OK. After running the WinP, it didn't ask for reboot. I did so manually. After running the AVG, I received two messages when I intructed to quarantine. Both in succession said a System Volume file with several numbers (I think identical, except the first one had this at the end: nickarcade.dll) because they are embedded in an SystemVolume file. I think I intructed it to quarantee the whole thing. I don't know if I understand your request for the latest .log file. Is it this:
[Registry - Non-Microsoft Only]
Unable to delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck .
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls written successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls written successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls written successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls written successfully.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\brwmgr .
Unable to delete registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E1159CF-BCA3-3EA8-7BC9-4DF71B5AB4E5} .
Unable to delete registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C85E3AE6-972D-DD7D-B47C-8E44B2FCC9D2} .
Unable to delete registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB499C6B-4EEE-CB6B-43B7-4EC6302D27CC} .
[Files - Modified Wihin 30 days]
File C:\WINDOWS\attcfg.tmp not found!
File C:\WINDOWS\b6iqdkku.scf not found!
File C:\WINDOWS\concfg.tmp not found!
File C:\WINDOWS\egadata.tmp not found!
< End of log >
Created on 12/24/2006 19:51:20
############# WINPFIND REPORT:
inPFind3 logfile created on: 12/24/2006 9:32:01 PM
WinPFind3U by OldTimer - Version 1.0.1 Folder = C:\Documents and Settings\Charles\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)
[Processes - Non-Microsoft Only]
aolsoftware.exe -> C:\Program Files\Common Files\AOL\1131573657\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
ati2evxx.exe -> C:\WINDOWS\SYSTEM32\ati2evxx.exe -> [Ver = | Size = 389120 bytes | Modified Date = 8/25/2004 10:26:56 AM | Attr = ]
avgas.exe -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
ctdvddet.exe -> C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 9/30/2002 1:00:00 AM | Attr = ]
cthelper.exe -> C:\WINDOWS\SYSTEM32\CTHELPER.EXE -> Creative Technology Ltd [Ver = 1, 0, 1, 2 | Size = 24576 bytes | Modified Date = 10/6/2003 2:57:32 PM | Attr = ]
ctsvccda.exe -> C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 2:01:00 AM | Attr = ]
ctsysvol.exe -> C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 10/29/2002 9:18:24 AM | Attr = ]
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> Cisco Systems, Inc. [Ver = 4.6.04.0043 | Size = 1422336 bytes | Modified Date = 6/10/2005 7:59:56 PM | Attr = ]
dcfssvc.exe -> C:\WINDOWS\SYSTEM32\DRIVERS\dcfssvc.exe -> Eastman Kodak Company [Ver = 1.1.3900.0 | Size = 153150 bytes | Modified Date = 5/10/2001 3:41:04 PM | Attr = ]
dsagnt.exe -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 0, 73 | Size = 306688 bytes | Modified Date = 7/19/2004 7:51:24 AM | Attr = ]
dsentry.exe -> C:\WINDOWS\SYSTEM32\DSentry.exe -> Dell - Advanced Desktop Engineering [Ver = 1, 0, 5, 0 | Size = 28672 bytes | Modified Date = 8/13/2003 11:27:40 AM | Attr = ]
em_exec.exe -> C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE -> Logitech Inc. [Ver = 9.77.023 | Size = 37888 bytes | Modified Date = 6/3/2003 10:50:00 AM | Attr = ]
frameworkservice.exe -> C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 98304 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 10/16/2006 11:19:56 PM | Attr = ]
guard.exe -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
hpoevm07.exe -> C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe -> Hewlett-Packard Co. [Ver = 1.00 | Size = 299008 bytes | Modified Date = 5/24/2002 12:16:56 AM | Attr = ]
hpofxm07.exe -> C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpofxm07.exe -> Hewlett-Packard Co. [Ver = 1.00 | Size = 184320 bytes | Modified Date = 5/24/2002 12:53:24 AM | Attr = ]
hpoorn07.exe -> C:\Program Files\Hewlett-Packard\AiO\hp officejet k series\Bin\hpoorn07.exe -> Hewlett-Packard Co. [Ver = 2.00 | Size = 151552 bytes | Modified Date = 5/23/2002 11:52:06 PM | Attr = ]
hposts07.exe -> C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe -> Hewlett-Packard Co. [Ver = 1.00 | Size = 294912 bytes | Modified Date = 5/24/2002 12:31:58 AM | Attr = ]
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1146 | Size = 81920 bytes | Modified Date = 6/16/2004 5:03:04 AM | Attr = ]
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
jusched.exe -> C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ]
mcshield.exe -> C:\Program Files\Network Associates\VirusScan\Mcshield.exe -> Network Associates, Inc. [Ver = 8.0.0.318 | Size = 221191 bytes | Modified Date = 2/14/2006 7:00:00 PM | Attr = ]
