Hi Tim,
As you requested.
Scott
WinPFind3 logfile created on: 4/21/2007 5:47:01 PM
WinPFind3U by OldTimer - Version 1.0.34 Folder = C:\Documents and Settings\Scott\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
1023.30 Mb Total Physical Memory | 583.05 Mb Available Physical Memory | 56.98% Memory free
1.40 Gb Paging File | 1.03 Gb Available in Paging File | 73.62% Paging File free
Paging file location(s): C:\pagefile.sys 500 750;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 7.35 Gb Free Space | 19.74% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 111.81 Gb Total Space | 46.26 Gb Free Space | 41.37% Space Free
Computer Name: KOBETOSHIBA
Current User Name: Scott
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
1xconfig.exe -> %System32%\1XConfig.exe -> Intel [Ver = 8, 0, 0, 161 | Size = 184320 bytes | Modified Date = 12/16/2003 4:43:06 PM | Attr = ]
acrobat_sl.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 32256 bytes | Modified Date = 9/24/2005 12:05:38 AM | Attr = ]
acsd.exe -> %CommonProgramFiles%\AOL\ACS\acsd.exe -> America Online, Inc. [Ver = 1,0,25,3 | Size = 1434848 bytes | Modified Date = 4/21/2004 12:16:02 PM | Attr = ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 4/17/2007 3:31:58 AM | Attr = ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 416256 bytes | Modified Date = 4/17/2007 3:32:00 AM | Attr = ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 10/11/2006 10:03:54 AM | Attr = ]
cfsvcs.exe -> %ProgramFiles%\Toshiba\ConfigFree\CFSvcs.exe -> TOSHIBA CORPORATION [Ver = 4, 50, 0, 2 | Size = 28672 bytes | Modified Date = 12/2/2003 6:05:54 PM | Attr = ]
dkservice.exe -> %ProgramFiles%\Executive Software\Diskeeper\DkService.exe -> Executive Software International, Inc. [Ver = 9.0.532.0 | Size = 606316 bytes | Modified Date = 7/26/2005 5:51:22 PM | Attr = ]
dm1service.exe -> %ProgramFiles%\Olympus\DeviceDetector\DM1Service.exe -> OLYMPUS Corporation [Ver = 1, 2, 0, 1 | Size = 65536 bytes | Modified Date = 3/1/2004 2:39:26 PM | Attr = ]
dvdramsv.exe -> %System32%\DVDRAMSV.exe -> Matsushita Electric Industrial Co., Ltd. [Ver = 2, 0, 7, 0 | Size = 106496 bytes | Modified Date = 5/23/2003 2:38:26 PM | Attr = ]
googledesktopsetuphelper.exe -> %ProgramFiles%\Google\Google Desktop Search\gcdtmp105\GoogleDesktopSetupHelper.exe -> Google [Ver = 5.1.703.13372 | Size = 1862144 bytes | Modified Date = 4/21/2007 5:42:02 PM | Attr = ]
googlewebaccclient.exe -> %ProgramFiles%\Google\Web Accelerator\googlewebaccclient.exe -> [Ver = | Size = 1679360 bytes | Modified Date = 3/29/2007 9:34:06 PM | Attr = ]
googlewebaccwarden.exe -> %ProgramFiles%\Google\Web Accelerator\GoogleWebAccWarden.exe -> [Ver = | Size = 655360 bytes | Modified Date = 3/29/2007 9:34:06 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 7:13:20 AM | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4634 | Size = 77824 bytes | Modified Date = 12/10/2003 7:50:00 AM | Attr = ]
nxdlghlp.exe -> %ProgramFiles%\Novatix\ExplorerPlus\Nxdlghlp.exe -> Novatix Corporation [Ver = 6.0.0.1 | Size = 65536 bytes | Modified Date = 10/14/2003 8:15:46 AM | Attr = ]
nxexplo.exe -> %ProgramFiles%\Novatix\ExplorerPlus\NxExplo.exe -> [Ver = | Size = 1130496 bytes | Modified Date = 4/23/2004 5:20:00 AM | Attr = ]
nxexplo.exe -> %ProgramFiles%\Novatix\ExplorerPlus\NxExplo.exe -> [Ver = | Size = 1130496 bytes | Modified Date = 4/23/2004 5:20:00 AM | Attr = ]
nxexplo.exe -> %ProgramFiles%\Novatix\ExplorerPlus\NxExplo.exe -> [Ver = | Size = 1130496 bytes | Modified Date = 4/23/2004 5:20:00 AM | Attr = ]
qbupdate.exe -> %CommonProgramFiles%\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> Intuit Inc. [Ver = 17.0 R6 | Size = 972320 bytes | Modified Date = 3/1/2007 4:55:18 AM | Attr = ]
regsrvc.exe -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 12/16/2003 4:41:40 PM | Attr = ]
robotaskbaricon.exe -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe -> Siber Systems [Ver = 6-9-1 | Size = 160832 bytes | Modified Date = 3/23/2007 11:37:06 PM | Attr = ]
s24evmon.exe -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 12/16/2003 4:42:32 PM | Attr = ]
smagent.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 | Size = 45056 bytes | Modified Date = 9/20/2002 5:50:10 PM | Attr = ]
snagit32.exe -> %ProgramFiles%\TechSmith\SnagIt 7\SnagIt32.exe -> TechSmith Corporation [Ver = 7.2.5.0 | Size = 3719168 bytes | Modified Date = 10/14/2005 8:25:00 AM | Attr = ]
swupdtmr.exe -> %SystemDrive%\Toshiba\IVP\swupdate\swupdtmr.exe -> [Ver = | Size = 53248 bytes | Modified Date = 10/21/2003 12:26:14 PM | Attr = ]
tmeejme.exe -> %ProgramFiles%\Toshiba\TME3\TMEEJME.exe -> TOSHIBA [Ver = 1, 0, 0, 18 | Size = 77824 bytes | Modified Date = 9/18/2003 11:32:32 PM | Attr = ]
tmesbs32.exe -> %ProgramFiles%\Toshiba\TME3\tmesbs32.exe -> TOSHIBA Corporation [Ver = 2, 1, 1, 18 | Size = 86016 bytes | Modified Date = 8/1/2003 3:56:02 PM | Attr = ]
tmesrv31.exe -> %ProgramFiles%\Toshiba\TME3\TMESRV31.exe -> TOSHIBA [Ver = 3, 1, 44, 0 | Size = 126976 bytes | Modified Date = 12/9/2003 9:50:54 PM | Attr = ]
tschelp.exe -> %ProgramFiles%\TechSmith\SnagIt 7\TSCHelp.exe -> TechSmith Corporation [Ver = 1.0.0 | Size = 26112 bytes | Modified Date = 1/7/2005 5:23:06 PM | Attr = ]
ultramon.exe -> %ProgramFiles%\UltraMon\UltraMon.exe -> Realtime Soft [Ver = 2.7.0.0 | Size = 304640 bytes | Modified Date = 9/27/2006 10:38:52 PM | Attr = ]
ultramontaskbar.exe -> %ProgramFiles%\UltraMon\UltraMonTaskbar.exe -> Realtime Soft [Ver = 2.7.0.0 | Size = 258048 bytes | Modified Date = 9/27/2006 10:39:08 PM | Attr = ]
wanmpsvc.exe -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 10:27:44 AM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.34.0 | Size = 318976 bytes | Modified Date = 4/10/2007 10:00:18 PM | Attr = ]
