WinPFind3 logfile created on: 7/1/2007 8:11:20 AM
WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\Documents and Settings\Justin W\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 1 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2800.1106)
1022.73 Mb Total Physical Memory | 660.39 Mb Available Physical Memory | 64.57% Memory free
2.40 Gb Paging File | 2.08 Gb Available in Paging File | 86.46% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 30.78 Gb Free Space | 41.31% Space Free
Drive D: | 7.80 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Computer Name: JUSTIN
Current User Name: Justin W
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 8:50:36 AM | Attr = R ]
aolsoftware.exe -> %CommonProgramFiles%\AOL\1128451242\EE\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.6.1 | Size = 50736 bytes | Modified Date = 9/25/2006 8:52:48 PM | Attr = ]
aolsp scheduler.exe -> %CommonProgramFiles%\AOL\1128451242\EE\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe -> [Ver = | Size = 1536 bytes | Modified Date = 10/23/2006 3:04:42 PM | Attr = ]
aoltsmon.exe -> %CommonProgramFiles%\AOL\TopSpeed\2.0\aoltsmon.exe -> America Online, Inc [Ver = 2, 0, 0, 0 | Size = 100016 bytes | Modified Date = 10/15/2004 4:54:14 PM | Attr = ]
dtsrvc.exe -> %ProgramFiles%\Portrait Displays\forteManager\dtsrvc.exe -> [Ver = | Size = 57344 bytes | Modified Date = 10/4/2004 5:18:30 PM | Attr = ]
ezsp_px.exe -> %System32%\ezSP_Px.exe -> Easy Systems Japan Ltd. [Ver = 1, 0, 0, 0 | Size = 40960 bytes | Modified Date = 8/20/2002 10:29:26 AM | Attr = ]
floater.exe -> %ProgramFiles%\WinPortrait\floater.exe -> [Ver = | Size = 747256 bytes | Modified Date = 10/4/2004 5:00:00 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 6/30/2007 7:40:34 AM | Attr = ]
hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/22/2003 8:38:42 AM | Attr = ]
hpwuschd2.exe -> %ProgramFiles%\Hewlett-Packard\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Company [Ver = 3, 0, 38, 1 | Size = 49152 bytes | Modified Date = 2/18/2004 1:55:28 PM | Attr = ]
hpztsb10.exe -> %System32%\spool\drivers\w32x86\3\hpztsb10.exe -> HP [Ver = 2.323.0.0 | Size = 172032 bytes | Modified Date = 3/4/2004 11:46:24 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 3/14/2007 3:43:44 AM | Attr = ]
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> Networks Associates Technology, Inc [Ver = 4, 3, 0, 10 | Size = 245760 bytes | Modified Date = 8/27/2003 12:00:12 PM | Attr = ]
mcshield.exe -> %ProgramFiles%\McAfee.com\VSO\McShield.exe -> [Ver = | Size = 225375 bytes | Modified Date = 3/13/2002 8:50:34 AM | Attr = ]
mcupdmgr.exe -> %ProgramFiles%\McAfee.com\Agent\mcupdmgr.exe -> Networks Associates Technology, Inc [Ver = 4, 3, 0, 8 | Size = 245760 bytes | Modified Date = 8/21/2003 7:06:56 PM | Attr = ]
mcvsescn.exe -> %ProgramFiles%\McAfee.com\VSO\McVSEscn.exe -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 30 | Size = 417849 bytes | Modified Date = 4/28/2004 6:55:12 PM | Attr = ]
mcvsftsn.exe -> %ProgramFiles%\McAfee.com\VSO\mcvsftsn.exe -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 20 | Size = 221184 bytes | Modified Date = 9/29/2003 4:38:16 PM | Attr = ]
mcvsrte.exe -> %ProgramFiles%\McAfee.com\VSO\mcvsrte.exe -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 12 | Size = 106496 bytes | Modified Date = 8/8/2003 7:04:38 PM | Attr = ]
mcvsshld.exe -> %ProgramFiles%\McAfee.com\VSO\mcvsshld.exe -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 15 | Size = 163840 bytes | Modified Date = 8/17/2003 10:50:34 PM | Attr = ]
mpbtn.exe -> %ProgramFiles%\3com\Connection Assistant\bin\mpbtn.exe -> Motive Communications, Inc. [Ver = 4.03.02.10.20020320_180000 | Size = 176128 bytes | Modified Date = 3/21/2002 3:44:46 PM | Attr = ]
