OK. Here is the report. I am going to be gone until Saturday. Thanks again for your help.
WinPFind3 logfile created on: 1/1/2007 1:21:43 PM
WinPFind3U by OldTimer - Version 1.0.8 Folder = C:\Documents and Settings\Charles\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)
1047536 Kb Total Physical Memory | 614328 Kb Available Physical Memory | 58.65% Memory free
2520184 Kb Paging File | 1967640 Kb Available in Paging File | 78.08% Paging File free
%SystemDrive% = C:
Drive C: | 232380224 Kb Total Space | 81585300 Kb Free Space | 35.11% Free Space
D: Drive not present or media not loaded
Drive E: | 991488 Kb Total Space | 845984 Kb Free Space | 85.32% Free Space
F: Drive not present or media not loaded
[Processes - Non-Microsoft Only]
aim6.exe -> %ProgramFiles%\AIM6\aim6.exe -> AOL LLC [Ver = 1.4.9.1 | Size = 50736 bytes | Modified Date = 11/7/2006 10:29:04 AM | Attr = ]
aolsoftware.exe -> %CommonProgramFiles%\AOL\1131573657\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
aolsoftware.exe -> %ProgramFiles%\AIM6\aolsoftware.exe -> America Online, Inc. [Ver = 1.5.6.1 | Size = 50736 bytes | Modified Date = 9/25/2006 7:52:48 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> [Ver = | Size = 389120 bytes | Modified Date = 8/25/2004 10:26:56 AM | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
ctdvddet.exe -> %ProgramFiles%\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 9/30/2002 1:00:00 AM | Attr = ]
cthelper.exe -> %System32%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 1, 0, 1, 2 | Size = 24576 bytes | Modified Date = 10/6/2003 2:57:32 PM | Attr = ]
ctsvccda.exe -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 2:01:00 AM | Attr = ]
ctsysvol.exe -> %ProgramFiles%\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 10/29/2002 9:18:24 AM | Attr = ]
cvpnd.exe -> %ProgramFiles%\Cisco Systems\VPN Client\cvpnd.exe -> Cisco Systems, Inc. [Ver = 4.6.04.0043 | Size = 1422336 bytes | Modified Date = 6/10/2005 7:59:56 PM | Attr = ]
dcfssvc.exe -> %System32%\DRIVERS\dcfssvc.exe -> Eastman Kodak Company [Ver = 1.1.3900.0 | Size = 153150 bytes | Modified Date = 5/10/2001 3:41:04 PM | Attr = ]
dsagnt.exe -> %ProgramFiles%\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 0, 73 | Size = 306688 bytes | Modified Date = 7/19/2004 7:51:24 AM | Attr = ]
dsentry.exe -> %System32%\DSentry.exe -> Dell - Advanced Desktop Engineering [Ver = 1, 0, 5, 0 | Size = 28672 bytes | Modified Date = 8/13/2003 11:27:40 AM | Attr = ]
em_exec.exe -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE -> Logitech Inc. [Ver = 9.77.023 | Size = 37888 bytes | Modified Date = 6/3/2003 10:50:00 AM | Attr = ]
frameworkservice.exe -> %ProgramFiles%\Network Associates\Common Framework\FrameworkService.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 98304 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 10/16/2006 11:19:56 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1146 | Size = 81920 bytes | Modified Date = 6/16/2004 5:03:04 AM | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 77824 bytes | Modified Date = 12/31/2006 2:38:58 PM | Attr = ]
mcshield.exe -> %ProgramFiles%\Network Associates\VirusScan\Mcshield.exe -> Network Associates, Inc. [Ver = 8.0.0.318 | Size = 221191 bytes | Modified Date = 2/14/2006 7:00:00 PM | Attr = ]
mm_tray.exe -> %ProgramFiles%\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe -> Musicmatch, Inc. [Ver = 10.00.3058 | Size = 110592 bytes | Modified Date = 3/12/2005 6:25:00 AM | Attr = ]
msgagt.exe -> %ProgramFiles%\Promise\Utility\MsgAgt.exe -> [Ver = Version 3.0 build 9 (08/08/2003) | Size = 610304 bytes | Modified Date = 8/20/2003 6:43:30 PM | Attr = ]
naprdmgr.exe -> %ProgramFiles%\Network Associates\Common Framework\naPrdMgr.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 229376 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
pcmservice.exe -> %ProgramFiles%\Dell\Media Experience\PCMService.exe -> CyberLink Corp. [Ver = 1.0.0826 | Size = 204800 bytes | Modified Date = 8/26/2003 8:47:34 PM | Attr = ]
ptssvc.exe -> %ProgramFiles%\KODAK\KODAK Picture Transfer Software\PTSsvc.exe -> [Ver = | Size = 36864 bytes | Modified Date = 1/31/2001 4:41:32 PM | Attr = ]
pxagent.exe -> %ProgramFiles%\Prevx1\PXAgent.exe -> Prevx [Ver = 2.0.12.1 | Size = 139264 bytes | Modified Date = 12/13/2006 12:39:54 PM | Attr = ]
pxconsole.exe -> %ProgramFiles%\Prevx1\PXConsole.exe -> Prevx [Ver = 1.0.0.1 | Size = 1507328 bytes | Modified Date = 12/13/2006 12:39:20 PM | Attr = ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3492 | Size = 180269 bytes | Modified Date = 12/24/2005 11:02:52 AM | Attr = ]
retrorun.exe -> %ProgramFiles%\Retrospect\Retrospect Express HD 1.1\retrorun.exe -> EMC Dantz [Ver = 1.1.127 | Size = 73728 bytes | Modified Date = 2/6/2006 7:22:54 AM | Attr = ]
sdhelp.exe -> %ProgramFiles%\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.18 | Size = 870624 bytes | Modified Date = 12/20/2005 8:44:24 AM | Attr = ]
shstat.exe -> %ProgramFiles%\Network Associates\VirusScan\shstat.exe -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 94208 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