mm_tray.exe -> C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe -> Musicmatch, Inc. [Ver = 10.00.3058 | Size = 110592 bytes | Modified Date = 3/12/2005 6:25:00 AM | Attr = ]
msgagt.exe -> C:\Program Files\Promise\Utility\MsgAgt.exe -> [Ver = Version 3.0 build 9 (08/08/2003) | Size = 610304 bytes | Modified Date = 8/20/2003 6:43:30 PM | Attr = ]
naprdmgr.exe -> C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 229376 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
pcmservice.exe -> C:\Program Files\Dell\Media Experience\PCMService.exe -> CyberLink Corp. [Ver = 1.0.0826 | Size = 204800 bytes | Modified Date = 8/26/2003 8:47:34 PM | Attr = ]
ptssvc.exe -> C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe -> [Ver = | Size = 36864 bytes | Modified Date = 1/31/2001 4:41:32 PM | Attr = ]
qttask.exe -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3492 | Size = 180269 bytes | Modified Date = 12/24/2005 11:02:52 AM | Attr = ]
retrorun.exe -> C:\Program Files\Retrospect\Retrospect Express HD 1.1\retrorun.exe -> EMC Dantz [Ver = 1.1.127 | Size = 73728 bytes | Modified Date = 2/6/2006 7:22:54 AM | Attr = ]
sdhelp.exe -> C:\Program Files\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.18 | Size = 870624 bytes | Modified Date = 12/20/2005 8:44:24 AM | Attr = ]
sgtray.exe -> C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe -> Sonic Solutions [Ver = 1.01.32a | Size = 110592 bytes | Modified Date = 8/19/2003 1:01:00 AM | Attr = ]
shstat.exe -> C:\Program Files\Network Associates\VirusScan\shstat.exe -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 94208 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
startupmonitor.exe -> C:\WINDOWS\StartupMonitor.exe -> [Ver = | Size = 86016 bytes | Modified Date = 5/20/2000 4:23:48 PM | Attr = ]
tfswctrl.exe -> C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.05b | Size = 114741 bytes | Modified Date = 8/6/2003 2:04:00 AM | Attr = ]
uaservice7.exe -> C:\WINDOWS\SYSTEM32\UAService7.exe -> Sony DADC Austria AG. [Ver = 1,1,0,0 | Size = 122880 bytes | Modified Date = 4/12/2005 7:49:32 PM | Attr = ]
updaterui.exe -> C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 131072 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
vstskmgr.exe -> C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe -> Network Associates, Inc. [Ver = 8.0.0.1004 | Size = 29184 bytes | Modified Date = 6/8/2006 7:00:00 PM | Attr = ]
winpfind3u.exe -> C:\Documents and Settings\Charles\Desktop\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.1.0 | Size = 302592 bytes | Modified Date = 12/21/2006 8:20:08 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> C:\WINDOWS\SYSTEM32\ati2evxx.exe -> [Ver = | Size = 389120 bytes | Modified Date = 8/25/2004 10:26:56 AM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> C:\WINDOWS\SYSTEM32\ati2sgag.exe -> [Ver = 5.13.0020 | Size = 516096 bytes | Modified Date = 5/15/2004 8:10:00 PM | Attr = ]
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Stopped] -> C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> File not found
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 2:01:00 AM | Attr = ]
(CVPND) Cisco Systems, Inc. VPN Service [Win32_Own | Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> Cisco Systems, Inc. [Ver = 4.6.04.0043 | Size = 1422336 bytes | Modified Date = 6/10/2005 7:59:56 PM | Attr = ]
(Dcfssvc) Dcfssvc [Win32_Own | Auto | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\dcfssvc.exe -> Eastman Kodak Company [Ver = 1.1.3900.0 | Size = 153150 bytes | Modified Date = 5/10/2001 3:41:04 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
(McAfeeFramework) McAfee Framework Service [Win32_Own | Auto | Running] -> C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 98304 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
(McShield) Network Associates McShield [Win32_Own | Auto | Running] -> C:\Program Files\Network Associates\VirusScan\Mcshield.exe -> Network Associates, Inc. [Ver = 8.0.0.318 | Size = 221191 bytes | Modified Date = 2/14/2006 7:00:00 PM | Attr = ]
(McTaskManager) Network Associates Task Manager [Win32_Own | Auto | Running] -> C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe -> Network Associates, Inc. [Ver = 8.0.0.1004 | Size = 29184 bytes | Modified Date = 6/8/2006 7:00:00 PM | Attr = ]
(NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Intel\NCS\Sync\NetSvc.exe -> Intel(R) Corporation [Ver = 1.2.26.0 | Size = 143360 bytes | Modified Date = 3/3/2003 2:33:40 PM | Attr = ]
(PREVXAgent) Prevx Agent [Win32_Own | Auto | Stopped] -> C:\Program Files\Prevx1\PXAgent.exe -> Prevx [Ver = 2.0.12.1 | Size = 139264 bytes | Modified Date = 12/13/2006 12:39:54 PM | Attr = ]
(ptssvc) ptssvc [Win32_Own | Auto | Running] -> C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe -> [Ver = | Size = 36864 bytes | Modified Date = 1/31/2001 4:41:32 PM | Attr = ]
