 6.01.01.00 | Size = 79408 bytes | Modified Date = 2/5/2007 10:00:22 AM | Attr = ]
superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 8, 0, 1002 | Size = 1314816 bytes | Modified Date = 6/8/2007 8:22:12 PM | Attr = ]
suservice.exe -> %ProgramFiles%\Lenovo\system update\suservice.exe -> Lenovo Group Limited [Ver = 3.0.23.0 | Size = 13312 bytes | Modified Date = 2/12/2007 2:35:42 AM | Attr = ]
svcguihlpr.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe -> [Ver = | Size = 106496 bytes | Modified Date = 12/25/2006 10:39:14 AM | Attr = ]
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.3.4 19May06 | Size = 774233 bytes | Modified Date = 5/19/2006 1:51:00 AM | Attr = ]
tphkmgr.exe -> %ProgramFiles%\Lenovo\HOTKEY\TPHKMGR.exe -> [Ver = | Size = 94208 bytes | Modified Date = 5/7/2006 9:34:06 PM | Attr = ]
tpsrv.exe -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\TPSrv.exe -> Panda Software International [Ver = 8, 0, 0, 0 | Size = 405040 bytes | Modified Date = 4/16/2007 5:04:32 PM | Attr = ]
tpwaudap.exe -> %ProgramFiles%\Lenovo\HOTKEY\TpWAudAp.exe -> [Ver = | Size = 24576 bytes | Modified Date = 4/19/2006 6:29:44 PM | Attr = ]
tvt_reg_monitor_svc.exe -> %CommonProgramFiles%\Lenovo\tvt_reg_monitor_svc.exe -> [Ver = 1, 0, 0, 1 | Size = 629504 bytes | Modified Date = 7/14/2006 9:24:52 PM | Attr = ]
tvtsched.exe -> %CommonProgramFiles%\Lenovo\Scheduler\tvtsched.exe -> Lenovo Group Limited [Ver = 4,0,111,0 | Size = 1118208 bytes | Modified Date = 12/10/2006 7:36:22 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 6/23/2007 3:15:54 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AcPrfMgrSvc) Ac Profile Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -> [Ver = | Size = 53248 bytes | Modified Date = 12/25/2006 10:37:12 AM | Attr = ]
(AcSvc) Access Connections Main Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcSvc.exe -> Lenovo [Ver = 4, 21, 0, 0 | Size = 172032 bytes | Modified Date = 12/25/2006 10:38:34 AM | Attr = ]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 2/12/2007 1:03:48 AM | Attr = ]
(Diskeeper) Diskeeper [Win32_Own | Auto | Running] -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkService.exe -> Diskeeper Corporation [Ver = 9.0.541.0 | Size = 622700 bytes | Modified Date = 5/24/2006 1:08:06 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(EvtEng) Intel® PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 10.5.0.20 | Size = 434176 bytes | Modified Date = 8/2/2006 4:39:20 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 10/22/2004 7:24:18 AM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(MySQL) MySQL [Win32_Own | Auto | Running] -> %ProgramFiles%\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -> [Ver = | Size = 4149248 bytes | Modified Date = 4/27/2006 3:03:48 PM | Attr = ]
(Panda Software Controller) Panda Software Controller [Win32_Own | Auto | Running] -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PsCtrlS.exe -> Panda Software International [Ver = 3.05.02.00 | Size = 165424 bytes | Modified Date = 4/4/2007 11:45:08 AM | Attr = ]
(PAVFNSVR) Panda Function Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PAVFNSVR.EXE -> Panda Software International [Ver = 8.12.03.00 | Size = 173616 bytes | Modified Date = 4/4/2007 11:44:58 AM | Attr = ]
(PavPrSrv) Panda Process Protection Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Panda Software\PavShld\PavPrSrv.exe -> Panda Software International [Ver = 1.3.1.0 | Size = 41520 bytes | Modified Date = 2/19/2007 8:21:52 AM | Attr = ]
(PAVSRV) Panda anti-virus service [Win32_Own | Auto | Running] -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PAVSRV51.EXE -> Panda Software International [Ver = 2, 1, 18, 0 | Size = 136752 bytes | Modified Date = 2/15/2007 8:00:56 PM | Attr = ]
(pmshellsrv) Panda Antispam Engine [Win32_Own | Auto | Running] -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe -> Panda Software International [Ver = 1, 4, 3, 1 | Size = 67120 bytes | Modified Date = 1/15/2007 2:42:16 PM | Attr = ]
(PMSveH) PMSveH [Win32_Own | Auto | Running] -> %ProgramFiles%\Lenovo\PM Driver\PMSveH.exe -> Lenovo [Ver = 1, 0, 0, 8 | Size = 57344 bytes | Modified Date = 5/24/2006 5:33:32 PM | Attr = ]
(PsaSrv) IBM PSA Access Driver Control [Win32_Own | On_Demand | Stopped] -> %System32%\PsaSrv.exe -> File not found
(PSHost) Panda Host Service [Win32_Own | Auto | Running] -> %ProgramFiles%\panda software\panda internet security 2007\FIREWALL\PSHost.exe -> Panda Software International [Ver = 1, 0, 0, 20 | Size = 226864 bytes | Modified Date = 4/4/2007 11:45:08 AM | Attr = ]
(PSIMSVC) Panda IManager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\PsImSvc.exe -> Panda Software International [Ver = 2, 7, 53, 0 | Size = 108080 bytes | Modified Date = 2/6/2007 6:44:12 PM | Attr = ]
(RegSrvc) Intel® PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 10.5.0.4 | Size = 327680 bytes | Modified Date = 8/2/2006 4:24:22 AM | Attr = ]
(S24EventMonitor) Intel® PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 10.5.0.34 | Size = 937984 bytes | Modified Date = 8/2/2006 4:31:22 AM | Attr = ]
(SUService) System Update [Win32_Own | Auto | Running] -> %ProgramFiles%\Lenovo\system update\suservice.exe -> Lenovo Group Limited [Ver = 3.0.23.0 | Size = 13312 bytes | Modified Date = 2/12/2007 2:35:42 AM | Attr = ]
(SysEnforce) SysEnforce [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE -> File not found
(ThinkVantage Registry Monitor Service) ThinkVantage Registry Monitor Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Lenovo\tvt_reg_monitor_svc.exe -> [Ver = 1, 0, 0, 1 | Size = 629504 bytes | Modified Date = 7/14/2006 9:24:52 PM | Attr = ]
(TPSrv) Panda TPSrv [Win32_Own | Auto | Running] -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\TPSrv.exe -> Panda Software International [Ver = 8, 0, 0, 0 | Size = 405040 bytes | Modified Date = 4/16/2007 5:04:32 PM | Attr = ]
(TVT Backup Service) TVT Backup Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lenovo\Rescue and Recovery\rrservice.exe -> Lenovo Group Limited [Ver = 3,10,17,0 | Size = 1974272 bytes | Modified Date = 7/14/2006 10:01:00 PM | Attr = ]
(TVT Scheduler) TVT Scheduler [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Lenovo\Scheduler\tvtsched.exe -> Lenovo Group Limited [Ver = 4,0,111,0 | Size = 1118208 bytes | Modified Date = 12/10/2006 7:36:22 PM | Attr = ]

[Driver Services - All]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> %System32%\drivers\ABP480N5.SYS -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23552 bytes | Modified Date = 8/17/2001 4:52:00 PM | Attr = ]
(ACPI) Microsoft ACPI Driver [Kernel | Boot | Running] -> %System32%\drivers\acpi.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 187776 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(ACPIEC) Microsoft Embedded Controller Driver [Kernel | Boot | Running] -> %System32%\drivers\acpiec.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 11648 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(ADIHdAudAddService) ADI UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> %System32%\drivers\ADIHdAud.sys -> Analog Devices, Inc. [Ver = 5.10.01.4130 built by: WinDDK | Size = 138752 bytes | Modified Date = 8/18/2005 2:26:14 AM | Attr = ]
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> %System32%\drivers\adpu160m.sys -> Microsoft Corporation [Ver = v3.60a (Lab01_N(johnstra).010529-2218) | Size = 101888 bytes | Modified Date = 8/17/2001 5:07:32 PM | Attr = ]
(aec) Microsoft Kernel Acoustic Echo Canceller [Kernel | On_Demand | Stopped] -> %System32%\drivers\aec.sys -> Microsoft Corporation [Ver = 5.1.2601.2180 | Size = 142464 bytes | Modified Date = 2/14/2006 8:22:26 PM | Attr = ]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.5.3.0 [Kernel | Auto | Running] -> %System32%\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.5.3.0 | Size = 21419 bytes | Modified Date = 11/24/2006 11:11:42 PM | Attr = ]
(AFD) AFD [Kernel | System | Running] -> %System32%\drivers\afd.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 138496 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> %System32%\drivers\AGRSM.sys -> Agere Systems [Ver = 2.1.73 08/30/2006 14:52:54 | Size = 1161152 bytes | Modified Date = 8/30/2006 1:53:00 AM | Attr = ]
(agp440) Intel AGP Bus Filter [Kernel | Disabled | Stopped] -> %System32%\drivers\AGP440.SYS -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42368 bytes | Modified Date = 8/4/2004 2:07:42 AM | Attr = ]
(agpCPQ) Compaq AGP Bus Filter [Kernel | Disabled | Stopped] -> %System32%\drivers\AGPCPQ.SYS -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 44928 bytes | Modified Date = 8/4/2004 2:07:44 AM | Attr = ]
(Aha154x) Aha154x [Kernel | Disabled | Stopped] -> %System32%\drivers\aha154x.sys -> Microsoft Corporation [Ver = v1.13b (XPClient.010817-1148) | Size = 12800 bytes | Modified Date = 8/17/2001 4:52:02 PM | Attr = ]
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> %System32%\drivers\aic78u2.sys -> Microsoft Corporation [Ver = v3.60a (Lab01_N.010510-0033) | Size = 55168 bytes | Modified Date = 8/17/2001 5:07:36 PM | Attr = ]
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> %System32%\drivers\aic78xx.sys -> Microsoft Corporation [Ver = v3.60a (Lab01_N.010510-0033) | Size = 56960 bytes | Modified Date = 8/17/2001 5:07:38 PM | Attr = ]
(AliIde) AliIde [Kernel | Disabled | Stopped] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 8/17/2001 4:51:56 PM | Attr = ]
(alim1541) ALI AGP Bus Filter [Kernel | Disabled | Stopped] -> %System32%\drivers\ALIM1541.SYS -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42752 bytes | Modified Date = 8/4/2004 2:07:42 AM | Attr = ]
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %System32%\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 8/4/2004 2:07:44 AM | Attr = ]