nintendowfcreg.exe -> %ProgramFiles%\WiFiConnector\NintendoWFCReg.exe -> [Ver = 1, 0, 0, 31 | Size = 1073152 bytes | Modified Date = 12/15/2005 4:28:36 AM | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.5303 | Size = 77824 bytes | Modified Date = 11/17/2003 2:33:00 PM | Attr = ]
psiservice.exe -> %System32%\PSIService.exe -> [Ver = 2.0.0.1 | Size = 174656 bytes | Modified Date = 11/2/2006 8:40:12 PM | Attr = ]
sdhelp.exe -> %ProgramFiles%\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.6.0.2025 | Size = 895160 bytes | Modified Date = 7/26/2006 1:32:22 AM | Attr = ]
shellmon.exe -> %ProgramFiles%\America Online 9.0a\shellmon.exe -> America Online, Inc. [Ver = 9.02.000 | Size = 54872 bytes | Modified Date = 7/12/2005 1:17:50 AM | Attr = ]
smagent.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 | Size = 45056 bytes | Modified Date = 9/20/2002 7:50:10 PM | Attr = ]
smax4.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe -> Analog Devices, Inc. [Ver = 4, 0, 4, 25 | Size = 585728 bytes | Modified Date = 5/30/2003 1:42:22 PM | Attr = ]
smax4pnp.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4PNP.exe -> Analog Devices, Inc. [Ver = 4, 0, 4, 11 | Size = 790528 bytes | Modified Date = 5/29/2003 8:28:32 PM | Attr = ]
thguard.exe -> %ProgramFiles%\TrojanHunter 4.5\THGuard.exe -> Mischel Internet Security [Ver = 4.5.0.275 | Size = 1120256 bytes | Modified Date = 5/31/2006 7:52:04 PM | Attr = ]
wanmpsvc.exe -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 11:27:44 AM | Attr = ]
waol.exe -> %ProgramFiles%\America Online 9.0a\waol.exe -> America Online, Inc. [Ver = 9.02.000 | Size = 37464 bytes | Modified Date = 7/12/2005 1:17:52 AM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 6/23/2007 3:15:54 PM | Attr = ]
wintab32.exe -> %System32%\wintab32.exe -> [Ver = | Size = 122880 bytes | Modified Date = 5/2/2005 2:59:32 PM | Attr = ]
wpctrl.exe -> %ProgramFiles%\WinPortrait\wpctrl.exe -> [Ver = | Size = 694008 bytes | Modified Date = 10/4/2004 4:59:54 PM | Attr = ]
wtxpload.exe -> %SystemRoot%\Acecad\wtxpload.exe -> GATI [Ver = 1.03 | Size = 57344 bytes | Modified Date = 5/1/2005 12:14:28 AM | Attr = ]
xpoint32.exe -> %SystemRoot%\Acecad\xpoint32.exe -> GATI [Ver = 1.00.01.012 | Size = 125952 bytes | Modified Date = 5/1/2005 12:42:32 AM | Attr = ]
zpoint32.exe -> %System32%\zpoint32.exe -> ACE CAD Enterprise Co., Ltd. [Ver = 2, 0, 0, 0 | Size = 20480 bytes | Modified Date = 7/4/2002 2:49:48 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 7/19/2005 3:15:12 PM | Attr = ]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 8:50:36 AM | Attr = R ]
(AOL TopSpeedMonitor) AOL TopSpeed Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\TopSpeed\2.0\aoltsmon.exe -> America Online, Inc [Ver = 2, 0, 0, 0 | Size = 100016 bytes | Modified Date = 10/15/2004 4:54:14 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 6/30/2007 7:40:34 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.0.503.0 | Size = 204800 bytes | Modified Date = 8/29/2002 8:00:00 AM | Attr = ]
(DTSRVC) Portrait Displays Display Tune Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Portrait Displays\forteManager\dtsrvc.exe -> [Ver = | Size = 57344 bytes | Modified Date = 10/4/2004 5:18:30 PM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 10:36:32 AM | Attr = ]
(Macromedia Licensing Service) Macromedia Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macromedia Shared\Service\Macromedia Licensing.exe -> Macromedia [Ver = 2.65.000 | Size = 69632 bytes | Modified Date = 8/30/2004 7:54:10 AM | Attr = ]
(McShield) McAfee.com McShield [Win32_Own | On_Demand | Running] -> %ProgramFiles%\McAfee.com\VSO\McShield.exe -> [Ver = | Size = 225375 bytes | Modified Date = 3/13/2002 8:50:34 AM | Attr = ]