(RAIDmAgt) Promise RAID message agent [Win32_Own | Auto | Running] -> C:\Program Files\Promise\Utility\MsgAgt.exe -> [Ver = Version 3.0 build 9 (08/08/2003) | Size = 610304 bytes | Modified Date = 8/20/2003 6:43:30 PM | Attr = ]
(RetroExp Helper) Retrospect Express HD Helper [Win32_Own | Auto | Stopped] -> C:\Program Files\Retrospect\Retrospect Express HD 1.1\rthlpsvc.exe -> EMC Dantz [Ver = 1.1.127 | Size = 118784 bytes | Modified Date = 2/6/2006 7:22:54 AM | Attr = ]
(RetroExpLauncher) Retrospect Express HD Launcher [Win32_Own | Auto | Running] -> C:\Program Files\Retrospect\Retrospect Express HD 1.1\retrorun.exe -> EMC Dantz [Ver = 1.1.127 | Size = 73728 bytes | Modified Date = 2/6/2006 7:22:54 AM | Attr = ]
(SDhelper) PC Tools Spyware Doctor [Win32_Own | Auto | Running] -> C:\Program Files\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.18 | Size = 870624 bytes | Modified Date = 12/20/2005 8:44:24 AM | Attr = ]
(UserAccess7) SecuROM User Access Service (V7) [Win32_Own | Auto | Running] -> C:\WINDOWS\SYSTEM32\UAService7.exe -> Sony DADC Austria AG. [Ver = 1,1,0,0 | Size = 122880 bytes | Modified Date = 4/12/2005 7:49:32 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
ATIPTA -> C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5120 | Size = 339968 bytes | Modified Date = 8/25/2004 12:52:00 PM | Attr = ]
CTDVDDet -> C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 9/30/2002 1:00:00 AM | Attr = ]
CTHelper -> C:\WINDOWS\SYSTEM32\CTHELPER.EXE -> Creative Technology Ltd [Ver = 1, 0, 1, 2 | Size = 24576 bytes | Modified Date = 10/6/2003 2:57:32 PM | Attr = ]
CTSysVol -> C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 10/29/2002 9:18:24 AM | Attr = ]
dla -> C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.05b | Size = 114741 bytes | Modified Date = 8/6/2003 2:04:00 AM | Attr = ]
DVDSentry -> C:\WINDOWS\SYSTEM32\DSentry.exe -> Dell - Advanced Desktop Engineering [Ver = 1, 0, 5, 0 | Size = 28672 bytes | Modified Date = 8/13/2003 11:27:40 AM | Attr = ]
HostManager -> C:\Program Files\Common Files\AOL\1131573657\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
ISUSPM Startup -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1146 | Size = 221184 bytes | Modified Date = 6/16/2004 5:03:26 AM | Attr = ]
ISUSScheduler -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1146 | Size = 81920 bytes | Modified Date = 6/16/2004 5:03:04 AM | Attr = ]
iTunesHelper -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
Logitech Utility -> C:\WINDOWS\LOGI_MWX.EXE -> Logitech Inc. [Ver = 9.77.018 | Size = 19968 bytes | Modified Date = 5/16/2003 10:50:00 AM | Attr = ]
McAfeeUpdaterUI -> C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe -> McAfee, Inc. [Ver = 3.5.5.438 | Size = 131072 bytes | Modified Date = 12/7/2005 2:55:00 AM | Attr = ]
MimBoot -> C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mimboot.exe -> Musicmatch, Inc. [Ver = 10.00.3058 | Size = 11776 bytes | Modified Date = 3/12/2005 6:25:00 AM | Attr = ]
MMTray -> C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe -> Musicmatch, Inc. [Ver = 10.00.3058 | Size = 110592 bytes | Modified Date = 3/12/2005 6:25:00 AM | Attr = ]
PCMService -> C:\Program Files\Dell\Media Experience\PCMService.exe -> CyberLink Corp. [Ver = 1.0.0826 | Size = 204800 bytes | Modified Date = 8/26/2003 8:47:34 PM | Attr = ]
PrevxOne -> C:\Program Files\Prevx1\PXConsole.exe -> Prevx [Ver = 1.0.0.1 | Size = 1507328 bytes | Modified Date = 12/13/2006 12:39:20 PM | Attr = ]
QuickTime Task -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
Run StartupMonitor -> C:\WINDOWS\StartupMonitor.exe -> [Ver = | Size = 86016 bytes | Modified Date = 5/20/2000 4:23:48 PM | Attr = ]
ShStatEXE -> C:\Program Files\Network Associates\VirusScan\shstat.exe -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 94208 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
SunJavaUpdateSched -> C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ]
TkBellExe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3492 | Size = 180269 bytes | Modified Date = 12/24/2005 11:02:52 AM | Attr = ]
UpdateManager -> C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe -> Sonic Solutions [Ver = 1.01.32a | Size = 110592 bytes | Modified Date = 8/19/2003 1:01:00 AM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DellSupport -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 0, 73 | Size = 306688 bytes | Modified Date = 7/19/2004 7:51:24 AM | Attr = ]
SB Audigy 2 Startup Menu -> -> File not found
Sonic RecordNow! -> -> File not found
swg -> C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 10/16/2006 11:19:56 PM | Attr = ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
-> -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 9:13:28 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> _
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL ->
http://www.google.com/ie ->
HKLM: SearchAssistant ->
http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar ->
