wasn't sure if i needed the non microsoft for the files created and modified i didn't have them ticked for this scan if i should have i will redo
thanks for your help
WinPFind3 logfile created on: 08/05/2007 15:56:25
WinPFind3U by OldTimer - Version 1.0.35 Folder = C:\Documents and Settings\tricia pettit\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)
1.50 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 69.95% Memory free
2.11 Gb Paging File | 1.77 Gb Available in Paging File | 84.18% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.24 Gb Total Space | 82.30 Gb Free Space | 55.15% Space Free
D: Drive not present or media not loaded
Drive E: | 727.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free
F: Drive not present or media not loaded
Computer Name: LIVINGROOM
Current User Name: tricia pettit
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 450560 bytes | Modified Date = 15/03/2007 02:48:40 | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 450560 bytes | Modified Date = 15/03/2007 02:48:40 | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5120 | Size = 339968 bytes | Modified Date = 25/08/2004 12:52:00 | Attr = ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 22/04/2007 09:33:16 | Attr = ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 416256 bytes | Modified Date = 22/04/2007 09:33:16 | Attr = ]
avgemc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 351744 bytes | Modified Date = 22/04/2007 09:33:18 | Attr = ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 07/11/2006 18:07:34 | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 15:13:20 | Attr = ]
iwctrl.exe -> %ProgramFiles%\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe -> Pinnacle Systems, Inc. [Ver = 4.0.2.7 | Size = 836096 bytes | Modified Date = 12/03/2003 12:56:56 | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14/03/2007 03:43:44 | Attr = ]
saservice.exe -> %ProgramFiles%\SiteAdvisor\5020\SAService.exe -> [Ver = | Size = 308824 bytes | Modified Date = 12/01/2007 18:51:10 | Attr = ]
sgbhp.exe -> %ProgramFiles%\SpywareGuard\sgbhp.exe -> [Ver = 2.02.0001 | Size = 233472 bytes | Modified Date = 29/08/2003 12:14:58 | Attr = ]
sgmain.exe -> %ProgramFiles%\SpywareGuard\sgmain.exe -> [Ver = 2.02.0001 | Size = 360448 bytes | Modified Date = 29/08/2003 20:05:36 | Attr = ]
siteadv.exe -> %ProgramFiles%\SiteAdvisor\5020\SiteAdv.exe -> McAfee, Inc. [Ver = 2.1.1.75 | Size = 35928 bytes | Modified Date = 21/12/2006 21:50:46 | Attr = ]
sstray.exe -> %System32%\sstray.exe -> NVIDIA Corporation [Ver = 1.00.00.0348 | Size = 73728 bytes | Modified Date = 17/06/2003 17:18:46 | Attr = ]
vsmon.exe -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 75568 bytes | Modified Date = 09/03/2007 01:01:58 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.35.0 | Size = 319488 bytes | Modified Date = 06/05/2007 09:38:54 | Attr = ]
zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 919280 bytes | Modified Date = 09/03/2007 01:02:00 | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [Ver = 2.41.000 | Size = 68096 bytes | Modified Date = 15/08/2005 20:40:58 | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 450560 bytes | Modified Date = 15/03/2007 02:48:40 | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 22/03/2007 21:05:00 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 15:13:20 | Attr = ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 22/04/2007 09:33:16 | Attr = ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 07/11/2006 18:07:34 | Attr = ]
(AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 351744 bytes | Modified Date = 22/04/2007 09:33:18 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 08:56:48 | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 04/01/2007 02:40:22 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 01:41:10 | Attr = ]