zcfgsvc.exe -> %System32%\ZCfgSvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 376832 bytes | Modified Date = 12/16/2003 4:47:42 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.65.010 | Size = 69632 bytes | Modified Date = 5/30/2005 12:40:36 AM | Attr = ]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\acsd.exe -> America Online, Inc. [Ver = 1,0,25,3 | Size = 1434848 bytes | Modified Date = 4/21/2004 12:16:02 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 7:13:20 AM | Attr = ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 4/17/2007 3:31:58 AM | Attr = ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 10/11/2006 10:03:54 AM | Attr = ]
(CFSvcs) ConfigFree Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Toshiba\ConfigFree\CFSvcs.exe -> TOSHIBA CORPORATION [Ver = 4, 50, 0, 2 | Size = 28672 bytes | Modified Date = 12/2/2003 6:05:54 PM | Attr = ]
(Diskeeper) Diskeeper [Win32_Own | Auto | Running] -> %ProgramFiles%\Executive Software\Diskeeper\DkService.exe -> Executive Software International, Inc. [Ver = 9.0.532.0 | Size = 606316 bytes | Modified Date = 7/26/2005 5:51:22 PM | Attr = ]
(DM1Service) DM1Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Olympus\DeviceDetector\DM1Service.exe -> OLYMPUS Corporation [Ver = 1, 2, 0, 1 | Size = 65536 bytes | Modified Date = 3/1/2004 2:39:26 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr = ]
(DVD-RAM_Service) DVD-RAM_Service [Win32_Own | Auto | Running] -> %System32%\DVDRAMSV.exe -> Matsushita Electric Industrial Co., Ltd. [Ver = 2, 0, 7, 0 | Size = 106496 bytes | Modified Date = 5/23/2003 2:38:26 PM | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 1/26/2007 2:48:24 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr = ]
(NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4634 | Size = 77824 bytes | Modified Date = 12/10/2003 7:50:00 AM | Attr = ]
(QBCFMonitorService) QBCFMonitorService [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Intuit\QuickBooks\QBCFMonitorService.exe -> Intuit [Ver = 1.0.2616.5547 | Size = 20480 bytes | Modified Date = 3/1/2007 4:04:58 AM | Attr = ]
(QBFCService) Intuit QuickBooks FCS [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -> Intuit Inc. [Ver = 1.1.0.5 | Size = 65536 bytes | Modified Date = 11/9/2006 4:30:14 PM | Attr = ]
(QuickBooksDB17) QuickBooksDB17 [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Intuit\QuickBooks 2005\QBDBMgrN.exe -> iAnywhere Solutions, Inc. [Ver = 9.0.2.3267 | Size = 128536 bytes | Modified Date = 9/13/2006 11:32:12 AM | Attr = ]
(RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 12/16/2003 4:41:40 PM | Attr = ]
(S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 12/16/2003 4:42:32 PM | Attr = ]
(sdAuxService) Spyware Doctor Auxiliary Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Spyware Doctor\svcntaux.exe -> PC Tools [Ver = 5.0.0.19 | Size = 707664 bytes | Modified Date = 4/11/2007 9:36:42 PM | Attr = ]
(sdCoreService) Spyware Doctor Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Spyware Doctor\swdsvc.exe -> PC Tools [Ver = 5.0.0.56 | Size = 1301584 bytes | Modified Date = 4/11/2007 9:36:48 PM | Attr = ]
(SoundMAX Agent Service (default)) SoundMAX Agent Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 | Size = 45056 bytes | Modified Date = 9/20/2002 5:50:10 PM | Attr = ]
(Swupdtmr) Swupdtmr [Win32_Own | Auto | Running] -> %SystemDrive%\Toshiba\IVP\swupdate\swupdtmr.exe -> [Ver = | Size = 53248 bytes | Modified Date = 10/21/2003 12:26:14 PM | Attr = ]
(Tmesbs) Tmesbs32 [Win32_Own | Auto | Running] -> %ProgramFiles%\Toshiba\TME3\tmesbs32.exe -> TOSHIBA Corporation [Ver = 2, 1, 1, 18 | Size = 86016 bytes | Modified Date = 8/1/2003 3:56:02 PM | Attr = ]
(Tmesrv) Tmesrv3 [Win32_Own | Auto | Running] -> %ProgramFiles%\Toshiba\TME3\TMESRV31.exe -> TOSHIBA [Ver = 3, 1, 44, 0 | Size = 126976 bytes | Modified Date = 12/9/2003 9:50:54 PM | Attr = ]
(WANMiniportService) WAN Miniport (ATW) Service [Win32_Own | Auto | Running] -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 10:27:44 AM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 416256 bytes | Modified Date = 4/17/2007 3:32:00 AM | Attr = ]
DiskeeperSystray -> %ProgramFiles%\Executive Software\Diskeeper\DkIcon.exe -> Executive Software International, Inc. [Ver = 9.0.532.0 | Size = 184408 bytes | Modified Date = 7/26/2005 5:52:24 PM | Attr = ]
Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.703.13372 | Size = 1862144 bytes | Modified Date = 3/22/2007 5:38:26 PM | Attr = ]
QuickBooksDB17 -> C:\Program Files\Intuit\QuickBooks 2005\QBDBMgrN.exe -n QB_KOBETOSHIBA_17 -qs -gd ALL -gk all -gp 4096 -gu all -ch 64M -c 32M -x tcpip(BroadcastListener=NO;port=10172) -ti 0 -ec simple -ct- -qi -qw -tl 120 -oe "%LocalAppData%\Intuit\QuickBooks\Log\DBStartup.log -> File not found
The Assistant -> %ProgramFiles%\a la mode\Sched\eSched.exe -> File not found
UltraMon -> %ProgramFiles%\UltraMon\UltraMon.exe -> Realtime Soft [Ver = 2.7.0.0 | Size = 304640 bytes | Modified Date = 9/27/2006 10:38:52 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RoboForm -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe -> Siber Systems [Ver = 6-9-1 | Size = 160832 bytes | Modified Date = 3/23/2007 11:37:06 PM | Attr = ]
updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe -> Adobe Systems Incorporated [Ver = 3.1.0.7 | Size = 307200 bytes | Modified Date = 8/18/2005 12:49:06 PM | Attr = R ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup
%AllUsersStartup%\Adobe Acrobat Speed Launcher.lnk -> %SystemRoot%\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe -> [Ver = | Size = 25214 bytes | Modified Date = 11/5/2005 8:15:14 PM | Attr = R ]
%AllUsersStartup%\QuickBooks Update Agent.lnk -> %CommonProgramFiles%\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> Intuit Inc. [Ver = 17.0 R6 | Size = 972320 bytes | Modified Date = 3/1/2007 4:55:18 AM | Attr = ]
%AllUsersStartup%\Run Google Web Accelerator.lnk -> %ProgramFiles%\Google\Web Accelerator\GoogleWebAccWarden.exe -> [Ver = | Size = 655360 bytes | Modified Date = 3/29/2007 9:34:06 PM | Attr = ]
%AllUsersStartup%\SnagIt 7.lnk -> %ProgramFiles%\TechSmith\SnagIt 7\SnagIt32.exe -> TechSmith Corporation [Ver = 7.2.5.0 | Size = 3719168 bytes | Modified Date = 10/14/2005 8:25:00 AM | Attr = ]
< User Startup > -> C:\Documents and Settings\Scott\Start Menu\Programs\Startup