http://www.google.com/ie ->
HKCU: Search Page ->
http://www.google.com ->
HKCU: Start Page ->
http://www.cnn.com/ ->
HKCU: SearchAssistant ->
http://www.google.com/ie ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
online_musicmatch.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{4E1159CF-BCA3-3EA8-7BC9-4DF71B5AB4E5} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{4E7BD74F-2B8D-469E-9EB4-FE6FA694B13E} [HKLM] -> C:\PROGRA~1\NICKAR~1\NICKAR~1.DLL [Nick Aracde Toolbar] -> File not found
{55EA1964-F5E4-4D6A-B9B2-125B37655FCB} [HKLM] -> C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll [URLDetector Class] -> Prevx Ltd. [Ver = 1.0.0.3 | Size = 90112 bytes | Modified Date = 1/10/2006 11:09:54 AM | Attr = ]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} [HKLM] -> C:\Program Files\Spyware Doctor\tools\iesdsg.dll [PCTools Site Guard] -> PC Tools [Ver = 3.5.0.65 | Size = 786656 bytes | Modified Date = 12/9/2005 4:22:26 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ]
{8DB3D69D-DA5E-4165-B781-72A761790672} [HKLM] -> C:\WINDOWS\SYSTEM32\BhoDshop.dll [DeskshopBrowserHelper Class] -> Orbiscom Ltd. All rights reserved. [Ver = 2, 3, 0, 3, 64 | Size = 69632 bytes | Modified Date = 10/30/2001 5:02:36 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> c:\program files\Google\googletoolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
{B56A7D7D-6927-48C8-A975-17DF180C71AC} [HKLM] -> C:\Program Files\Spyware Doctor\tools\iesdpb.dll [PCTools Browser Monitor] -> PC Tools [Ver = 3.5.0.277 | Size = 848048 bytes | Modified Date = 2/6/2006 2:51:34 PM | Attr = ]
{C85E3AE6-972D-DD7D-B47C-8E44B2FCC9D2} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{EB499C6B-4EEE-CB6B-43B7-4EC6302D27CC} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2004, 5, 21, 2 | Size = 320656 bytes | Modified Date = 7/2/2005 8:16:36 PM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
{4E7BD74F-2B8D-469E-9EB4-FE6FA694B13E} [HKLM] -> C:\PROGRA~1\NICKAR~1\NICKAR~1.DLL [Nick Aracde Toolbar] -> File not found
{67970B26-F57D-4455-8262-81C3AE3B8B5E} [HKLM] -> C:\Program Files\NetSnippets\NetSnip.DLL [Net Snippets] -> Net Snippets LTD. [Ver = 3, 2, 0, 9 | Size = 1437696 bytes | Modified Date = 12/20/2004 9:58:20 AM | Attr = ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 8/4/2005 9:54:42 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Value does not exist [Reg Data - Value does not exist] -> File not found
WebBrowser\\{4E7BD74F-2B8D-469E-9EB4-FE6FA694B13E} [HKLM] -> C:\PROGRA~1\NICKAR~1\NICKAR~1.DLL [Nick Aracde Toolbar] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 8/4/2005 9:54:42 PM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{1FA9B650-D1BC-4E43-96B3-13A32FC39732} -> 8193 - Reg Data - Key not found ->
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> 8199 - Reg Data - Value does not exist ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> 8197 - Reg Data - Key not found ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} -> 8198 - Yahoo! Messenger ->
{7130DF06-BBC1-4e16-83D4-1F875E65B695} -> 8196 - Reg Data - Value does not exist ->
{85d1f590-48f4-11d9-9669-0800200c9a66} -> 8198 - Uninstall BitDefender Online Scanner v8 ->
{9455301C-CF6B-11D3-A266-00C04F689C50} -> 8195 - Reg Data - Value does not exist ->
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> 8197 - Reg Data - Value does not exist ->
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8194 - Reg Data - Value does not exist ->
{F74E75A5-96BF-40ef-A1C8-88EAEBB82AB6} -> 8195 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8200 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ]
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> Reg Data - Value does not exist [ButtonText: Spyware Doctor] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} -> Reg Data - Value does not exist [ButtonText: Messenger] -> File not found
{7130DF06-BBC1-4e16-83D4-1F875E65B695} -> Reg Data - Value does not exist [ButtonText: Snippets] -> File not found
{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] ->
{9455301C-CF6B-11D3-A266-00C04F689C50} -> Reg Data - Value does not exist [ButtonText: Researcher] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> C:\Program Files\AIM\aim.exe [ButtonText: AIM] -> America Online, Inc. [Ver = 5.9.3861 | Size = 67160 bytes | Modified Date = 8/5/2005 2:08:26 PM | Attr = ]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] ->
{F74E75A5-96BF-40ef-A1C8-88EAEBB82AB6} -> C:\Program Files\Secure Online Account Numbers\SOAN.exe [ButtonText: Secure Online Account Numbers] -> Orbiscom Ltd. All rights reserved. [Ver = 2, 3, 3, 0 | Size = 196608 bytes | Modified Date = 8/2/2005 3:49:22 PM | Attr = ]
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&AOL Toolbar Search -> c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.htm -> File not found