(mcupdmgr.exe) McAfee SecurityCenter Update Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Agent\mcupdmgr.exe -> Networks Associates Technology, Inc [Ver = 4, 3, 0, 8 | Size = 245760 bytes | Modified Date = 8/21/2003 7:06:56 PM | Attr = ]
(MCVSRte) McAfee.com VirusScan Online Realtime Engine [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\VSO\mcvsrte.exe -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 12 | Size = 106496 bytes | Modified Date = 8/8/2003 7:04:38 PM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.5303 | Size = 77824 bytes | Modified Date = 11/17/2003 2:33:00 PM | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\Pacsptisvr.exe -> [Ver = 1, 0, 0, 1 | Size = 65625 bytes | Modified Date = 12/9/2003 6:38:14 AM | Attr = ]
(ProtexisLicensing) ProtexisLicensing [Win32_Own | Auto | Running] -> %System32%\PSIService.exe -> [Ver = 2.0.0.1 | Size = 174656 bytes | Modified Date = 11/2/2006 8:40:12 PM | Attr = ]
(SDhelper) PC Tools Spyware Doctor [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.6.0.2025 | Size = 895160 bytes | Modified Date = 7/26/2006 1:32:22 AM | Attr = ]
(SoundMAX Agent Service (default)) SoundMAX Agent Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 | Size = 45056 bytes | Modified Date = 9/20/2002 7:50:10 PM | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\Sptisrv.exe -> Sony Corporation [Ver = 3.4.00.12090 | Size = 65622 bytes | Modified Date = 12/9/2003 6:32:58 AM | Attr = ]
(WANMiniportService) WAN Miniport (ATW) Service [Win32_Own | Auto | Running] -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 11:27:44 AM | Attr = ]
(Wintab32) NexTab [Win32_Own | Auto | Running] -> %System32%\wintab32.exe -> [Ver = | Size = 122880 bytes | Modified Date = 5/2/2005 2:59:32 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Acecad.Wtxpload -> %SystemRoot%\Acecad\wtxpload.exe -> GATI [Ver = 1.03 | Size = 57344 bytes | Modified Date = 5/1/2005 12:14:28 AM | Attr = ]
AOLDialer -> %CommonProgramFiles%\AOL\ACS\AOLDial.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 71216 bytes | Modified Date = 10/23/2006 8:50:38 AM | Attr = R ]
ezShieldProtector for Px -> %System32%\ezSP_Px.exe -> Easy Systems Japan Ltd. [Ver = 1, 0, 0, 0 | Size = 40960 bytes | Modified Date = 8/20/2002 10:29:26 AM | Attr = ]
HostManager -> %CommonProgramFiles%\AOL\1128451242\EE\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.6.1 | Size = 50736 bytes | Modified Date = 9/25/2006 8:52:48 PM | Attr = ]
HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/22/2003 8:38:42 AM | Attr = ]
HP Software Update -> %ProgramFiles%\Hewlett-Packard\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Company [Ver = 3, 0, 38, 1 | Size = 49152 bytes | Modified Date = 2/18/2004 1:55:28 PM | Attr = ]
HPDJ Taskbar Utility -> %System32%\spool\drivers\w32x86\3\hpztsb10.exe -> HP [Ver = 2.323.0.0 | Size = 172032 bytes | Modified Date = 3/4/2004 11:46:24 AM | Attr = ]
KernelFaultCheck -> -> File not found
MCAgentExe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> Networks Associates Technology, Inc [Ver = 4, 3, 0, 10 | Size = 245760 bytes | Modified Date = 8/27/2003 12:00:12 PM | Attr = ]
MCUpdateExe -> %ProgramFiles%\McAfee.com\Agent\mcupdate.exe -> Networks Associates Technology, Inc [Ver = 4, 3, 0, 7 | Size = 180224 bytes | Modified Date = 8/21/2003 7:10:50 PM | Attr = ]
MSPY2002 -> %System32%\IME\PINTLGNT\IMSCINST.EXE -> [Ver = | Size = 59392 bytes | Modified Date = 8/29/2002 8:00:00 AM | Attr = ]
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 2:50:42 PM | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.5303 | Size = 3022848 bytes | Modified Date = 11/17/2003 2:33:00 PM | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.5303 | Size = 49152 bytes | Modified Date = 11/17/2003 2:33:00 PM | Attr = ]
nwiz -> %System32%\nwiz.exe -> NVIDIA Corporation [Ver = 6.14.10.5303 | Size = 753664 bytes | Modified Date = 11/17/2003 2:33:00 PM | Attr = ]