(MsaSvc) Microsoft authenticate service [Win32_Own | Disabled | Stopped] -> %System32%\msasvc.exe -> File not found
(SiteAdvisor Service) SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\SiteAdvisor\5020\SAService.exe -> [Ver = | Size = 308824 bytes | Modified Date = 12/01/2007 18:51:10 | Attr = ]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 75568 bytes | Modified Date = 09/03/2007 01:01:58 | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5120 | Size = 339968 bytes | Modified Date = 25/08/2004 12:52:00 | Attr = ]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 416256 bytes | Modified Date = 22/04/2007 09:33:16 | Attr = ]
IW ControlCenter -> %ProgramFiles%\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe -> Pinnacle Systems, Inc. [Ver = 4.0.2.7 | Size = 836096 bytes | Modified Date = 12/03/2003 12:56:56 | Attr = ]
KernelFaultCheck -> -> File not found
nForce Tray Options -> %System32%\sstray.exe -> NVIDIA Corporation [Ver = 1.00.00.0348 | Size = 73728 bytes | Modified Date = 17/06/2003 17:18:46 | Attr = ]
PinnacleDriverCheck -> %System32%\PSDrvCheck.exe -> [Ver = 1.0.0.50 | Size = 394240 bytes | Modified Date = 28/05/2003 17:37:44 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> File not found
SiteAdvisor -> %ProgramFiles%\SiteAdvisor\5020\SiteAdv.exe -> McAfee, Inc. [Ver = 2.1.1.75 | Size = 35928 bytes | Modified Date = 21/12/2006 21:50:46 | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14/03/2007 03:43:44 | Attr = ]
ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 919280 bytes | Modified Date = 09/03/2007 01:02:00 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< User Startup > -> C:\Documents and Settings\tricia pettit\Start Menu\Programs\Startup
%UserStartup%\SpywareGuard.lnk -> %ProgramFiles%\SpywareGuard\sgmain.exe -> [Ver = 2.02.0001 | Size = 360448 bytes | Modified Date = 29/08/2003 20:05:36 | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28/09/2006 15:13:28 | Attr = ]
{81559C35-8464-49F7-BB0E-07A383BEF910} [HKLM] -> %ProgramFiles%\SpywareGuard\spywareguard.dll [SpywareGuard] -> [Ver = 2.02 | Size = 126976 bytes | Modified Date = 03/08/2003 00:20:58 | Attr = R ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4162 | Size = 114688 bytes | Modified Date = 15/03/2007 02:50:00 | Attr = ]
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Main\\Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Local Page -> C:\windows\system32\blank.htm ->
HKLM: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Local Page -> C:\windows\system32\blank.htm ->
HKCU: Search Bar ->
http://g.msn.co.uk/0SEENGB/SAOS01 ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Start Page ->
http://www.ntlworld.com/broadband ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
www_artistrypsp.com [http] -> ->
www_boots.co.uk [http] -> ->
www_game.co.uk [http] -> ->
www_game.co.uk [https] -> ->
www_geocities.com [http] -> ->
www_meshplc.co.uk [http] -> ->
spaces_msn.com [http] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{089FD14D-132B-48FC-8861-0048AE113215} [HKLM] -> %ProgramFiles%\SiteAdvisor\5020\SiteAdv.dll [Reg Data - Value does not exist] -> McAfee, Inc. [Ver = 2.1.1.75 | Size = 1087064 bytes | Modified Date = 21/12/2006 21:50:42 | Attr = ]
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> %ProgramFiles%\SpywareGuard\dlprotect.dll [SpywareGuardDLBLOCK.CBrowserHelper] -> [Ver = 2.02 | Size = 192512 bytes | Modified Date = 03/08/2003 00:24:02 | Attr = R ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 31/05/2005 01:04:00 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14/03/2007 03:43:40 | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{0BF43445-2F28-4351-9252-17FE6E806AA0} [HKLM] -> %ProgramFiles%\SiteAdvisor\5020\SiteAdv.dll [McAfee SiteAdvisor] -> McAfee, Inc. [Ver = 2.1.1.75 | Size = 1087064 bytes | Modified Date = 21/12/2006 21:50:42 | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\npjpi160_01.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 132760 bytes | Modified Date = 14/03/2007 03:43:42 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14/03/2007 03:43:40 | Attr = ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{2F8651DD-96E9-449C-A564-368AA6ACC73F} -> (1394 Net Adapter) ->
