Hi Rookie147
Here is log...
WinPFind3 logfile created on: 8/26/2007 11:14:29 PM
WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\Documents and Settings\AZIATIC\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)
1.50 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 81.00% Memory free
4.00 Gb Paging File | 3.94 Gb Available in Paging File | 98.62% Paging File free
Paging file location(s): F:\pagefile.sys 3000 5000;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 28.57 Gb Total Space | 18.51 Gb Free Space | 64.78% Space Free
Drive D: | 64.05 Gb Total Space | 20.86 Gb Free Space | 32.56% Space Free
Drive E: | 44.87 Gb Total Space | 30.74 Gb Free Space | 68.51% Space Free
Drive F: | 48.82 Gb Total Space | 15.02 Gb Free Space | 30.76% Space Free
Computer Name: MATRIX
Current User Name: AZIATIC
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
apache.exe -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -> Apache Software Foundation [Ver = 2.0.52 | Size = 20543 bytes | Modified Date = 11/30/2004 12:08:56 PM | Attr = ]
apache.exe -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -> Apache Software Foundation [Ver = 2.0.52 | Size = 20543 bytes | Modified Date = 11/30/2004 12:08:56 PM | Attr = ]
defwatch.exe -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 8.1.0.821 | Size = 32768 bytes | Modified Date = 4/26/2003 2:19:36 AM | Attr = ]
dkservice.exe -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkService.exe -> Diskeeper Corporation [Ver = 10.0.608.0 | Size = 942080 bytes | Modified Date = 6/7/2006 12:46:24 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 5:31:10 AM | Attr = ]
nsvcappflt.exe -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -> [Ver = 1, 0, 1, 0 | Size = 139264 bytes | Modified Date = 4/29/2005 7:21:06 PM | Attr = ]
nsvcip.exe -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -> NVIDIA [Ver = 2, 2, 0, 464 | Size = 131136 bytes | Modified Date = 4/29/2005 7:18:24 PM | Attr = ]
nsvclog.exe -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -> NVIDIA [Ver = 2, 2, 0, 464 | Size = 57412 bytes | Modified Date = 4/29/2005 7:18:08 PM | Attr = ]
ntuneservice.exe -> %ProgramFiles%\NVIDIA Corporation\nTune\nTuneService.exe -> NVIDIA [Ver = 5.05.18 | Size = 118784 bytes | Modified Date = 10/31/2006 8:27:58 AM | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6218 | Size = 155716 bytes | Modified Date = 6/29/2007 12:43:00 AM | Attr = ]
rtvscan.exe -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 8.1.0.821 | Size = 610304 bytes | Modified Date = 4/26/2003 2:24:08 AM | Attr = ]
vptray.exe -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\VPTray.exe -> Symantec Corporation [Ver = 8.1.0.821 | Size = 90112 bytes | Modified Date = 4/26/2003 2:18:18 AM | Attr = ]
vsmon.exe -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 75568 bytes | Modified Date = 3/9/2007 12:01:58 AM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 6/23/2007 3:15:54 PM | Attr = ]
zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 919280 bytes | Modified Date = 3/9/2007 12:02:00 AM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 5:31:10 AM | Attr = ]
(DefWatch) DefWatch [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 8.1.0.821 | Size = 32768 bytes | Modified Date = 4/26/2003 2:19:36 AM | Attr = ]
(Diskeeper) Diskeeper [Win32_Own | Auto | Running] -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkService.exe -> Diskeeper Corporation [Ver = 10.0.608.0 | Size = 942080 bytes | Modified Date = 6/7/2006 12:46:24 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr = ]
(ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) [Win32_Own | Auto | Running] -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -> [Ver = 1, 0, 1, 0 | Size = 139264 bytes | Modified Date = 4/29/2005 7:21:06 PM | Attr = ]
(ForcewareWebInterface) Forceware Web Interface [Win32_Own | Auto | Running] -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -> Apache Software Foundation [Ver = 2.0.52 | Size = 20543 bytes | Modified Date = 11/30/2004 12:08:56 PM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(Norton AntiVirus Server) Symantec AntiVirus Client [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 8.1.0.821 | Size = 610304 bytes | Modified Date = 4/26/2003 2:24:08 AM | Attr = ]
(nSvcIp) ForceWare IP service [Win32_Own | Auto | Running] -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -> NVIDIA [Ver = 2, 2, 0, 464 | Size = 131136 bytes | Modified Date = 4/29/2005 7:18:24 PM | Attr = ]
(nSvcLog) ForceWare user log service [Win32_Own | Auto | Running] -> %ProgramFiles%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -> NVIDIA [Ver = 2, 2, 0, 464 | Size = 57412 bytes | Modified Date = 4/29/2005 7:18:08 PM | Attr = ]
(nTuneService) nTune Service [Win32_Own | Auto | Running] -> %ProgramFiles%\NVIDIA Corporation\nTune\nTuneService.exe -> NVIDIA [Ver = 5.05.18 | Size = 118784 bytes | Modified Date = 10/31/2006 8:27:58 AM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6218 | Size = 155716 bytes | Modified Date = 6/29/2007 12:43:00 AM | Attr = ]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 75568 bytes | Modified Date = 3/9/2007 12:01:58 AM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 2:25:42 AM | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.11.6218 | Size = 8466432 bytes | Modified Date = 6/29/2007 12:43:00 AM | Attr = ]