%UserStartup%\dialog tracker.lnk -> %ProgramFiles%\Novatix\ExplorerPlus\Nxdlghlp.exe -> Novatix Corporation [Ver = 6.0.0.1 | Size = 65536 bytes | Modified Date = 10/14/2003 8:15:46 AM | Attr = ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork3.dll -> Google [Ver = 5.1.703.13372 | Size = 143360 bytes | Modified Date = 3/22/2007 5:38:34 PM | Attr = ]
C:\PROGRA~1\Google\WEBACC~1\FASTSE~1.DLL -> %ProgramFiles%\Google\Web Accelerator\fastsearch.dll -> Google Inc. [Ver = 1, 0, 0, 29 | Size = 364544 bytes | Modified Date = 3/16/2007 2:43:56 PM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 7:13:28 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
Sebring -> %System32%\LgNotify.dll -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 110592 bytes | Modified Date = 12/16/2003 4:49:34 PM | Attr = ]
< HOSTS File > (51072 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL ->
http://www.toshiba.com ->
HKLM: Main\\Default_Search_URL ->
http://www.google.com/ie ->
HKLM: Search Bar ->
http://www.google.com/ie ->
HKLM: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Start Page ->
http://google.com/ ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL ->
http://www.google.com/ie ->
HKLM: SearchAssistant ->
http://www.google.com/ie ->
HKCU: Search Bar ->
http://www.google.com/ie ->
HKCU: Search Page ->
http://www.google.com ->
HKCU: Start Page ->
http://www.google.com/ ->
HKCU: SearchAssistant ->
http://www.google.com/ie ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
//wellsfargo.exactbid.com [htttps] -> ->
vault_alamode.com [http] -> ->
cbt_ebanking-services.com [https] -> ->
webclient_myblackberry.us [https] -> ->
www_socalappraisal.net [http] -> ->
wwwalamode.com [*] -> ->
www_xsitesnetwork.com [*] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 63136 bytes | Modified Date = 9/23/2005 10:12:08 PM | Attr = ]
{11359F4A-B191-42d7-905A-594F8CF0387B} [HKLM] -> %SystemRoot%\Downloaded Program Files\CONFLICT.1\lexbar.dll [Dictionary.com] -> [Ver = | Size = 270336 bytes | Modified Date = 2/6/2003 8:16:34 AM | Attr = ]
{69A87B7D-DE56-4136-9655-716BA50C19C7} [HKLM] -> %ProgramFiles%\Google\Web Accelerator\GoogleWebAccToolbar.dll [&Google Web Accelerator Helper] -> [Ver = | Size = 237568 bytes | Modified Date = 3/16/2007 2:43:56 PM | Attr = ]
{724d43a9-0d85-11d4-9908-00400523e39a} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [Reg Data - Value does not exist] -> Siber Systems [Ver = 6-9-1 | Size = 5526584 bytes | Modified Date = 3/23/2007 11:37:06 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_09\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 434279 bytes | Modified Date = 10/12/2006 4:25:44 AM | Attr = ]
{7c1ce531-09e9-4fc5-9803-1c2956615786} [HKLM] -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopIE.dll [IeCaptureBho Object] -> Google [Ver = 5.1.703.13372 | Size = 108032 bytes | Modified Date = 3/22/2007 5:38:28 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ]
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 231160 bytes | Modified Date = 9/23/2005 10:41:42 PM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 231160 bytes | Modified Date = 9/23/2005 10:41:42 PM | Attr = ]
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 231160 bytes | Modified Date = 9/23/2005 10:41:42 PM | Attr = ]
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{11359F4A-B191-42D7-905A-594F8CF0387B} [HKLM] -> %SystemRoot%\Downloaded Program Files\CONFLICT.1\lexbar.dll [Dictionary.com] -> [Ver = | Size = 270336 bytes | Modified Date = 2/6/2003 8:16:34 AM | Attr = ]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 231160 bytes | Modified Date = 9/23/2005 10:41:42 PM | Attr = ]
{724d43a0-0d85-11d4-9908-00400523e39a} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> Siber Systems [Ver = 6-9-1 | Size = 5526584 bytes | Modified Date = 3/23/2007 11:37:06 PM | Attr = ]
{BA52B914-B692-46c4-B683-905236F6F655} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> %ProgramFiles%\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 3/16/2007 2:43:56 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ]
ShellBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 231160 bytes | Modified Date = 9/23/2005 10:41:42 PM | Attr = ]
ShellBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> Siber Systems [Ver = 6-9-1 | Size = 5526584 bytes | Modified Date = 3/23/2007 11:37:06 PM | Attr = ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ]
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 231160 bytes | Modified Date = 9/23/2005 10:41:42 PM | Attr = ]
WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> Siber Systems [Ver = 6-9-1 | Size = 5526584 bytes | Modified Date = 3/23/2007 11:37:06 PM | Attr = ]
WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> %ProgramFiles%\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 3/16/2007 2:43:56 PM | Attr = ]
WebBrowser\\{F2CF5485-4E02-4F68-819C-B92DE9277049} [HKLM] -> [&Links] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Data - Key not found [MenuText: Sun Java Console] -> File not found
{0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} -> %ProgramFiles%\ieSpell\iespell.dll\SPELLCHECK.HTM [ButtonText: ieSpell] -> File not found
{1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} [HKLM] -> Reg Data - Key not found [MenuText: ieSpell Options] -> File not found
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -> Reg Data - Value does not exist [ButtonText: Create Mobile Favorite] -> File not found
{320AF880-6646-11D3-ABEE-C5DBF3571F46} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComFillForms.htm [ButtonText: Fill Forms] -> File not found
{320AF880-6646-11D3-ABEE-C5DBF3571F49} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComSavePass.htm [ButtonText: Save] -> File not found
{320AF880-6646-11D3-ABEE-C5DBF3571F4C} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComOptions.htm [ButtonText: Options] -> File not found
{45DB34C3-955C-11D3-ABEF-444553540001} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComEditPass.htm [ButtonText: Passcards] -> File not found
{53A008B9-E8B5-4d83-87D9-D444C3F496CF} -> Reg Data - Value does not exist [ButtonText: XWins] -> File not found