{7D542BFB-AAA4-488D-A17A-109B83443DA6} -> () ->
{958E9DA6-6D0B-4F03-A243-0C73AC1680D8} -> (NVIDIA nForce MCP Networking Controller) ->
{A4F3461C-3416-46D2-9361-1C945E68F200} -> (3Com 3C920B-EMB Integrated Fast Ethernet Controller) ->
{AF9100B6-64FE-4C5E-BB63-26C0EE801150} -> (USB Cable Modem 351000) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
siteadvisor -> %ProgramFiles%\SiteAdvisor\5020\SiteAdv.dll -> McAfee, Inc. [Ver = 2.1.1.75 | Size = 1087064 bytes | Modified Date = 21/12/2006 21:50:42 | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{00B71CFB-6864-4346-A978-C0A14556272C} -> Checkers Class - CodeBase =
http://messenger.zone.msn.com/binary/msgrchkr.cab ->
{14B87622-7E19-4EA8-93B3-97215F77A6BC} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... b31267.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase =
http://download.macromedia.com/pub/shoc ... tor/sw.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase =
http://download.microsoft.com/download/ ... ontrol.cab ->
{20A60F0D-9AFA-4515-A0FD-83BD84642501} -> Checkers Class - CodeBase =
http://messenger.zone.msn.com/binary/ms ... b56986.cab ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} -> Trend Micro ActiveX Scan Agent 6.6 - CodeBase =
http://eu-housecall.trendmicro-europe.c ... hcImpl.cab ->
{2917297F-F02B-4B9D-81DF-494B6333150B} -> Minesweeper Flags Class - CodeBase =
http://messenger.zone.msn.com/binary/MineSweeper.cab ->
{3107C2A8-9F0B-4404-A58B-21BD85268FBC} -> PogoWebLauncher Control - CodeBase =
http://game1.pogo.com/cdl/launcher/Pogo ... taller.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase =
http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab ->
{406B5949-7190-4245-91A9-30A17DE16AD0} -> Snapfish Activia - CodeBase =
http://www.snapfish.co.uk/SnapfishUKActivia.cab ->
{4B48D5DF-9021-45F7-A240-60304302A215} -> Malicious Software Removal Tool - CodeBase =
http://download.microsoft.com/download/ ... leaner.cab ->
{4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -> InstallShield Setup Player 2K2 - CodeBase =
http://www.ipswitch.com/_installs/wsftp_le/setup.exe ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase =
http://spaces.msn.com/PhotoUpload/MsnPU ... 10,0,911,0 ->
{5C051655-FCD5-4969-9182-770EA5AA5565} -> Solitaire Showdown Class - CodeBase =
http://messenger.zone.msn.com/binary/So ... b56986.cab ->
{5ED80217-570B-4DA9-BF44-BE107C0EC166} -> Windows Live Safety Center Base Module - CodeBase =
http://scan.safety.live.com/resource/do ... se5059.cab ->
{644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase =
http://security.symantec.com/sscv6/Shar ... /cabsa.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_01 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... Client.cab ->
{90051A81-3018-4826-8B38-DD60B6B53F9C} -> Snapfish File Upload ActiveX Control - CodeBase =
http://www.snapfish.co.uk/SnapfishUKUpload.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase =
http://acs.pandasoftware.com/activescan ... asinst.cab ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F} -> - CodeBase =
http://v4.windowsupdate.microsoft.com/C ... 2744444444 ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase =
http://www.crucial.com/controls/cpcScanner.cab ->
{B8BE5E93-A60C-4D26-A2DC-220313175592} -> ZoneIntro Class - CodeBase =
http://messenger.zone.msn.com/binary/ZI ... b32846.cab ->
{BF6BBE9A-0656-4598-A0CD-32DAC03959B5} -> Image Uploader 3.0 Control - CodeBase =