vptray -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\VPTray.exe -> Symantec Corporation [Ver = 8.1.0.821 | Size = 90112 bytes | Modified Date = 4/26/2003 2:18:18 AM | Attr = ]
Zone Labs Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 919280 bytes | Modified Date = 3/9/2007 12:02:00 AM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 5:29:58 AM | Attr = ]
{93994DE8-8239-4655-B1D1-5F4E91300429} [HKLM] -> %ProgramFiles%\DVD Region+CSS Free\DVDShell.dll [] -> Fengtao Software Inc. [Ver = 5, 5, 0, 8 | Size = 49152 bytes | Modified Date = 10/9/2004 3:18:02 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
NavLogon -> %System32%\NavLogon.dll -> [Ver = | Size = 45056 bytes | Modified Date = 4/26/2003 2:16:00 AM | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Start Page ->
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
www_adpalliance.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 1:02:04 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 2:04:00 AM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\ ->
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 2:56:24 PM | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{1AD80D77-22AD-4CCF-B654-958CDB4C427A} -> () ->
{E1F1A378-E11A-4AD8-A679-333B2DE5A0FB} -> (1394 Net Adapter) ->
< Winsock2 Catalogs [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
Protocol_Catalog9\Catalog_Entries\000000000001 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000002 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000003 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000004 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000005 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000006 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000007 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000008 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000009 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000010 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000011 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000012 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000013 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000027 -> %System32%\nvappfilter.dll -> NVIDIA [Ver = 1, 0, 2, 0 | Size = 131072 bytes | Modified Date = 4/29/2005 7:21:18 PM | Attr = ]
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase =
http://www.kaspersky.com/kos/english/ka ... nicode.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase =
http://download.microsoft.com/download/ ... ontrol.cab ->
{4D9D14F9-D68F-46D3-95B0-D061C25E9B40} -> - CodeBase =
https://www.adpalliance.com/300/ADPUpdates.cab ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase =
http://update.microsoft.com/windowsupda ... 3124399484 ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase =
http://update.microsoft.com/microsoftup ... 5892717955 ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase =
http://acs.pandasoftware.com/activescan ... asinst.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://fpdownload.macromedia.com/pub/sh ... wflash.cab ->
DirectAnimation Java Classes -> - CodeBase =
file://C:\WINDOWS\Java\classes\dajava.cab ->
Microsoft XML Parser for Java -> - CodeBase =
file://C:\WINDOWS\Java\classes\xmldso.cab ->
[Files/Folders - Created Within 30 days]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 8/16/2007 8:38:26 AM | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 8/16/2007 8:39:58 AM | Attr = ]
registrybackup.reg -> %SystemDrive%\registrybackup.reg -> [Ver = | Size = 95802152 bytes | Created Date = 8/18/2007 2:39:40 PM | Attr = ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 8/15/2007 9:21:21 AM | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 8/15/2007 9:21:30 AM | Attr = H ]
$NtUninstallKB936782_WMP11$ -> %SystemRoot%\$NtUninstallKB936782_WMP11$ -> [Folder | Created Date = 8/15/2007 9:20:02 AM | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 8/15/2007 9:21:25 AM | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 8/15/2007 9:21:17 AM | Attr = H ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Created Date = 8/16/2007 8:38:29 AM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 8/16/2007 8:38:54 AM | Attr = ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 8/16/2007 8:38:29 AM | Attr = ]
nview -> %SystemRoot%\nview -> [Folder | Created Date = 8/10/2007 4:55:39 PM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 8/19/2007 3:01:00 PM | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 127254 bytes | Created Date = 8/10/2007 4:55:40 PM | Attr = ]
nvdisp.nvu -> %System32%\nvdisp.nvu -> [Ver = | Size = 17463 bytes | Created Date = 8/10/2007 4:55:39 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Created Date = 8/16/2007 8:38:29 AM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 8/16/2007 8:38:29 AM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 8/16/2007 8:38:29 AM | Attr = ]
vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 8/16/2007 8:38:29 AM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 8/24/2007 10:08:19 AM | Attr = ]
[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 8/13/2007 8:52:54 AM | Attr = RHS]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 8/16/2007 9:40:46 AM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 8/24/2007 11:08:16 AM | Attr = R ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 8/16/2007 9:40:00 AM | Attr = ]
registrybackup.reg -> %SystemDrive%\registrybackup.reg -> [Ver = | Size = 95802152 bytes | Modified Date = 8/18/2007 3:40:00 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 8/24/2007 9:38:20 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 8/15/2007 10:18:40 AM | Attr = H ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 8/15/2007 10:21:24 AM | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 8/15/2007 10:21:32 AM | Attr = H ]
$NtUninstallKB936782_WMP11$ -> %SystemRoot%\$NtUninstallKB936782_WMP11$ -> [Folder | Modified Date = 8/15/2007 10:20:08 AM | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 8/15/2007 10:21:28 AM | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 8/15/2007 10:21:20 AM | Attr = H ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 8/18/2007 10:04:08 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 8/26/2007 10:31:56 PM | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 8/20/2007 10:22:24 AM | Attr = S]
DVDRegionFree.INI -> %SystemRoot%\DVDRegionFree.INI -> [Ver = | Size = 67 bytes | Modified Date = 8/25/2007 10:06:32 AM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 8/16/2007 9:38:56 AM | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 8/24/2007 10:05:04 AM | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 8/15/2007 10:20:22 AM | Attr = ]
ime -> %SystemRoot%\ime -> [Folder | Modified Date = 8/18/2007 10:05:44 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 8/15/2007 10:21:30 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 8/25/2007 10:10:20 AM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 8/15/2007 10:21:16 AM | Attr = HS]
Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 8/26/2007 11:13:14 PM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 8/14/2007 3:21:02 PM | Attr = ]
nview -> %SystemRoot%\nview -> [Folder | Modified Date = 8/10/2007 5:55:40 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 8/26/2007 11:13:38 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 8/24/2007 12:23:10 AM | Attr = H ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 8/18/2007 10:08:38 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 8/13/2007 8:52:54 AM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 8/24/2007 9:37:46 PM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 8/26/2007 10:32:24 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 672 bytes | Modified Date = 8/13/2007 8:52:54 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 8/26/2007 10:32:00 PM | Attr = H ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 8/18/2007 10:08:42 PM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 8/10/2007 5:54:58 PM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 8/25/2007 10:10:18 AM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 8/18/2007 10:08:54 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 8/24/2007 9:38:16 PM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 8/24/2007 11:08:20 AM | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 8/18/2007 9:46:28 PM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 8/19/2007 4:01:02 PM | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 127254 bytes | Modified Date = 8/10/2007 5:57:16 PM | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 8/18/2007 9:46:26 PM | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 8/18/2007 9:46:28 PM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 8/18/2007 10:10:20 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 8/26/2007 10:32:28 PM | Attr = ]
ZoneLabs -> %System32%\ZoneLabs -> [Folder | Modified Date = 8/18/2007 10:10:34 PM | Attr = ]
[File String Scan - Non-Microsoft Only]
WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.45 | Size = 18751488 bytes | Modified Date = 7/26/2005 11:16:00 AM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/23/2001 5:00:00 AM | Attr = ]
PEC2 , PECompact2 , -> %System32%\divx.dll -> DivX, Inc. [Ver = 6.1.1.1031 | Size = 574976 bytes | Modified Date = 1/18/2006 8:47:36 PM | Attr = ]
PEC2 , -> %System32%\nvCplUI.pdb -> [Ver = | Size = 6048768 bytes | Modified Date = 9/6/2006 9:47:34 AM | Attr = ]
UPX! , UPX0 , -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Modified Date = 4/27/2006 5:49:30 PM | Attr = ]
UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 7/22/2007 6:39:28 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/23/2001 5:00:00 AM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 5:00:00 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 10:41:38 PM | Attr = ]
< End of report >