(amsint) amsint [Kernel | Disabled | Stopped] -> %System32%\drivers\amsint.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 12032 bytes | Modified Date = 8/17/2001 4:52:04 PM | Attr = ]
(ANC) ANC [Kernel | System | Running] -> %System32%\drivers\ANC.sys -> IBM Corp. [Ver = 8.3 | Size = 11520 bytes | Modified Date = 11/8/2005 9:27:20 AM | Attr = ]
(APPFLT) App Filter Plugin [Kernel | System | Running] -> %System32%\drivers\APPFLT.SYS -> Panda Software [Ver = 2.2.0.42 | Size = 58800 bytes | Modified Date = 4/2/2007 7:43:14 PM | Attr = ]
(Arp1394) 1394 ARP Client Protocol [Kernel | On_Demand | Running] -> %System32%\drivers\arp1394.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60800 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(asc) asc [Kernel | Disabled | Stopped] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 8/17/2001 4:52:00 PM | Attr = ]
(asc3350p) asc3350p [Kernel | Disabled | Stopped] -> %System32%\drivers\asc3350p.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 22400 bytes | Modified Date = 8/17/2001 4:52:04 PM | Attr = ]
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 8/17/2001 4:51:58 PM | Attr = ]
(AsyncMac) RAS Asynchronous Media Driver [Kernel | On_Demand | Running] -> %System32%\drivers\asyncmac.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(atapi) Standard IDE/ESDI Hard Disk Controller [Kernel | Boot | Running] -> %System32%\drivers\atapi.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 95360 bytes | Modified Date = 8/4/2004 1:59:44 AM | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(Atmarpc) ATM ARP Client Protocol [Kernel | On_Demand | Stopped] -> %System32%\drivers\atmarpc.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(audstub) Audio Stub Driver [Kernel | On_Demand | Running] -> %System32%\drivers\audstub.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 3072 bytes | Modified Date = 8/17/2001 9:59:44 AM | Attr = ]
(AvFlt) Antivirus Filter Driver [File_System | On_Demand | Running] -> %System32%\drivers\av5flt.sys -> File not found
(Beep) Beep [Kernel | System | Running] -> %System32%\drivers\beep.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 4224 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(cbidf) cbidf [Kernel | Disabled | Stopped] -> %System32%\drivers\cbidf2k.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 13952 bytes | Modified Date = 8/17/2001 4:52:08 PM | Attr = ]
(cbidf2k) cbidf2k [Kernel | Disabled | Stopped] -> %System32%\drivers\cbidf2k.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 13952 bytes | Modified Date = 8/17/2001 4:52:08 PM | Attr = ]
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> %System32%\drivers\cd20xrnt.sys -> Microsoft Corporation [Ver = v3.01 (XPClient.010817-1148) | Size = 7680 bytes | Modified Date = 8/17/2001 4:52:06 PM | Attr = ]
(Cdaudio) Cdaudio [Kernel | System | Stopped] -> %System32%\drivers\cdaudio.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 18688 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Cdfs) Cdfs [File_System | Disabled | Running] -> %System32%\drivers\cdfs.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 63744 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Cdrom) CD-ROM Driver [Kernel | System | Running] -> %System32%\drivers\cdrom.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Running] -> %System32%\drivers\CmBatt.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14080 bytes | Modified Date = 8/4/2004 3:07:40 AM | Attr = ]
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 8/17/2001 4:51:54 PM | Attr = ]
(Compbatt) Microsoft Composite Battery Driver [Kernel | Boot | Running] -> %System32%\drivers\compbatt.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 9344 bytes | Modified Date = 8/17/2001 5:58:00 PM | Attr = ]
(cpoint) Panda CPoint Driver [Kernel | Auto | Running] -> %System32%\drivers\cpoint.sys -> Panda Software [Ver = 1, 2, 0, 50 | Size = 17792 bytes | Modified Date = 10/27/2006 1:27:00 PM | Attr = ]
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> %System32%\drivers\cpqarray.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 14976 bytes | Modified Date = 8/17/2001 4:52:06 PM | Attr = ]
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 8/17/2001 4:52:16 PM | Attr = ]
(dac960nt) dac960nt [Kernel | Disabled | Stopped] -> %System32%\drivers\dac960nt.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 14720 bytes | Modified Date = 8/17/2001 4:52:16 PM | Attr = ]
(Disk) Disk Driver [Kernel | Boot | Running] -> %System32%\drivers\disk.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 36352 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(DMusic) Microsoft Kernel DLS Syntheiszer [Kernel | On_Demand | Stopped] -> %System32%\drivers\DMusic.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 52864 bytes | Modified Date = 8/4/2004 3:07:40 AM | Attr = ]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] -> %System32%\drivers\dpti2o.sys -> Microsoft Corporation [Ver = 2.09 (Lab01_N.010309-0027) | Size = 20192 bytes | Modified Date = 8/17/2001 5:07:44 PM | Attr = ]
(drmkaud) Microsoft Kernel DRM Audio Descrambler [Kernel | On_Demand | Stopped] -> %System32%\drivers\drmkaud.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 2944 bytes | Modified Date = 8/4/2004 3:07:58 AM | Attr = ]
(drvmcdb) drvmcdb [Kernel | Boot | Running] -> %System32%\drivers\drvmcdb.sys -> Sonic Solutions [Ver = 3.22.13a | Size = 88352 bytes | Modified Date = 4/22/2005 3:22:00 AM | Attr = ]
(drvnddm) drvnddm [File_System | Auto | Running] -> %System32%\drivers\drvnddm.sys -> Sonic Solutions [Ver = 2.56.53a | Size = 40544 bytes | Modified Date = 4/21/2005 2:56:00 AM | Attr = ]
(DSAFLT) DSA Filter Plugin [Kernel | System | Running] -> %System32%\drivers\dsaflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 49968 bytes | Modified Date = 4/2/2007 7:43:18 PM | Attr = ]
(E100B) Intel® PRO Adapter Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Modified Date = 8/17/2001 8:12:10 AM | Attr = ]
(EGATHDRV) IBM eGatherer [Kernel | Auto | Running] -> %System32%\EGATHDRV.SYS -> IBM Corporation [Ver = 2.05 | Size = 5427 bytes | Modified Date = 6/24/2007 3:39:20 AM | Attr = ]
(Fastfat) Fastfat [File_System | Disabled | Running] -> %System32%\drivers\fastfat.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 143360 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Fdc) Floppy Disk Controller Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\fdc.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 27392 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Fips) Fips [Kernel | System | Running] -> %System32%\drivers\fips.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 34944 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Flpydisk) Floppy Disk Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\flpydisk.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 20480 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(FltMgr) FltMgr [File_System | Boot | Running] -> %System32%\drivers\fltmgr.sys -> Microsoft Corporation [Ver = 5.1.2600.2978 (xpsp_sp2_gdr.060821-0039) | Size = 128896 bytes | Modified Date = 8/21/2006 5:14:58 AM | Attr = ]
(FNETMON) NetMon Filter Plugin [Kernel | System | Running] -> %System32%\drivers\fnetmon.sys -> Panda Software [Ver = 2.2.0.25 | Size = 15792 bytes | Modified Date = 3/12/2007 5:45:48 PM | Attr = ]
(Ftdisk) Volume Manager Driver [Kernel | Boot | Running] -> %System32%\drivers\ftdisk.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 125056 bytes | Modified Date = 8/17/2001 4:52:50 PM | Attr = ]
(G400) G400 [Kernel | On_Demand | Stopped] -> %System32%\drivers\G400m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 322432 bytes | Modified Date = 8/17/2001 8:49:42 AM | Attr = ]
(Gpc) Generic Packet Classifier [Kernel | On_Demand | Running] -> %System32%\drivers\msgpc.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 35072 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %System32%\drivers\hdaudbus.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 1/7/2005 5:07:18 PM | Attr = ]
(HidUsb) Microsoft HID Class Driver [Kernel | On_Demand | Running] -> %System32%\drivers\hidusb.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 9600 bytes | Modified Date = 8/17/2001 6:02:20 PM | Attr = ]
(hpn) hpn [Kernel | Disabled | Stopped] -> %System32%\drivers\hpn.sys -> Microsoft Corporation [Ver = 5.1.2467.0 (Lab01_N(johnstra).010423-0023) | Size = 25952 bytes | Modified Date = 8/17/2001 5:07:44 PM | Attr = ]
(HTTP) HTTP [Kernel | On_Demand | Running] -> %System32%\drivers\http.sys -> Microsoft Corporation [Ver = 5.1.2600.2869 (xpsp_sp2_gdr.060316-1512) | Size = 262784 bytes | Modified Date = 3/16/2006 8:33:10 PM | Attr = ]
(i2omgmt) i2omgmt [Kernel | System | Running] -> %System32%\drivers\i2omgmt.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 8192 bytes | Modified Date = 8/4/2004 2:00:52 AM | Attr = ]
(i2omp) i2omp [Kernel | Disabled | Stopped] -> %System32%\drivers\i2omp.sys -> Microsoft Corporation [Ver = 1.0.0.6 (xpsp_sp2_rtm.040803-2158) | Size = 18560 bytes | Modified Date = 8/4/2004 2:00:52 AM | Attr = ]
(i8042prt) i8042 Keyboard and PS/2 Mouse Port Driver [Kernel | System | Running] -> %System32%\drivers\i8042prt.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 52736 bytes | Modified Date = 8/4/2004 3:14:38 AM | Attr = ]
(ialm) ialm [Kernel | On_Demand | Running] -> %System32%\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.14.10.4543 | Size = 1166972 bytes | Modified Date = 3/23/2006 12:47:00 AM | Attr = ]
(iaStor) Intel AHCI Controller [Kernel | Disabled | Stopped] -> %System32%\drivers\iaStor.sys -> Intel Corporation [Ver = 5.5.0.1035 | Size = 874240 bytes | Modified Date = 10/11/2005 8:07:12 PM | Attr = ]