http://www.tescophoto.com/wpp/tesco/app/opcuploader.cab ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> MessengerStatsClient Class - CodeBase =
http://messenger.zone.msn.com/binary/Me ... b56907.cab ->
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://fpdownload2.macromedia.com/get/s ... wflash.cab ->
{DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} -> CPlayFirstDinerDashControl Object - CodeBase =
http://clubgames.pogo.com/online2/pogop ... 0.0.80.cab ->
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -> Minesweeper Flags Class - CodeBase =
http://messenger.zone.msn.com/binary/Mi ... b56986.cab ->
6th Street Omaha Poker by pogo -> - CodeBase =
http://game1.pogo.com/applet-8.0.1.23/o ... -en_US.cab ->
Blackjack by pogo -> - CodeBase =
http://game1.pogo.com/applet-6.8.4.51/b ... -en_US.cab ->
Dice City Roller by pogo -> - CodeBase =
http://game1.pogo.com/applet-8.0.1.23/ytz/ytz-en_US.cab ->
Dice Derby by pogo -> - CodeBase =
http://game1.pogo.com/applet-8.0.1.23/c ... -en_US.cab ->
DirectAnimation Java Classes -> - CodeBase =
file://C:\WINDOWS\Java\classes\dajava.cab ->
Double Deuce Poker by pogo -> - CodeBase =
http://game1.pogo.com/applet-8.0.0.30/v ... -en_US.cab ->
High Stakes Poker by pogo -> - CodeBase =
http://game1.pogo.com/applet-8.0.1.23/d ... -en_US.cab ->
High Stakes Pool by pogo -> - CodeBase =
http://game1.pogo.com/applet-6.9.3.49/p ... -en_US.cab ->
Hog Heaven Slots by pogo -> - CodeBase =
http://game1.pogo.com/applet-8.0.1.23/f ... -en_US.cab ->
Microsoft XML Parser for Java -> - CodeBase =
file://C:\WINDOWS\Java\classes\xmldso.cab ->
Texas Hold'em Poker by pogo -> - CodeBase =
http://game1.pogo.com/applet-8.0.1.23/h ... -en_US.cab ->
[Files/Folders - Created Within 30 days]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 12/04/2007 06:44:25 | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 12/04/2007 06:44:40 | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 12/04/2007 06:45:01 | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 12/04/2007 06:44:18 | Attr = H ]
COM+.log -> %SystemRoot%\COM+.log -> [Ver = | Size = 1448 bytes | Created Date = 27/04/2007 11:09:01 | Attr = ]
gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 12, 12244 | Size = 573503 bytes | Created Date = 25/04/2007 14:01:25 | Attr = ]
gmer.exe -> %SystemRoot%\gmer.exe -> [Ver = 1, 0, 12, 12244 | Size = 577536 bytes | Created Date = 25/04/2007 14:01:25 | Attr = ]
gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 250 bytes | Created Date = 25/04/2007 14:01:25 | Attr = ]
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Created Date = 25/04/2007 14:01:25 | Attr = ]
KB930178.log -> %SystemRoot%\KB930178.log -> [Ver = | Size = 12540 bytes | Created Date = 11/04/2007 06:17:44 | Attr = ]
KB931261.log -> %SystemRoot%\KB931261.log -> [Ver = | Size = 12263 bytes | Created Date = 11/04/2007 06:17:52 | Attr = ]
KB931784.log -> %SystemRoot%\KB931784.log -> [Ver = | Size = 14112 bytes | Created Date = 11/04/2007 06:17:56 | Attr = ]
KB932168.log -> %SystemRoot%\KB932168.log -> [Ver = | Size = 14132 bytes | Created Date = 11/04/2007 06:17:30 | Attr = ]
ntbtlog.txt -> %SystemRoot%\ntbtlog.txt -> [Ver = | Size = 115560 bytes | Created Date = 03/05/2007 08:50:08 | Attr = ]
pxdrvinstall.log -> %SystemRoot%\pxdrvinstall.log -> [Ver = | Size = 15390 bytes | Created Date = 09/04/2007 14:48:23 | Attr = ]
pxinstall_log.txt -> %SystemRoot%\pxinstall_log.txt -> [Ver = | Size = 126345 bytes | Created Date = 09/04/2007 14:47:45 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 07/05/2007 22:49:25 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 07/05/2007 22:49:25 | Attr = H ]
Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 04/05/2007 15:25:11 | Attr = ]
ua2.dll -> %SystemRoot%\ua2.dll -> [Ver = | Size = 77312 bytes | Created Date = 09/04/2007 14:47:32 | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Created Date = 25/04/2007 10:18:02 | Attr = ]
