WinPFind3 logfile created on: 6/21/2007 9:24:45 PM
WinPFind3U by OldTimer - Version 1.0.38 Folder = C:\Documents and Settings\Paula\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
445.48 Mb Total Physical Memory | 175.82 Mb Available Physical Memory | 39.47% Memory free
720.12 Mb Paging File | 516.92 Mb Available in Paging File | 71.78% Paging File free
Paging file location(s): C:\pagefile.sys 336 2046;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25.72 Gb Total Space | 17.29 Gb Free Space | 67.24% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Computer Name: PAULA-I4I2DA6EJ
Current User Name: Paula
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
acs.exe -> %System32%\acs.exe -> [Ver = | Size = 36864 bytes | Modified Date = 6/18/2007 6:39:40 PM | Attr = ]
agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.36 2.1.36 11/19/2003 15:41:01 | Size = 88363 bytes | Modified Date = 11/19/2003 4:41:02 PM | Attr = ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 6/17/2007 6:33:00 PM | Attr = ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 416256 bytes | Modified Date = 6/17/2007 6:33:00 PM | Attr = ]
avgemc.exe -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 351744 bytes | Modified Date = 6/17/2007 6:33:12 PM | Attr = ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 6/17/2007 6:33:28 PM | Attr = ]
belkinwcui.exe -> %ProgramFiles%\Belkin\Cardbus F5D7010\Wireless Utility\Belkinwcui.exe -> Belkin [Ver = 1, 0, 0, 8 | Size = 1388544 bytes | Modified Date = 8/18/2005 5:09:58 PM | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.4: 2007051502 | Size = 7637104 bytes | Modified Date = 5/15/2007 3:33:24 PM | Attr = ]
keyhook.exe -> %System32%\Keyhook.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3590 | Size = 249856 bytes | Modified Date = 5/12/2004 5:22:52 PM | Attr = ]
sistray.exe -> %System32%\sistray.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3581 | Size = 335872 bytes | Modified Date = 6/14/2004 4:06:22 PM | Attr = ]
spkrmon.exe -> %ProgramFiles%\Analog Devices\SoundMAX\spkrmon.exe -> [Ver = 1, 0, 0, 4 | Size = 61440 bytes | Modified Date = 8/28/2003 3:01:22 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 318976 bytes | Modified Date = 5/22/2007 6:27:40 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(ACS) Atheros Configuration Service [Win32_Own | Auto | Running] -> %System32%\acs.exe -> [Ver = | Size = 36864 bytes | Modified Date = 6/18/2007 6:39:40 PM | Attr = ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 6/17/2007 6:33:00 PM | Attr = ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 6/17/2007 6:33:28 PM | Attr = ]
(AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 351744 bytes | Modified Date = 6/17/2007 6:33:12 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> File not found
(spkrmon) spkrmon [Win32_Own | Auto | Running] -> %ProgramFiles%\Analog Devices\SoundMAX\spkrmon.exe -> [Ver = 1, 0, 0, 4 | Size = 61440 bytes | Modified Date = 8/28/2003 3:01:22 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AGRSMMSG -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.36 2.1.36 11/19/2003 15:41:01 | Size = 88363 bytes | Modified Date = 11/19/2003 4:41:02 PM | Attr = ]
AOL Spyware Protection -> %SystemDrive%\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe -> File not found
AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 416256 bytes | Modified Date = 6/17/2007 6:33:00 PM | Attr = ]
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 12:50:42 PM | Attr = ]
SiS Windows KeyHook -> %System32%\Keyhook.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3590 | Size = 249856 bytes | Modified Date = 5/12/2004 5:22:52 PM | Attr = ]
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
FreeRAM XP -> %ProgramFiles%\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe -> YourWare Solutions (TM) [Ver = 1.5.1.0 | Size = 1591808 bytes | Modified Date = 4/22/2007 6:22:54 PM | Attr = ]
MSMSGS -> %ProgramFiles%\Messenger\msmsgs.exe -> File not found
Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 10:49:04 PM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup
%AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 29696 bytes | Modified Date = 12/14/2004 5:44:06 AM | Attr = ]