(IBMTPCHK) IBMTPCHK [Kernel | System | Running] -> %System32%\drivers\IBMBLDID.sys -> [Ver = | Size = 6016 bytes | Modified Date = 1/13/2006 12:33:22 AM | Attr = ]
(IDSFLT) Ids Filter Plugin [Kernel | System | Running] -> %System32%\drivers\idsflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 190640 bytes | Modified Date = 4/2/2007 7:43:20 PM | Attr = ]
(Imapi) CD-Burning Filter Driver [Kernel | System | Running] -> %System32%\drivers\imapi.sys -> Microsoft Corporation [Ver = 5.1.2600.2505 (xpsp.040806-1825) | Size = 41984 bytes | Modified Date = 8/13/2004 1:17:16 PM | Attr = ]
(ini910u) ini910u [Kernel | Disabled | Stopped] -> %System32%\drivers\ini910u.sys -> Microsoft Corporation [Ver = 2.17 (XPClient.010817-1148) | Size = 16000 bytes | Modified Date = 8/17/2001 4:52:08 PM | Attr = ]
(IntelIde) IntelIde [Kernel | Disabled | Stopped] -> %System32%\drivers\intelide.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5504 bytes | Modified Date = 8/4/2004 1:59:42 AM | Attr = ]
(intelppm) Intel Processor Driver [Kernel | System | Running] -> %System32%\drivers\intelppm.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 36096 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Ip6Fw) IPv6 Windows Firewall Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ip6fw.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 29056 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(IpFilterDriver) IP Traffic Filter Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ipfltdrv.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 32896 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ipinip.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 20992 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(IpNat) IP Network Address Translator [Kernel | On_Demand | Running] -> %System32%\drivers\ipnat.sys -> Microsoft Corporation [Ver = 5.1.2600.2524 (xpsp_sp2_gdr.040919-1056) | Size = 134912 bytes | Modified Date = 9/29/2004 6:28:38 PM | Attr = ]
(IPSec) IPSEC driver [Kernel | System | Running] -> %System32%\drivers\ipsec.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 74752 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(IRENUM) IR Enumerator Service [Kernel | On_Demand | Stopped] -> %System32%\drivers\irenum.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 11264 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(isapnp) PnP ISA/EISA Bus Driver [Kernel | Boot | Running] -> %System32%\drivers\isapnp.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 35840 bytes | Modified Date = 8/17/2001 4:58:02 PM | Attr = ]
(Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> %System32%\drivers\iviaspi.sys -> InterVideo, Inc. [Ver = 1, 0, 0, 0 | Size = 21060 bytes | Modified Date = 9/11/2003 3:36:54 AM | Attr = ]
(Kbdclass) Keyboard Class Driver [Kernel | System | Running] -> %System32%\drivers\kbdclass.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 8/4/2004 1:58:34 AM | Attr = ]
(kmixer) Microsoft Kernel Wave Audio Mixer [Kernel | On_Demand | Running] -> %System32%\drivers\kmixer.sys -> Microsoft Corporation [Ver = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) | Size = 172416 bytes | Modified Date = 6/14/2006 4:47:46 AM | Attr = ]
(KSecDD) KSecDD [Kernel | Boot | Running] -> %System32%\drivers\ksecdd.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 92032 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mnmdd) mnmdd [Kernel | System | Running] -> %System32%\drivers\mnmdd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 4224 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Modem) Modem [Kernel | On_Demand | Running] -> %System32%\drivers\modem.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 30080 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Mouclass) Mouse Class Driver [Kernel | System | Running] -> %System32%\drivers\mouclass.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 23040 bytes | Modified Date = 8/4/2004 2:58:34 AM | Attr = ]
(mouhid) Mouse HID Driver [Kernel | On_Demand | Running] -> %System32%\drivers\mouhid.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 12160 bytes | Modified Date = 8/17/2001 5:48:00 PM | Attr = ]
(MountMgr) MountMgr [Kernel | Boot | Running] -> %System32%\drivers\mountmgr.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42240 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 8/17/2001 4:52:12 PM | Attr = ]
(MRxDAV) WebDav Client Redirector [File_System | On_Demand | Running] -> %System32%\drivers\mrxdav.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 181248 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(MRxSmb) MRxSmb [File_System | System | Running] -> %System32%\drivers\mrxsmb.sys -> Microsoft Corporation [Ver = 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036) | Size = 453120 bytes | Modified Date = 5/5/2006 5:41:46 AM | Attr = ]
(Msfs) Msfs [File_System | System | Running] -> %System32%\drivers\msfs.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 19072 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(MSKSSRV) Microsoft Streaming Service Proxy [Kernel | On_Demand | Stopped] -> %System32%\drivers\MSKSSRV.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 7552 bytes | Modified Date = 8/4/2004 2:58:42 AM | Attr = ]
(MSPCLOCK) Microsoft Streaming Clock Proxy [Kernel | On_Demand | Stopped] -> %System32%\drivers\MSPCLOCK.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5376 bytes | Modified Date = 8/4/2004 2:58:40 AM | Attr = ]
(MSPQM) Microsoft Streaming Quality Manager Proxy [Kernel | On_Demand | Stopped] -> %System32%\drivers\MSPQM.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 4992 bytes | Modified Date = 8/4/2004 2:58:42 AM | Attr = ]
(mssmbios) Microsoft System Management BIOS Driver [Kernel | On_Demand | Running] -> %System32%\drivers\mssmbios.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15488 bytes | Modified Date = 8/4/2004 2:07:48 AM | Attr = ]
(Mup) Mup [File_System | Boot | Running] -> %System32%\drivers\mup.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 107904 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NDIS) NDIS System Driver [Kernel | Boot | Running] -> %System32%\drivers\ndis.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 182912 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NdisTapi) Remote Access NDIS TAPI Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ndistapi.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 9600 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Ndisuio) NDIS Usermode I/O Protocol [Kernel | On_Demand | Running] -> %System32%\drivers\ndisuio.sys -> Microsoft Corporation [Ver = 5.1.2600.2658 (xpsp.050419-1524) | Size = 14592 bytes | Modified Date = 4/19/2005 7:54:04 PM | Attr = ]
(NdisWan) Remote Access NDIS WAN Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ndiswan.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 91776 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NDProxy) NDIS Proxy [Kernel | On_Demand | Running] -> %System32%\drivers\ndproxy.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 38016 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NetBIOS) NetBIOS Interface [File_System | System | Running] -> %System32%\drivers\netbios.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 34560 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NetBT) NetBios over Tcpip [Kernel | System | Running] -> %System32%\drivers\netbt.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 162816 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NETFLTDI) Panda Net Driver [TDI Layer] [Kernel | System | Running] -> %System32%\drivers\NETFLTDI.SYS -> Panda Software [Ver = 2.2.0.22 | Size = 121392 bytes | Modified Date = 4/17/2007 5:42:44 PM | Attr = ]
(NETIMFLT) PANDA NDIS IM Filter Miniport [Kernel | On_Demand | Running] -> %System32%\drivers\netimflt.sys -> Panda Software [Ver = 1, 5, 0, 0 | Size = 142128 bytes | Modified Date = 4/24/2007 3:43:56 PM | Attr = ]
(NETw3x32) Intel® PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit [Kernel | On_Demand | Running] -> %System32%\drivers\NETw3x32.sys -> Intel® Corporation [Ver = 10, 5, 1, 68 | Size = 1709696 bytes | Modified Date = 9/27/2006 6:36:24 AM | Attr = ]
(NIC1394) 1394 Net Driver [Kernel | On_Demand | Running] -> %System32%\drivers\nic1394.sys -> Microsoft Corporation [Ver = 5.1.2600.2578 (xpsp.041130-1728) | Size = 61824 bytes | Modified Date = 12/8/2004 2:14:14 PM | Attr = ]
(Npfs) Npfs [File_System | System | Running] -> %System32%\drivers\npfs.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 30848 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Ntfs) Ntfs [File_System | Disabled | Running] -> %System32%\drivers\ntfs.sys -> Microsoft Corporation [Ver = 5.1.2600.3081 (xpsp_sp2_gdr.070209-0028) | Size = 574464 bytes | Modified Date = 2/9/2007 7:10:36 AM | Attr = ]
(Null) Null [Kernel | System | Running] -> %System32%\drivers\null.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 2944 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\nwlnkflt.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 12416 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\nwlnkfwd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 32512 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(ohci1394) OHCI Compliant IEEE 1394 Host Controller [Kernel | Boot | Running] -> %System32%\drivers\ohci1394.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 61056 bytes | Modified Date = 8/4/2004 3:10:10 AM | Attr = ]
(Parport) Parallel port driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\parport.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 80128 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(PartMgr) PartMgr [Kernel | Boot | Running] -> %System32%\drivers\partmgr.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 18688 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(ParVdm) ParVdm [Kernel | Disabled | Stopped] -> %System32%\drivers\parvdm.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 6784 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(PAVDRV) PAVDRV [File_System | Auto | Running] -> %System32%\drivers\pavdrv51.sys -> Panda Software International [Ver = 7.0.1.0 (av07_rtm.070117-1343) | Size = 71680 bytes | Modified Date = 1/23/2007 12:49:02 PM | Attr = ]