asfiles.txt -> %System32%\asfiles.txt -> [Ver = | Size = 0 bytes | Created Date = 25/04/2007 10:21:37 | Attr = ]
asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 25/04/2007 10:18:32 | Attr = ]
ati2sgag.exe -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Created Date = 29/04/2007 13:01:47 | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 25/04/2007 10:18:06 | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 04/05/2007 15:24:11 | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 69632 bytes | Created Date = 04/05/2007 15:24:11 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 04/05/2007 15:24:11 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 139264 bytes | Created Date = 04/05/2007 15:24:11 | Attr = ]
jupdate-1.6.0_01-b06.log -> %System32%\jupdate-1.6.0_01-b06.log -> [Ver = | Size = 4027 bytes | Created Date = 04/05/2007 15:24:01 | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 25/04/2007 10:18:05 | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 25/04/2007 10:18:06 | Attr = ]
ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 25/04/2007 10:18:32 | Attr = ]
gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3868 | Size = 69905 bytes | Created Date = 25/04/2007 14:01:25 | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 17/04/2007 15:51:19 | Attr = ]
[Files/Folders - Modified Within 30 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Modified Date = 26/04/2007 10:29:12 | Attr = RH ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 27/04/2007 18:30:52 | Attr = H ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 09/04/2007 21:43:16 | Attr = R ]
rapport.txt -> %SystemDrive%\rapport.txt -> [Ver = | Size = 1833 bytes | Modified Date = 03/05/2007 09:53:28 | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 05/05/2007 17:41:38 | Attr = HS]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 08/05/2007 14:19:02 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 11/04/2007 07:17:58 | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 12/04/2007 07:44:28 | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 12/04/2007 07:44:42 | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 12/04/2007 07:45:04 | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 12/04/2007 07:44:20 | Attr = H ]
0.log -> %SystemRoot%\0.log -> [Ver = | Size = 0 bytes | Modified Date = 08/05/2007 14:19:40 | Attr = ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 25/04/2007 12:53:30 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 08/05/2007 14:19:00 | Attr = S]
CoD.INI -> %SystemRoot%\CoD.INI -> [Ver = | Size = 766 bytes | Modified Date = 06/05/2007 22:45:04 | Attr = ]
COM+.log -> %SystemRoot%\COM+.log -> [Ver = | Size = 1448 bytes | Modified Date = 27/04/2007 12:09:04 | Attr = ]
comsetup.log -> %SystemRoot%\comsetup.log -> [Ver = | Size = 45052 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 05/05/2007 17:47:18 | Attr = S]
DUMP8201.tmp -> %SystemRoot%\DUMP8201.tmp -> [Ver = | Size = 90112 bytes | Modified Date = 17/04/2007 14:07:00 | Attr = ]
FaxSetup.log -> %SystemRoot%\FaxSetup.log -> [Ver = | Size = 135490 bytes | Modified Date = 12/04/2007 07:45:18 | Attr = ]
gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 12, 12244 | Size = 573503 bytes | Modified Date = 25/04/2007 15:01:26 | Attr = ]
gmer.exe -> %SystemRoot%\gmer.exe -> [Ver = 1, 0, 12, 12244 | Size = 577536 bytes | Modified Date = 12/04/2007 17:04:00 | Attr = ]
gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 250 bytes | Modified Date = 25/04/2007 15:01:26 | Attr = ]
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Modified Date = 25/04/2007 15:01:26 | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 24/04/2007 23:51:38 | Attr = ]
iis6.log -> %SystemRoot%\iis6.log -> [Ver = | Size = 21834 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 12/04/2007 07:44:52 | Attr = ]