%AllUsersStartup%\Belkin Wireless Utility.lnk -> %ProgramFiles%\Belkin\Cardbus F5D7010\Wireless Utility\Belkinwcui.exe -> Belkin [Ver = 1, 0, 0, 8 | Size = 1388544 bytes | Modified Date = 8/18/2005 5:09:58 PM | Attr = ]
%AllUsersStartup%\Utility Tray.lnk -> %System32%\sistray.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3581 | Size = 335872 bytes | Modified Date = 6/14/2004 4:06:22 PM | Attr = ]
< User Startup > -> C:\Documents and Settings\Paula\Start Menu\Programs\Startup
%UserStartup%\LimeWire On Startup.lnk -> %ProgramFiles%\LimeWire\LimeWire.exe -> [Ver = | Size = 159744 bytes | Modified Date = 8/22/2006 11:45:56 AM | Attr = ]
%UserStartup%\OpenOffice.org 2.0.lnk -> %ProgramFiles%\OpenOffice.org 2.0\program\quickstart.exe -> [Ver = | Size = 61440 bytes | Modified Date = 1/25/2006 8:42:22 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL ->
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome ->
HKLM: Main\\Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Start Page ->
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Start Page ->
http://www.myspace.com/ ->
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [&Yahoo! Toolbar] -> File not found
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 12/14/2004 2:56:50 AM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> %ProgramFiles%\Messenger\msmsgs.exe [ButtonText: Messenger] -> File not found
CmdMapping [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&AOL Toolbar search -> %ProgramFiles%\AOL Toolbar\toolbar.dll\SEARCH.HTM -> File not found
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{1681549A-B346-4E62-9F64-6E41FC1EBA8F} -> (Belkin Wireless G Notebook Card) ->
{51E34801-4B51-4C54-BA9B-32C472731A79} -> () ->
{AC66EB7E-2890-4EC7-8674-47DDA67FA634} -> (SiS 900-Based PCI Fast Ethernet Adapter) ->
{B8E5139F-4EAF-4EC5-A01D-0B2FD03D74F1} -> (ADMtek ADM8511 USB To Fast Ethernet Converter) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
vnd.ms.radio -> %System32%\msdxm.ocx -> [Ver = | Size = 844314 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> - CodeBase =
http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab ->
{0742B9EF-8C83-41CA-BFBA-830A59E23533} -> Microsoft Data Collection Control - CodeBase =
https://support.microsoft.com/OAS/ActiveX/MSDcode.cab ->
{1239CC52-59EF-4DFA-8C61-90FFA846DF7E} -> Musicnotes Viewer - CodeBase =
http://www.musicnotes.com/download/mnviewer.cab ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase =
http://by136fd.bay136.hotmail.msn.com/r ... nPUpld.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase =
http://www.update.microsoft.com/microso ... 2111177171 ->
{A8F2B9BD-A6A0-486A-9744-18920D898429} -> ScorchPlugin Class - CodeBase =
http://www.sibelius.com/download/softwa ... Plugin.cab ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase =
http://www.crucial.com/controls/cpcScanner.cab ->
Microsoft XML Parser for Java -> - CodeBase =
file://C:\WINDOWS\Java\classes\xmldso.cab ->
[Files/Folders - Created Within 30 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Created Date = 6/17/2007 7:24:36 PM | Attr = RH ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 6/20/2007 6:43:19 PM | Attr = HS]
hjt -> %SystemDrive%\hjt -> [Folder | Created Date = 6/20/2007 6:00:41 PM | Attr = ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 6/19/2007 10:03:05 PM | Attr = H ]
$NtUninstallKB903235$ -> %SystemRoot%\$NtUninstallKB903235$ -> [Folder | Created Date = 6/19/2007 10:02:32 PM | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Created Date = 5/24/2007 6:22:37 AM | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 6/13/2007 1:03:58 AM | Attr = H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Created Date = 6/19/2007 10:06:43 PM | Attr = H ]
$NtUninstallKB933566$ -> %SystemRoot%\$NtUninstallKB933566$ -> [Folder | Created Date = 6/20/2007 7:55:50 AM | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 6/13/2007 12:11:01 AM | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 6/13/2007 12:44:05 AM | Attr = H ]
pss -> %SystemRoot%\pss -> [Folder | Created Date = 6/17/2007 4:53:48 PM | Attr = ]
Uniblue SpyEraser Nag.job -> %SystemRoot%\tasks\Uniblue SpyEraser Nag.job -> [Ver = | Size = 264 bytes | Created Date = 6/17/2007 7:52:07 PM | Attr = ]