{724d43aa-0d85-11d4-9908-00400523e39a} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htm [ButtonText: RoboForm] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{EA858A55-5185-4079-8721-507905E37CD4} -> Reg Data - Value does not exist [ButtonText: IEHelp] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&ieSpell Options -> %ProgramFiles%\ieSpell\iespell.dll\SPELLOPTION.HTM -> File not found
Check &Spelling -> %ProgramFiles%\ieSpell\iespell.dll\SPELLCHECK.HTM -> File not found
Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm -> File not found
Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm -> File not found
Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECaptureSelLinks.htm -> File not found
Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppendSelLinks.htm -> File not found
Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm -> File not found
Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm -> File not found
Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm -> File not found
Convert to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm -> File not found
Customize Menu -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
Fill Forms -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComFillForms.htm -> File not found
Open PDF in Word (PDF Converter 2.0) -> %ProgramFiles%\ScanSoft\PDF Converter 2.0\IEShellExt.dll -> ScanSoft, Inc. [Ver = 2.0.2004.4294 | Size = 40960 bytes | Modified Date = 4/29/2004 9:58:50 AM | Attr = ]
RoboForm Toolbar -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htm -> File not found
Save Forms -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComSavePass.htm -> File not found
Search &Dictionary -> %ProgramFiles%\Lexico\Toolbar\dictionary.htm -> [Ver = | Size = 1103 bytes | Modified Date = 1/11/2003 10:23:38 AM | Attr = ]
Search &Thesaurus -> %ProgramFiles%\Lexico\Toolbar\thesaurus.htm -> [Ver = | Size = 1104 bytes | Modified Date = 1/11/2003 10:24:04 AM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
image_azv -> ->
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{00971FC6-A25C-4D74-9C1E-9F1008A319BD} -> 10.10.10.200,65.106.1.196,65.106.7.196 (Intel(R) PRO/1000 MT Mobile Connection) ->
{05A2D896-57D4-4E95-8451-28A02EC3C2C2} -> (Intel(R) PRO/Wireless 2200BG Network Connection) ->
{08C74418-A496-4E76-8E1E-D061794E858D} -> (Intel(R) PRO/Wireless 2100 LAN 3B Mini PCI Adapter) ->
{7E0A5240-3ECB-455E-9344-822244FA20AA} -> () ->
{F8CAAA42-DB74-4EA9-B5C1-362F6A855FA9} -> (1394 Net Adapter) ->
< Winsock2 Catalogs [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\
Protocol_Catalog9\Catalog_Entries\000000000001 -> %ProgramFiles%\Spyware Doctor\FilterLSP.dll -> [Ver = 1, 0, 2, 0 | Size = 108112 bytes | Modified Date = 3/6/2007 3:57:36 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000002 -> %ProgramFiles%\Spyware Doctor\FilterLSP.dll -> [Ver = 1, 0, 2, 0 | Size = 108112 bytes | Modified Date = 3/6/2007 3:57:36 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000003 -> %ProgramFiles%\Spyware Doctor\FilterLSP.dll -> [Ver = 1, 0, 2, 0 | Size = 108112 bytes | Modified Date = 3/6/2007 3:57:36 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000004 -> %CommonProgramFiles%\PC Tools\Lsp\PCTLsp.dll -> PC Tools Research Pty Ltd. [Ver = 1, 0, 85, 0 | Size = 149072 bytes | Modified Date = 3/22/2007 11:19:50 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000005 -> %CommonProgramFiles%\PC Tools\Lsp\PCTLsp.dll -> PC Tools Research Pty Ltd. [Ver = 1, 0, 85, 0 | Size = 149072 bytes | Modified Date = 3/22/2007 11:19:50 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000006 -> %CommonProgramFiles%\PC Tools\Lsp\PCTLsp.dll -> PC Tools Research Pty Ltd. [Ver = 1, 0, 85, 0 | Size = 149072 bytes | Modified Date = 3/22/2007 11:19:50 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000038 -> %CommonProgramFiles%\PC Tools\Lsp\PCTLsp.dll -> PC Tools Research Pty Ltd. [Ver = 1, 0, 85, 0 | Size = 149072 bytes | Modified Date = 3/22/2007 11:19:50 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000039 -> %ProgramFiles%\Spyware Doctor\FilterLSP.dll -> [Ver = 1, 0, 2, 0 | Size = 108112 bytes | Modified Date = 3/6/2007 3:57:36 PM | Attr = ]
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
x-excid -> %SystemRoot%\Downloaded Program Files\mimectl.dll -> [Ver = | Size = 370688 bytes | Modified Date = 4/2/2004 1:05:30 AM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{01113300-3E00-11D2-8470-0060089874ED} -> Support.com Configuration Class - CodeBase =
http://activation.rr.com/install/downloads/tgctlcm.cab ->
{0DB074F0-617E-4EE9-912C-2965CF2AA5A4} -> SentinelVE3D Class - CodeBase =
http://download.microsoft.com/download/ ... arth3D.cab ->
{106E49CF-797A-11D2-81A2-00E02C015623} -> AlternaTIFF ActiveX - CodeBase =
http://www.alternatiff.com/install/00/alttiff.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase =
http://go.microsoft.com/fwlink/?linkid=48835 ->
{1842B0EE-B597-11D4-8997-00104BD12D94} -> iCC Class - CodeBase =
http://www.pcpitstop.com/internet/pcpConnCheck.cab ->
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -> YInstStarter Class - CodeBase =
http://us.dl1.yimg.com/download.yahoo.c ... 040510.cab ->
{31BF1A1B-D895-4CF4-911B-E2C5E7BBECA0} -> alaImportExport.ImportExport - CodeBase =
http://wbsvc.alamode.com/ImportExport/ImportExport.CAB ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase =
http://office.microsoft.com/officeupdat ... /opuc3.cab ->
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -> - CodeBase =
http://download.av.aol.com/molbin/share ... insctl.cab ->
{556EEC63-31E2-47C3-BF29-DFF799D2FE04} -> Remote Access ActiveX Client - CodeBase =
https://secure.logmein.com/activex/RACtrl.cab ->
{626FE447-E830-4F76-A024-41A20EEECF1A} -> RyzeAddrCtrl Class - CodeBase =
http://www.ryze.com/RyzeAddr.CAB ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase =
http://update.microsoft.com/microsoftup ... 3447951145 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_09 - CodeBase =
http://java.sun.com/products/plugin/aut ... s-i586.cab ->