Add to Net Snippets -> C:\Program Files\NetSnippets\Res\clipper.htm -> [Ver = | Size = 296 bytes | Modified Date = 10/2/2004 11:45:42 AM | Attr = ]
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> Intertrust Technologies, Inc. [Ver = 1.0.0.32 | Size = 270336 bytes | Modified Date = 8/1/2001 5:05:42 PM | Attr = ]
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
[HKLM] -> Reg Data - Key not found [] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> C:\Program Files\Yahoo!\Common\ymmapi.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 6, 13, 1 | Size = 180296 bytes | Modified Date = 6/14/2004 5:13:24 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> File not found
{7059DA7A-7E60-11d2-A355-00C04FB9D26E} [HKLM] -> C:\WINDOWS\SYSTEM32\MXONmSpace.dll [Maxtor Locked Drives] -> [Ver = | Size = 102400 bytes | Modified Date = 8/26/2004 11:53:14 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> C:\WINDOWS\System32\hticons.dll [HyperTerminal Icon Ext] -> File not found
{A4DF5659-0801-4A60-9607-1C48695EFDA9} [HKLM] -> C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll [Share-to-Web Upload Folder] -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 131072 bytes | Modified Date = 7/3/2001 9:10:36 AM | Attr = ]
{acb4a560-3606-11d3-aef4-00104bd0f92d} [HKLM] -> C:\Program Files\Common Files\KODAK\IFSCore\shellext.dll [KodakShellExtension] -> Eastman Kodak [Ver = 2.0.1200 | Size = 229435 bytes | Modified Date = 5/1/2001 7:24:08 AM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} [HKLM] -> C:\Program Files\Sonic\RecordNow!\shlext.dll [RecordNow! SendToExt] -> Sonic Solutions [Ver = 1.0.0.1 | Size = 77824 bytes | Modified Date = 8/13/2003 7:00:00 AM | Attr = ]
{e57ce731-33e8-4c51-8354-bb4de9d215d1} [HKLM] -> Reg Data - Key not found [Universal Plug and Play Devices] -> File not found
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> C:\Program Files\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2219 | Size = 49198 bytes | Modified Date = 12/24/2005 11:03:04 AM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 6:40:48 AM | Attr = ]
{cda2863e-2497-4c49-9b89-06840e070a87} [HKLM] -> C:\Program Files\Network Associates\VirusScan\shext.dll [VirusScan] -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 13824 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> C:\Program Files\Yahoo!\Common\ymmapi.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 6, 13, 1 | Size = 180296 bytes | Modified Date = 6/14/2004 5:13:24 PM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 6:40:48 AM | Attr = ]
{C0E10002-0028-0004-C0E1-C0E1C0E1C0E1} [HKLM] -> c:\Program Files\WordPerfect Office 11\Programs\PFSE110.DLL [QuickFinderMenu] -> Novell, Inc., c/o Corel Corporation Limited [Ver = 11.0.0.233 | Size = 90172 bytes | Modified Date = 3/7/2003 6:00:32 AM | Attr = ]
{cda2863e-2497-4c49-9b89-06840e070a87} [HKLM] -> C:\Program Files\Network Associates\VirusScan\shext.dll [VirusScan] -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 13824 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{cda2863e-2497-4c49-9b89-06840e070a87} [HKLM] -> C:\Program Files\Network Associates\VirusScan\shext.dll [VirusScan] -> Network Associates, Inc. [Ver = 8.0.0.912 | Size = 13824 bytes | Modified Date = 9/22/2004 7:00:00 AM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 2:20:02 AM | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{06D2FF32-A6F7-4F2B-9688-FFB9CF12A645} -> () ->
{13CD2169-F9CB-401F-A841-11A4C20F3183} -> () ->
{34266FBC-6066-41CF-B700-E2DC201CD369} -> (Intel(R) PRO/100 VE Network Connection) ->
{B2C804BC-884B-4036-A9C4-463769CD15E2} -> (1394 Net Adapter) ->
{C5C35463-11E0-4266-877F-CA08BA22D0FF} -> 38.9.211.2,38.9.221.2 (Broadcom NetXtreme Gigabit Ethernet) ->
{D1222F18-85A4-4631-BF74-59DE61F33708} -> (1394 Net Adapter) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
[Files - Created Wihin 30 days]
h.txt -> C:\h.txt -> [Ver = | Size = 16 bytes | Created Date = 12/23/2006 10:52:55 AM | Attr = ]
hiberfil.sys -> C:\hiberfil.sys -> [Ver = | Size = 1072750592 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = HS]
IPH.PH -> C:\IPH.PH -> [Ver = | Size = 867 bytes | Created Date = 12/16/2006 10:16:35 PM | Attr = H ]
Uninstall.exe -> C:\Program Files\Common Files\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Created Date = 12/16/2006 10:17:07 PM | Attr = ]
0.log -> C:\WINDOWS\0.log -> [Ver = | Size = 0 bytes | Created Date = 12/24/2006 9:28:22 PM | Attr = ]
ntbtlog.txt -> C:\WINDOWS\ntbtlog.txt -> [Ver = | Size = 176 bytes | Created Date = 12/24/2006 8:06:55 PM | Attr = ]
QTFont.for -> C:\WINDOWS\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 12/24/2006 9:51:43 AM | Attr = ]
QTFont.qfn -> C:\WINDOWS\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 12/24/2006 9:51:43 AM | Attr = H ]
SchedLgU.Txt -> C:\WINDOWS\SchedLgU.Txt -> [Ver = | Size = 236 bytes | Created Date = 12/24/2006 9:27:24 PM | Attr = ]
