Here it is.
WinPFind3 logfile created on: 8/26/2007 6:13:21 PM
WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\Documents and Settings\Lord Ruin\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
502.80 Mb Total Physical Memory | 273.49 Mb Available Physical Memory | 54.39% Memory free
1.20 Gb Paging File | 0.96 Gb Available in Paging File | 80.52% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.69 Gb Total Space | 23.65 Gb Free Space | 30.84% Space Free
Drive D: | 480.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free
Drive E: | 549.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free
F: Drive not present or media not loaded
Computer Name: VILANCEHASARIVD
Current User Name: Lord Ruin
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
acsd.exe -> %CommonProgramFiles%\AOL\ACS\acsd.exe -> America Online, Inc. [Ver = 1,0,22,1 | Size = 1388648 bytes | Modified Date = 9/16/2003 11:55:36 PM | Attr = ]
avgnt.exe -> %ProgramFiles%\AntiVir PersonalEdition Classic\avgnt.exe -> Avira GmbH [Ver = 7.00.04.05 | Size = 327720 bytes | Modified Date = 4/20/2007 4:32:56 PM | Attr = ]
avguard.exe -> %ProgramFiles%\AntiVir PersonalEdition Classic\avguard.exe -> Avira GmbH [Ver = 7.00.00.52 | Size = 204840 bytes | Modified Date = 4/20/2007 4:32:56 PM | Attr = ]
cmdagent.exe -> %ProgramFiles%\Comodo\Firewall\cmdagent.exe -> COMODO [Ver = 2.4.0.20 | Size = 361040 bytes | Modified Date = 8/24/2007 1:06:02 AM | Attr = ]
cpf.exe -> %ProgramFiles%\Comodo\Firewall\cpf.exe -> COMODO [Ver = 2.4.0.58 | Size = 1115728 bytes | Modified Date = 8/24/2007 1:06:02 AM | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7777 | Size = 127043 bytes | Modified Date = 7/20/2005 6:07:00 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3208 | Size = 180269 bytes | Modified Date = 9/21/2006 1:35:34 AM | Attr = ]
sched.exe -> %ProgramFiles%\AntiVir PersonalEdition Classic\sched.exe -> Avira GmbH [Ver = 7.00.00.46 | Size = 57896 bytes | Modified Date = 4/20/2007 4:33:04 PM | Attr = ]
wanmpsvc.exe -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 5:27:44 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 6/23/2007 3:15:54 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(AntiVirScheduler) AntiVir PersonalEdition Classic Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\AntiVir PersonalEdition Classic\sched.exe -> Avira GmbH [Ver = 7.00.00.46 | Size = 57896 bytes | Modified Date = 4/20/2007 4:33:04 PM | Attr = ]
(AntiVirService) AntiVir PersonalEdition Classic Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\AntiVir PersonalEdition Classic\avguard.exe -> Avira GmbH [Ver = 7.00.00.52 | Size = 204840 bytes | Modified Date = 4/20/2007 4:32:56 PM | Attr = ]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\acsd.exe -> America Online, Inc. [Ver = 1,0,22,1 | Size = 1388648 bytes | Modified Date = 9/16/2003 11:55:36 PM | Attr = ]
(CmdAgent) Comodo Application Agent [Win32_Own | Auto | Running] -> %ProgramFiles%\Comodo\Firewall\cmdagent.exe -> COMODO [Ver = 2.4.0.20 | Size = 361040 bytes | Modified Date = 8/24/2007 1:06:02 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 1:56:50 AM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7777 | Size = 127043 bytes | Modified Date = 7/20/2005 6:07:00 PM | Attr = ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 4/5/2005 11:17:22 AM | Attr = ]
(WANMiniportService) WAN Miniport (ATW) Service [Win32_Own | Auto | Running] -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 5:27:44 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
-> -> File not found
avgnt -> %ProgramFiles%\AntiVir PersonalEdition Classic\avgnt.exe -> Avira GmbH [Ver = 7.00.04.05 | Size = 327720 bytes | Modified Date = 4/20/2007 4:32:56 PM | Attr = ]
COMODO Firewall Pro -> %ProgramFiles%\Comodo\Firewall\cpf.exe -> COMODO [Ver = 2.4.0.58 | Size = 1115728 bytes | Modified Date = 8/24/2007 1:06:02 AM | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.7777 | Size = 7110656 bytes | Modified Date = 7/20/2005 6:07:00 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 9/1/2006 4:57:48 PM | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3208 | Size = 180269 bytes | Modified Date = 9/21/2006 1:35:34 AM | Attr = ]
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
-> -> File not found
AIM -> %ProgramFiles%\aim\aim.exe -cnetwait.odl -> File not found
BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe -> [Ver = | Size = 43520 bytes | Modified Date = 9/21/2006 2:36:30 PM | Attr = ]
Veoh -> %ProgramFiles%\Veoh Networks\Veoh\VeohClient.exe -> Veoh Networks [Ver = 3.2.1.1073 | Size = 2019328 bytes | Modified Date = 5/3/2007 5:43:38 PM | Attr = ]
Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,0,0,716 | Size = 4621816 bytes | Modified Date = 9/13/2006 2:17:28 PM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 29696 bytes | Modified Date = 12/14/2004 5:44:06 AM | Attr = ]