PivotSoftware -> %ProgramFiles%\WinPortrait\wpctrl.exe -> [Ver = | Size = 694008 bytes | Modified Date = 10/4/2004 4:59:54 PM | Attr = ]
Pure Networks Port Magic -> %ProgramFiles%\Pure Networks\Port Magic\PortAOL.exe -> Pure Networks, Inc. [Ver = 1.2.1393.0 | Size = 99480 bytes | Modified Date = 4/5/2004 5:33:54 PM | Attr = ]
SoundMAX -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe -> Analog Devices, Inc. [Ver = 4, 0, 4, 25 | Size = 585728 bytes | Modified Date = 5/30/2003 1:42:22 PM | Attr = ]
SoundMAXPnP -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4PNP.exe -> Analog Devices, Inc. [Ver = 4, 0, 4, 11 | Size = 790528 bytes | Modified Date = 5/29/2003 8:28:32 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 3/14/2007 3:43:44 AM | Attr = ]
THGuard -> %ProgramFiles%\TrojanHunter 4.5\THGuard.exe -> Mischel Internet Security [Ver = 4.5.0.275 | Size = 1120256 bytes | Modified Date = 5/31/2006 7:52:04 PM | Attr = ]
VirusScan Online -> %ProgramFiles%\McAfee.com\VSO\mcvsshld.exe -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 15 | Size = 163840 bytes | Modified Date = 8/17/2003 10:50:34 PM | Attr = ]
VSOCheckTask -> %ProgramFiles%\McAfee.com\VSO\mcmnhdlr.exe -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 12 | Size = 122880 bytes | Modified Date = 8/8/2003 7:02:10 PM | Attr = ]
ZPOINT32 -> %System32%\zpoint32.exe -> ACE CAD Enterprise Co., Ltd. [Ver = 2, 0, 0, 0 | Size = 20480 bytes | Modified Date = 7/4/2002 2:49:48 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
AOL Fast Start -> %ProgramFiles%\America Online 9.0a\aol.exe -> America Online, Inc. [Ver = 9.02.000 | Size = 50776 bytes | Modified Date = 7/12/2005 1:17:44 AM | Attr = ]
Spyware Doctor -> -> File not found
WebCamRT.exe -> -> File not found
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\3Com Connection Assistant.lnk -> %ProgramFiles%\3com\Connection Assistant\bin\matcli.exe -> Motive Communications, Inc. [Ver = 4.03.02.10.20020320_180000 | Size = 208896 bytes | Modified Date = 3/20/2002 6:30:44 PM | Attr = ]
%AllUsersStartup%\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 110592 bytes | Modified Date = 10/14/2003 2:11:40 AM | Attr = ]
%AllUsersStartup%\Run Nintendo Wi-Fi USB Connector Registration Tool.lnk -> %ProgramFiles%\WiFiConnector\NintendoWFCReg.exe -> [Ver = 1, 0, 0, 31 | Size = 1073152 bytes | Modified Date = 12/15/2005 4:28:36 AM | Attr = ]
< User Startup > -> C:\Documents and Settings\Justin W\Start Menu\Programs\Startup ->
%UserStartup%\SpywareGuard.lnk -> %ProgramFiles%\SpywareGuard\sgmain.exe -> [Ver = 2.02.0001 | Size = 360448 bytes | Modified Date = 8/29/2003 7:05:36 PM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 6/30/2007 7:40:34 AM | Attr = ]
{81559C35-8464-49F7-BB0E-07A383BEF910} [HKLM] -> %ProgramFiles%\SpywareGuard\spywareguard.dll [] -> [Ver = 2.02 | Size = 126976 bytes | Modified Date = 8/2/2003 11:20:58 PM | Attr = R ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
WgaLogon -> Reg Data - Value does not exist -> File not found
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> ÿ
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoLowDiskSpaceChecks -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInstrumentation -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\{9CFEDDAB-0C7E-1033-1014-040326030001} -> "C:\Program Files\Common Files\{9CFEDDAB-0C7E-1033-1014-040326030001}\Update.exe" mc-110-12-0000103 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< HOSTS File > (0 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL ->
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome ->
HKLM: Main\\Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Start Page ->
http://www.msn.com/ ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL ->
http://ie.search.msn.com ->