startupmonitor.exe -> %SystemRoot%\StartupMonitor.exe -> [Ver = | Size = 86016 bytes | Modified Date = 5/20/2000 4:23:48 PM | Attr = ]
teatimer.exe -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 4, 0, 2 | Size = 1415824 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
tfswctrl.exe -> %System32%\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.05b | Size = 114741 bytes | Modified Date = 8/6/2003 2:04:00 AM | Attr = ]
uaservice7.exe -> %System32%\UAService7.exe -> Sony DADC Austria AG. [Ver = 1,1,0,0 | Size = 122880 bytes | Modified Date = 4/12/2005 7:49:32 PM | Attr = ]
updaterui.exe -> %ProgramFiles%\Network Associates\Common Framework\UpdaterUI.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 131072 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
vpngui.exe -> %ProgramFiles%\Cisco Systems\VPN Client\vpngui.exe -> Cisco Systems, Inc. [Ver = 4.6.04.0043 | Size = 1426424 bytes | Modified Date = 6/10/2005 8:00:02 PM | Attr = ]
vstskmgr.exe -> %ProgramFiles%\Network Associates\VirusScan\VsTskMgr.exe -> Network Associates, Inc. [Ver = 8.0.0.1004 | Size = 29184 bytes | Modified Date = 6/8/2006 7:00:00 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.8.0 | Size = 306176 bytes | Modified Date = 12/31/2006 7:47:16 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> [Ver = | Size = 389120 bytes | Modified Date = 8/25/2004 10:26:56 AM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0020 | Size = 516096 bytes | Modified Date = 5/15/2004 8:10:00 PM | Attr = ]
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> File not found
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 2:01:00 AM | Attr = ]
(CVPND) Cisco Systems, Inc. VPN Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Cisco Systems\VPN Client\cvpnd.exe -> Cisco Systems, Inc. [Ver = 4.6.04.0043 | Size = 1422336 bytes | Modified Date = 6/10/2005 7:59:56 PM | Attr = ]
(Dcfssvc) Dcfssvc [Win32_Own | Auto | Running] -> %System32%\DRIVERS\dcfssvc.exe -> Eastman Kodak Company [Ver = 1.1.3900.0 | Size = 153150 bytes | Modified Date = 5/10/2001 3:41:04 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
(McAfeeFramework) McAfee Framework Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Network Associates\Common Framework\FrameworkService.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 98304 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
(McShield) Network Associates McShield [Win32_Own | Auto | Running] -> %ProgramFiles%\Network Associates\VirusScan\Mcshield.exe -> Network Associates, Inc. [Ver = 8.0.0.318 | Size = 221191 bytes | Modified Date = 2/14/2006 7:00:00 PM | Attr = ]
(McTaskManager) Network Associates Task Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\Network Associates\VirusScan\VsTskMgr.exe -> Network Associates, Inc. [Ver = 8.0.0.1004 | Size = 29184 bytes | Modified Date = 6/8/2006 7:00:00 PM | Attr = ]
(NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Intel\NCS\Sync\NetSvc.exe -> Intel(R) Corporation [Ver = 1.2.26.0 | Size = 143360 bytes | Modified Date = 3/3/2003 2:33:40 PM | Attr = ]
(PREVXAgent) Prevx Agent [Win32_Own | Auto | Running] -> %ProgramFiles%\Prevx1\PXAgent.exe -> Prevx [Ver = 2.0.12.1 | Size = 139264 bytes | Modified Date = 12/13/2006 12:39:54 PM | Attr = ]
(ptssvc) ptssvc [Win32_Own | Auto | Running] -> %ProgramFiles%\KODAK\KODAK Picture Transfer Software\PTSsvc.exe -> [Ver = | Size = 36864 bytes | Modified Date = 1/31/2001 4:41:32 PM | Attr = ]
(RAIDmAgt) Promise RAID message agent [Win32_Own | Auto | Running] -> %ProgramFiles%\Promise\Utility\MsgAgt.exe -> [Ver = Version 3.0 build 9 (08/08/2003) | Size = 610304 bytes | Modified Date = 8/20/2003 6:43:30 PM | Attr = ]
(RetroExp Helper) Retrospect Express HD Helper [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Retrospect\Retrospect Express HD 1.1\rthlpsvc.exe -> EMC Dantz [Ver = 1.1.127 | Size = 118784 bytes | Modified Date = 2/6/2006 7:22:54 AM | Attr = ]
(RetroExpLauncher) Retrospect Express HD Launcher [Win32_Own | Auto | Running] -> %ProgramFiles%\Retrospect\Retrospect Express HD 1.1\retrorun.exe -> EMC Dantz [Ver = 1.1.127 | Size = 73728 bytes | Modified Date = 2/6/2006 7:22:54 AM | Attr = ]
(SDhelper) PC Tools Spyware Doctor [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.18 | Size = 870624 bytes | Modified Date = 12/20/2005 8:44:24 AM | Attr = ]
(UserAccess7) SecuROM User Access Service (V7) [Win32_Own | Auto | Running] -> %System32%\UAService7.exe -> Sony DADC Austria AG. [Ver = 1,1,0,0 | Size = 122880 bytes | Modified Date = 4/12/2005 7:49:32 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5120 | Size = 339968 bytes | Modified Date = 8/25/2004 12:52:00 PM | Attr = ]
CTDVDDet -> %ProgramFiles%\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 9/30/2002 1:00:00 AM | Attr = ]
CTHelper -> %System32%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 1, 0, 1, 2 | Size = 24576 bytes | Modified Date = 10/6/2003 2:57:32 PM | Attr = ]
CTSysVol -> %ProgramFiles%\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 10/29/2002 9:18:24 AM | Attr = ]