%AllUsersStartup%\BigFix.lnk -> %ProgramFiles%\BigFix\BigFix.exe -> BigFix Inc. [Ver = 1, 7, 6, 0 | Size = 1742384 bytes | Modified Date = 7/31/2002 5:22:26 PM | Attr = ]
< ICQ Agent [HKCU] > -> HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\ ->
HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\ -> ->
HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\\Launch Browser -> No ->
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.2331 | Size = 323584 bytes | Modified Date = 1/30/2004 9:13:24 AM | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL ->
http://www.yahoo.com/ ->
HKLM: Main\\Default_Search_URL ->
http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar ->
http://us.rd.yahoo.com/customize/ie/def ... earch.html ->
HKLM: Search Page ->
http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com ->
HKLM: Start Page ->
http://www.yahoo.com/ ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar ->
http://google.icq.com/search/search_frame.php ->
HKCU: Search Page ->
http://google.icq.com ->
HKCU: Start Page ->
http://www.yahoo.com/ ->
HKCU: URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} [HKLM] -> %ProgramFiles%\ICQToolbar\toolbaru.dll [ICQ Toolbar] -> ICQ Inc. [Ver = 1, 0, 10, 17 | Size = 446464 bytes | Modified Date = 1/19/2005 5:16:34 AM | Attr = ]
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 12/14/2004 2:56:50 AM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
{549B5CA7-4A86-11D7-A4DF-000874180BB3} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 7, 31, 1 | Size = 185848 bytes | Modified Date = 7/31/2006 3:32:32 PM | Attr = ]
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{D0943516-5076-4020-A3B5-AEFAF26AB263} [HKLM] -> %ProgramFiles%\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [Veoh Browser Plug-in] -> Veoh Networks Inc [Ver = 1.0.1.4 | Size = 358528 bytes | Modified Date = 5/3/2007 5:39:34 PM | Attr = ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} [HKLM] -> %ProgramFiles%\ICQToolbar\toolbaru.dll [ICQ Toolbar] -> ICQ Inc. [Ver = 1, 0, 10, 17 | Size = 446464 bytes | Modified Date = 1/19/2005 5:16:34 AM | Attr = ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 9/29/2006 12:53:18 PM | Attr = ]
WebBrowser\\{F2CF5485-4E02-4F68-819C-B92DE9277049} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Data - Key not found [MenuText: Sun Java Console] -> File not found
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -> Reg Data - Value does not exist [ButtonText: Yahoo! Services] -> File not found
{6224f700-cba3-4071-b251-47cb894244cd} -> %ProgramFiles%\ICQ\Icq.exe [ButtonText: ICQ] -> [Ver = | Size = 1995333 bytes | Modified Date = 2/7/2002 6:20:28 AM | Attr = ]
{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> %ProgramFiles%\aim\aim.exe [ButtonText: AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 8/1/2006 4:35:36 PM | Attr = ]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} -> %ProgramFiles%\ICQLite\ICQLite.exe [ButtonText: ICQ Lite] -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 7/11/2006 3:06:40 AM | Attr = ]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [ButtonText: Yahoo! Messenger] -> Yahoo! Inc. [Ver = 8,0,0,716 | Size = 4621816 bytes | Modified Date = 9/13/2006 2:17:28 PM | Attr = ]
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&ICQ Toolbar Search -> %ProgramFiles%\ICQToolbar\toolbaru.dll\SEARCH.HTM -> File not found
&Yahoo! Search -> %ProgramFiles%\Yahoo!\Common\YCSRCH.HTM -> [Ver = | Size = 605 bytes | Modified Date = 6/3/2005 7:07:38 PM | Attr = ]
Yahoo! &Dictionary -> %ProgramFiles%\Yahoo!\Common\YCDICT.HTM -> [Ver = | Size = 616 bytes | Modified Date = 6/3/2005 7:07:16 PM | Attr = ]
Yahoo! &Maps -> %ProgramFiles%\Yahoo!\Common\ycmap.htm -> [Ver = | Size = 690 bytes | Modified Date = 6/3/2005 7:07:44 PM | Attr = ]
Yahoo! &SMS -> %ProgramFiles%\Yahoo!\Common\YCsms.htm -> [Ver = | Size = 1006 bytes | Modified Date = 8/1/2005 6:43:00 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{0F2C0BB3-A770-48AD-8BEF-C039277F4D8D} -> () ->
{23C5DE8D-CFBC-4737-8909-5321E37CF182} -> (Intel(R) PRO/100 VE Network Connection) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0E5F0222-96B9-11D3-8997-00104BD12D94} -> PCPitstop Utility - CodeBase =
http://pcpitstop.com/pcpitstop/PCPitStop.CAB ->
{14B87622-7E19-4EA8-93B3-97215F77A6BC} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... b31267.cab ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} -> Trend Micro ActiveX Scan Agent 6.5 - CodeBase =
http://housecall65.trendmicro.com/house ... hcImpl.cab ->
{2917297F-F02B-4B9D-81DF-494B6333150B} -> Minesweeper Flags Class - CodeBase =
http://messenger.zone.msn.com/binary/Mi ... b31267.cab ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -> YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll ->
{474AD63A-9B7E-40FE-8E4E-7067CC0F8D3D} -> IB_OnAir.IBOnAir - CodeBase =
http://ionair.sbs.co.kr/onair/IB_OnAir.CAB ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase =
http://by103fd.bay103.hotmail.msn.com/r ... nPUpld.cab ->