HKCU: Local Page -> C:\WINDOWS\System32\blank.htm ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Start Page ->
http://ytmnd.com/ ->
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> 127.0.0.1 ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> %ProgramFiles%\SpywareGuard\dlprotect.dll [SpywareGuardDLBLOCK.CBrowserHelper] -> [Ver = 2.02 | Size = 192512 bytes | Modified Date = 8/2/2003 11:24:02 PM | Attr = R ]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} [HKLM] -> %ProgramFiles%\Spyware Doctor\tools\iesdsg.dll [PCTools Site Guard] -> PC Tools [Ver = 3.6.0.2069 | Size = 803048 bytes | Modified Date = 5/5/2006 1:55:04 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 3/14/2007 3:43:40 AM | Attr = ]
{B56A7D7D-6927-48C8-A975-17DF180C71AC} [HKLM] -> %ProgramFiles%\Spyware Doctor\tools\iesdpb.dll [PCTools Browser Monitor] -> PC Tools [Ver = 3.6.0.2281 | Size = 839920 bytes | Modified Date = 5/5/2006 1:56:36 PM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes0411.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2003, 4, 11, 1 | Size = 296120 bytes | Modified Date = 1/29/2004 2:00:40 AM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\yhexbmes0411.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2003, 4, 11, 1 | Size = 296120 bytes | Modified Date = 1/29/2004 2:00:40 AM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{8E718888-423F-11D2-876E-00A0C9082467} [HKLM] -> %System32%\msdxm.ocx [&Radio] -> [Ver = | Size = 844048 bytes | Modified Date = 9/17/2003 11:01:28 AM | Attr = ]
{BA52B914-B692-46c4-B683-905236F6F655} [HKLM] -> %ProgramFiles%\McAfee.com\VSO\mcvsshl.dll [McAfee VirusScan] -> Networks Associates Technology, Inc [Ver = 8, 0, 0, 15 | Size = 114743 bytes | Modified Date = 8/18/2003 12:19:32 PM | Attr = ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll [&Yahoo! Companion] -> Yahoo! Inc. [Ver = 2004, 1, 7, 1 | Size = 272983 bytes | Modified Date = 1/7/2004 2:32:12 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{23DB9785-B649-45CD-B942-35C6BF47607E} [HKLM] -> %SystemDrive%\DOCUME~1\JUSTIN~1\APPLIC~1\stfbpcrglj.dll [prsssstrcho] -> File not found
WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll [&Yahoo! Companion] -> Yahoo! Inc. [Ver = 2004, 1, 7, 1 | Size = 272983 bytes | Modified Date = 1/7/2004 2:32:12 PM | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\npjpi160_01.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 132760 bytes | Modified Date = 3/14/2007 3:43:42 AM | Attr = ]
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> Reg Data - Value does not exist [ButtonText: Spyware Doctor] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} -> Reg Data - Value does not exist [ButtonText: Messenger] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> %ProgramFiles%\AIM\aim.exe [ButtonText: AIM] -> America Online, Inc. [Ver = 5.9.3861 | Size = 67160 bytes | Modified Date = 8/5/2005 3:08:26 PM | Attr = ]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
CmdMapping [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&AOL Toolbar search -> %CommonProgramFiles%\aolcoach\en_en\player\plugin\toolbar.dll\SEARCH.HTM -> File not found
Yahoo! Dictionary -> %ProgramFiles%\Yahoo!\Common\YCDICT.HTM -> [Ver = | Size = 609 bytes | Modified Date = 4/9/2003 6:51:48 PM | Attr = ]
Yahoo! Search -> %ProgramFiles%\Yahoo!\Common\YCSRCH.HTM -> [Ver = | Size = 598 bytes | Modified Date = 4/9/2003 6:47:56 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
{80D22A9F-93CD-6639-A16C-0039211E56D6} -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{1C72ACB9-9492-484C-8C4D-B96B28AB2FD7} -> (RCA USB Cable Modem) ->
{26EF2EB3-3937-44E2-99FC-EE17530F5A0E} -> (3Com Gigabit LOM (3C940)) ->
{F2BDAF9D-4F68-4FBD-AF8D-76051AE912BE} -> () ->
{F6D026ED-74C8-4CCA-ACE2-F082BB764323} -> (Nintendo Wi-Fi USB Connector) ->