dla -> %System32%\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.05b | Size = 114741 bytes | Modified Date = 8/6/2003 2:04:00 AM | Attr = ]
DVDSentry -> %System32%\DSentry.exe -> Dell - Advanced Desktop Engineering [Ver = 1, 0, 5, 0 | Size = 28672 bytes | Modified Date = 8/13/2003 11:27:40 AM | Attr = ]
HostManager -> %CommonProgramFiles%\AOL\1131573657\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1146 | Size = 221184 bytes | Modified Date = 6/16/2004 5:03:26 AM | Attr = ]
ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1146 | Size = 81920 bytes | Modified Date = 6/16/2004 5:03:04 AM | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
Logitech Utility -> %SystemRoot%\LOGI_MWX.EXE -> Logitech Inc. [Ver = 9.77.018 | Size = 19968 bytes | Modified Date = 5/16/2003 10:50:00 AM | Attr = ]
McAfeeUpdaterUI -> %ProgramFiles%\Network Associates\Common Framework\UpdaterUI.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 131072 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
MimBoot -> %ProgramFiles%\MUSICMATCH\MUSICMATCH Jukebox\mimboot.exe -> Musicmatch, Inc. [Ver = 10.00.3058 | Size = 11776 bytes | Modified Date = 3/12/2005 6:25:00 AM | Attr = ]
MMTray -> %ProgramFiles%\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe -> Musicmatch, Inc. [Ver = 10.00.3058 | Size = 110592 bytes | Modified Date = 3/12/2005 6:25:00 AM | Attr = ]
PCMService -> %ProgramFiles%\Dell\Media Experience\PCMService.exe -> CyberLink Corp. [Ver = 1.0.0826 | Size = 204800 bytes | Modified Date = 8/26/2003 8:47:34 PM | Attr = ]
PrevxOne -> %ProgramFiles%\Prevx1\PXConsole.exe -> Prevx [Ver = 1.0.0.1 | Size = 1507328 bytes | Modified Date = 12/13/2006 12:39:20 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
Run StartupMonitor -> %SystemRoot%\StartupMonitor.exe -> [Ver = | Size = 86016 bytes | Modified Date = 5/20/2000 4:23:48 PM | Attr = ]
ShStatEXE -> %ProgramFiles%\Network Associates\VirusScan\shstat.exe -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 94208 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 77824 bytes | Modified Date = 12/31/2006 2:38:58 PM | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3492 | Size = 180269 bytes | Modified Date = 12/24/2005 11:02:52 AM | Attr = ]
UpdateManager -> %CommonProgramFiles%\Sonic\Update Manager\sgtray.exe -> Sonic Solutions [Ver = 1.01.32a | Size = 110592 bytes | Modified Date = 8/19/2003 1:01:00 AM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DellSupport -> %ProgramFiles%\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 0, 73 | Size = 306688 bytes | Modified Date = 7/19/2004 7:51:24 AM | Attr = ]
SB Audigy 2 Startup Menu -> -> File not found
Sonic RecordNow! -> -> File not found
SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 4, 0, 2 | Size = 1415824 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 10/16/2006 11:19:56 PM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup
%AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/24/2005 1:05:26 AM | Attr = ]
%AllUsersStartup%\HPAiODevice(hp officejet k series) - 1.lnk -> %ProgramFiles%\Hewlett-Packard\AiO\hp officejet k series\Bin\hpoorn07.exe -> Hewlett-Packard Co. [Ver = 2.00 | Size = 151552 bytes | Modified Date = 5/23/2002 11:52:06 PM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 9:13:28 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> _
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL ->
http://www.google.com/ie ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page ->
http://www.google.com ->
HKCU: Start Page ->
http://www.cnn.com/ ->
HKCU: SearchAssistant ->
http://www.google.com/ie ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
online_musicmatch.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{2353FCBC-012D-487B-8BF3-865C0929FBEB} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{4E1159CF-BCA3-3EA8-7BC9-4DF71B5AB4E5} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
{55EA1964-F5E4-4D6A-B9B2-125B37655FCB} [HKLM] -> %AllUsersAppData%\Prevx\pxbho.dll [URLDetector Class] -> Prevx Ltd. [Ver = 1.0.0.3 | Size = 90112 bytes | Modified Date = 1/10/2006 11:09:54 AM | Attr = ]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} [HKLM] -> %ProgramFiles%\Spyware Doctor\tools\iesdsg.dll [PCTools Site Guard] -> PC Tools [Ver = 3.5.0.65 | Size = 786656 bytes | Modified Date = 12/9/2005 4:22:26 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 501384 bytes | Modified Date = 12/31/2006 2:39:00 PM | Attr = ]
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{8DB3D69D-DA5E-4165-B781-72A761790672} [HKLM] -> %System32%\BhoDshop.dll [DeskshopBrowserHelper Class] -> Orbiscom Ltd. All rights reserved. [Ver = 2, 3, 0, 3, 64 | Size = 69632 bytes | Modified Date = 10/30/2001 5:02:36 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
{B56A7D7D-6927-48C8-A975-17DF180C71AC} [HKLM] -> %ProgramFiles%\Spyware Doctor\tools\iesdpb.dll [PCTools Browser Monitor] -> PC Tools [Ver = 3.5.0.277 | Size = 848048 bytes | Modified Date = 2/6/2006 2:51:34 PM | Attr = ]
{BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{C85E3AE6-972D-DD7D-B47C-8E44B2FCC9D2} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{EB499C6B-4EEE-CB6B-43B7-4EC6302D27CC} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes0521.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2004, 5, 21, 2 | Size = 320656 bytes | Modified Date = 7/2/2005 8:16:36 PM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
{67970B26-F57D-4455-8262-81C3AE3B8B5E} [HKLM] -> %ProgramFiles%\NetSnippets\NetSnip.DLL [Net Snippets] -> Net Snippets LTD. [Ver = 3, 2, 0, 9 | Size = 1437696 bytes | Modified Date = 12/20/2004 9:58:20 AM | Attr = ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn1\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 8/4/2005 9:54:42 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Value does not exist [Reg Data - Value does not exist] -> File not found
WebBrowser\\{4E7BD74F-2B8D-469E-9EB4-FE6FA694B13E} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn1\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 8/4/2005 9:54:42 PM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{1FA9B650-D1BC-4E43-96B3-13A32FC39732} -> 8193 - Reg Data - Key not found ->
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> 8199 - Reg Data - Value does not exist ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> 8197 - Reg Data - Key not found ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} -> 8198 - Yahoo! Messenger ->
{7130DF06-BBC1-4e16-83D4-1F875E65B695} -> 8196 - Reg Data - Value does not exist ->
{85d1f590-48f4-11d9-9669-0800200c9a66} -> 8198 - Uninstall BitDefender Online Scanner v8 ->
{9455301C-CF6B-11D3-A266-00C04F689C50} -> 8195 - Reg Data - Value does not exist ->
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> 8197 - Reg Data - Value does not exist ->
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8194 - Reg Data - Value does not exist ->
{F74E75A5-96BF-40ef-A1C8-88EAEBB82AB6} -> 8195 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8200 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\npjpi160.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 132744 bytes | Modified Date = 12/31/2006 2:38:58 PM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 501384 bytes | Modified Date = 12/31/2006 2:39:00 PM | Attr = ]
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> Reg Data - Value does not exist [ButtonText: Spyware Doctor] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} -> Reg Data - Value does not exist [ButtonText: Messenger] -> File not found
{7130DF06-BBC1-4e16-83D4-1F875E65B695} -> Reg Data - Value does not exist [ButtonText: Snippets] -> File not found
{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found
{9455301C-CF6B-11D3-A266-00C04F689C50} -> Reg Data - Value does not exist [ButtonText: Researcher] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> %ProgramFiles%\AIM\aim.exe [ButtonText: AIM] -> America Online, Inc. [Ver = 5.9.3861 | Size = 67160 bytes | Modified Date = 8/5/2005 2:08:26 PM | Attr = ]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{F74E75A5-96BF-40ef-A1C8-88EAEBB82AB6} -> %ProgramFiles%\Secure Online Account Numbers\SOAN.exe [ButtonText: Secure Online Account Numbers] -> Orbiscom Ltd. All rights reserved. [Ver = 2, 3, 3, 0 | Size = 196608 bytes | Modified Date = 8/2/2005 3:49:22 PM | Attr = ]
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&AOL Toolbar Search -> %ProgramFiles%\aol\aol toolbar 2.0\resources\en-US\local\search.htm -> File not found
&Google Search -> Reg Data - Value does not exist -> File not found
Add to Net Snippets -> %ProgramFiles%\NetSnippets\Res\clipper.htm -> [Ver = | Size = 296 bytes | Modified Date = 10/2/2004 11:45:42 AM | Attr = ]
E&xport to Microsoft Excel -> -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> Intertrust Technologies, Inc. [Ver = 1.0.0.32 | Size = 270336 bytes | Modified Date = 8/1/2001 5:05:42 PM | Attr = ]
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
[HKLM] -> Reg Data - Key not found [] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> %ProgramFiles%\Yahoo!\Common\ymmapi.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 6, 13, 1 | Size = 180296 bytes | Modified Date = 6/14/2004 5:13:24 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> %System32%\dla\tfswshx.dll [DriveLetterAccess] -> File not found
{7059DA7A-7E60-11d2-A355-00C04FB9D26E} [HKLM] -> %System32%\MXONmSpace.dll [Maxtor Locked Drives] -> [Ver = | Size = 102400 bytes | Modified Date = 8/26/2004 11:53:14 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal Icon Ext] -> File not found
{A4DF5659-0801-4A60-9607-1C48695EFDA9} [HKLM] -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll [Share-to-Web Upload Folder] -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 131072 bytes | Modified Date = 7/3/2001 9:10:36 AM | Attr = ]
{acb4a560-3606-11d3-aef4-00104bd0f92d} [HKLM] -> %CommonProgramFiles%\KODAK\IFSCore\shellext.dll [KodakShellExtension] -> Eastman Kodak [Ver = 2.0.1200 | Size = 229435 bytes | Modified Date = 5/1/2001 7:24:08 AM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