(PavProc) Panda Process Protection Driver [Kernel | Auto | Running] -> %System32%\drivers\PavProc.sys -> Panda Software International [Ver = 1.1.3.0 | Size = 170800 bytes | Modified Date = 2/19/2007 8:21:50 AM | Attr = ]
(PavSRK.sys) PavSRK.sys [Kernel | On_Demand | Running] -> %System32%\PavSRK.sys -> File not found
(PavTPK.sys) PavTPK.sys [Kernel | On_Demand | Running] -> %System32%\PavTPK.sys -> File not found
(PcdrNdisuio) PCDRNDISUIO Usermode I/O Protocol [Kernel | On_Demand | Stopped] -> system32\DRIVERS\pcdrndisuio.sys -> File not found
(PCI) PCI Bus Driver [Kernel | Boot | Running] -> %System32%\drivers\pci.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68224 bytes | Modified Date = 8/4/2004 2:07:48 AM | Attr = ]
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PCIIde) PCIIde [Kernel | Boot | Running] -> %System32%\drivers\pciide.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 3328 bytes | Modified Date = 8/17/2001 4:51:52 PM | Attr = ]
(Pcmcia) Pcmcia [Kernel | Boot | Running] -> %System32%\drivers\pcmcia.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 119936 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] -> %System32%\drivers\perc2.sys -> Microsoft Corporation [Ver = 5.1.2467.0 (Lab01_N(johnstra).010423-0023) | Size = 27296 bytes | Modified Date = 8/17/2001 5:07:40 PM | Attr = ]
(perc2hib) perc2hib [Kernel | Disabled | Stopped] -> %System32%\drivers\perc2hib.sys -> Microsoft Corporation [Ver = 5.1.2467.0 (Lab01_N(johnstra).010423-0023) | Size = 5504 bytes | Modified Date = 8/17/2001 5:07:42 PM | Attr = ]
(pmem) pmem [Kernel | Auto | Running] -> %System32%\drivers\pmemnt.sys -> Microsoft Corporation [Ver = 4.00 | Size = 7012 bytes | Modified Date = 11/24/2006 11:36:02 PM | Attr = ]
(PMHler) PMHler [Kernel | System | Running] -> %System32%\drivers\PMHler.sys -> Lenovo [Ver = 1, 0, 0, 1 | Size = 10240 bytes | Modified Date = 5/24/2006 3:48:14 PM | Attr = ]
(Point32) Microsoft IntelliPoint Filter Driver [Kernel | On_Demand | Running] -> %System32%\drivers\point32.sys -> Microsoft Corporation [Ver = 5.30.606.0 | Size = 20352 bytes | Modified Date = 3/15/2005 5:45:20 AM | Attr = ]
(PptpMiniport) WAN Miniport (PPTP) [Kernel | On_Demand | Running] -> %System32%\drivers\raspptp.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 48384 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Processor) Processor Driver [Kernel | System | Stopped] -> %System32%\drivers\processr.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 35328 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(psadd) Lenovo Parties Service Access Device Driver [Kernel | On_Demand | Running] -> %System32%\drivers\psadd.sys -> Lenovo (United States) Inc. [Ver = 6.1.1008.0 | Size = 28224 bytes | Modified Date = 9/13/2006 1:42:18 AM | Attr = ]
(PSched) QoS Packet Scheduler [Kernel | On_Demand | Running] -> %System32%\drivers\psched.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69120 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.41a | Size = 36560 bytes | Modified Date = 9/27/2006 5:53:24 PM | Attr = ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 8/17/2001 4:52:20 PM | Attr = ]
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> %System32%\drivers\ql10wnt.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 33152 bytes | Modified Date = 8/17/2001 4:52:16 PM | Attr = ]
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 8/17/2001 4:52:20 PM | Attr = ]
(ql1240) ql1240 [Kernel | Disabled | Stopped] -> %System32%\drivers\ql1240.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 40448 bytes | Modified Date = 8/17/2001 4:52:16 PM | Attr = ]
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 8/17/2001 4:52:18 PM | Attr = ]
(RasAcd) Remote Access Auto Connection Driver [Kernel | System | Running] -> %System32%\drivers\rasacd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 8832 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Rasl2tp) WAN Miniport (L2TP) [Kernel | On_Demand | Running] -> %System32%\drivers\rasl2tp.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 51328 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(RasPppoe) Remote Access PPPOE Driver [Kernel | On_Demand | Running] -> %System32%\drivers\raspppoe.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 41472 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Raspti) Direct Parallel [Kernel | On_Demand | Running] -> %System32%\drivers\raspti.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 16512 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Rdbss) Rdbss [File_System | System | Running] -> %System32%\drivers\rdbss.sys -> Microsoft Corporation [Ver = 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036) | Size = 174592 bytes | Modified Date = 5/5/2006 5:47:58 AM | Attr = ]
(RDPCDD) RDPCDD [Kernel | System | Running] -> %System32%\drivers\rdpcdd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 4224 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(rdpdr) Terminal Server Device Redirector Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\rdpdr.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 196864 bytes | Modified Date = 8/4/2004 2:01:16 AM | Attr = ]
(RDPWD) RDPWD [Kernel | On_Demand | Stopped] -> %System32%\drivers\rdpwd.sys -> Microsoft Corporation [Ver = 5.1.2600.2695 (xpsp_sp2_gdr.050609-1528) | Size = 139528 bytes | Modified Date = 6/10/2005 12:09:46 AM | Attr = ]
(redbook) Digital CD Audio Playback Filter Driver [Kernel | System | Running] -> %System32%\drivers\redbook.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 57472 bytes | Modified Date = 8/3/2004 6:59:38 PM | Attr = ]
(rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> %System32%\drivers\rimmptsk.sys -> REDC [Ver = 1.0.0.9 | Size = 28928 bytes | Modified Date = 11/17/2005 12:28:32 AM | Attr = ]
(rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> %System32%\drivers\rimsptsk.sys -> REDC [Ver = 1.00.02.07 | Size = 51328 bytes | Modified Date = 9/8/2006 9:01:20 PM | Attr = ]
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | On_Demand | Running] -> %System32%\drivers\rixdptsk.sys -> REDC [Ver = 1.00.02.08 | Size = 308992 bytes | Modified Date = 11/1/2005 10:08:00 PM | Attr = ]
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Running] -> %System32%\drivers\Rtnicxp.sys -> Realtek Semiconductor Corporation [Ver = 5,641,0209,2006 built by: WinDDK | Size = 81408 bytes | Modified Date = 2/26/2006 4:46:00 PM | Attr = ]
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %System32%\drivers\s24trans.sys -> Intel Corporation [Ver = 10.5.0.1 | Size = 12544 bytes | Modified Date = 8/2/2006 5:27:48 AM | Attr = ]
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 10/10/2006 12:53:48 PM | Attr = ]
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 2/16/2006 4:51:08 PM | Attr = R ]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [Ver = 1, 0, 0, 1036 | Size = 32256 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ]
(sdbus) sdbus [Kernel | On_Demand | Running] -> %System32%\drivers\sdbus.sys -> Microsoft Corporation [Ver = 6.0.4069.1 (xpsp_sp2_rtm.040803-2158) | Size = 67584 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(serenum) Serenum Filter Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\serenum.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15488 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Serial) Serial port driver [Kernel | System | Stopped] -> %System32%\drivers\serial.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 64896 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(sffdisk) SFF Storage Class Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\sffdisk.sys -> Microsoft Corporation [Ver = 6.0.4069.1 (xpsp_sp2_rtm.040803-2158) | Size = 11136 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(sffp_sd) SFF Storage Protocol Driver for SDBus [Kernel | On_Demand | Stopped] -> %System32%\drivers\sffp_sd.sys -> Microsoft Corporation [Ver = 6.0.4069.1 (xpsp_sp2_rtm.040803-2158) | Size = 10240 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Sfloppy) High-Capacity Floppy Disk Drive [Kernel | On_Demand | Stopped] -> %System32%\drivers\sfloppy.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 11392 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(ShldDrv) Panda File Shield Driver [Kernel | System | Running] -> %System32%\drivers\ShlDrv51.sys -> Panda Software International [Ver = 1.3.11.0 | Size = 31104 bytes | Modified Date = 3/12/2007 11:27:50 AM | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %System32%\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 8/4/2004 2:07:44 AM | Attr = ]
(smi2) smi2 [Kernel | Auto | Running] -> %ProgramFiles%\SMI2\smi2.sys -> IBM Corp. [Ver = 1, 1, 1, 0 | Size = 3968 bytes | Modified Date = 7/14/2006 7:55:12 PM | Attr = ]
(SMSFLT) SMS Filter Plugin [Kernel | System | Running] -> %System32%\drivers\smsflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 36016 bytes | Modified Date = 4/2/2007 7:43:28 PM | Attr = ]
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 8/17/2001 5:07:44 PM | Attr = ]
(splitter) Microsoft Kernel Audio Splitter [Kernel | On_Demand | Stopped] -> %System32%\drivers\splitter.sys -> Microsoft Corporation [Ver = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) | Size = 6400 bytes | Modified Date = 6/14/2006 4:47:46 AM | Attr = ]