< Default Protocols [HKCU] - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
shell -> shell protocol not assigned ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
cetihpz -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll -> Hewlett-Packard Company [Ver = 2.1.4 | Size = 81920 bytes | Modified Date = 12/22/2003 8:38:40 AM | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
vnd.ms.radio -> %System32%\msdxm.ocx -> [Ver = | Size = 844048 bytes | Modified Date = 9/17/2003 11:01:28 AM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{00000161-0000-0010-8000-00AA00389B71} -> - CodeBase =
http://codecs.microsoft.com/codecs/i386/msaudio.cab ->
{00000162-9980-0010-8000-00AA00389B71} -> - CodeBase =
http://codecs.microsoft.com/codecs/i386/wma9dmo.cab ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase =
http://www.kaspersky.com/kos/eng/partne ... nicode.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase =
http://download.macromedia.com/pub/shoc ... tor/sw.cab ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase =
http://download.microsoft.com/download/ ... mv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase =
http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab ->
{5F8469B4-B055-49DD-83F7-62B522420ECC} -> Facebook Photo Uploader Control - CodeBase =
http://upload.facebook.com/controls/Fac ... loader.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_01 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase =
http://acs.pandasoftware.com/activescan ... asinst.cab ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F} -> - CodeBase =
http://v4.windowsupdate.microsoft.com/C ... 7678009259 ->
{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_07 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} -> Java Plug-in 1.6.0 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://download.macromedia.com/pub/shoc ... wflash.cab ->
ActiveGS.cab -> - CodeBase =
http://www.virtualapple.org/activegs.cab ->
DirectAnimation Java Classes -> - CodeBase = ->
Microsoft XML Parser for Java -> - CodeBase = ->
[Files/Folders - Created Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 6/22/2007 3:42:24 PM | Attr = HS]
fsbl.exe -> %SystemDrive%\fsbl.exe -> F-Secure Corporation [Ver = 2, 2, 1064, 0 | Size = 904048 bytes | Created Date = 7/1/2007 6:11:06 AM | Attr = ]
virtualcontrol -> %SystemDrive%\virtualcontrol -> [Folder | Created Date = 6/30/2007 6:39:40 AM | Attr = ]
tmtdla3z.dll -> %SystemRoot%\tmtdla3z.dll -> [Ver = | Size = 1 bytes | Created Date = 6/24/2007 1:39:37 AM | Attr = ]
alobutton.ocx -> %System32%\alobutton.ocx -> Alo Soft [Ver = 1.00 | Size = 98304 bytes | Created Date = 6/24/2007 1:39:36 AM | Attr = ]
AloFrame.ocx -> %System32%\AloFrame.ocx ->
http://www.alosoft.com [Ver = 1.00 | Size = 53248 bytes | Created Date = 6/24/2007 1:39:37 AM | Attr = ]
Aloprogress.ocx -> %System32%\Aloprogress.ocx -> Alo Soft [Ver = 1.00 | Size = 61440 bytes | Created Date = 6/24/2007 1:39:36 AM | Attr = ]
ISUSPM.cpl -> %System32%\ISUSPM.cpl -> Macrovision Corporation [Ver = 4, 60, 100, 37068 | Size = 73728 bytes | Created Date = 6/21/2007 10:17:20 PM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 6/4/2007 2:29:26 PM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 6/4/2007 2:29:26 PM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 139264 bytes | Created Date = 6/4/2007 2:29:26 PM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 7/1/2007 2:51:59 AM | Attr = ]
lame_enc.dll -> %System32%\lame_enc.dll -> [Ver = | Size = 237568 bytes | Created Date = 6/24/2007 1:39:51 AM | Attr = ]