Sti_Trace.log -> C:\WINDOWS\Sti_Trace.log -> [Ver = | Size = 0 bytes | Created Date = 12/24/2006 9:27:43 PM | Attr = ]
wiadebug.log -> C:\WINDOWS\wiadebug.log -> [Ver = | Size = 159 bytes | Created Date = 12/24/2006 9:27:44 PM | Attr = ]
wiaservc.log -> C:\WINDOWS\wiaservc.log -> [Ver = | Size = 50 bytes | Created Date = 12/24/2006 9:27:43 PM | Attr = ]
WindowsUpdate.log -> C:\WINDOWS\WindowsUpdate.log -> [Ver = | Size = 2961 bytes | Created Date = 12/24/2006 9:26:36 PM | Attr = ]
java.exe -> C:\WINDOWS\System32\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49248 bytes | Created Date = 12/22/2006 5:24:41 PM | Attr = ]
javaw.exe -> C:\WINDOWS\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 53346 bytes | Created Date = 12/22/2006 5:24:41 PM | Attr = ]
javaws.exe -> C:\WINDOWS\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 127078 bytes | Created Date = 12/22/2006 5:24:41 PM | Attr = ]
jupdate-1.5.0_10-b03.log -> C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -> [Ver = | Size = 8657 bytes | Created Date = 12/22/2006 5:24:28 PM | Attr = ]
TZLog.log -> C:\WINDOWS\System32\TZLog.log -> [Ver = | Size = 109738 bytes | Created Date = 12/23/2006 10:48:31 AM | Attr = ]
AvgAsCln.sys -> C:\WINDOWS\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 12/23/2006 5:41:34 PM | Attr = ]
pxcom.sys -> C:\WINDOWS\System32\drivers\pxcom.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7552 bytes | Created Date = 12/23/2006 12:16:18 PM | Attr = ]
PxEmu.sys -> C:\WINDOWS\System32\drivers\PxEmu.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 100864 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxfsf.sys -> C:\WINDOWS\System32\drivers\pxfsf.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 274688 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxinst.dll -> C:\WINDOWS\System32\drivers\pxinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7680 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxrd.sys -> C:\WINDOWS\System32\drivers\pxrd.sys -> [Ver = | Size = 13568 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxscinst.dll -> C:\WINDOWS\System32\drivers\pxscinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 9728 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxscrmbl.sys -> C:\WINDOWS\System32\drivers\pxscrmbl.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 11648 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
pxtdi.sys -> C:\WINDOWS\System32\drivers\pxtdi.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 18560 bytes | Created Date = 12/23/2006 12:16:19 PM | Attr = ]
tmcomm.sys -> C:\WINDOWS\System32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 12/23/2006 1:08:15 AM | Attr = ]
[Files - Modified Wihin 30 days]
h.txt -> C:\h.txt -> [Ver = | Size = 16 bytes | Modified Date = 12/23/2006 10:52:56 AM | Attr = ]
hiberfil.sys -> C:\hiberfil.sys -> [Ver = | Size = 1072750592 bytes | Modified Date = 12/24/2006 9:27:22 PM | Attr = HS]
IPH.PH -> C:\IPH.PH -> [Ver = | Size = 867 bytes | Modified Date = 12/16/2006 10:17:30 PM | Attr = H ]
install.log -> C:\Program Files\Common Files\AOL\AOLDiag\install.log -> [Ver = | Size = 114390 bytes | Modified Date = 12/16/2006 10:16:52 PM | Attr = ]
tbunins.exe -> C:\Program Files\Common Files\AOL\AOLDiag\tbunins.exe -> AOL LLC [Ver = 3.3.11.1 | Size = 88673 bytes | Modified Date = 12/16/2006 10:16:52 PM | Attr = ]
Clean.dat -> C:\Program Files\Common Files\Network Associates\Engine\Clean.dat -> [Ver = | Size = 995123 bytes | Modified Date = 12/22/2006 5:10:00 AM | Attr = ]
Names.dat -> C:\Program Files\Common Files\Network Associates\Engine\Names.dat -> [Ver = | Size = 746606 bytes | Modified Date = 12/22/2006 5:10:00 AM | Attr = ]
Scan.dat -> C:\Program Files\Common Files\Network Associates\Engine\Scan.dat -> [Ver = | Size = 8072390 bytes | Modified Date = 12/22/2006 5:10:00 AM | Attr = ]
ocpiman.ini -> C:\Program Files\Common Files\AOL\1131573657\ee\ocpiman.ini -> [Ver = | Size = 555 bytes | Modified Date = 12/16/2006 10:17:08 PM | Attr = ]
CLEAN.DAT -> C:\Program Files\Common Files\Network Associates\Engine\OldDats\CLEAN.DAT -> [Ver = | Size = 990379 bytes | Modified Date = 12/15/2006 5:10:00 AM | Attr = ]
NAMES.DAT -> C:\Program Files\Common Files\Network Associates\Engine\OldDats\NAMES.DAT -> [Ver = | Size = 745600 bytes | Modified Date = 12/15/2006 5:10:00 AM | Attr = ]
SCAN.DAT -> C:\Program Files\Common Files\Network Associates\Engine\OldDats\SCAN.DAT -> [Ver = | Size = 8050433 bytes | Modified Date = 12/15/2006 5:10:00 AM | Attr = ]
TalkBack.ini -> C:\Program Files\Common Files\Network Associates\TalkBack\Data\TalkBack.ini -> [Ver = | Size = 35 bytes | Modified Date = 12/16/2006 12:02:34 PM | Attr = ]
Uninstall.exe -> C:\Program Files\Common Files\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Modified Date = 12/16/2006 10:17:08 PM | Attr = ]