(sr) System Restore Filter Driver [File_System | Boot | Running] -> %System32%\drivers\sr.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73472 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(Srv) Srv [File_System | On_Demand | Running] -> %System32%\drivers\srv.sys -> Microsoft Corporation [Ver = 5.1.2600.2974 (xpsp_sp2_gdr.060814-0101) | Size = 332928 bytes | Modified Date = 8/14/2006 6:34:42 AM | Attr = ]
(sscdbhk5) sscdbhk5 [File_System | System | Running] -> %System32%\drivers\sscdbhk5.sys -> Sonic Solutions [Ver = 1.10.90a | Size = 5627 bytes | Modified Date = 5/13/2005 10:37:28 AM | Attr = ]
(ssrtln) ssrtln [File_System | System | Running] -> %System32%\drivers\ssrtln.sys -> Sonic Solutions [Ver = 1.10.90a | Size = 23545 bytes | Modified Date = 5/13/2005 10:37:20 AM | Attr = ]
(swenum) Software Bus Driver [Kernel | On_Demand | Running] -> %System32%\drivers\swenum.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 4352 bytes | Modified Date = 8/4/2004 1:58:42 AM | Attr = ]
(swmidi) Microsoft Kernel GS Wavetable Synthesizer [Kernel | On_Demand | Stopped] -> %System32%\drivers\swmidi.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 54272 bytes | Modified Date = 8/17/2001 6:00:52 PM | Attr = ]
(symc810) symc810 [Kernel | Disabled | Stopped] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 8/17/2001 5:07:34 PM | Attr = ]
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 8/17/2001 5:07:36 PM | Attr = ]
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 8/17/2001 5:07:40 PM | Attr = ]
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 8/17/2001 5:07:42 PM | Attr = ]
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %System32%\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 8.3.4 19May06 | Size = 193088 bytes | Modified Date = 5/19/2006 1:24:00 AM | Attr = ]
(sysaudio) Microsoft Kernel System Audio Device [Kernel | On_Demand | Running] -> %System32%\drivers\sysaudio.sys -> Microsoft Corporation [Ver = 5.1.2600.21

< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://go.microsoft....k/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft....k/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar -> http://ie.search.msn...st/srchasst.htm ->
HKLM: Search Page -> http://go.microsoft....k/?LinkId=54896 ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch -> http://ie.search.msn...st/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://ie.search.msn...st/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft...amp;ar=iesearch ->
HKCU: Start Page -> http://www.yahoo.com/ ->
HKCU: SearchAssistant -> http://www.google.com/ie ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
searchmarketing_yahoo.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/23/2006 3:08:42 AM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> %System32%\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118844 bytes | Modified Date = 5/31/2005 5:33:00 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 7:21:52 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/6/2007 8:08:24 PM | Attr = R ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 6/13/2007 9:33:12 PM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/6/2007 8:08:24 PM | Attr = R ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/6/2007 8:08:24 PM | Attr = R ]
WebBrowser\\{09EC4651-7AC4-4E99-AB62-8FB6B3FFC0B0} [HKLM] -> Reg Data - Key not found [JV_Suite toolbar] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/6/2007 8:08:24 PM | Attr = R ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 11/9/2006 7:21:54 PM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 7:21:52 PM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{DA320635-F48C-4613-8325-D75A933C549E} -> %ProgramFiles%\Lenovo\System Update\sulauncher.exe [ButtonText: System Update] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add Feed to Tristana RSS Reader -> -> File not found
E&xport to Microsoft Excel -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{227C8094-170A-4F41-9E79-A7B2426C134C} -> (Intel® PRO/Wireless 3945ABG Network Connection) ->
{30DD33E3-2251-4D61-B628-5B4A7DA102F4} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{467E219F-0E7A-40C4-9A4D-D49FEBE8EBF1} -> (1394 Net Adapter) ->
< Winsock2 Catalogs [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
Protocol_Catalog9\Catalog_Entries\000000000001 -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\pavlsp.dll -> Panda Software International [Ver = 7, 4, 21, 76 | Size = 177712 bytes | Modified Date = 4/16/2007 5:21:50 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000002 -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\pavlsp.dll -> Panda Software International [Ver = 7, 4, 21, 76 | Size = 177712 bytes | Modified Date = 4/16/2007 5:21:50 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000003 -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\pavlsp.dll -> Panda Software International [Ver = 7, 4, 21, 76 | Size = 177712 bytes | Modified Date = 4/16/2007 5:21:50 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000019 -> %ProgramFiles%\Panda Software\Panda Internet Security 2007\pavlsp.dll -> Panda Software International [Ver = 7, 4, 21, 76 | Size = 177712 bytes | Modified Date = 4/16/2007 5:21:50 PM | Attr = ]
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ic32pp -> %SystemRoot%\wc98pp.dll -> [Ver = | Size = 51712 bytes | Modified Date = 2/9/2007 12:46:18 PM | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
sysimage -> DLL\mshtml.dll -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.ma...director/sw.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft....k/?linkid=39204 ->
{2DAD3559-2923-4935-AD49-B673D2539944} -> IASRunner Class - CodeBase = https://www-307.ibm....ntent/AcpIR.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.micros...b?1167732515218 ->
{74FFE28D-2378-11D5-990C-006094235084} -> IBM Access Support - CodeBase = http://www-307.ibm.c...rt/IbmEgath.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoft...free/asinst.cab ->
{BD8667B7-38D8-4C77-B580-18C3E146372C} -> Creative Toolbox Plug-in - CodeBase = http://ak.imgag.com/...all/Crusher.cab ->
{BE415DD9-C50D-46AA-9B5D-37F2EEBBBFE6} -> acpRunner Class - CodeBase = https://www-307.ibm..../AcpControl.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.ma...ent/swflash.cab ->
{D6376DD2-C2BD-49B2-A1B1-138F869633F3} -> ASPRO Installer Class - CodeBase = http://acs.pandasoft...5/asproinst.cab ->


[Files/Folders - Created Within 90 days]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 6/27/2007 3:40:22 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 526569472 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = HS]
IbmEgath.XML -> %SystemDrive%\IbmEgath.XML -> [Ver = | Size = 132480 bytes | Created Date = 6/9/2007 6:03:33 PM | Attr = ]
KPCMS -> %SystemDrive%\KPCMS -> [Folder | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 6/27/2007 3:47:55 PM | Attr = ]
SystemUpdate -> %SystemDrive%\SystemUpdate -> [Folder | Created Date = 4/1/2007 3:36:32 AM | Attr = ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 4/4/2007 4:37:22 AM | Attr = H ]
$NtUninstallKB926247$ -> %SystemRoot%\$NtUninstallKB926247$ -> [Folder | Created Date = 6/8/2007 3:06:17 PM | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Created Date = 5/23/2007 3:06:15 AM | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 6/13/2007 2:03:55 AM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 4/11/2007 2:08:44 AM | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 5/10/2007 2:05:00 AM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 4/11/2007 2:10:09 AM | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Created Date = 5/10/2007 2:07:18 AM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 4/11/2007 2:10:30 AM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 4/11/2007 2:08:28 AM | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 6/13/2007 2:02:14 AM | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 6/13/2007 2:03:46 AM | Attr = H ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 87552 bytes | Created Date = 6/27/2007 3:40:33 PM | Attr = ]
dla.exe -> %SystemRoot%\dla.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 98360 bytes | Created Date = 5/13/2007 12:01:12 AM | Attr = ]
icccodes.dll -> %SystemRoot%\icccodes.dll -> Eastman Kodak Company [Ver = 1.2.2 | Size = 20992 bytes | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
iccsigs.dat -> %SystemRoot%\iccsigs.dat -> [Ver = | Size = 40129 bytes | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 6/11/2007 6:24:35 PM | Attr = H ]
KPCMS.INI -> %SystemRoot%\KPCMS.INI -> [Ver = | Size = 149 bytes | Created Date = 5/7/2007 9:02:07 PM | Attr = ]
kpcp32.dll -> %SystemRoot%\kpcp32.dll -> Eastman Kodak Company [Ver = 3.48 | Size = 197120 bytes | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
kpsys32.dll -> %SystemRoot%\kpsys32.dll -> Eastman Kodak Company [Ver = 3.2.2 | Size = 37376 bytes | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 1.85 | Size = 49152 bytes | Created Date = 6/27/2007 3:40:33 PM | Attr = ]
pav.sig -> %SystemRoot%\pav.sig -> [Ver = | Size = 39182987 bytes | Created Date = 6/7/2007 10:06:47 PM | Attr = ]
pfpick.dll -> %SystemRoot%\pfpick.dll -> Eastman Kodak Company [Ver = 1.10.0 | Size = 58368 bytes | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Created Date = 6/9/2007 6:29:48 PM | Attr = ]
sprof32.dll -> %SystemRoot%\sprof32.dll -> Eastman Kodak Company [Ver = 1.8.1 | Size = 133120 bytes | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
uninst.exe -> %SystemRoot%\uninst.exe -> InstallShield Corporation, Inc. [Ver = 2.20.926.0 | Size = 299520 bytes | Created Date = 5/7/2007 8:59:15 PM | Attr = ]
Windows9XPx.dat -> %SystemRoot%\Windows9XPx.dat -> [Ver = | Size = 5 bytes | Created Date = 4/11/2007 11:13:05 PM | Attr = ]