imsins.log -> %SystemRoot%\imsins.log -> [Ver = | Size = 1374 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 29/04/2007 14:04:38 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 04/05/2007 16:24:14 | Attr = HS]
Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 08/05/2007 15:50:24 | Attr = ]
KB930178.log -> %SystemRoot%\KB930178.log -> [Ver = | Size = 12540 bytes | Modified Date = 12/04/2007 07:44:38 | Attr = ]
KB931261.log -> %SystemRoot%\KB931261.log -> [Ver = | Size = 12263 bytes | Modified Date = 12/04/2007 07:44:52 | Attr = ]
KB931784.log -> %SystemRoot%\KB931784.log -> [Ver = | Size = 14112 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
KB932168.log -> %SystemRoot%\KB932168.log -> [Ver = | Size = 14132 bytes | Modified Date = 12/04/2007 07:44:24 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 08/05/2007 14:19:02 | Attr = ]
ModemLog_SoftK56 Data Fax Voice Speakerphone CARP.txt -> %SystemRoot%\ModemLog_SoftK56 Data Fax Voice Speakerphone CARP.txt -> [Ver = | Size = 3888 bytes | Modified Date = 08/05/2007 14:19:34 | Attr = ]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 12/04/2007 08:46:48 | Attr = ]
msgsocm.log -> %SystemRoot%\msgsocm.log -> [Ver = | Size = 6798 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
ntbtlog.txt -> %SystemRoot%\ntbtlog.txt -> [Ver = | Size = 115560 bytes | Modified Date = 03/05/2007 09:51:32 | Attr = ]
ntdtcsetup.log -> %SystemRoot%\ntdtcsetup.log -> [Ver = | Size = 27362 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
ocgen.log -> %SystemRoot%\ocgen.log -> [Ver = | Size = 64152 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
ocmsn.log -> %SystemRoot%\ocmsn.log -> [Ver = | Size = 7524 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 08/05/2007 15:55:46 | Attr = ]
pxdrvinstall.log -> %SystemRoot%\pxdrvinstall.log -> [Ver = | Size = 15390 bytes | Modified Date = 09/04/2007 21:43:12 | Attr = ]
pxinstall_log.txt -> %SystemRoot%\pxinstall_log.txt -> [Ver = | Size = 126345 bytes | Modified Date = 09/04/2007 21:43:24 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 07/05/2007 23:49:26 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 07/05/2007 23:49:26 | Attr = H ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 27/04/2007 12:04:00 | Attr = ]
SchedLgU.Txt -> %SystemRoot%\SchedLgU.Txt -> [Ver = | Size = 32654 bytes | Modified Date = 08/05/2007 00:09:04 | Attr = ]
setupact.log -> %SystemRoot%\setupact.log -> [Ver = | Size = 1800 bytes | Modified Date = 07/05/2007 23:50:30 | Attr = ]
setupapi.log -> %SystemRoot%\setupapi.log -> [Ver = | Size = 278212 bytes | Modified Date = 05/05/2007 17:47:18 | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 25/04/2007 13:00:44 | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 04/05/2007 16:25:12 | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 285 bytes | Modified Date = 27/04/2007 18:30:52 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 04/05/2007 16:24:12 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 08/05/2007 14:22:16 | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 08/05/2007 15:55:38 | Attr = ]
tsoc.log -> %SystemRoot%\tsoc.log -> [Ver = | Size = 51898 bytes | Modified Date = 12/04/2007 07:45:20 | Attr = ]
ua2.dll -> %SystemRoot%\ua2.dll -> [Ver = | Size = 77312 bytes | Modified Date = 09/04/2007 15:47:34 | Attr = ]
updspapi.log -> %SystemRoot%\updspapi.log -> [Ver = | Size = 10896 bytes | Modified Date = 12/04/2007 07:44:34 | Attr = ]
wiadebug.log -> %SystemRoot%\wiadebug.log -> [Ver = | Size = 159 bytes | Modified Date = 08/05/2007 14:19:26 | Attr = ]
wiaservc.log -> %SystemRoot%\wiaservc.log -> [Ver = | Size = 48 bytes | Modified Date = 08/05/2007 14:19:22 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 802 bytes | Modified Date = 06/05/2007 23:01:50 | Attr = ]