{5D6F45B3-9043-443D-A792-115447494D24} -> UnoCtrl Class - CodeBase =
http://messenger.zone.msn.com/KO-KR/a-U ... E_UNO1.cab ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase =
http://download.bitdefender.com/resourc ... oscan8.cab ->
{644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase =
http://security.symantec.com/sscv6/Shar ... /cabsa.cab ->
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} -> DivXBrowserPlugin Object - CodeBase =
http://go.divx.com/plugin/DivXBrowserPlugin.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.4.2 - CodeBase =
http://java.sun.com/products/plugin/aut ... s-i586.cab ->
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... b31267.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase =
http://acs.pandasoftware.com/activescan ... asinst.cab ->
{9B75502C-BBED-4BBD-8FE2-822E5E0AD32C} -> MagicLockOCX Control - CodeBase =
http://www.diodeo.com/ActiveDiodeoPlayer.cab ->
{9D190AE6-C81E-4039-8061-978EBAD10073} -> F-Secure Online Scanner 3.0 - CodeBase =
http://runvirusscan.com/ols3/fscax.cab ->
{B8BE5E93-A60C-4D26-A2DC-220313175592} -> MSN Games - Installer - CodeBase =
http://messenger.zone.msn.com/binary/ZI ... b56649.cab ->
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} -> a-squared Scanner - CodeBase =
http://ax.emsisoft.com/asquared.cab ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... b56907.cab ->
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} -> Java Plug-in 1.4.2 - CodeBase =
http://java.sun.com/products/plugin/aut ... s-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://download.macromedia.com/pub/shoc ... wflash.cab ->
{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} -> McFreeScan Class - CodeBase =
http://download.mcafee.com/molbin/iss-l ... cfscan.cab ->
{EFAEF0E4-F044-4D57-9900-1C3FF18524C9} -> AV Class - CodeBase =
http://www.pcpitstop.com/antivirus/PitPav.cab ->
{F4A1D5E2-AF49-47A7-A945-23038106F3A4} -> Pandora_SetUp Control - CodeBase =
http://imgcdn.pandora.tv/pan_img/launch ... etUpAX.cab ->
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -> Minesweeper Flags Class - CodeBase =
http://messenger.zone.msn.com/binary/Mi ... b56986.cab ->
[Registry - Additional Scans - Non-Microsoft Only]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -> 8193 - Reg Data - Value does not exist ->
{6224f700-cba3-4071-b251-47cb894244cd} -> 8194 - ICQ ->
{85d1f590-48f4-11d9-9669-0800200c9a66} -> 8200 - Uninstall BitDefender Online Scanner v8 ->
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> 8198 - Reg Data - Value does not exist ->
{B863453A-26C3-4e1f-A54D-A2CD196348E9} -> 8201 - ICQ Lite ->
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8195 - Reg Data - Value does not exist ->
{e2e2dd38-d088-4134-82b7-f2ba38496583} -> 8199 - @xpsp3res.dll,-20001 ->
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -> 8196 - Yahoo! Messenger ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8197 - Windows Messenger ->
NextId -> 8202 ->
< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{18D10072035C4515918F7E37EAFAACFC} -> AutoUpdate ->
{1D643CD7-4DD6-11D7-A4E0-000874180BB3} -> Microsoft Money 2004 ->
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP ->
{35AD3FC5-D09D-4D9F-8E9C-E40794194EC5} -> Netflix Movie Viewer ->
{3D5A72E1-1467-4199-8CF6-12DA8D502A6B} -> Veoh Player ->
{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B} -> Google Earth ->
{3E4B349F-10B5-4586-9D99-489A90A8B228} -> Sid Meier's Civilization 4 - Warlords ->
{49FC50FC-F965-40D9-89B4-CBFF80941033} -> Windows Movie Maker 2.0 ->
{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD ->
{7148F0A8-6813-11D6-A77B-00B0D0142000} -> Java 2 Runtime Environment, SE v1.4.2 ->
{764D06D8-D8DE-411E-A1C8-D9E9380F8A84} -> Microsoft Works 7.0 ->
{76EFFC7C-17A6-479D-9E47-8E658C1695AE} -> Windows Backup Utility ->
{7B63B2922B174135AFC0E1377DD81EC2} -> DivX ->
{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1} -> eMachines Bay Reader ->
{8A708DD8-A5E6-11D4-A706-000629E95E20} -> Intel(R) Extreme Graphics Driver ->
{8ADFC4160D694100B5B8A22DE9DCABD9} -> DivX Player ->
{8C64E145-54BA-11D6-91B1-00500462BE80} -> Microsoft Money 2004 System Pack ->
{8EB175BA-F457-499B-8AC9-8358E1BB0990} -> Takeda 2 Demo ->
{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D} -> Apple Software Update ->
{A79E6E20-E1B8-4A5A-97F4-E673404BF700} -> Netflix Movie Viewer ->
{A8589680-35C1-4732-ACCA-09B78921ECE3} -> Sid Meier's Civilization 4 ->
{AC76BA86-7AD7-1033-7B44-A70000000000} -> Adobe Reader 7.0 ->
{AC76BA86-7AD7-5A76-5A64-7E8A45000001} -> Adobe Reader Japanese Fonts ->
{B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player ->
{C1583439-B034-4881-819C-D52A0587662B} -> Neverwinter Nights Platinum Edition ->
{C325F588-D6B1-4A7F-B6A2-914C75DDA348} -> Morrowind ->
{CA0A1E54-CE0F-4366-B09C-A87B61DC5633} -> Symantec Network Drivers Update ->
{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8} -> Sid Meier's Civilization 4 ->