Uniblue SpeedUpMyPC Nag.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC Nag.job -> [Ver = | Size = 268 bytes | Created Date = 6/11/2007 10:59:26 AM | Attr = ]
Uniblue SpeedUpMyPC.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC.job -> [Ver = | Size = 390 bytes | Created Date = 6/11/2007 10:59:25 AM | Attr = ]
.ico -> %System32%\.ico -> [Ver = | Size = 5429 bytes | Created Date = 6/7/2007 10:01:16 PM | Attr = ]
accserv.mib -> %System32%\accserv.mib -> [Ver = | Size = 15597 bytes | Created Date = 6/7/2007 7:53:18 PM | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Created Date = 6/7/2007 3:58:41 AM | Attr = ]
ASPRO -> %System32%\ASPRO -> [Folder | Created Date = 6/7/2007 10:01:09 PM | Attr = ]
asprouni.exe -> %System32%\asprouni.exe -> Panda Software [Ver = 1, 0, 0, 1 | Size = 69632 bytes | Created Date = 6/7/2007 10:02:33 PM | Attr = ]
asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 6/7/2007 3:59:17 AM | Attr = ]
authserv.mib -> %System32%\authserv.mib -> [Ver = | Size = 16617 bytes | Created Date = 6/7/2007 7:53:18 PM | Attr = ]
avldr.dll -> %System32%\avldr.dll -> Panda Software International [Ver = 2, 1, 0, 2 | Size = 50736 bytes | Created Date = 6/9/2007 2:09:45 PM | Attr = ]
COLOR -> %System32%\COLOR -> [Folder | Created Date = 5/7/2007 9:02:01 PM | Attr = ]
dhcp.mib -> %System32%\dhcp.mib -> [Ver = | Size = 4597 bytes | Created Date = 6/7/2007 7:53:18 PM | Attr = ]
dla -> %System32%\dla -> [Folder | Created Date = 5/13/2007 12:01:12 AM | Attr = ]
hasher.dll -> %System32%\hasher.dll -> [Ver = 2, 0, 2, 1 | Size = 159744 bytes | Created Date = 6/19/2007 8:19:16 PM | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 6/7/2007 3:58:48 AM | Attr = ]
Helppro.ico -> %System32%\Helppro.ico -> [Ver = | Size = 1406 bytes | Created Date = 6/7/2007 10:01:15 PM | Attr = ]
HHActiveX.dll -> %System32%\HHActiveX.dll -> eHelp Corporation. [Ver = 9.20.566 | Size = 446464 bytes | Created Date = 6/9/2007 2:10:08 PM | Attr = ]
hostmib.mib -> %System32%\hostmib.mib -> [Ver = | Size = 48593 bytes | Created Date = 6/7/2007 7:53:18 PM | Attr = ]
ipforwd.mib -> %System32%\ipforwd.mib -> [Ver = | Size = 15799 bytes | Created Date = 6/7/2007 7:53:19 PM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 6/5/2007 5:40:28 PM | Attr = ]
lmmib2.mib -> %System32%\lmmib2.mib -> [Ver = | Size = 26100 bytes | Created Date = 6/7/2007 7:53:19 PM | Attr = ]
mcastmib.mib -> %System32%\mcastmib.mib -> [Ver = | Size = 30448 bytes | Created Date = 6/7/2007 7:53:19 PM | Attr = ]
mib_ii.mib -> %System32%\mib_ii.mib -> [Ver = | Size = 107882 bytes | Created Date = 6/7/2007 7:53:20 PM | Attr = ]
mipx.mib -> %System32%\mipx.mib -> [Ver = | Size = 21386 bytes | Created Date = 6/7/2007 7:53:20 PM | Attr = ]
mripsap.mib -> %System32%\mripsap.mib -> [Ver = | Size = 10313 bytes | Created Date = 6/7/2007 7:53:20 PM | Attr = ]
msft.mib -> %System32%\msft.mib -> [Ver = | Size = 581 bytes | Created Date = 6/7/2007 7:53:20 PM | Attr = ]
msipbtp.mib -> %System32%\msipbtp.mib -> [Ver = | Size = 13767 bytes | Created Date = 6/7/2007 7:53:21 PM | Attr = ]
msiprip2.mib -> %System32%\msiprip2.mib -> [Ver = | Size = 34317 bytes | Created Date = 6/7/2007 7:53:21 PM | Attr = ]
MSVCRT10.DLL -> %System32%\MSVCRT10.DLL -> [Ver = | Size = 210944 bytes | Created Date = 5/7/2007 9:02:09 PM | Attr = ]
nipx.mib -> %System32%\nipx.mib -> [Ver = | Size = 38608 bytes | Created Date = 6/7/2007 7:53:21 PM | Attr = ]
PAV -> %System32%\PAV -> [Folder | Created Date = 6/9/2007 2:09:45 PM | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 6/7/2007 3:58:47 AM | Attr = ]
pavaspro.ico -> %System32%\pavaspro.ico -> [Ver = | Size = 30590 bytes | Created Date = 6/7/2007 10:01:14 PM | Attr = ]
pavcpl.cpl -> %System32%\pavcpl.cpl -> Panda Software [Ver = 1, 0, 2, 0 | Size = 54832 bytes | Created Date = 6/9/2007 2:10:15 PM | Attr = ]
PavCPL.dat -> %System32%\PavCPL.dat -> [Ver = | Size = 261 bytes | Created Date = 6/9/2007 2:31:41 PM | Attr = ]
pavipc.dll -> %System32%\pavipc.dll -> Panda Software International [Ver = 8, 0, 0, 0 | Size = 63024 bytes | Created Date = 6/9/2007 2:09:55 PM | Attr = ]
PavSHook.dll -> %System32%\PavSHook.dll -> Panda Software International [Ver = 8, 0, 0, 0 | Size = 292400 bytes | Created Date = 6/9/2007 2:09:55 PM | Attr = ]
PAV_FOG.OPC -> %System32%\PAV_FOG.OPC -> [Ver = | Size = 8627 bytes | Created Date = 6/9/2007 2:43:28 PM | Attr = ]
pcdlib32.dll -> %System32%\pcdlib32.dll -> Eastman Kodak [Ver = 3, 0, 0, 0 | Size = 212480 bytes | Created Date = 5/7/2007 9:02:08 PM | Attr = ]
SBFC.dat -> %System32%\SBFC.dat -> [Ver = | Size = 0 bytes | Created Date = 6/5/2007 3:30:02 AM | Attr = ]
SBRC.dat -> %System32%\SBRC.dat -> [Ver = | Size = 0 bytes | Created Date = 6/5/2007 3:30:02 AM | Attr = ]
SigUpdRequest_1181860034.tmp -> %System32%\SigUpdRequest_1181860034.tmp -> [Ver = | Size = 104 bytes | Created Date = 6/14/2007 5:27:14 PM | Attr = ]
SigUpdRequest_1181860150.tmp -> %System32%\SigUpdRequest_1181860150.tmp -> [Ver = | Size = 104 bytes | Created Date = 6/14/2007 5:29:10 PM | Attr = ]
smi.mib -> %System32%\smi.mib -> [Ver = | Size = 4332 bytes | Created Date = 6/7/2007 7:53:21 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.6 | Size = 428032 bytes | Created Date = 6/27/2007 3:40:33 PM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 6/27/2007 3:40:32 PM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 6/27/2007 3:40:32 PM | Attr = ]
SYSTOOLS.DLL -> %System32%\SYSTOOLS.DLL -> Panda Software [Ver = 7.0.2.0 | Size = 107568 bytes | Created Date = 6/9/2007 2:09:56 PM | Attr = ]
tfswapi.dll -> %System32%\tfswapi.dll -> Sonic Solutions [Ver = 1.04.08a | Size = 61500 bytes | Created Date = 5/13/2007 12:01:12 AM | Attr = ]
thxcfg.ini -> %System32%\thxcfg.ini -> [Ver = | Size = 32 bytes | Created Date = 6/1/2007 8:17:15 PM | Attr = ]
TpUtil.dll -> %System32%\TpUtil.dll -> Panda Software International [Ver = 8, 0, 0, 0 | Size = 161328 bytes | Created Date = 6/9/2007 2:09:56 PM | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 6/7/2007 3:58:48 AM | Attr = ]
Uninstallpro.ico -> %System32%\Uninstallpro.ico -> [Ver = | Size = 2550 bytes | Created Date = 6/7/2007 10:01:16 PM | Attr = ]
vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 6/27/2007 3:40:33 PM | Attr = ]
wfospf.mib -> %System32%\wfospf.mib -> [Ver = | Size = 49275 bytes | Created Date = 6/7/2007 7:53:22 PM | Attr = ]
wins.mib -> %System32%\wins.mib -> [Ver = | Size = 26236 bytes | Created Date = 6/7/2007 7:53:24 PM | Attr = ]
ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 6/7/2007 3:59:17 AM | Attr = ]
APPFCONT.DAT -> %System32%\drivers\APPFCONT.DAT -> [Ver = | Size = 249680 bytes | Created Date = 6/9/2007 2:11:03 PM | Attr = ]
APPFCONT.DAT.bck -> %System32%\drivers\APPFCONT.DAT.bck -> [Ver = | Size = 249680 bytes | Created Date = 6/9/2007 2:34:55 PM | Attr = ]
APPFLT.SYS -> %System32%\drivers\APPFLT.SYS -> Panda Software [Ver = 2.2.0.42 | Size = 58800 bytes | Created Date = 6/9/2007 2:10:41 PM | Attr = ]
APPFLTR.CFG -> %System32%\drivers\APPFLTR.CFG -> [Ver = | Size = 1224 bytes | Created Date = 6/9/2007 2:11:03 PM | Attr = ]
APPFLTR.CFG.bck -> %System32%\drivers\APPFLTR.CFG.bck -> [Ver = | Size = 1224 bytes | Created Date = 6/9/2007 2:36:33 PM | Attr = ]
cpoint.sys -> %System32%\drivers\cpoint.sys -> Panda Software [Ver = 1, 2, 0, 50 | Size = 17792 bytes | Created Date = 6/9/2007 2:09:56 PM | Attr = ]
drvmcdb.sys -> %System32%\drivers\drvmcdb.sys -> Sonic Solutions [Ver = 3.22.13a | Size = 88352 bytes | Created Date = 5/13/2007 12:02:34 AM | Attr = ]
drvnddm.sys -> %System32%\drivers\drvnddm.sys -> Sonic Solutions [Ver = 2.56.53a | Size = 40544 bytes | Created Date = 5/13/2007 12:02:34 AM | Attr = ]
dsaflt.sys -> %System32%\drivers\dsaflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 49968 bytes | Created Date = 6/9/2007 2:10:53 PM | Attr = ]
fnetmon.sys -> %System32%\drivers\fnetmon.sys -> Panda Software [Ver = 2.2.0.25 | Size = 15792 bytes | Created Date = 6/9/2007 2:10:41 PM | Attr = ]
idsflt.sys -> %System32%\drivers\idsflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 190640 bytes | Created Date = 6/9/2007 2:10:53 PM | Attr = ]
NETFLTDI.SYS -> %System32%\drivers\NETFLTDI.SYS -> Panda Software [Ver = 2.2.0.22 | Size = 121392 bytes | Created Date = 6/9/2007 2:10:41 PM | Attr = ]
netimflt.sys -> %System32%\drivers\netimflt.sys -> Panda Software [Ver = 1, 5, 0, 0 | Size = 142128 bytes | Created Date = 6/9/2007 2:10:53 PM | Attr = ]
net_m32.inf -> %System32%\drivers\net_m32.inf -> [Ver = | Size = 1990 bytes | Created Date = 6/9/2007 2:30:00 PM | Attr = ]
pavdrv51.sys -> %System32%\drivers\pavdrv51.sys -> Panda Software International [Ver = 7.0.1.0 (av07_rtm.070117-1343) | Size = 71680 bytes | Created Date = 6/9/2007 2:11:15 PM | Attr = ]
PavProc.sys -> %System32%\drivers\PavProc.sys -> Panda Software International [Ver = 1.1.3.0 | Size = 170800 bytes | Created Date = 6/9/2007 2:06:47 PM | Attr = ]
ShlDrv51.sys -> %System32%\drivers\ShlDrv51.sys -> Panda Software International [Ver = 1.3.11.0 | Size = 31104 bytes | Created Date = 6/9/2007 2:06:47 PM | Attr = ]
smsflt.sys -> %System32%\drivers\smsflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 36016 bytes | Created Date = 6/9/2007 2:10:54 PM | Attr = ]
sscdbhk5.sys -> %System32%\drivers\sscdbhk5.sys -> Sonic Solutions [Ver = 1.10.90a | Size = 5627 bytes | Created Date = 5/13/2007 12:01:28 AM | Attr = ]
ssrtln.sys -> %System32%\drivers\ssrtln.sys -> Sonic Solutions [Ver = 1.10.90a | Size = 23545 bytes | Created Date = 5/13/2007 12:01:12 AM | Attr = ]
wnmflt.sys -> %System32%\drivers\wnmflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 29360 bytes | Created Date = 6/9/2007 2:10:54 PM | Attr = ]
wnmsav.dat -> %System32%\drivers\wnmsav.dat -> [Ver = | Size = 48 bytes | Created Date = 6/11/2007 7:08:04 PM | Attr = ]
DsaFlt.cfg -> %System32%\drivers\etc\DsaFlt.cfg -> [Ver = | Size = 56 bytes | Created Date = 6/9/2007 2:37:52 PM | Attr = ]