{999D162F-1319-48F0-A7DB-886C582EE2C6} -> - CodeBase =
file://Z:\CONTENT\cabs\alaWeb.CAB ->
{A7DB6550-3269-11D4-8C30-0001023CA9DC} -> Vault Files Downloader - CodeBase =
https://vault.alamode.com/cab/vfd.cab ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase =
http://www.crucial.com/controls/cpcScanner.cab ->
{AED6797A-D608-11D4-89D2-00105AA3C57F} -> alaGrid.TechDocSearch - CodeBase =
file://C:\WIN2000\CONTENT\cabs\alaGrid.CAB ->
{B9D71543-E32B-4EAD-83C1-5B4001B0CE80} -> - CodeBase =
file://Z:\CONTENT\cabs\alaWeb.CAB ->
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -> - CodeBase =
http://download.av.aol.com/molbin/share ... cgdmgr.cab ->
{C38F2056-BBEE-4FFA-BD07-588081487B32} -> alaImportExport.ImportExport - CodeBase =
http://wbsvc.alamode.com/ImportExport/ImportExport.CAB ->
{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_04 - CodeBase =
http://java.sun.com/products/plugin/aut ... s-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase =
http://java.sun.com/products/plugin/aut ... s-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{CD27EEF6-55B8-4F24-99C5-E1191D814445} -> alaWeb5.cUtil - CodeBase =
file://C:\WIN2000\CONTENT\cabs\alaWeb5.CAB ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://download.macromedia.com/pub/shoc ... wflash.cab ->
{DDC55619-838F-4CA8-85E8-56EB8E0846FA} -> CCRUMIEConnector Class - CodeBase =
http://boltpeters.com/ethnio/EthnioParticipant.CAB ->
{E536CDD9-E068-4DB7-95B0-C68DDE08ED3B} -> - CodeBase =
http://vault.alamode.com/cab/vaultinstall.cab ->
{F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} -> - CodeBase =
http://dictionary.reference.com/tools/t ... lexico.cab ->
[Files/Folders - Created Within 60 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073074176 bytes | Created Date = 1/1/1601 8:00:00 AM | Attr = HS]
lakeforest.office.pdf -> %SystemDrive%\lakeforest.office.pdf -> [Ver = | Size = 220542 bytes | Created Date = 4/20/2007 4:24:51 PM | Attr = ]
lakeforest.pdf -> %SystemDrive%\lakeforest.pdf -> [Ver = | Size = 1161272 bytes | Created Date = 4/20/2007 4:36:31 PM | Attr = ]
office.trends.2.pdf -> %SystemDrive%\office.trends.2.pdf -> [Ver = | Size = 208972 bytes | Created Date = 4/20/2007 4:46:21 PM | Attr = ]
recentofficetrends.pdf -> %SystemDrive%\recentofficetrends.pdf -> [Ver = | Size = 196238 bytes | Created Date = 4/20/2007 4:52:41 PM | Attr = ]
trends.office.pdf -> %SystemDrive%\trends.office.pdf -> [Ver = | Size = 91438 bytes | Created Date = 4/20/2007 4:43:24 PM | Attr = ]
VETlog.dmp -> %SystemDrive%\VETlog.dmp -> [Ver = | Size = 53865 bytes | Created Date = 4/19/2007 3:30:11 PM | Attr = ]
viamartens.pdf -> %SystemDrive%\viamartens.pdf -> [Ver = | Size = 1937820 bytes | Created Date = 4/20/2007 4:05:45 PM | Attr = ]
viamartens.trends.pdf -> %SystemDrive%\viamartens.trends.pdf -> [Ver = | Size = 444051 bytes | Created Date = 4/20/2007 4:16:01 PM | Attr = ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 4/18/2007 7:32:48 PM | Attr = ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Created Date = 3/12/2007 4:44:36 PM | Attr = H ]
$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ -> [Folder | Created Date = 3/12/2007 4:54:40 PM | Attr = H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Created Date = 3/12/2007 4:50:40 PM | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 4/3/2007 3:05:29 PM | Attr = H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Created Date = 3/12/2007 4:44:59 PM | Attr = H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Created Date = 3/12/2007 4:55:50 PM | Attr = H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Created Date = 3/12/2007 4:55:31 PM | Attr = H ]
$NtUninstallKB928090$ -> %SystemRoot%\$NtUninstallKB928090$ -> [Folder | Created Date = 3/12/2007 4:43:20 PM | Attr = H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Created Date = 3/12/2007 4:55:04 PM | Attr = H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Created Date = 3/12/2007 4:42:53 PM | Attr = H ]
$NtUninstallKB929338$ -> %SystemRoot%\$NtUninstallKB929338$ -> [Folder | Created Date = 3/19/2007 6:30:36 AM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 4/10/2007 5:30:36 PM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 4/10/2007 5:31:03 PM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 4/10/2007 5:32:06 PM | Attr = H ]
$NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Created Date = 3/12/2007 4:50:07 PM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 4/10/2007 5:29:55 PM | Attr = H ]
$NtUninstallWIC$ -> %SystemRoot%\$NtUninstallWIC$ -> [Folder | Created Date = 4/7/2007 1:49:36 PM | Attr = H ]
adfhii.ini -> %SystemRoot%\adfhii.ini -> [Ver = | Size = 1206396 bytes | Created Date = 4/15/2007 2:28:55 PM | Attr = HS]
alaredun.ini -> %SystemRoot%\alaredun.ini -> [Ver = | Size = 34668 bytes | Created Date = 3/30/2007 4:25:11 PM | Attr = ]
cdgffe.ini -> %SystemRoot%\cdgffe.ini -> [Ver = | Size = 1110552 bytes | Created Date = 4/15/2007 9:11:43 PM | Attr = HS]
dccbay.ini -> %SystemRoot%\dccbay.ini -> [Ver = | Size = 1095814 bytes | Created Date = 4/16/2007 7:34:10 PM | Attr = HS]
dghgjl.ini -> %SystemRoot%\dghgjl.ini -> [Ver = | Size = 1456759 bytes | Created Date = 4/9/2007 7:57:03 PM | Attr = HS]
ilooqr.ini -> %SystemRoot%\ilooqr.ini -> [Ver = | Size = 1206804 bytes | Created Date = 4/15/2007 5:11:45 PM | Attr = HS]
lllopo.ini -> %SystemRoot%\lllopo.ini -> [Ver = | Size = 993919 bytes | Created Date = 4/17/2007 11:49:49 PM | Attr = HS]
moqrqr.ini -> %SystemRoot%\moqrqr.ini -> [Ver = | Size = 1456243 bytes | Created Date = 4/1/2007 11:42:16 PM | Attr = HS]
nprtut.ini -> %SystemRoot%\nprtut.ini -> [Ver = | Size = 1456261 bytes | Created Date = 4/1/2007 2:11:57 PM | Attr = HS]
PestPatrol5.INI -> %SystemRoot%\PestPatrol5.INI -> [Ver = | Size = 0 bytes | Created Date = 4/13/2007 7:33:36 PM | Attr = ]
pqstwa.ini -> %SystemRoot%\pqstwa.ini -> [Ver = | Size = 1206471 bytes | Created Date = 4/13/2007 2:18:16 PM | Attr = HS]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 4/15/2007 5:35:14 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 4/15/2007 5:35:14 PM | Attr = H ]