{DB3C800B-081B-4146-B4E3-EFB5B77AA913} -> TES Construction Set ->
{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} -> QuickTime ->
{FB08F381-6533-4108-B7DD-039E11FBC27E} -> Realtek AC'97 Audio ->
{FCE50DB8-C610-4C42-BE5C-193F46C6F812} -> Windows Live Messenger ->
America Online us -> America Online (Choose which version to remove) ->
AntiVir PersonalEdition Classic -> Avira AntiVir PersonalEdition Classic ->
AOL Instant Messenger -> AOL Instant Messenger ->
AolCoach -> AOL Coach Version 1.0(Build:20030807.3) ->
BigFix -> BigFix ->
BitTorrent -> BitTorrent 4.22.1 ->
CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1 -> SoftV92 Data Fax Modem with SmartCP ->
COMODO Firewall Pro -> COMODO Firewall Pro ->
CompuServe us -> CompuServe ->
Diablo -> Diablo ->
Diablo II -> Diablo II ->
DivX Subtitle Displayer_is1 -> DivX Subtitle Displayer 5.00 ->
HijackThis -> HijackThis 1.99.1 ->
ICQ -> ICQ ->
ICQLite -> ICQ 5.1 ->
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ->
InstallShield_{3D5A72E1-1467-4199-8CF6-12DA8D502A6B} -> Veoh Player ->
InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1} -> eMachines Bay Reader ->
KB873339 -> Windows XP Hotfix - KB873339 ->
KB885626 -> Windows XP Hotfix - KB885626 ->
KB885835 -> Windows XP Hotfix - KB885835 ->
KB885836 -> Windows XP Hotfix - KB885836 ->
KB886185 -> Windows XP Hotfix - KB886185 ->
KB887472 -> Windows XP Hotfix - KB887472 ->
KB888302 -> Windows XP Hotfix - KB888302 ->
KB890046 -> Security Update for Windows XP (KB890046) ->
KB890859 -> Windows XP Hotfix - KB890859 ->
KB891781 -> Windows XP Hotfix - KB891781 ->
KB893756 -> Security Update for Windows XP (KB893756) ->
KB893803v2 -> Windows Installer 3.1 (KB893803) ->
KB894391 -> Update for Windows XP (KB894391) ->
KB896358 -> Security Update for Windows XP (KB896358) ->
KB896423 -> Security Update for Windows XP (KB896423) ->
KB896424 -> Security Update for Windows XP (KB896424) ->
KB896428 -> Security Update for Windows XP (KB896428) ->
KB898461 -> Update for Windows XP (KB898461) ->
KB899587 -> Security Update for Windows XP (KB899587) ->
KB899591 -> Security Update for Windows XP (KB899591) ->
KB900485 -> Update for Windows XP (KB900485) ->
KB900725 -> Security Update for Windows XP (KB900725) ->
KB901017 -> Security Update for Windows XP (KB901017) ->
KB901190 -> Security Update for Windows XP (KB901190) ->
KB901214 -> Security Update for Windows XP (KB901214) ->
KB902400 -> Security Update for Windows XP (KB902400) ->
KB904706 -> Security Update for Windows XP (KB904706) ->
KB904942 -> Update for Windows XP (KB904942) ->
KB905414 -> Security Update for Windows XP (KB905414) ->
KB905749 -> Security Update for Windows XP (KB905749) ->
KB908519 -> Security Update for Windows XP (KB908519) ->
KB908531 -> Update for Windows XP (KB908531) ->
KB910437 -> Update for Windows XP (KB910437) ->
KB911280 -> Update for Windows XP (KB911280) ->
KB911562 -> Security Update for Windows XP (KB911562) ->
KB911564 -> Security Update for Windows Media Player (KB911564) ->
KB911567 -> Security Update for Windows XP (KB911567) ->
KB911927 -> Security Update for Windows XP (KB911927) ->
KB912919 -> Security Update for Windows XP (KB912919) ->
KB913580 -> Security Update for Windows XP (KB913580) ->
KB914388 -> Security Update for Windows XP (KB914388) ->
KB914389 -> Security Update for Windows XP (KB914389) ->
KB914440 -> Hotfix for Windows XP (KB914440) ->
KB915865 -> Hotfix for Windows XP (KB915865) ->
KB916595 -> Update for Windows XP (KB916595) ->
KB917159 -> Security Update for Windows XP (KB917159) ->
KB917344 -> Security Update for Windows XP (KB917344) ->
KB917422 -> Security Update for Windows XP (KB917422) ->
KB917734_WMP9 -> Security Update for Windows Media Player 9 (KB917734) ->
KB917953 -> Security Update for Windows XP (KB917953) ->
KB918118 -> Security Update for Windows XP (KB918118) ->
KB918439 -> Security Update for Windows XP (KB918439) ->
KB918899 -> Security Update for Windows XP (KB918899) ->
KB919007 -> Security Update for Windows XP (KB919007) ->
KB920213 -> Security Update for Windows XP (KB920213) ->
KB920214 -> Security Update for Windows XP (KB920214) ->
KB920670 -> Security Update for Windows XP (KB920670) ->
KB920683 -> Security Update for Windows XP (KB920683) ->
KB920685 -> Security Update for Windows XP (KB920685) ->
KB920872 -> Update for Windows XP (KB920872) ->
KB921398 -> Security Update for Windows XP (KB921398) ->
KB921503 -> Security Update for Windows XP (KB921503) ->
KB921883 -> Security Update for Windows XP (KB921883) ->
KB922582 -> Update for Windows XP (KB922582) ->
KB922616 -> Security Update for Windows XP (KB922616) ->
KB922760 -> Security Update for Windows XP (KB922760) ->
KB922819 -> Security Update for Windows XP (KB922819) ->
KB923191 -> Security Update for Windows XP (KB923191) ->
KB923414 -> Security Update for Windows XP (KB923414) ->
KB923689 -> Security Update for Windows XP (KB923689) ->