MAPISVC.INF -> C:\Program Files\Common Files\System\Mapi\1033\MAPISVC.INF -> [Ver = | Size = 8305 bytes | Modified Date = 12/23/2006 10:40:48 PM | Attr = ]
0.log -> C:\WINDOWS\0.log -> [Ver = | Size = 0 bytes | Modified Date = 12/24/2006 9:28:24 PM | Attr = ]
BOOTSTAT.DAT -> C:\WINDOWS\BOOTSTAT.DAT -> [Ver = | Size = 2048 bytes | Modified Date = 12/24/2006 9:27:24 PM | Attr = S]
MsgAgt.INI -> C:\WINDOWS\MsgAgt.INI -> [Ver = | Size = 64 bytes | Modified Date = 12/24/2006 9:27:44 PM | Attr = ]
ntbtlog.txt -> C:\WINDOWS\ntbtlog.txt -> [Ver = | Size = 176 bytes | Modified Date = 12/24/2006 9:11:46 PM | Attr = ]
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [Ver = | Size = 376 bytes | Modified Date = 12/14/2006 8:01:06 PM | Attr = ]
QTFont.for -> C:\WINDOWS\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 12/24/2006 9:51:44 AM | Attr = ]
QTFont.qfn -> C:\WINDOWS\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 12/24/2006 9:51:44 AM | Attr = H ]
randseed.rnd -> C:\WINDOWS\randseed.rnd -> [Ver = | Size = 512 bytes | Modified Date = 12/24/2006 5:14:10 PM | Attr = ]
SchedLgU.Txt -> C:\WINDOWS\SchedLgU.Txt -> [Ver = | Size = 236 bytes | Modified Date = 12/24/2006 9:27:26 PM | Attr = ]
Sti_Trace.log -> C:\WINDOWS\Sti_Trace.log -> [Ver = | Size = 0 bytes | Modified Date = 12/24/2006 9:27:44 PM | Attr = ]
wiadebug.log -> C:\WINDOWS\wiadebug.log -> [Ver = | Size = 159 bytes | Modified Date = 12/24/2006 9:27:46 PM | Attr = ]
wiaservc.log -> C:\WINDOWS\wiaservc.log -> [Ver = | Size = 50 bytes | Modified Date = 12/24/2006 9:27:46 PM | Attr = ]
WIN.INI -> C:\WINDOWS\WIN.INI -> [Ver = | Size = 903 bytes | Modified Date = 12/4/2006 11:42:00 PM | Attr = ]
WindowsUpdate.log -> C:\WINDOWS\WindowsUpdate.log -> [Ver = | Size = 2961 bytes | Modified Date = 12/24/2006 9:27:46 PM | Attr = ]
{00000002-00000000-00000002-00001102-00000004-10031102}.CDF -> C:\WINDOWS\{00000002-00000000-00000002-00001102-00000004-10031102}.CDF -> [Ver = | Size = 4932148 bytes | Modified Date = 12/24/2006 7:53:44 PM | Attr = ]
amcompat.tlb -> C:\WINDOWS\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 12/4/2006 11:42:06 PM | Attr = ]
BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30120 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
BMXCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30120 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
BMXState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> C:\WINDOWS\System32\BMXState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30912 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
BMXStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx -> [Ver = | Size = 30912 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> [Ver = | Size = 384 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
DVCStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.dat -> [Ver = | Size = 384 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
jupdate-1.5.0_10-b03.log -> C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -> [Ver = | Size = 8657 bytes | Modified Date = 12/22/2006 5:24:42 PM | Attr = ]
kspydoc.log -> C:\WINDOWS\System32\kspydoc.log -> [Ver = | Size = 666023 bytes | Modified Date = 12/24/2006 9:27:22 PM | Attr = ]
nscompat.tlb -> C:\WINDOWS\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 12/4/2006 11:42:06 PM | Attr = ]
PERFC009.DAT -> C:\WINDOWS\System32\PERFC009.DAT -> [Ver = | Size = 53436 bytes | Modified Date = 12/24/2006 9:31:46 PM | Attr = ]
PERFH009.DAT -> C:\WINDOWS\System32\PERFH009.DAT -> [Ver = | Size = 381692 bytes | Modified Date = 12/24/2006 9:31:46 PM | Attr = ]
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [Ver = | Size = 441454 bytes | Modified Date = 12/24/2006 9:31:46 PM | Attr = ]
settings.sfm -> C:\WINDOWS\System32\settings.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
settingsbkup.sfm -> C:\WINDOWS\System32\settingsbkup.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 12/24/2006 7:54:18 PM | Attr = ]
Sweeper.cfg -> C:\WINDOWS\System32\Sweeper.cfg -> [Ver = | Size = 0 bytes | Modified Date = 12/24/2006 9:27:20 PM | Attr = ]
TZLog.log -> C:\WINDOWS\System32\TZLog.log -> [Ver = | Size = 109738 bytes | Modified Date = 12/23/2006 10:48:42 AM | Attr = ]
WPA.DBL -> C:\WINDOWS\System32\WPA.DBL -> [Ver = | Size = 1170 bytes | Modified Date = 12/24/2006 9:29:18 PM | Attr = ]
pxcom.sys -> C:\WINDOWS\System32\drivers\pxcom.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7552 bytes | Modified Date = 12/8/2006 1:36:14 PM | Attr = ]
PxEmu.sys -> C:\WINDOWS\System32\drivers\PxEmu.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 100864 bytes | Modified Date = 12/8/2006 1:36:20 PM | Attr = ]
pxfsf.sys -> C:\WINDOWS\System32\drivers\pxfsf.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 274688 bytes | Modified Date = 12/8/2006 1:36:14 PM | Attr = ]
pxinst.dll -> C:\WINDOWS\System32\drivers\pxinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 7680 bytes | Modified Date = 12/8/2006 1:36:18 PM | Attr = ]