maaa.dll -> %System32%\maaa.dll -> NCT Company Ltd. [Ver = 2,5,5,539 | Size = 1843200 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maab.dll -> %System32%\maab.dll -> NCT Company Ltd. [Ver = 2,5,5,252 | Size = 315392 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maac.dll -> %System32%\maac.dll -> NCT Company Ltd. [Ver = 2,5,1,104 | Size = 335872 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maad.dll -> %System32%\maad.dll -> NCT Company Ltd. [Ver = 2,5,7,346 | Size = 729088 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maae.dll -> %System32%\maae.dll -> NCT [Ver = 2,6,2,92 | Size = 835584 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maaf.dll -> %System32%\maaf.dll -> NCT Company Ltd. [Ver = 2,5,5,183 | Size = 311296 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maag.dll -> %System32%\maag.dll -> NCT Company Ltd. [Ver = 2,4,1,113 | Size = 196608 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maah.dll -> %System32%\maah.dll -> NCT Company Ltd. [Ver = 2,6,2,247 | Size = 1040384 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
maai.dll -> %System32%\maai.dll -> NCT Company Ltd. [Ver = 2,5,4,173 | Size = 450560 bytes | Created Date = 6/24/2007 1:39:53 AM | Attr = ]
shareet.ocx -> %System32%\shareet.ocx -> ???? ??? ???? [Ver = 1.01 | Size = 65536 bytes | Created Date = 6/24/2007 1:39:36 AM | Attr = ]
wavdest.ax -> %System32%\wavdest.ax -> [Ver = | Size = 40960 bytes | Created Date = 6/24/2007 1:39:52 AM | Attr = ]
[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 194 bytes | Modified Date = 7/1/2007 3:49:26 AM | Attr = HS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 6/23/2007 1:41:14 AM | Attr = HS]
fsbl.exe -> %SystemDrive%\fsbl.exe -> F-Secure Corporation [Ver = 2, 2, 1064, 0 | Size = 904048 bytes | Modified Date = 7/1/2007 7:11:08 AM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 7/1/2007 6:46:30 AM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 7/1/2007 3:48:46 AM | Attr = HS]
unzipped -> %SystemDrive%\unzipped -> [Folder | Modified Date = 6/21/2007 9:43:06 PM | Attr = ]
VETlog.dmp -> %SystemDrive%\VETlog.dmp -> [Ver = | Size = 57847 bytes | Modified Date = 7/1/2007 8:10:38 AM | Attr = ]
virtualcontrol -> %SystemDrive%\virtualcontrol -> [Folder | Modified Date = 6/30/2007 7:39:42 AM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 7/1/2007 7:09:40 AM | Attr = ]
AudACM.ini -> %SystemRoot%\AudACM.ini -> [Ver = | Size = 56 bytes | Modified Date = 6/23/2007 4:10:52 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 7/1/2007 7:49:54 AM | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 7/1/2007 3:52:02 AM | Attr = S]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 6/30/2007 9:32:04 AM | Attr = R S]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 7/1/2007 3:52:00 AM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 6/22/2007 4:42:44 PM | Attr = HS]
LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 7/1/2007 3:52:00 AM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 7/1/2007 8:11:12 AM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 7/1/2007 3:37:42 AM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 7/1/2007 3:49:26 AM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 7/1/2007 3:52:00 AM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 7/1/2007 7:51:06 AM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 7/1/2007 7:50:14 AM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1159 bytes | Modified Date = 7/1/2007 8:10:38 AM | Attr = ]
winamp.ini -> %SystemRoot%\winamp.ini -> [Ver = | Size = 192 bytes | Modified Date = 6/24/2007 3:02:48 AM | Attr = ]
WINTAB.INI -> %SystemRoot%\WINTAB.INI -> [Ver = | Size = 745 bytes | Modified Date = 7/1/2007 7:49:54 AM | Attr = ]
McAfee.com Update Check (JUSTIN-Justin W).job -> %SystemRoot%\tasks\McAfee.com Update Check (JUSTIN-Justin W).job -> [Ver = | Size = 500 bytes | Modified Date = 7/1/2007 8:11:02 AM | Attr = ]