{CCA60260-A2C9-11D2-BA62-0020188191B2} [HKLM] -> rrShellX.dll [Registrar Registry Manager SHell Extension] -> File not found
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} [HKLM] -> %ProgramFiles%\Sonic\RecordNow!\shlext.dll [RecordNow! SendToExt] -> Sonic Solutions [Ver = 1.0.0.1 | Size = 77824 bytes | Modified Date = 8/13/2003 7:00:00 AM | Attr = ]
{e57ce731-33e8-4c51-8354-bb4de9d215d1} [HKLM] -> Reg Data - Key not found [Universal Plug and Play Devices] -> File not found
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2219 | Size = 49198 bytes | Modified Date = 12/24/2005 11:03:04 AM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 6:40:48 AM | Attr = ]
{cda2863e-2497-4c49-9b89-06840e070a87} [HKLM] -> %ProgramFiles%\Network Associates\VirusScan\shext.dll [VirusScan] -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 13824 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> %ProgramFiles%\Yahoo!\Common\ymmapi.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 6, 13, 1 | Size = 180296 bytes | Modified Date = 6/14/2004 5:13:24 PM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 6:40:48 AM | Attr = ]
{C0E10002-0028-0004-C0E1-C0E1C0E1C0E1} [HKLM] -> %ProgramFiles%\WordPerfect Office 11\Programs\PFSE110.DLL [QuickFinderMenu] -> Novell, Inc., c/o Corel Corporation Limited [Ver = 11.0.0.233 | Size = 90172 bytes | Modified Date = 3/7/2003 6:00:32 AM | Attr = ]
{cda2863e-2497-4c49-9b89-06840e070a87} [HKLM] -> %ProgramFiles%\Network Associates\VirusScan\shext.dll [VirusScan] -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 13824 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{cda2863e-2497-4c49-9b89-06840e070a87} [HKLM] -> %ProgramFiles%\Network Associates\VirusScan\shext.dll [VirusScan] -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 13824 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 2:20:02 AM | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{06D2FF32-A6F7-4F2B-9688-FFB9CF12A645} -> () ->
{13CD2169-F9CB-401F-A841-11A4C20F3183} -> () ->
{34266FBC-6066-41CF-B700-E2DC201CD369} -> (Intel(R) PRO/100 VE Network Connection) ->
{B2C804BC-884B-4036-A9C4-463769CD15E2} -> (1394 Net Adapter) ->
{C5C35463-11E0-4266-877F-CA08BA22D0FF} -> 38.9.211.2,38.9.221.2 (Broadcom NetXtreme Gigabit Ethernet) ->
{D1222F18-85A4-4631-BF74-59DE61F33708} -> (1394 Net Adapter) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{00000000-0000-0000-0000-000020040000} -> - CodeBase = ->
{00000075-9980-0010-8000-00AA00389B71} -> - CodeBase =
http://codecs.microsoft.com/codecs/i386/voxacm.CAB ->
{01A88BB1-1174-41EC-ACCB-963509EAE56B} -> SysProWmi Class - CodeBase =
http://support.dell.com/systemprofiler/SysPro.CAB ->
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715} -> Creative Software AutoUpdate - CodeBase =
http://www.creative.com/su/ocx/15015/CTSUEng.cab ->
{12589FA1-C456-11CE-BF01-10AA1055595A} -> - CodeBase = ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase =
http://go.microsoft.com/fwlink/?linkid=39204 ->
{1D9EFA3B-4E85-41A8-9092-14012CD447C9} -> NetCamPlayerWeb Control - CodeBase =
http://ppeltz1234.nomad.utk.edu/img/NetCamPlayerWeb.ocx ->
{1F2F4C9E-6F09-47BC-970D-3C54734667FE} -> - CodeBase =
http://www.symantec.com/techsupp/asa/LSSupCtl.cab ->
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> Symantec AntiVirus scanner - CodeBase =
http://security.symantec.com/sscv6/Shar ... vSniff.cab ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -> YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase =
http://download.microsoft.com/download/ ... mv9VCM.CAB ->
{3451DEDE-631F-421C-8127-FD793AFC6CC8} -> ActiveDataInfo Class - CodeBase =
https://www-secure.symantec.com/techsup ... mAData.cab ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase =
http://office.microsoft.com/officeupdat ... t/opuc.cab ->
{44990200-3C9D-426D-81DF-AAB636FA4345} -> Symantec SmartIssue - CodeBase =
https://www-secure.symantec.com/techsup ... gctlsi.cab ->
{44990301-3C9D-426D-81DF-AAB636FA4345} -> Symantec Script Runner Class - CodeBase =
https://www-secure.symantec.com/techsup ... gctlsr.cab ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase =
http://download.bitdefender.com/resourc ... oscan8.cab ->
{644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase =
http://security.symantec.com/sscv6/Shar ... /cabsa.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase =
http://update.microsoft.com/microsoftup ... 6596693609 ->
{74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase =
http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab ->
{77E32299-629F-43C6-AB77-6A1E6D7663F6} -> Groove Control - CodeBase =
http://www.nick.com/common/groove/gx/GrooveAX27.cab ->
{7E9522CF-6B95-46D6-8E2F-7638F507313F} -> BLS_SpeedOP.systemcheck - CodeBase =
http://www.fastaccess.drivers.bellsouth ... peedop.cab ->
{7F8C8173-AD80-4807-AA75-5672F22B4582} -> ICSScanner Class - CodeBase =
http://download.zonelabs.com/bin/promot ... r37840.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... b31267.cab ->