DsaFlt.cfg.bck -> %System32%\drivers\etc\DsaFlt.cfg.bck -> [Ver = | Size = 56 bytes | Created Date = 6/9/2007 2:37:52 PM | Attr = ]
DsaFlt.rls -> %System32%\drivers\etc\DsaFlt.rls -> [Ver = | Size = 332136 bytes | Created Date = 6/9/2007 2:11:04 PM | Attr = ]
DsaFlt.rls.bck -> %System32%\drivers\etc\DsaFlt.rls.bck -> [Ver = | Size = 332136 bytes | Created Date = 6/9/2007 2:34:28 PM | Attr = ]
IdsFlt.cfg -> %System32%\drivers\etc\IdsFlt.cfg -> [Ver = | Size = 252 bytes | Created Date = 6/9/2007 2:37:50 PM | Attr = ]
IdsFlt.cfg.bck -> %System32%\drivers\etc\IdsFlt.cfg.bck -> [Ver = | Size = 252 bytes | Created Date = 6/9/2007 2:37:50 PM | Attr = ]
NetAR.wlt -> %System32%\drivers\etc\NetAR.wlt -> [Ver = | Size = 64 bytes | Created Date = 6/9/2007 2:34:06 PM | Attr = ]
NetAR.wlt.bck -> %System32%\drivers\etc\NetAR.wlt.bck -> [Ver = | Size = 64 bytes | Created Date = 6/9/2007 2:34:06 PM | Attr = ]
NetAV.alt -> %System32%\drivers\etc\NetAV.alt -> [Ver = | Size = 956 bytes | Created Date = 6/9/2007 2:33:59 PM | Attr = ]
NetAV.alt.bck -> %System32%\drivers\etc\NetAV.alt.bck -> [Ver = | Size = 956 bytes | Created Date = 6/9/2007 2:33:59 PM | Attr = ]
NetFlt.cfg -> %System32%\drivers\etc\NetFlt.cfg -> [Ver = | Size = 64 bytes | Created Date = 6/9/2007 2:34:28 PM | Attr = ]
NetFlt.cfg.bck -> %System32%\drivers\etc\NetFlt.cfg.bck -> [Ver = | Size = 64 bytes | Created Date = 6/9/2007 2:34:28 PM | Attr = ]
SmsFlt.cfg -> %System32%\drivers\etc\SmsFlt.cfg -> [Ver = | Size = 56 bytes | Created Date = 6/9/2007 2:37:52 PM | Attr = ]
SmsFlt.cfg.bck -> %System32%\drivers\etc\SmsFlt.cfg.bck -> [Ver = | Size = 56 bytes | Created Date = 6/9/2007 2:37:52 PM | Attr = ]
WnmFlt.cfg -> %System32%\drivers\etc\WnmFlt.cfg -> [Ver = | Size = 56 bytes | Created Date = 6/9/2007 2:37:53 PM | Attr = ]
WnmFlt.cfg.bck -> %System32%\drivers\etc\WnmFlt.cfg.bck -> [Ver = | Size = 56 bytes | Created Date = 6/9/2007 2:37:53 PM | Attr = ]

[Files/Folders - Modified Within 90 days]
0ebdd3a24eeb699deb2810cae82ef1 -> %SystemDrive%\0ebdd3a24eeb699deb2810cae82ef1 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
1e27ec7a3d12101011985b2bf4eae6 -> %SystemDrive%\1e27ec7a3d12101011985b2bf4eae6 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
5337cc453c680e76f82f2b3d -> %SystemDrive%\5337cc453c680e76f82f2b3d -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
56d17f72953736432f6af9fc0cb40e -> %SystemDrive%\56d17f72953736432f6af9fc0cb40e -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
5dc16ad34ec808cc53dd6cf95344 -> %SystemDrive%\5dc16ad34ec808cc53dd6cf95344 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
7c710cfd3693d2a00355cea348 -> %SystemDrive%\7c710cfd3693d2a00355cea348 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
92b16cd18ecc970858dc19 -> %SystemDrive%\92b16cd18ecc970858dc19 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
9497d6b04d2366c15d8b9a5c4c -> %SystemDrive%\9497d6b04d2366c15d8b9a5c4c -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
bc43a794c47c499f25818e7e16 -> %SystemDrive%\bc43a794c47c499f25818e7e16 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 6/9/2007 7:51:26 PM | Attr = RHS]
ce3d32b79820591e71755872698718 -> %SystemDrive%\ce3d32b79820591e71755872698718 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 6/27/2007 4:51:48 PM | Attr = ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 6/18/2007 3:20:58 PM | Attr = ]
db934bfb4307a90f40d95ee1 -> %SystemDrive%\db934bfb4307a90f40d95ee1 -> [Folder | Modified Date = 6/21/2007 3:42:52 AM | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 6/6/2007 6:21:00 AM | Attr = ]
e37d3ed28d82612c80975b90 -> %SystemDrive%\e37d3ed28d82612c80975b90 -> [Folder | Modified Date = 6/21/2007 4:06:00 AM | Attr = ]
efb4bcccc2f4033f269e2b67a0ac8ccf -> %SystemDrive%\efb4bcccc2f4033f269e2b67a0ac8ccf -> [Folder | Modified Date = 6/21/2007 4:06:02 AM | Attr = ]
f33c09aa03a285f5d5e5923d -> %SystemDrive%\f33c09aa03a285f5d5e5923d -> [Folder | Modified Date = 6/21/2007 4:06:02 AM | Attr = ]
f6fdbf0e7409e7f85e5c23475198ab -> %SystemDrive%\f6fdbf0e7409e7f85e5c23475198ab -> [Folder | Modified Date = 6/21/2007 4:06:02 AM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 526569472 bytes | Modified Date = 6/25/2007 3:38:06 PM | Attr = HS]
IbmEgath.XML -> %SystemDrive%\IbmEgath.XML -> [Ver = | Size = 132480 bytes | Modified Date = 6/10/2007 12:59:50 AM | Attr = ]
KPCMS -> %SystemDrive%\KPCMS -> [Folder | Modified Date = 5/7/2007 10:02:10 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 6/26/2007 12:26:38 PM | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 6/27/2007 4:47:56 PM | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 6/6/2007 4:11:52 PM | Attr = HS]
SWSHARE -> %SystemDrive%\SWSHARE -> [Folder | Modified Date = 6/24/2007 3:40:24 AM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 6/13/2007 5:47:48 AM | Attr = HS]
SystemUpdate -> %SystemDrive%\SystemUpdate -> [Folder | Modified Date = 4/1/2007 4:36:36 AM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 6/27/2007 4:40:34 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 6/13/2007 1:33:10 AM | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 4/4/2007 5:37:26 AM | Attr = H ]
$NtUninstallKB926247$ -> %SystemRoot%\$NtUninstallKB926247$ -> [Folder | Modified Date = 6/8/2007 4:06:18 PM | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Modified Date = 5/23/2007 4:06:18 AM | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 6/13/2007 3:03:58 AM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 4/11/2007 3:08:46 AM | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 5/10/2007 3:05:02 AM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 4/11/2007 3:10:12 AM | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Modified Date = 5/10/2007 3:07:24 AM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 4/11/2007 3:10:32 AM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 4/11/2007 3:08:30 AM | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 6/13/2007 3:02:18 AM | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 6/13/2007 3:03:48 AM | Attr = H ]
ANS2000.INI -> %SystemRoot%\ANS2000.INI -> [Ver = | Size = 722 bytes | Modified Date = 6/26/2007 7:29:38 PM | Attr = ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 6/21/2007 4:37:22 AM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 6/25/2007 3:38:08 PM | Attr = S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 87552 bytes | Modified Date = 6/5/2007 5:24:04 AM | Attr = ]
Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 6/10/2007 1:24:36 AM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 6/21/2007 4:38:24 AM | Attr = S]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 6/10/2007 1:47:08 AM | Attr = R S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 6/11/2007 7:30:46 PM | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 6/11/2007 7:25:56 PM | Attr = H ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 6/13/2007 3:01:36 AM | Attr = ]
ime -> %SystemRoot%\ime -> [Folder | Modified Date = 6/21/2007 4:39:20 AM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 6/13/2007 3:03:52 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 6/15/2007 6:40:40 AM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 6/18/2007 3:20:58 PM | Attr = HS]
KPCMS.INI -> %SystemRoot%\KPCMS.INI -> [Ver = | Size = 149 bytes | Modified Date = 5/7/2007 10:02:10 PM | Attr = ]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 6/11/2007 7:26:06 PM | Attr = ]
Messages -> %SystemRoot%\Messages -> [Folder | Modified Date = 5/31/2007 5:32:10 PM | Attr = ]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 4/11/2007 11:36:02 PM | Attr = ]
NCUNINST.EXE -> %SystemRoot%\NCUNINST.EXE -> Northern Codeworks [Ver = 1, 0, 0, 1591 | Size = 45056 bytes | Modified Date = 5/20/2007 2:38:44 PM | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 6/19/2007 12:49:02 PM | Attr = ]
ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 490 bytes | Modified Date = 6/26/2007 12:28:16 PM | Attr = ]
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4525 bytes | Modified Date = 6/26/2007 12:28:14 PM | Attr = ]
pav.sig -> %SystemRoot%\pav.sig -> [Ver = | Size = 39182987 bytes | Modified Date = 6/7/2007 11:06:52 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 6/27/2007 1:09:12 PM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 6/9/2007 7:51:26 PM | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 6/7/2007 9:25:50 PM | Attr = ]
setupapi.log.0.old -> %SystemRoot%\setupapi.log.0.old -> [Ver = | Size = 1042428 bytes | Modified Date = 6/11/2007 7:24:22 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 6/21/2007 4:46:40 AM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 6/9/2007 2:54:08 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 284 bytes | Modified Date = 6/9/2007 7:51:26 PM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 6/27/2007 4:48:00 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 6/11/2007 11:59:28 AM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 6/27/2007 4:58:46 PM | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 6/11/2007 7:26:16 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 811 bytes | Modified Date = 6/9/2007 7:51:26 PM | Attr = ]
Windows9XPx.dat -> %SystemRoot%\Windows9XPx.dat -> [Ver = | Size = 5 bytes | Modified Date = 4/12/2007 12:13:06 AM | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 256 bytes | Modified Date = 5/13/2007 1:02:38 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 6/25/2007 3:38:20 PM | Attr = H ]
Uniblue SpeedUpMyPC Nag.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC Nag.job -> [Ver = | Size = 268 bytes | Modified Date = 6/11/2007 11:59:28 AM | Attr = ]
Uniblue SpeedUpMyPC.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC.job -> [Ver = | Size = 390 bytes | Modified Date = 6/11/2007 11:59:26 AM | Attr = ]