ruuwwa.ini -> %SystemRoot%\ruuwwa.ini -> [Ver = | Size = 1456123 bytes | Created Date = 4/6/2007 9:13:50 AM | Attr = HS]
suxyxx.ini -> %SystemRoot%\suxyxx.ini -> [Ver = | Size = 355 bytes | Created Date = 3/29/2007 12:24:27 PM | Attr = HS]
uwxbay.ini -> %SystemRoot%\uwxbay.ini -> [Ver = | Size = 1456306 bytes | Created Date = 4/6/2007 11:31:58 PM | Attr = HS]
wabddd.ini -> %SystemRoot%\wabddd.ini -> [Ver = | Size = 1205976 bytes | Created Date = 4/10/2007 9:36:34 PM | Attr = HS]
xaybcf.ini -> %SystemRoot%\xaybcf.ini -> [Ver = | Size = 1456606 bytes | Created Date = 3/25/2007 11:15:28 PM | Attr = HS]
yaddeg.tmp -> %SystemRoot%\yaddeg.tmp -> [Ver = | Size = 1456183 bytes | Created Date = 3/24/2007 3:55:20 PM | Attr = HS]
ybehkj.ini -> %SystemRoot%\ybehkj.ini -> [Ver = | Size = 1456123 bytes | Created Date = 4/3/2007 10:42:43 AM | Attr = HS]
bak -> %System32%\bak -> [Folder | Created Date = 3/18/2007 6:49:33 PM | Attr = ]
sys} -> %System32%\sys} -> [Folder | Created Date = 2/22/2007 10:35:27 AM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 4/21/2007 2:03:38 PM | Attr = ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Created Date = 3/22/2007 4:54:31 PM | Attr = ]
ikfileflt.sys -> %System32%\drivers\ikfileflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1016 | Size = 39248 bytes | Created Date = 3/22/2007 3:31:10 PM | Attr = ]
ikfilesec.sys -> %System32%\drivers\ikfilesec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1025 | Size = 52304 bytes | Created Date = 3/22/2007 3:31:10 PM | Attr = ]
iksysflt.sys -> %System32%\drivers\iksysflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1018 | Size = 59984 bytes | Created Date = 3/22/2007 3:31:10 PM | Attr = ]
iksyssec.sys -> %System32%\drivers\iksyssec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1017 | Size = 83536 bytes | Created Date = 3/22/2007 3:31:10 PM | Attr = ]
kcom.sys -> %System32%\drivers\kcom.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1006 | Size = 26064 bytes | Created Date = 3/22/2007 3:31:10 PM | Attr = ]
MxlW2k.sys -> %System32%\drivers\MxlW2k.sys -> MusicMatch, Inc. [Ver = 1.1.0.115 | Size = 28256 bytes | Created Date = 4/16/2007 8:00:04 AM | Attr = ]
[Files/Folders - Modified Within 60 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Modified Date = 4/20/2007 6:17:24 AM | Attr = RH ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 4/19/2007 12:20:28 PM | Attr = HS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073074176 bytes | Modified Date = 4/21/2007 5:41:28 PM | Attr = HS]
Inetpub -> %SystemDrive%\Inetpub -> [Folder | Modified Date = 3/27/2007 1:25:56 AM | Attr = ]
lakeforest.office.pdf -> %SystemDrive%\lakeforest.office.pdf -> [Ver = | Size = 220542 bytes | Modified Date = 4/20/2007 5:25:12 PM | Attr = ]
lakeforest.pdf -> %SystemDrive%\lakeforest.pdf -> [Ver = | Size = 1161272 bytes | Modified Date = 4/20/2007 5:38:08 PM | Attr = ]
office.trends.2.pdf -> %SystemDrive%\office.trends.2.pdf -> [Ver = | Size = 208972 bytes | Modified Date = 4/20/2007 5:46:34 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 4/21/2007 2:02:34 AM | Attr = ]
recentofficetrends.pdf -> %SystemDrive%\recentofficetrends.pdf -> [Ver = | Size = 196238 bytes | Modified Date = 4/20/2007 5:52:52 PM | Attr = ]
trends.office.pdf -> %SystemDrive%\trends.office.pdf -> [Ver = | Size = 91438 bytes | Modified Date = 4/20/2007 5:43:30 PM | Attr = ]
unzipped -> %SystemDrive%\unzipped -> [Folder | Modified Date = 3/23/2007 11:57:50 PM | Attr = ]
VETlog.dmp -> %SystemDrive%\VETlog.dmp -> [Ver = | Size = 53865 bytes | Modified Date = 4/20/2007 11:33:54 PM | Attr = ]
viamartens.pdf -> %SystemDrive%\viamartens.pdf -> [Ver = | Size = 1937820 bytes | Modified Date = 4/20/2007 5:08:26 PM | Attr = ]
viamartens.trends.pdf -> %SystemDrive%\viamartens.trends.pdf -> [Ver = | Size = 444051 bytes | Modified Date = 4/20/2007 5:16:22 PM | Attr = ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 4/18/2007 9:24:24 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 4/21/2007 1:49:28 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 4/10/2007 2:21:10 PM | Attr = H ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Modified Date = 3/12/2007 5:44:38 PM | Attr = H ]
$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ -> [Folder | Modified Date = 3/12/2007 5:54:42 PM | Attr = H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Modified Date = 3/12/2007 5:50:42 PM | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 4/3/2007 4:05:32 PM | Attr = H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Modified Date = 3/12/2007 5:45:02 PM | Attr = H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Modified Date = 3/12/2007 5:55:52 PM | Attr = H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Modified Date = 3/12/2007 5:55:34 PM | Attr = H ]
$NtUninstallKB928090$ -> %SystemRoot%\$NtUninstallKB928090$ -> [Folder | Modified Date = 3/12/2007 5:43:24 PM | Attr = H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Modified Date = 3/12/2007 5:55:06 PM | Attr = H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Modified Date = 3/12/2007 5:42:56 PM | Attr = H ]
$NtUninstallKB929338$ -> %SystemRoot%\$NtUninstallKB929338$ -> [Folder | Modified Date = 3/19/2007 7:30:38 AM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 4/10/2007 6:30:38 PM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 4/10/2007 6:31:08 PM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 4/10/2007 6:32:08 PM | Attr = H ]
$NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Modified Date = 3/12/2007 5:50:08 PM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 4/10/2007 6:29:58 PM | Attr = H ]
$NtUninstallWIC$ -> %SystemRoot%\$NtUninstallWIC$ -> [Folder | Modified Date = 4/7/2007 2:49:38 PM | Attr = H ]
adfhii.ini -> %SystemRoot%\adfhii.ini -> [Ver = | Size = 1206396 bytes | Modified Date = 4/15/2007 3:29:04 PM | Attr = HS]
alamode.ini -> %SystemRoot%\alamode.ini -> [Ver = | Size = 4617 bytes | Modified Date = 3/30/2007 5:26:26 PM | Attr = ]