KB923694 -> Security Update for Windows XP (KB923694) ->
KB923980 -> Security Update for Windows XP (KB923980) ->
KB924191 -> Security Update for Windows XP (KB924191) ->
KB924270 -> Security Update for Windows XP (KB924270) ->
KB924496 -> Security Update for Windows XP (KB924496) ->
KB924667 -> Security Update for Windows XP (KB924667) ->
KB925398_WMP64 -> Security Update for Windows Media Player 6.4 (KB925398) ->
KB925454 -> Security Update for Windows XP (KB925454) ->
KB925486 -> Security Update for Windows XP (KB925486) ->
KB925902 -> Security Update for Windows XP (KB925902) ->
KB926239 -> Hotfix for Windows XP (KB926239) ->
KB926255 -> Security Update for Windows XP (KB926255) ->
KB926436 -> Security Update for Windows XP (KB926436) ->
KB927779 -> Security Update for Windows XP (KB927779) ->
KB927802 -> Security Update for Windows XP (KB927802) ->
KB927891 -> Update for Windows XP (KB927891) ->
KB928090 -> Security Update for Windows XP (KB928090) ->
KB928255 -> Security Update for Windows XP (KB928255) ->
KB928843 -> Security Update for Windows XP (KB928843) ->
KB929123 -> Security Update for Windows XP (KB929123) ->
KB929338 -> Update for Windows XP (KB929338) ->
KB929399 -> Hotfix for Windows Media Format 11 SDK (KB929399) ->
KB929969 -> Security Update for Windows XP (KB929969) ->
KB930178 -> Security Update for Windows XP (KB930178) ->
KB930916 -> Update for Windows XP (KB930916) ->
KB931261 -> Security Update for Windows XP (KB931261) ->
KB931768 -> Security Update for Windows XP (KB931768) ->
KB931784 -> Security Update for Windows XP (KB931784) ->
KB931836 -> Update for Windows XP (KB931836) ->
KB932168 -> Security Update for Windows XP (KB932168) ->
KB933566 -> Security Update for Windows XP (KB933566) ->
KB935839 -> Security Update for Windows XP (KB935839) ->
KB935840 -> Security Update for Windows XP (KB935840) ->
KB936021 -> Security Update for Windows XP (KB936021) ->
KB936357 -> Update for Windows XP (KB936357) ->
KB936782_WMP11 -> Security Update for Windows Media Player 11 (KB936782) ->
KB937143 -> Security Update for Windows XP (KB937143) ->
KB938127 -> Security Update for Windows XP (KB938127) ->
KB938828 -> Update for Windows XP (KB938828) ->
KB938829 -> Security Update for Windows XP (KB938829) ->
LiveUpdate -> LiveUpdate 1.90 (Symantec Corporation) ->
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP ->
Netscape 6 (6.2.1) -> Netscape 6 (6.2.1) ->
Neverwinter Nights - Kingmaker -> BioWare Premium Module: Neverwinter Nights - Kingmaker ->
Neverwinter Nights - ShadowGuard -> BioWare Premium Module: Neverwinter Nights - ShadowGuard ->
Neverwinter Nights - Witch's Wake -> BioWare Premium Module: Neverwinter Nights - Witch's Wake ->
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs ->
NVIDIA Drivers -> NVIDIA Drivers ->
Panda ActiveScan -> Panda ActiveScan ->
PCPitstop Panda AntiVirus Scan -> PCPitstop Panda AntiVirus Scan (remove only) ->
PROSet -> Intel(R) PRO Network Adapters and Drivers ->
RealPlayer 6.0 -> RealPlayer ->
SANYO Digital Camera Driver -> SANYO Digital Camera Driver ->
ShockwaveFlash -> Adobe Flash Player 9 ActiveX ->
Spybot - Search & Destroy_is1 -> Spybot - Search & Destroy 1.4 ->
Starcraft -> Starcraft ->
StreetPlugin -> Learn2 Player (Uninstall Only) ->
Throne of Darkness Demo -> Throne of Darkness Demo ->
ToolbarICQToolbar.ICQToolbarObjectIEToolbar -> ICQ Toolbar ->
ViewpointMediaPlayer -> Viewpoint Media Player ->
VLC media player -> VideoLAN VLC media player 0.8.6a ->
WGA -> Windows Genuine Advantage Validation Tool (KB892130) ->
WgaNotify -> Windows Genuine Advantage Notifications (KB905474) ->
Winamp -> Winamp (remove only) ->
Windows Media Format Runtime -> Windows Media Format 11 runtime ->
Windows Media Player -> Windows Media Player 11 ->
Windows XP Service Pack -> Windows XP Service Pack 2 ->
WinRAR archiver -> WinRAR archiver ->
WMFDist11 -> Windows Media Format 11 runtime ->
wmp11 -> Windows Media Player 11 ->
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 ->
Xfire -> Xfire (remove only) ->
Yahoo! Companion -> Yahoo! Toolbar for Internet Explorer ->
Yahoo! Customizations -> Yahoo! Browser Services ->
Yahoo! Messenger -> Yahoo! Messenger ->
Yahoo! Toolbar -> Yahoo! Toolbar ->
YInstHelper -> Yahoo! Install Manager ->
[Files/Folders - Created Within 60 days]
boot.ini.comodofirewall -> %SystemDrive%\boot.ini.comodofirewall -> [Ver = | Size = 207 bytes | Created Date = 8/24/2007 12:06:28 AM | Attr = ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 8/14/2007 4:54:17 PM | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 8/14/2007 4:54:38 PM | Attr = H ]
$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Created Date = 7/11/2007 2:01:14 AM | Attr = H ]
$NtUninstallKB936782_WMP11$ -> %SystemRoot%\$NtUninstallKB936782_WMP11$ -> [Folder | Created Date = 8/14/2007 4:51:01 PM | Attr = H ]
$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Created Date = 8/14/2007 4:51:56 PM | Attr = H ]