WindowsUpdate.log -> %SystemRoot%\WindowsUpdate.log -> [Ver = | Size = 1126988 bytes | Modified Date = 08/05/2007 14:19:34 | Attr = ]
WININIT.INI -> %SystemRoot%\WININIT.INI -> [Ver = | Size = 16 bytes | Modified Date = 29/04/2007 13:57:46 | Attr = ]
wmsetup.log -> %SystemRoot%\wmsetup.log -> [Ver = | Size = 19099 bytes | Modified Date = 11/04/2007 10:53:00 | Attr = ]
MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job -> [Ver = | Size = 330 bytes | Modified Date = 08/05/2007 14:22:16 | Attr = H ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 08/05/2007 14:19:04 | Attr = H ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 25/04/2007 13:00:48 | Attr = ]
asfiles.txt -> %System32%\asfiles.txt -> [Ver = | Size = 0 bytes | Modified Date = 25/04/2007 11:21:38 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 29/04/2007 14:01:38 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 08/05/2007 14:22:20 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 25/04/2007 13:01:10 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 29/04/2007 14:01:46 | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 29/04/2007 14:01:40 | Attr = ]
FxsTmp -> %System32%\FxsTmp -> [Folder | Modified Date = 02/05/2007 19:20:30 | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 25/04/2007 11:18:08 | Attr = ]
jupdate-1.6.0_01-b06.log -> %System32%\jupdate-1.6.0_01-b06.log -> [Ver = | Size = 4027 bytes | Modified Date = 04/05/2007 16:24:12 | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 25/04/2007 11:18:06 | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 05/05/2007 17:41:38 | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2378 bytes | Modified Date = 03/05/2007 09:52:42 | Attr = ]
tmp.txt -> %System32%\tmp.txt -> [Ver = | Size = 0 bytes | Modified Date = 03/05/2007 09:52:42 | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 25/04/2007 11:18:08 | Attr = ]
vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 49617 bytes | Modified Date = 08/05/2007 14:19:46 | Attr = H ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 25/04/2007 13:03:22 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12598 bytes | Modified Date = 08/05/2007 14:20:06 | Attr = ]
ZoneLabs -> %System32%\ZoneLabs -> [Folder | Modified Date = 25/04/2007 13:03:40 | Attr = ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 28/04/2007 09:32:42 | Attr = ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Modified Date = 22/04/2007 09:33:08 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 08/05/2007 11:17:54 | Attr = ]
gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3868 | Size = 69905 bytes | Modified Date = 25/04/2007 15:01:26 | Attr = ]
[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %SystemRoot%\choice.exe -> [Ver = | Size = 21312 bytes | Modified Date = 21/12/1999 07:58:02 | Attr = ]
@Alternate Data Stream - 4348 bytes -> %SystemRoot%\MESH_SKY.BMP:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %SystemRoot%\MESH_SKY.BMP:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
Umonitor , -> %SystemRoot%\pxinstall_log.txt -> [Ver = | Size = 126345 bytes | Modified Date = 09/04/2007 21:43:24 | Attr = ]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable ->
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 29/08/2002 13:00:00 | Attr = ]
@Alternate Data Stream - 0 bytes -> %System32%\OemLinkIcon.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 5904 bytes -> %System32%\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %System32%\OEMLOGO.BMP:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 0 bytes -> %System32%\Thumbs.db:encryptable ->
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 29/08/2002 13:00:00 | Attr = ]
UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 28/04/2007 09:32:42 | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 04/08/2004 06:41:38 | Attr = ]
< End of report >