{917623D1-D8E5-11D2-BE8B-00104B06BDE3} -> - CodeBase = ->
{94B82441-A413-4E43-8422-D49930E69764} -> - CodeBase =
https://echat.us.dell.com/Media/Visitor ... EFlash.CAB ->
{9600F64D-755F-11D4-A47F-0001023E6D5A} -> Shutterfly Picture Upload Plugin - CodeBase =
http://web1.shutterfly.com/downloads/Uploader.cab ->
{99B6E512-3893-4155-9964-8EB8E06099CB} -> WebSpyWareKiller Class - CodeBase =
http://download.zonelabs.com/bin/promot ... WebSWK.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase =
http://acs.pandasoftware.com/activescan ... asinst.cab ->
{9FC87BC7-7963-4B70-8485-B1A41034C9A1} -> CSonyPicturesGameDownloaderCtl Object - CodeBase =
http://www.shockwave.com/content/angelx ... loader.cab ->
{AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} -> - CodeBase = ->
{B9191F79-5613-4C76-AA2A-398534BB8999} -> - CodeBase =
http://us.dl1.yimg.com/download.yahoo.c ... mplete.cab ->
{B942A249-D1E7-4C11-98AE-FCB76B08747F} -> - CodeBase = ->
{C02226EB-A5D7-4B1F-BD7E-635E46C2288D} -> Toontown Installer ActiveX Control - CodeBase =
http://download.toontown.com/sv1.0.14.47/ttinst.cab ->
{C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} -> Virtools WebPlayer Class - CodeBase =
http://a532.g.akamai.net/7/532/6712/6c5 ... taller.exe ->
{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} -> Java Plug-in 1.4.0 - CodeBase =
http://java.sun.com/update/1.4.0/jinsta ... s-i586.cab ->
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} -> - CodeBase = ->
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} -> Java Plug-in 1.6.0 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} -> Live365Player Class - CodeBase =
http://www.live365.com/players/play365.cab ->
{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -> ActiveDataInfo Class - CodeBase =
https://www-secure.symantec.com/techsup ... mAData.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://fpdownload.macromedia.com/pub/sh ... wflash.cab ->
{E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} -> Yahoo! Webcam Viewer Wrapper - CodeBase =
http://chat.yahoo.com/cab/yvwrctl.cab ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} -> Creative Software AutoUpdate Support Package - CodeBase =
http://www.creative.com/su/ocx/15016/CTPID.cab ->
Microsoft XML Parser for Java -> - CodeBase =
file://C:\WINDOWS\Java\classes\xmldso.cab ->
[Files - Created Wihin 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1072750592 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = HS]
IPH.PH -> %SystemDrive%\IPH.PH -> [Ver = | Size = 867 bytes | Created Date = 12/16/2006 10:16:35 PM | Attr = H ]
Uninstall.exe -> %CommonProgramFiles%\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Created Date = 12/16/2006 10:17:07 PM | Attr = ]
autoexec.nt -> %System32%\autoexec.nt -> [Ver = | Size = 1688 bytes | Created Date = 12/25/2006 10:00:07 PM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Created Date = 12/31/2006 2:39:15 PM | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 69632 bytes | Created Date = 12/31/2006 2:39:15 PM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Created Date = 12/31/2006 2:39:15 PM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 139264 bytes | Created Date = 12/31/2006 2:39:15 PM | Attr = ]
REN1B.tmp -> %System32%\REN1B.tmp -> [Ver = | Size = 0 bytes | Created Date = 12/31/2006 2:12:01 PM | Attr = ]
REN1C.tmp -> %System32%\REN1C.tmp -> [Ver = | Size = 0 bytes | Created Date = 12/31/2006 2:12:01 PM | Attr = ]
rrsec.dll -> %System32%\rrsec.dll -> [Ver = | Size = 112640 bytes | Created Date = 12/25/2006 7:47:13 PM | Attr = ]
rrsec2k.exe -> %System32%\rrsec2k.exe -> [Ver = | Size = 90151 bytes | Created Date = 12/25/2006 7:47:13 PM | Attr = ]
rrSpy.sys -> %System32%\rrSpy.sys -> Resplendence [Ver = 2.00 built by: WinDDK | Size = 21888 bytes | Created Date = 12/25/2006 7:47:33 PM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 12/23/2006 5:41:34 PM | Attr = ]
pxcom.sys -> %System32%\drivers\pxcom.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7552 bytes | Created Date = 12/23/2006 12:16:18 PM | Attr = ]
PxEmu.sys -> %System32%\drivers\PxEmu.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 100864 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxfsf.sys -> %System32%\drivers\pxfsf.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 274688 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxinst.dll -> %System32%\drivers\pxinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7680 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxrd.sys -> %System32%\drivers\pxrd.sys -> [Ver = | Size = 13568 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxscinst.dll -> %System32%\drivers\pxscinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 9728 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxscrmbl.sys -> %System32%\drivers\pxscrmbl.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 11648 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxtdi.sys -> %System32%\drivers\pxtdi.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 18560 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