$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Created Date = 8/14/2007 4:52:18 PM | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 8/14/2007 4:54:27 PM | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 8/14/2007 4:54:07 PM | Attr = H ]
SpoonUninstall-KlinZhaBoard.bmp -> %System32%\SpoonUninstall-KlinZhaBoard.bmp -> [Ver = | Size = 28898 bytes | Created Date = 8/10/2007 1:23:40 PM | Attr = ]
SpoonUninstall-KlinZhaBoard.dat -> %System32%\SpoonUninstall-KlinZhaBoard.dat -> [Ver = | Size = 7816 bytes | Created Date = 8/10/2007 1:23:40 PM | Attr = ]
cmdmon.sys -> %System32%\drivers\cmdmon.sys -> Comodo Research Lab., Inc. [Ver = 2.3.035 built by: WinDDK | Size = 75520 bytes | Created Date = 8/24/2007 12:06:05 AM | Attr = ]
inspect.sys -> %System32%\drivers\inspect.sys -> COMODO [Ver = 2, 0, 0, 1 | Size = 51328 bytes | Created Date = 8/24/2007 12:06:05 AM | Attr = ]
Msft_User_WpdMtpDr_01_00_00.Wdf -> %System32%\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 8/12/2007 6:16:50 AM | Attr = H ]
Avg7 -> %AllUsersAppData%\Avg7 -> [Folder | Created Date = 8/24/2007 12:04:44 AM | Attr = ]
Comodo -> %AllUsersAppData%\Comodo -> [Folder | Created Date = 8/24/2007 12:10:53 AM | Attr = ]
SalesMonitor -> %AllUsersAppData%\SalesMonitor -> [Folder | Created Date = 8/22/2007 9:05:25 AM | Attr = R ]
Comodo -> %UserAppData%\Comodo -> [Folder | Created Date = 8/24/2007 12:10:57 AM | Attr = ]
COMODO Firewall Pro.lnk -> %AllUsersDesktop%\COMODO Firewall Pro.lnk -> [Ver = | Size = 1588 bytes | Created Date = 8/24/2007 12:06:29 AM | Attr = ]
convo.rtf -> %UserDesktop%\convo.rtf -> [Ver = | Size = 7582 bytes | Created Date = 8/15/2007 11:19:22 PM | Attr = ]
gamethingy.bmp -> %UserDesktop%\gamethingy.bmp -> [Ver = | Size = 1440054 bytes | Created Date = 8/25/2007 2:07:09 AM | Attr = ]
untitled.bmp -> %UserDesktop%\untitled.bmp -> [Ver = | Size = 666198 bytes | Created Date = 8/25/2007 11:37:14 PM | Attr = ]
Veoh.lnk -> %UserDesktop%\Veoh.lnk -> [Ver = | Size = 1696 bytes | Created Date = 7/5/2007 8:17:03 AM | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 8/26/2007 5:10:38 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 355277 bytes | Created Date = 8/26/2007 4:47:05 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->
[Files/Folders - Modified Within 60 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 208 bytes | Modified Date = 8/24/2007 1:06:30 AM | Attr = RHS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 8/24/2007 12:56:56 AM | Attr = HS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 527290368 bytes | Modified Date = 8/26/2007 5:36:06 PM | Attr = HS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 8/24/2007 1:06:04 AM | Attr = R ]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 8/21/2007 8:43:40 PM | Attr = H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 304 bytes | Modified Date = 8/24/2007 7:08:58 AM | Attr = H ]
sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 256 bytes | Modified Date = 8/24/2007 7:10:28 AM | Attr = H ]
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 268 bytes | Modified Date = 8/25/2007 1:20:36 AM | Attr = H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 8/25/2007 1:38:06 AM | Attr = H ]
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 8/25/2007 10:00:52 PM | Attr = H ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 232 bytes | Modified Date = 8/26/2007 6:09:02 PM | Attr = H ]
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 232 bytes | Modified Date = 8/26/2007 6:09:14 PM | Attr = H ]
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 232 bytes | Modified Date = 8/26/2007 6:09:26 PM | Attr = H ]
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 232 bytes | Modified Date = 8/26/2007 6:09:38 PM | Attr = H ]
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 232 bytes | Modified Date = 8/26/2007 6:09:50 PM | Attr = H ]
sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 268 bytes | Modified Date = 7/9/2007 7:54:32 PM | Attr = H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/21/2007 8:43:40 PM | Attr = H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/24/2007 7:08:58 AM | Attr = H ]
sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/24/2007 7:10:28 AM | Attr = H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/25/2007 1:20:36 AM | Attr = H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/25/2007 1:38:06 AM | Attr = H ]
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/25/2007 10:00:52 PM | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/26/2007 6:09:02 PM | Attr = H ]
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/26/2007 6:09:14 PM | Attr = H ]
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/26/2007 6:09:26 PM | Attr = H ]
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/26/2007 6:09:38 PM | Attr = H ]
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/26/2007 6:09:50 PM | Attr = H ]
sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 7/9/2007 7:54:32 PM | Attr = H ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 8/26/2007 5:41:44 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 8/22/2007 1:18:34 AM | Attr = H ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 8/22/2007 3:12:44 AM | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 8/22/2007 3:13:26 AM | Attr = H ]
$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Modified Date = 8/22/2007 3:13:00 AM | Attr = H ]
$NtUninstallKB936782_WMP11$ -> %SystemRoot%\$NtUninstallKB936782_WMP11$ -> [Folder | Modified Date = 8/22/2007 3:06:16 AM | Attr = H ]
$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Modified Date = 8/22/2007 3:08:52 AM | Attr = H ]
$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Modified Date = 8/22/2007 3:09:40 AM | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 8/22/2007 3:13:12 AM | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 8/22/2007 3:12:28 AM | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 8/26/2007 5:36:10 PM | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 8/21/2007 7:50:22 PM | Attr = S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 8/23/2007 8:51:04 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 8/22/2007 3:13:20 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 8/23/2007 8:51:04 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 8/24/2007 12:56:56 AM | Attr = HS]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 8/2/2007 4:33:00 AM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 8/26/2007 6:10:40 PM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 8/22/2007 12:25:50 AM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 8/24/2007 1:04:38 AM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 8/24/2007 1:09:06 AM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 8/24/2007 12:55:42 AM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 8/26/2007 5:39:28 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 907 bytes | Modified Date = 8/26/2007 5:39:48 PM | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 8/21/2007 7:18:12 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 8/26/2007 5:36:16 PM | Attr = H ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 8/21/2007 8:48:12 PM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 8/22/2007 1:08:48 AM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 8/26/2007 2:01:10 PM | Attr = ]
CmdLineExt03.dll -> %System32%\CmdLineExt03.dll -> [Ver = | Size = 43520 bytes | Modified Date = 7/3/2007 2:34:50 PM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 8/21/2007 8:52:46 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 8/24/2007 1:09:52 AM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 8/24/2007 1:06:06 AM | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 29204 bytes | Modified Date = 8/26/2007 5:39:18 PM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 8/21/2007 8:27:30 PM | Attr = ]
SpoonUninstall-KlinZhaBoard.bmp -> %System32%\SpoonUninstall-KlinZhaBoard.bmp -> [Ver = | Size = 28898 bytes | Modified Date = 8/10/2007 2:23:20 PM | Attr = ]
SpoonUninstall-KlinZhaBoard.dat -> %System32%\SpoonUninstall-KlinZhaBoard.dat -> [Ver = | Size = 7816 bytes | Modified Date = 8/10/2007 2:23:42 PM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 8/21/2007 8:52:26 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1170 bytes | Modified Date = 8/26/2007 5:39:10 PM | Attr = ]
cmdmon.sys -> %System32%\drivers\cmdmon.sys -> Comodo Research Lab., Inc. [Ver = 2.3.035 built by: WinDDK | Size = 75520 bytes | Modified Date = 8/24/2007 1:06:04 AM | Attr = ]
inspect.sys -> %System32%\drivers\inspect.sys -> COMODO [Ver = 2, 0, 0, 1 | Size = 51328 bytes | Modified Date = 8/24/2007 1:06:04 AM | Attr = ]
UMDF -> %System32%\drivers\UMDF -> [Folder | Modified Date = 8/12/2007 7:16:52 AM | Attr = ]
Msft_User_WpdMtpDr_01_00_00.Wdf -> %System32%\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 8/12/2007 7:16:52 AM | Attr = H ]
Avg7 -> %AllUsersAppData%\Avg7 -> [Folder | Modified Date = 8/24/2007 1:04:46 AM | Attr = ]
Comodo -> %AllUsersAppData%\Comodo -> [Folder | Modified Date = 8/24/2007 1:10:54 AM | Attr = ]
Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 8/12/2007 7:16:52 AM | Attr = S]
SalesMonitor -> %AllUsersAppData%\SalesMonitor -> [Folder | Modified Date = 8/22/2007 10:05:26 AM | Attr = R ]
Symantec -> %AllUsersAppData%\Symantec -> [Folder | Modified Date = 8/24/2007 12:56:32 AM | Attr = ]
BitTorrent -> %UserAppData%\BitTorrent -> [Folder | Modified Date = 8/13/2007 9:20:44 PM | Attr = ]
Comodo -> %UserAppData%\Comodo -> [Folder | Modified Date = 8/24/2007 1:10:58 AM | Attr = ]
Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 8/24/2007 1:04:40 AM | Attr = S]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 69120 bytes | Modified Date = 7/1/2007 5:34:00 AM | Attr = ]
IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 1578638 bytes | Modified Date = 8/26/2007 1:59:46 AM | Attr = H ]