.ico -> %System32%\.ico -> [Ver = | Size = 5429 bytes | Modified Date = 6/21/2007 3:40:34 AM | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 6/11/2007 10:22:18 PM | Attr = ]
ASPRO -> %System32%\ASPRO -> [Folder | Modified Date = 6/21/2007 4:46:48 AM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 6/12/2007 1:15:18 AM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 6/25/2007 3:56:02 PM | Attr = ]
COLOR -> %System32%\COLOR -> [Folder | Modified Date = 5/7/2007 10:02:04 PM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 6/21/2007 4:46:58 AM | Attr = ]
dla -> %System32%\dla -> [Folder | Modified Date = 6/21/2007 4:47:08 AM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 6/13/2007 3:04:00 AM | Attr = HS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
EGATHDRV.SYS -> %System32%\EGATHDRV.SYS -> IBM Corporation [Ver = 2.05 | Size = 5427 bytes | Modified Date = 6/24/2007 3:39:20 AM | Attr = ]
en-us -> %System32%\en-us -> [Folder | Modified Date = 6/12/2007 1:16:24 AM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 246312 bytes | Modified Date = 6/10/2007 2:09:04 AM | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 6/11/2007 10:21:00 PM | Attr = ]
Helppro.ico -> %System32%\Helppro.ico -> [Ver = | Size = 1406 bytes | Modified Date = 6/21/2007 3:40:34 AM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 6/5/2007 6:40:30 PM | Attr = ]
logs -> %System32%\logs -> [Folder | Modified Date = 6/5/2007 8:04:58 PM | Attr = ]
PAV -> %System32%\PAV -> [Folder | Modified Date = 6/9/2007 3:09:46 PM | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 6/11/2007 10:20:58 PM | Attr = ]
pavaspro.ico -> %System32%\pavaspro.ico -> [Ver = | Size = 30590 bytes | Modified Date = 6/21/2007 3:40:32 AM | Attr = ]
PavCPL.dat -> %System32%\PavCPL.dat -> [Ver = | Size = 261 bytes | Modified Date = 6/9/2007 3:31:42 PM | Attr = ]
PavSHook.dll -> %System32%\PavSHook.dll -> Panda Software International [Ver = 8, 0, 0, 0 | Size = 292400 bytes | Modified Date = 4/16/2007 5:04:26 PM | Attr = ]
PAV_FOG.OPC -> %System32%\PAV_FOG.OPC -> [Ver = | Size = 8627 bytes | Modified Date = 6/27/2007 2:42:26 PM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 71370 bytes | Modified Date = 6/9/2007 3:32:50 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 439832 bytes | Modified Date = 6/9/2007 3:32:50 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 520014 bytes | Modified Date = 6/9/2007 3:32:50 PM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 6/13/2007 5:47:48 AM | Attr = ]
SBFC.dat -> %System32%\SBFC.dat -> [Ver = | Size = 0 bytes | Modified Date = 6/5/2007 4:30:04 AM | Attr = ]
SBRC.dat -> %System32%\SBRC.dat -> [Ver = | Size = 0 bytes | Modified Date = 6/5/2007 4:30:04 AM | Attr = ]
SigUpdRequest_1181860034.tmp -> %System32%\SigUpdRequest_1181860034.tmp -> [Ver = | Size = 104 bytes | Modified Date = 6/14/2007 6:27:46 PM | Attr = ]
SigUpdRequest_1181860150.tmp -> %System32%\SigUpdRequest_1181860150.tmp -> [Ver = | Size = 104 bytes | Modified Date = 6/14/2007 6:29:42 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.6 | Size = 428032 bytes | Modified Date = 4/2/2007 2:21:28 PM | Attr = ]
thxcfg.ini -> %System32%\thxcfg.ini -> [Ver = | Size = 32 bytes | Modified Date = 6/1/2007 9:17:16 PM | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 6/11/2007 10:21:00 PM | Attr = ]
Uninstallpro.ico -> %System32%\Uninstallpro.ico -> [Ver = | Size = 2550 bytes | Modified Date = 6/21/2007 3:40:34 AM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 6/21/2007 4:48:56 AM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2278 bytes | Modified Date = 6/25/2007 3:39:00 PM | Attr = ]
APPFCONT.DAT -> %System32%\drivers\APPFCONT.DAT -> [Ver = | Size = 249680 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
APPFCONT.DAT.bck -> %System32%\drivers\APPFCONT.DAT.bck -> [Ver = | Size = 249680 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
APPFLT.SYS -> %System32%\drivers\APPFLT.SYS -> Panda Software [Ver = 2.2.0.42 | Size = 58800 bytes | Modified Date = 4/2/2007 7:43:14 PM | Attr = ]
APPFLTR.CFG -> %System32%\drivers\APPFLTR.CFG -> [Ver = | Size = 1224 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
APPFLTR.CFG.bck -> %System32%\drivers\APPFLTR.CFG.bck -> [Ver = | Size = 1224 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
dsaflt.sys -> %System32%\drivers\dsaflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 49968 bytes | Modified Date = 4/2/2007 7:43:18 PM | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
idsflt.sys -> %System32%\drivers\idsflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 190640 bytes | Modified Date = 4/2/2007 7:43:20 PM | Attr = ]
NETFLTDI.SYS -> %System32%\drivers\NETFLTDI.SYS -> Panda Software [Ver = 2.2.0.22 | Size = 121392 bytes | Modified Date = 4/17/2007 5:42:44 PM | Attr = ]
netimflt.sys -> %System32%\drivers\netimflt.sys -> Panda Software [Ver = 1, 5, 0, 0 | Size = 142128 bytes | Modified Date = 4/24/2007 3:43:56 PM | Attr = ]
net_m32.inf -> %System32%\drivers\net_m32.inf -> [Ver = | Size = 1990 bytes | Modified Date = 4/24/2007 4:43:54 PM | Attr = ]
smsflt.sys -> %System32%\drivers\smsflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 36016 bytes | Modified Date = 4/2/2007 7:43:28 PM | Attr = ]
wnmflt.sys -> %System32%\drivers\wnmflt.sys -> Panda Software International [Ver = 1, 5, 0, 0 | Size = 29360 bytes | Modified Date = 4/2/2007 7:43:32 PM | Attr = ]
wnmsav.dat -> %System32%\drivers\wnmsav.dat -> [Ver = | Size = 48 bytes | Modified Date = 6/12/2007 4:31:16 PM | Attr = ]
DsaFlt.cfg -> %System32%\drivers\etc\DsaFlt.cfg -> [Ver = | Size = 56 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
DsaFlt.cfg.bck -> %System32%\drivers\etc\DsaFlt.cfg.bck -> [Ver = | Size = 56 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
DsaFlt.rls -> %System32%\drivers\etc\DsaFlt.rls -> [Ver = | Size = 332136 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
DsaFlt.rls.bck -> %System32%\drivers\etc\DsaFlt.rls.bck -> [Ver = | Size = 332136 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
IdsFlt.cfg -> %System32%\drivers\etc\IdsFlt.cfg -> [Ver = | Size = 252 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
IdsFlt.cfg.bck -> %System32%\drivers\etc\IdsFlt.cfg.bck -> [Ver = | Size = 252 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
NetAR.wlt -> %System32%\drivers\etc\NetAR.wlt -> [Ver = | Size = 64 bytes | Modified Date = 6/25/2007 3:56:18 PM | Attr = ]
NetAR.wlt.bck -> %System32%\drivers\etc\NetAR.wlt.bck -> [Ver = | Size = 64 bytes | Modified Date = 6/25/2007 3:56:18 PM | Attr = ]
NetAV.alt -> %System32%\drivers\etc\NetAV.alt -> [Ver = | Size = 956 bytes | Modified Date = 6/27/2007 4:57:44 PM | Attr = ]
NetAV.alt.bck -> %System32%\drivers\etc\NetAV.alt.bck -> [Ver = | Size = 956 bytes | Modified Date = 6/27/2007 4:57:44 PM | Attr = ]
NetFlt.cfg -> %System32%\drivers\etc\NetFlt.cfg -> [Ver = | Size = 64 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
NetFlt.cfg.bck -> %System32%\drivers\etc\NetFlt.cfg.bck -> [Ver = | Size = 64 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
SmsFlt.cfg -> %System32%\drivers\etc\SmsFlt.cfg -> [Ver = | Size = 56 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
SmsFlt.cfg.bck -> %System32%\drivers\etc\SmsFlt.cfg.bck -> [Ver = | Size = 56 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
WnmFlt.cfg -> %System32%\drivers\etc\WnmFlt.cfg -> [Ver = | Size = 56 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]
WnmFlt.cfg.bck -> %System32%\drivers\etc\WnmFlt.cfg.bck -> [Ver = | Size = 56 bytes | Modified Date = 6/27/2007 5:42:56 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
qoologic , SAHAgent , -> %SystemRoot%\pav.sig -> [Ver = | Size = 39182987 bytes | Modified Date = 6/7/2007 11:06:52 PM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
Thawte Consulting , -> %System32%\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.34a | Size = 63144 bytes | Modified Date = 3/9/2006 5:00:00 AM | Attr = ]
Thawte Consulting , -> %System32%\pxcpyi64.exe -> Sonic Solutions [Ver = 1.00.34a | Size = 114856 bytes | Modified Date = 3/9/2006 5:00:00 AM | Attr = ]
Thawte Consulting , -> %System32%\pxinsa64.exe -> Sonic Solutions [Ver = 3.00.29a | Size = 62632 bytes | Modified Date = 5/4/2006 6:00:00 AM | Attr = ]
Thawte Consulting , -> %System32%\pxinsi64.exe -> Sonic Solutions [Ver = 3.00.29a | Size = 115880 bytes | Modified Date = 5/4/2006 6:00:00 AM | Attr = ]
Thawte Consulting , -> %System32%\PxSFS.DLL -> Sonic Solutions [Ver = 3.0.82.500 | Size = 1279656 bytes | Modified Date = 5/12/2006 6:26:02 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
Thawte Consulting , -> %System32%\XceedSco.dll -> Xceed Software Inc (450) 442-2626 [email protected] www.xceedsoft.com [Ver = 1.1.5180.0 | Size = 276352 bytes | Modified Date = 10/6/2005 5:17:44 PM | Attr = ]

< End of report >

Curiouser and curiouser, still nothing apparent

First could you go Start>Run and paste in %systemroot%\system32\restore\rstrui.exe please tell me what occurs

Also run Superantispyware in normal mode

• On the first page select Check for Updates
• On completion select SCAN YOUR COMPUTER
• On the next page select COMPLETE SCAN and tick ALL your drives
• The next stage will take a while as your entire drive(s), memory and registry are scanned
• When it has completed click NEXT
• The next screen shows the problems found click OK
• On the next screen place a tick against all items and select NEXT
• Now to get the log Go to the PREFERENCES button on the right bottom
• Select the STATISTICS/LOG tab
• Highlight the scan just completed and click VIEW LOG
• This will open a notepad text file copy and paste this to your next reply

If I could have an Update on your system after the run command and the SAS log