pxscinst.dll -> C:\WINDOWS\System32\drivers\pxscinst.dll -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 9728 bytes | Modified Date = 12/8/2006 1:36:18 PM | Attr = ]
pxscrmbl.sys -> C:\WINDOWS\System32\drivers\pxscrmbl.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 11648 bytes | Modified Date = 12/8/2006 1:36:18 PM | Attr = ]
pxtdi.sys -> C:\WINDOWS\System32\drivers\pxtdi.sys -> Prevx Limited,
http://www.prevx1.com/ [Ver = 3.1.0.7881 built by: WinDDK | Size = 18560 bytes | Modified Date = 12/8/2006 1:36:16 PM | Attr = ]
tmcomm.sys -> C:\WINDOWS\System32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Modified Date = 12/23/2006 1:06:58 AM | Attr = ]
[File String Scan - Non-Microsoft Only]
aspack , -> C:\Program Files\Common Files\AOL\1131573657\ee\ocpinst.log -> [Ver = | Size = 92868 bytes | Modified Date = 11/3/2006 11:28:28 PM | Attr = ]
aspack , -> C:\Program Files\Common Files\AOL\1131573657\ee\services\boxelyToolkit\ver1_5_11_4\content\gadgets.box -> [Ver = | Size = 1962 bytes | Modified Date = 6/22/2006 5:41:04 PM | Attr = ]
aspack , -> C:\Program Files\Common Files\AOL\1131573657\ee\services\boxelyToolkit\ver1_5_11_4\content\extrasPack\extraGadgets.box -> [Ver = | Size = 2408 bytes | Modified Date = 6/22/2006 5:41:06 PM | Attr = ]
Thawte Consulting , -> C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 5/3/2006 2:30:58 AM | Attr = ]
USERTRUST , -> C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_08.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4482680 bytes | Modified Date = 7/26/2006 2:34:04 AM | Attr = ]
USERTRUST , -> C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 10/12/2006 3:41:58 AM | Attr = ]
USERTRUST , -> C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 11/9/2006 3:38:38 PM | Attr = ]
WSUD , -> C:\Program Files\Common Files\Microsoft Shared\SpeechEngines\TTS\female.vce -> [Ver = | Size = 2053632 bytes | Modified Date = 1/12/1999 11:29:28 AM | Attr = ]
UPX0 , -> C:\Program Files\Common Files\Network Associates\Engine\McScan32.dll -> McAfee, Inc. [Ver = 5.1.00 | Size = 2867438 bytes | Modified Date = 7/10/2006 5:10:00 AM | Attr = ]
UPX0 , -> C:\Program Files\Common Files\Network Associates\Engine\OldEngine\MCSCAN32.Sav -> McAfee, Inc. [Ver = 4.4.00 | Size = 1949766 bytes | Modified Date = 10/7/2004 3:40:00 AM | Attr = ]
UPX! , UPX0 , -> C:\Program Files\Common Files\Nullsoft\Video\ActiveX\plugins\nsvplayx_vp5_mp3.dll -> * * * [Ver = 1, 0, 0, 98 | Size = 177152 bytes | Modified Date = 8/9/2003 6:36:56 PM | Attr = ]
PEC2 , PECompact2 , -> C:\Program Files\Common Files\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 12/24/2005 11:03:16 AM | Attr = ]
PEC2 , PECompact2 , -> C:\Program Files\Common Files\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Modified Date = 12/24/2005 11:03:16 AM | Attr = ]
PECompact2 , -> C:\WINDOWS\LPT$VPN.174 -> [Ver = | Size = 9780504 bytes | Modified Date = 9/17/2004 6:47:58 PM | Attr = ]
PECompact2 , -> C:\WINDOWS\VPTNFILE.174 -> [Ver = | Size = 9780504 bytes | Modified Date = 9/17/2004 6:47:58 PM | Attr = ]
UPX! , aspack , -> C:\WINDOWS\vsapi32.dll -> Trend Micro Inc. [Ver = 7.000-1004 | Size = 1036800 bytes | Modified Date = 5/14/2004 10:07:58 PM | Attr = ]
Thawte Consulting , -> C:\WINDOWS\System32\CSGina.dll -> [Ver = | Size = 177152 bytes | Modified Date = 6/10/2005 7:59:54 PM | Attr = ]
PEC2 , -> C:\WINDOWS\System32\DFRG.MSC -> [Ver = | Size = 41397 bytes | Modified Date = 8/29/2002 6:00:00 AM | Attr = ]
abetterinternet.com , -> C:\WINDOWS\System32\fiz11 -> [Ver = | Size = 29258 bytes | Modified Date = 3/5/2004 11:53:44 PM | Attr = H ]
winsync , -> C:\WINDOWS\System32\WBDBASE.DEU -> [Ver = | Size = 1309184 bytes | Modified Date = 8/29/2002 6:00:00 AM | Attr = ]
Thawte Consulting , -> C:\WINDOWS\System32\XceedFtp.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 1.0.42.0 | Size = 236576 bytes | Modified Date = 9/8/2003 1:13:26 PM | Attr = ]
WSUD , UPX0 , -> C:\WINDOWS\System32\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/29/2002 6:00:00 AM | Attr = ]
PTech , -> C:\WINDOWS\System32\dllcache\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 12:41:38 AM | Attr = ]
PTech , -> C:\WINDOWS\System32\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 12:41:38 AM | Attr = ]
< End of report >
###########AVG REPORT:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 9:21:20 PM 12/24/2006
+ Scan result:
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP223\A0129393.dll -> Adware.AdRotate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP223\A0129390.exe/nickarcade.dll -> Adware.BHO : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP223\A0129391.exe/nickarcade.dll -> Adware.BHO : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP223\A0129392.dll -> Adware.BHO : Cleaned with backup (quarantined).
::Report end
Thanks.