Microsoft -> %LocalAppData%\Microsoft -> [Folder | Modified Date = 8/24/2007 7:23:28 AM | Attr = ]
BitTorrent Downloads -> %UserDocuments%\BitTorrent Downloads -> [Folder | Modified Date = 8/18/2007 2:18:48 AM | Attr = ]
My Music -> %UserDocuments%\My Music -> [Folder | Modified Date = 8/7/2007 7:43:34 PM | Attr = R ]
My Received Files -> %UserDocuments%\My Received Files -> [Folder | Modified Date = 8/21/2007 8:25:42 AM | Attr = ]
My Sharing Folders.lnk -> %UserDocuments%\My Sharing Folders.lnk -> [Ver = | Size = 587 bytes | Modified Date = 8/26/2007 5:41:28 PM | Attr = ]
My Videos -> %UserDocuments%\My Videos -> [Folder | Modified Date = 8/18/2007 1:51:50 AM | Attr = ]
COMODO Firewall Pro.lnk -> %AllUsersDesktop%\COMODO Firewall Pro.lnk -> [Ver = | Size = 1588 bytes | Modified Date = 8/24/2007 1:06:30 AM | Attr = ]
convo.rtf -> %UserDesktop%\convo.rtf -> [Ver = | Size = 7582 bytes | Modified Date = 8/16/2007 12:19:24 AM | Attr = ]
Copy of ObjectData.w3o -> %UserDesktop%\Copy of ObjectData.w3o -> [Ver = | Size = 61364 bytes | Modified Date = 7/3/2007 12:09:24 PM | Attr = ]
gamethingy.bmp -> %UserDesktop%\gamethingy.bmp -> [Ver = | Size = 1440054 bytes | Modified Date = 8/25/2007 3:07:12 AM | Attr = ]
Plus! -> %UserDesktop%\Plus! -> [Folder | Modified Date = 8/24/2007 7:22:26 AM | Attr = ]
tomenet-bin -> %UserDesktop%\tomenet-bin -> [Folder | Modified Date = 7/14/2007 11:52:42 PM | Attr = ]
untitled.bmp -> %UserDesktop%\untitled.bmp -> [Ver = | Size = 666198 bytes | Modified Date = 8/26/2007 12:42:32 AM | Attr = ]
Veoh.lnk -> %UserDesktop%\Veoh.lnk -> [Ver = | Size = 1696 bytes | Modified Date = 7/5/2007 9:17:04 AM | Attr = ]
WarCraft III Stuff -> %UserDesktop%\WarCraft III Stuff -> [Folder | Modified Date = 8/4/2007 5:40:40 PM | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 8/26/2007 6:10:40 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 355277 bytes | Modified Date = 8/26/2007 5:47:08 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->
Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 8/24/2007 1:09:06 AM | Attr = ]
WinAntiSpyware 2007 -> %CommonProgramFiles%\WinAntiSpyware 2007 -> [Folder | Modified Date = 8/23/2007 7:01:44 AM | Attr = ]
[File String Scan - Non-Microsoft Only]
WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.17 | Size = 14204416 bytes | Modified Date = 1/9/2004 5:53:58 PM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 3/31/2003 5:00:00 AM | Attr = ]
PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivXNetworks, Inc. [Ver = 5.2.1.1328 | Size = 716800 bytes | Modified Date = 9/3/2004 11:03:48 AM | Attr = ]
WSUD , -> %System32%\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.10.7777 | Size = 5140480 bytes | Modified Date = 7/20/2005 6:07:00 PM | Attr = ]
PEC2 , -> %System32%\oembios.bin -> [Ver = | Size = 13107200 bytes | Modified Date = 2/28/2002 12:42:54 PM | Attr = ]
UPX! , UPX0 , -> %System32%\Pandora_SetUpAX.ocx -> Pandora TV [Ver = 1.0.1.32 | Size = 265728 bytes | Modified Date = 12/12/2006 3:41:12 PM | Attr = ]
Thawte Consulting , -> %System32%\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.35a | Size = 63144 bytes | Modified Date = 8/24/2006 8:47:00 PM | Attr = ]
Thawte Consulting , -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.33a | Size = 67240 bytes | Modified Date = 8/24/2006 8:47:00 PM | Attr = ]
Thawte Consulting , -> %System32%\pxinsa64.exe -> Sonic Solutions [Ver = 3.00.33a | Size = 62632 bytes | Modified Date = 8/24/2006 8:47:00 PM | Attr = ]
Thawte Consulting , -> %System32%\pxinsi64.exe -> Sonic Solutions [Ver = 3.00.33a | Size = 115880 bytes | Modified Date = 8/24/2006 8:47:00 PM | Attr = ]
Thawte Consulting , -> %System32%\SmartUI2.ocx -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 2.00.0202 | Size = 874248 bytes | Modified Date = 6/14/2004 4:04:34 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 3/31/2003 5:00:00 AM | Attr = ]
UPX! , UPX0 , Thawte Consulting , -> %System32%\websetup2.exe -> PandoraTV Inc. [Ver = 2, 0, 0, 1 | Size = 161040 bytes | Modified Date = 4/1/2007 8:15:28 AM | Attr = ]
Thawte Consulting , -> %System32%\XceedCry.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 1.1.107.0 | Size = 512688 bytes | Modified Date = 11/19/2003 3:59:36 PM | Attr = ]
Thawte Consulting , -> %System32%\XceedZip.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 5.0.117.0 | Size = 427864 bytes | Modified Date = 6/14/2004 3:56:26 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 3/31/2003 5:00:00 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 11:41:38 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\throneofdarknessdemo.exe:Zone.Identifier ->
File scan skipped for file %UserDesktop%\throneofdarknessdemo.exe -> File size too big (116504048 bytes) ->
@Alternate Data Stream - 0 bytes -> %UserDesktop%\Thumbs.db:encryptable ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->
< End of report >