rrspy.sys -> %System32%\drivers\rrspy.sys -> Resplendence [Ver = 2.00 built by: WinDDK | Size = 21888 bytes | Created Date = 12/25/2006 7:47:13 PM | Attr = ]
rrspy64.sys -> %System32%\drivers\rrspy64.sys -> Resplendence [Ver = 2.00 built by: WinDDK | Size = 23552 bytes | Created Date = 12/25/2006 7:47:13 PM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 12/23/2006 1:08:15 AM | Attr = ]
[Files - Modified Wihin 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1072750592 bytes | Modified Date = 12/31/2006 7:01:22 PM | Attr = HS]
IPH.PH -> %SystemDrive%\IPH.PH -> [Ver = | Size = 867 bytes | Modified Date = 12/16/2006 10:17:30 PM | Attr = H ]
tbunins.exe -> %CommonProgramFiles%\AOL\AOLDiag\tbunins.exe -> AOL LLC [Ver = 3.3.11.1 | Size = 88673 bytes | Modified Date = 12/16/2006 10:16:52 PM | Attr = ]
Clean.dat -> %CommonProgramFiles%\Network Associates\Engine\Clean.dat -> [Ver = | Size = 997483 bytes | Modified Date = 12/29/2006 5:10:00 AM | Attr = ]
Names.dat -> %CommonProgramFiles%\Network Associates\Engine\Names.dat -> [Ver = | Size = 747462 bytes | Modified Date = 12/29/2006 5:10:00 AM | Attr = ]
Scan.dat -> %CommonProgramFiles%\Network Associates\Engine\Scan.dat -> [Ver = | Size = 8089031 bytes | Modified Date = 12/29/2006 5:10:00 AM | Attr = ]
ocpiman.ini -> %CommonProgramFiles%\AOL\1131573657\ee\ocpiman.ini -> [Ver = | Size = 555 bytes | Modified Date = 12/16/2006 10:17:08 PM | Attr = ]
CLEAN.DAT -> %CommonProgramFiles%\Network Associates\Engine\OldDats\CLEAN.DAT -> [Ver = | Size = 997098 bytes | Modified Date = 12/28/2006 5:10:00 AM | Attr = ]
NAMES.DAT -> %CommonProgramFiles%\Network Associates\Engine\OldDats\NAMES.DAT -> [Ver = | Size = 747377 bytes | Modified Date = 12/28/2006 5:10:00 AM | Attr = ]
SCAN.DAT -> %CommonProgramFiles%\Network Associates\Engine\OldDats\SCAN.DAT -> [Ver = | Size = 8084383 bytes | Modified Date = 12/28/2006 5:10:00 AM | Attr = ]
TalkBack.ini -> %CommonProgramFiles%\Network Associates\TalkBack\Data\TalkBack.ini -> [Ver = | Size = 35 bytes | Modified Date = 12/16/2006 12:02:34 PM | Attr = ]
Uninstall.exe -> %CommonProgramFiles%\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Modified Date = 12/16/2006 10:17:08 PM | Attr = ]
MAPISVC.INF -> %CommonProgramFiles%\System\Mapi\1033\MAPISVC.INF -> [Ver = | Size = 8305 bytes | Modified Date = 12/25/2006 8:26:00 PM | Attr = ]
BOOTSTAT.DAT -> %SystemRoot%\BOOTSTAT.DAT -> [Ver = | Size = 2048 bytes | Modified Date = 12/31/2006 7:01:22 PM | Attr = S]
MsgAgt.INI -> %SystemRoot%\MsgAgt.INI -> [Ver = | Size = 64 bytes | Modified Date = 12/31/2006 7:01:54 PM | Attr = ]
ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 376 bytes | Modified Date = 12/14/2006 8:01:06 PM | Attr = ]
randseed.rnd -> %SystemRoot%\randseed.rnd -> [Ver = | Size = 512 bytes | Modified Date = 12/31/2006 5:02:18 PM | Attr = ]
WIN.INI -> %SystemRoot%\WIN.INI -> [Ver = | Size = 903 bytes | Modified Date = 12/4/2006 11:42:00 PM | Attr = ]
{00000002-00000000-00000002-00001102-00000004-10031102}.CDF -> %SystemRoot%\{00000002-00000000-00000002-00001102-00000004-10031102}.CDF -> [Ver = | Size = 4932148 bytes | Modified Date = 1/1/2007 1:14:04 PM | Attr = ]
amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 12/4/2006 11:42:06 PM | Attr = ]
BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> %System32%\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30120 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
BMXCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> %System32%\BMXCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30120 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
BMXState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> %System32%\BMXState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30912 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
BMXStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> %System32%\BMXStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30912 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> %System32%\DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> [Ver = | Size = 384 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
DVCStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> %System32%\DVCStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> [Ver = | Size = 384 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 12/25/2006 8:01:02 PM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Modified Date = 12/31/2006 2:38:56 PM | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 69632 bytes | Modified Date = 12/31/2006 2:38:56 PM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Modified Date = 12/31/2006 2:38:58 PM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 139264 bytes | Modified Date = 12/31/2006 2:38:58 PM | Attr = ]
nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 12/4/2006 11:42:06 PM | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 12/25/2006 8:01:02 PM | Attr = ]
PERFC009.DAT -> %System32%\PERFC009.DAT -> [Ver = | Size = 53436 bytes | Modified Date = 12/31/2006 7:06:00 PM | Attr = ]