McAfee.com Update Check (JUSTIN-user).job -> %SystemRoot%\tasks\McAfee.com Update Check (JUSTIN-user).job -> [Ver = | Size = 492 bytes | Modified Date = 7/1/2007 8:10:00 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 7/1/2007 7:49:56 AM | Attr = H ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 7/1/2007 7:53:56 AM | Attr = ]
CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 6/30/2007 7:36:50 AM | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 6/30/2007 7:36:50 AM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 264616 bytes | Modified Date = 6/30/2007 7:17:16 PM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 7/1/2007 3:52:00 AM | Attr = ]
lame_enc.dll -> %System32%\lame_enc.dll -> [Ver = | Size = 237568 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maaa.dll -> %System32%\maaa.dll -> NCT Company Ltd. [Ver = 2,5,5,539 | Size = 1843200 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maab.dll -> %System32%\maab.dll -> NCT Company Ltd. [Ver = 2,5,5,252 | Size = 315392 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maac.dll -> %System32%\maac.dll -> NCT Company Ltd. [Ver = 2,5,1,104 | Size = 335872 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maad.dll -> %System32%\maad.dll -> NCT Company Ltd. [Ver = 2,5,7,346 | Size = 729088 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maae.dll -> %System32%\maae.dll -> NCT [Ver = 2,6,2,92 | Size = 835584 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maaf.dll -> %System32%\maaf.dll -> NCT Company Ltd. [Ver = 2,5,5,183 | Size = 311296 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maag.dll -> %System32%\maag.dll -> NCT Company Ltd. [Ver = 2,4,1,113 | Size = 196608 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maah.dll -> %System32%\maah.dll -> NCT Company Ltd. [Ver = 2,6,2,247 | Size = 1040384 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
maai.dll -> %System32%\maai.dll -> NCT Company Ltd. [Ver = 2,5,4,173 | Size = 450560 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 7/1/2007 3:48:46 AM | Attr = ]
wavdest.ax -> %System32%\wavdest.ax -> [Ver = | Size = 40960 bytes | Modified Date = 6/24/2007 2:39:54 AM | Attr = ]
winitn.dll -> %System32%\winitn.dll -> [Ver = | Size = 35 bytes | Modified Date = 6/24/2007 2:40:08 AM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12598 bytes | Modified Date = 7/1/2007 7:53:54 AM | Attr = ]
hosts.ics -> %System32%\drivers\etc\hosts.ics -> [Ver = | Size = 432 bytes | Modified Date = 7/1/2007 7:50:42 AM | Attr = ]
[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Thumbs.db:encryptable ->
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable ->
PEC2 , -> %System32%\DAE.dll -> Digidesign, Inc. [Ver = 5.0.1.471 R2 | Size = 2019389 bytes | Modified Date = 12/15/2000 11:21:14 AM | Attr = ]
WSUD , -> %System32%\DAE.dll.rsr -> [Ver = | Size = 447777 bytes | Modified Date = 12/15/2000 3:10:44 AM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/29/2002 8:00:00 AM | Attr = ]
PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 740442 bytes | Modified Date = 5/11/2007 12:37:16 AM | Attr = ]
PTech , abetterinternet.com , ad-w-a-r-e.com , -> %System32%\ie-ads-uninst.reg -> [Ver = | Size = 1212765 bytes | Modified Date = 11/11/2004 4:11:48 PM | Attr = ]
PTech , abetterinternet.com , ad-w-a-r-e.com , -> %System32%\ie-ads.reg -> [Ver = | Size = 1247943 bytes | Modified Date = 11/11/2004 4:13:04 PM | Attr = ]
PTech , -> %System32%\LegitCheckControl.dll -> Microsoft Corp. [Ver = 1.5.0512.0 | Size = 550120 bytes | Modified Date = 2/14/2006 10:20:14 AM | Attr = ]
UPX! , UPX0 , -> %System32%\realmrec.dll -> MarineCat [Ver = 2, 3, 9, 0 | Size = 79360 bytes | Modified Date = 10/27/2004 6:22:06 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/29/2002 8:00:00 AM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/29/2002 8:00:00 AM | Attr = ]
< End of report >