alaredun.ini -> %SystemRoot%\alaredun.ini -> [Ver = | Size = 34668 bytes | Modified Date = 3/30/2007 5:25:12 PM | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 4/7/2007 4:23:58 PM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 4/21/2007 5:41:32 PM | Attr = S]
cdgffe.ini -> %SystemRoot%\cdgffe.ini -> [Ver = | Size = 1110552 bytes | Modified Date = 4/16/2007 8:29:26 PM | Attr = HS]
CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 4/21/2007 1:51:56 PM | Attr = HS]
Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 3/27/2007 1:25:28 AM | Attr = ]
dccbay.ini -> %SystemRoot%\dccbay.ini -> [Ver = | Size = 1095814 bytes | Modified Date = 4/18/2007 12:36:06 AM | Attr = HS]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 4/21/2007 3:06:48 AM | Attr = ]
dghgjl.ini -> %SystemRoot%\dghgjl.ini -> [Ver = | Size = 1456759 bytes | Modified Date = 4/10/2007 8:47:20 PM | Attr = HS]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 4/16/2007 3:04:34 PM | Attr = S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 4/17/2007 1:22:58 AM | Attr = ]
ilooqr.ini -> %SystemRoot%\ilooqr.ini -> [Ver = | Size = 1206804 bytes | Modified Date = 4/15/2007 9:59:16 PM | Attr = HS]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 4/14/2007 7:41:12 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 4/16/2007 8:57:32 AM | Attr = HS]
lllopo.ini -> %SystemRoot%\lllopo.ini -> [Ver = | Size = 993919 bytes | Modified Date = 4/19/2007 8:15:20 PM | Attr = HS]
machine.ver -> %SystemRoot%\machine.ver -> [Ver = | Size = 2838 bytes | Modified Date = 2/27/2007 9:39:34 PM | Attr = ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 3/13/2007 2:39:26 AM | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 4/21/2007 3:06:44 AM | Attr = ]
moqrqr.ini -> %SystemRoot%\moqrqr.ini -> [Ver = | Size = 1456243 bytes | Modified Date = 4/2/2007 1:25:22 PM | Attr = HS]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 4/10/2007 7:47:06 PM | Attr = ]
nprtut.ini -> %SystemRoot%\nprtut.ini -> [Ver = | Size = 1456261 bytes | Modified Date = 4/1/2007 8:00:10 PM | Attr = HS]
Options -> %SystemRoot%\Options -> [Folder | Modified Date = 4/15/2007 8:37:58 PM | Attr = ]
PestPatrol5.INI -> %SystemRoot%\PestPatrol5.INI -> [Ver = | Size = 0 bytes | Modified Date = 4/13/2007 8:33:38 PM | Attr = ]
pqstwa.ini -> %SystemRoot%\pqstwa.ini -> [Ver = | Size = 1206471 bytes | Modified Date = 4/15/2007 12:04:00 PM | Attr = HS]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 4/21/2007 2:01:48 AM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 3/2/2007 1:37:08 PM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 4/15/2007 6:35:16 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 4/20/2007 11:15:10 PM | Attr = H ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 4/19/2007 2:03:38 AM | Attr = ]
ruuwwa.ini -> %SystemRoot%\ruuwwa.ini -> [Ver = | Size = 1456123 bytes | Modified Date = 4/7/2007 12:05:06 AM | Attr = HS]
security -> %SystemRoot%\security -> [Folder | Modified Date = 4/21/2007 2:58:16 AM | Attr = ]
suxyxx.ini -> %SystemRoot%\suxyxx.ini -> [Ver = | Size = 355 bytes | Modified Date = 3/29/2007 2:56:40 PM | Attr = HS]
swupdate.INI -> %SystemRoot%\swupdate.INI -> [Ver = | Size = 67 bytes | Modified Date = 2/27/2007 9:39:30 PM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 3/22/2007 5:53:24 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 246 bytes | Modified Date = 4/19/2007 12:20:28 PM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 4/21/2007 2:55:12 AM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2/22/2007 2:12:40 AM | Attr = S]
temp -> %SystemRoot%\temp -> [Folder | Modified Date = 4/21/2007 5:42:42 PM | Attr = ]
TUTORI~1.INI -> %SystemRoot%\TUTORI~1.INI -> [Ver = | Size = 56 bytes | Modified Date = 3/1/2007 8:17:18 PM | Attr = ]
uwxbay.ini -> %SystemRoot%\uwxbay.ini -> [Ver = | Size = 1456306 bytes | Modified Date = 4/8/2007 7:32:24 PM | Attr = HS]
wabddd.ini -> %SystemRoot%\wabddd.ini -> [Ver = | Size = 1205976 bytes | Modified Date = 4/13/2007 3:18:16 PM | Attr = HS]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 2046 bytes | Modified Date = 4/20/2007 11:33:54 PM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 3/12/2007 5:52:58 PM | Attr = ]
xaybcf.ini -> %SystemRoot%\xaybcf.ini -> [Ver = | Size = 1456606 bytes | Modified Date = 3/28/2007 4:43:28 PM | Attr = HS]
yaddeg.tmp -> %SystemRoot%\yaddeg.tmp -> [Ver = | Size = 1456183 bytes | Modified Date = 3/24/2007 4:55:22 PM | Attr = HS]
ybehkj.ini -> %SystemRoot%\ybehkj.ini -> [Ver = | Size = 1456123 bytes | Modified Date = 4/3/2007 12:21:24 PM | Attr = HS]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 4/21/2007 5:41:34 PM | Attr = H ]
{0EB96059-55E3-4EC6-9CC1-900D733604A5}_KOBETOSHIBA_Scott.job -> %SystemRoot%\tasks\{0EB96059-55E3-4EC6-9CC1-900D733604A5}_KOBETOSHIBA_Scott.job -> [Ver = | Size = 400 bytes | Modified Date = 4/20/2007 4:00:04 PM | Attr = H ]
{71E08B6A-2D00-4BD4-9D80-F32633C5D659}_KOBETOSHIBA_Scott.job -> %SystemRoot%\tasks\{71E08B6A-2D00-4BD4-9D80-F32633C5D659}_KOBETOSHIBA_Scott.job -> [Ver = | Size = 400 bytes | Modified Date = 4/20/2007 4:00:04 PM | Attr = H ]
{EED74E73-B446-4FD2-AD59-298B384A0F0C}_KOBETOSHIBA_Scott.job -> %SystemRoot%\tasks\{EED74E73-B446-4FD2-AD59-298B384A0F0C}_KOBETOSHIBA_Scott.job -> [Ver = | Size = 400 bytes | Modified Date = 4/20/2007 9:00:02 AM | Attr = H ]
{F897AA24-BDC3-11D1-B85B-00C04FB93981}_KOBETOSHIBA_Scott.job -> %SystemRoot%\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_KOBETOSHIBA_Scott.job -> [Ver = | Size = 400 bytes | Modified Date = 4/20/2007 6:39:06 PM | Attr = H ]
alamapctrl.dll -> %System32%\alamapctrl.dll -> a la mode, inc. [Ver = 1.02.0298 | Size = 2338816 bytes | Modified Date = 2/27/2007 12:48:54 PM | Attr = ]
alarpt5.ocx -> %System32%\alarpt5.ocx -> a la mode, inc. [Ver = 1.00.0980 | Size = 3428352 bytes | Modified Date = 2/26/2007 2:12:16 PM | Attr = ]
bak -> %System32%\bak -> [Folder | Modified Date = 3/18/2007 7:49:34 PM | Attr = ]