PERFH009.DAT -> %System32%\PERFH009.DAT -> [Ver = | Size = 381692 bytes | Modified Date = 12/31/2006 7:06:00 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 441454 bytes | Modified Date = 12/31/2006 7:06:00 PM | Attr = ]
REN1B.tmp -> %System32%\REN1B.tmp -> [Ver = | Size = 0 bytes | Modified Date = 12/31/2006 2:12:02 PM | Attr = ]
REN1C.tmp -> %System32%\REN1C.tmp -> [Ver = | Size = 0 bytes | Modified Date = 12/31/2006 2:12:02 PM | Attr = ]
settings.sfm -> %System32%\settings.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
settingsbkup.sfm -> %System32%\settingsbkup.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 12/31/2006 7:00:46 PM | Attr = ]
Sweeper.cfg -> %System32%\Sweeper.cfg -> [Ver = | Size = 0 bytes | Modified Date = 12/31/2006 7:01:20 PM | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 12/25/2006 8:01:02 PM | Attr = ]
WPA.DBL -> %System32%\WPA.DBL -> [Ver = | Size = 1170 bytes | Modified Date = 1/1/2007 11:25:00 AM | Attr = ]
pxcom.sys -> %System32%\drivers\pxcom.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7552 bytes | Modified Date = 12/8/2006 1:36:14 PM | Attr = ]
PxEmu.sys -> %System32%\drivers\PxEmu.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 100864 bytes | Modified Date = 12/8/2006 1:36:20 PM | Attr = ]
pxfsf.sys -> %System32%\drivers\pxfsf.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 274688 bytes | Modified Date = 12/8/2006 1:36:14 PM | Attr = ]
pxinst.dll -> %System32%\drivers\pxinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7680 bytes | Modified Date = 12/8/2006 1:36:18 PM | Attr = ]
pxscinst.dll -> %System32%\drivers\pxscinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 9728 bytes | Modified Date = 12/8/2006 1:36:18 PM | Attr = ]
pxscrmbl.sys -> %System32%\drivers\pxscrmbl.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 11648 bytes | Modified Date = 12/8/2006 1:36:18 PM | Attr = ]
pxtdi.sys -> %System32%\drivers\pxtdi.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 18560 bytes | Modified Date = 12/8/2006 1:36:16 PM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Modified Date = 12/23/2006 1:06:58 AM | Attr = ]
[File String Scan - Non-Microsoft Only]
aspack , -> %CommonProgramFiles%\AOL\1131573657\ee\ocpinst.log -> [Ver = | Size = 92868 bytes | Modified Date = 11/3/2006 11:28:28 PM | Attr = ]
aspack , -> %CommonProgramFiles%\AOL\1131573657\ee\services\boxelyToolkit\ver1_5_11_4\content\gadgets.box -> [Ver = | Size = 1962 bytes | Modified Date = 6/22/2006 5:41:04 PM | Attr = ]
aspack , -> %CommonProgramFiles%\AOL\1131573657\ee\services\boxelyToolkit\ver1_5_11_4\content\extrasPack\extraGadgets.box -> [Ver = | Size = 2408 bytes | Modified Date = 6/22/2006 5:41:06 PM | Attr = ]
Thawte Consulting , USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.6.0.b105\core3.zip -> [Ver = | Size = 4868848 bytes | Modified Date = 11/29/2006 3:41:36 AM | Attr = ]
WSUD , -> %CommonProgramFiles%\Microsoft Shared\SpeechEngines\TTS\female.vce -> [Ver = | Size = 2053632 bytes | Modified Date = 1/12/1999 11:29:28 AM | Attr = ]
UPX0 , -> %CommonProgramFiles%\Network Associates\Engine\McScan32.dll -> McAfee, Inc. [Ver = 5.1.00 | Size = 2867438 bytes | Modified Date = 7/10/2006 5:10:00 AM | Attr = ]
UPX0 , -> %CommonProgramFiles%\Network Associates\Engine\OldEngine\MCSCAN32.Sav -> McAfee, Inc. [Ver = 4.4.00 | Size = 1949766 bytes | Modified Date = 10/7/2004 3:40:00 AM | Attr = ]
UPX! , UPX0 , -> %CommonProgramFiles%\Nullsoft\Video\ActiveX\plugins\nsvplayx_vp5_mp3.dll -> * * * [Ver = 1, 0, 0, 98 | Size = 177152 bytes | Modified Date = 8/9/2003 6:36:56 PM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 12/24/2005 11:03:16 AM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Modified Date = 12/24/2005 11:03:16 AM | Attr = ]
PECompact2 , -> %SystemRoot%\LPT$VPN.174 -> [Ver = | Size = 9780504 bytes | Modified Date = 9/17/2004 6:47:58 PM | Attr = ]
PECompact2 , -> %SystemRoot%\VPTNFILE.174 -> [Ver = | Size = 9780504 bytes | Modified Date = 9/17/2004 6:47:58 PM | Attr = ]
UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 7.000-1004 | Size = 1036800 bytes | Modified Date = 5/14/2004 10:07:58 PM | Attr = ]
Thawte Consulting , -> %System32%\CSGina.dll -> [Ver = | Size = 177152 bytes | Modified Date = 6/10/2005 7:59:54 PM | Attr = ]
PEC2 , -> %System32%\DFRG.MSC -> [Ver = | Size = 41397 bytes | Modified Date = 8/29/2002 6:00:00 AM | Attr = ]
abetterinternet.com , -> %System32%\fiz11 -> [Ver = | Size = 29258 bytes | Modified Date = 3/5/2004 11:53:44 PM | Attr = H ]
winsync , -> %System32%\WBDBASE.DEU -> [Ver = | Size = 1309184 bytes | Modified Date = 8/29/2002 6:00:00 AM | Attr = ]
Thawte Consulting , -> %System32%\XceedFtp.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 1.0.42.0 | Size = 236576 bytes | Modified Date = 9/8/2003 1:13:26 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/29/2002 6:00:00 AM | Attr = ]
PTech , -> %System32%\dllcache\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 12:41:38 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 12:41:38 AM | Attr = ]
< End of report >