bdod.bin -> %System32%\bdod.bin -> [Ver = | Size = 81984 bytes | Modified Date = 3/22/2007 4:20:30 PM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 3/19/2007 8:52:18 AM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 4/20/2007 11:21:08 AM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 3/29/2007 8:03:18 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 4/10/2007 7:47:06 PM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 4/21/2007 3:03:40 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 291680 bytes | Modified Date = 4/3/2007 4:33:30 PM | Attr = ]
ias -> %System32%\ias -> [Folder | Modified Date = 4/21/2007 5:42:42 PM | Attr = ]
inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 3/27/2007 1:25:50 AM | Attr = ]
NtmsData -> %System32%\NtmsData -> [Folder | Modified Date = 3/1/2007 11:06:12 AM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 79392 bytes | Modified Date = 3/27/2007 1:26:06 AM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 441538 bytes | Modified Date = 3/27/2007 1:26:06 AM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 529504 bytes | Modified Date = 3/27/2007 1:26:06 AM | Attr = ]
ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Modified Date = 4/14/2007 7:14:14 PM | Attr = ]
sys} -> %System32%\sys} -> [Folder | Modified Date = 2/22/2007 11:35:28 AM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 4/21/2007 5:42:40 PM | Attr = ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.461 | Size = 778432 bytes | Modified Date = 4/17/2007 3:31:54 AM | Attr = ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 2/22/2007 9:00:46 AM | Attr = ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Modified Date = 3/22/2007 5:54:32 PM | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 4/12/2007 10:49:16 PM | Attr = ]
ikfileflt.sys -> %System32%\drivers\ikfileflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1016 | Size = 39248 bytes | Modified Date = 3/29/2007 8:08:42 PM | Attr = ]
iksysflt.sys -> %System32%\drivers\iksysflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1018 | Size = 59984 bytes | Modified Date = 4/4/2007 1:52:52 AM | Attr = ]
iksyssec.sys -> %System32%\drivers\iksyssec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1017 | Size = 83536 bytes | Modified Date = 2/23/2007 12:09:54 AM | Attr = ]
kcom.sys -> %System32%\drivers\kcom.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1006 | Size = 26064 bytes | Modified Date = 2/23/2007 7:13:52 AM | Attr = ]
MxlW2k.sys -> %System32%\drivers\MxlW2k.sys -> MusicMatch, Inc. [Ver = 1.1.0.115 | Size = 28256 bytes | Modified Date = 4/16/2007 9:00:30 AM | Attr = ]
hosts.ics -> %System32%\drivers\etc\hosts.ics -> [Ver = | Size = 438 bytes | Modified Date = 4/21/2007 5:42:40 PM | Attr = ]
[File String Scan - Non-Microsoft Only]
WSUD , -> %SystemDrive%\AVG7DB_F.DAT -> [Ver = | Size = 38750214 bytes | Modified Date = 9/20/2005 12:14:02 PM | Attr = RHS]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\rc10444.exe:Zone.Identifier ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Thumbs.db:encryptable ->
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable ->
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 3/31/2003 5:00:00 AM | Attr = ]
WSUD , -> %System32%\dwsock6.dll -> Desaware Inc. [Ver = 1.01.0005 | Size = 200704 bytes | Modified Date = 9/9/2002 10:50:44 PM | Attr = ]
aspack , -> %System32%\Incinerator.dll -> iolo technologies, LLC [Ver = 5.5.1.0 | Size = 702464 bytes | Modified Date = 2/17/2005 7:35:48 AM | Attr = ]
Thawte Consulting , -> %System32%\ractrlkeyhook.dll -> [Ver = | Size = 7912 bytes | Modified Date = 5/6/2005 3:55:18 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 3/31/2003 5:00:00 AM | Attr = ]
UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.461 | Size = 778432 bytes | Modified Date = 4/17/2007 3:31:54 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 10:41:38 PM | Attr = ]
< End of report >
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 5:37:50 PM 4/21/2007
+ Scan result:
C:\WINDOWS\system\mirc.ini -> Backdoor.Zapchast : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\default.t1p\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\default.t1p\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.12:C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\default.t1p\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.13:C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\default.t1p\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.15:C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\default.t1p\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.16:C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\default.t1p\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Scott\Desktop\WinPFind3u\MovedFiles\WINDOWS\byyyay.dll -> Trojan.Agent.agv : Cleaned with backup (quarantined).
C:\Documents and Settings\Scott\Desktop\WinPFind3u\MovedFiles\WINDOWS\SYSTEM32\tmp5E.tmp.dll -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\Documents and Settings\Scott\Desktop\WinPFind3u\MovedFiles\WINDOWS\SYSTEM32\tmp80.tmp.dll -> Trojan.BHO.o : Cleaned with backup (quarantined).
::Report end
[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BootService not found.
File C:\WINDOWS\byyyay.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SoundService not found.
File C:\WINDOWS\hggede.DLL not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\expmpr not found.
File C:\WINDOWS\SYSTEM32\expmpr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1557B435-8242-4686-9AA3-9265BF7525A4} not found.
File C:\WINDOWS\SYSTEM32\tmp55.tmp.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c157892a-81f5-445c-a5e7-04439e197413} not found.
File C:\WINDOWS\SYSTEM32\expmpr.dll not found.
[Files/Folders - Created Within 60 days]
File C:\WINDOWS\byyyay.dll not found!
File C:\WINDOWS\edeggh.ini not found!
File C:\WINDOWS\gjjilm.ini not found!
File C:\WINDOWS\yayyyb.ini not found!
File C:\WINDOWS\SYSTEM32\expmpr.dll not found!
File C:\WINDOWS\SYSTEM32\tmp55.tmp.dll not found!
File C:\WINDOWS\SYSTEM32\tmp5E.tmp.dll not found!
File C:\WINDOWS\SYSTEM32\tmp80.tmp.dll not found!
File C:\WINDOWS\SYSTEM32\yabbc.exe not found!
[Files/Folders - Modified Within 60 days]
File C:\WINDOWS\byyyay.dll not found!
File C:\WINDOWS\yayyyb.