Uniblue SpyEraser.job -> %SystemRoot%\tasks\Uniblue SpyEraser.job -> [Ver = | Size = 338 bytes | Created Date = 6/17/2007 7:52:01 PM | Attr = ]
d3d8caps.dat -> %System32%\d3d8caps.dat -> [Ver = | Size = 552 bytes | Created Date = 6/19/2007 10:14:57 PM | Attr = ]
spupdsvc.inf -> %System32%\spupdsvc.inf -> [Ver = | Size = 230 bytes | Created Date = 6/19/2007 10:56:40 AM | Attr = ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Created Date = 6/17/2007 5:33:35 PM | Attr = ]
avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Created Date = 6/17/2007 5:33:52 PM | Attr = ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Created Date = 6/17/2007 5:33:56 PM | Attr = ]
avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 6/17/2007 5:33:58 PM | Attr = ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Created Date = 6/17/2007 5:33:57 PM | Attr = ]
avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Created Date = 6/17/2007 5:33:57 PM | Attr = ]
[Files/Folders - Modified Within 30 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Modified Date = 6/17/2007 8:26:24 PM | Attr = RH ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 6/19/2007 9:58:10 PM | Attr = HS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 6/20/2007 7:47:16 PM | Attr = HS]
DELL -> %SystemDrive%\DELL -> [Folder | Modified Date = 6/1/2007 7:42:04 PM | Attr = ]
hjt -> %SystemDrive%\hjt -> [Folder | Modified Date = 6/20/2007 9:56:22 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 6/20/2007 10:32:40 PM | Attr = R ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 6/20/2007 9:54:22 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 6/20/2007 3:00:04 AM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 6/19/2007 11:03:06 PM | Attr = H ]
$NtUninstallKB903235$ -> %SystemRoot%\$NtUninstallKB903235$ -> [Folder | Modified Date = 6/19/2007 11:02:34 PM | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Modified Date = 5/24/2007 7:22:38 AM | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 6/13/2007 2:04:22 AM | Attr = H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Modified Date = 6/19/2007 11:06:50 PM | Attr = H ]
$NtUninstallKB933566$ -> %SystemRoot%\$NtUninstallKB933566$ -> [Folder | Modified Date = 6/20/2007 8:55:58 AM | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 6/13/2007 1:11:08 AM | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 6/13/2007 1:44:18 AM | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 6/21/2007 9:56:30 AM | Attr = S]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 6/20/2007 9:42:46 PM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 6/17/2007 4:27:06 PM | Attr = S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 6/19/2007 9:42:34 PM | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 6/19/2007 11:57:06 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 6/20/2007 8:56:34 AM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 6/20/2007 7:47:16 PM | Attr = HS]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 6/19/2007 11:55:48 AM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 6/12/2007 9:55:16 PM | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 6/7/2007 7:03:38 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 6/18/2007 4:52:22 PM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 6/17/2007 8:51:36 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 5/23/2007 1:06:16 PM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 6/17/2007 6:30:22 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 6/19/2007 9:58:10 PM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 6/20/2007 7:43:14 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 6/20/2007 10:32:40 PM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 6/21/2007 9:57:38 AM | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 6/19/2007 11:55:48 AM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 649 bytes | Modified Date = 6/19/2007 9:58:10 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 6/21/2007 9:56:34 AM | Attr = H ]
Uniblue SpyEraser Nag.job -> %SystemRoot%\tasks\Uniblue SpyEraser Nag.job -> [Ver = | Size = 264 bytes | Modified Date = 6/17/2007 8:52:12 PM | Attr = ]
Uniblue SpyEraser.job -> %SystemRoot%\tasks\Uniblue SpyEraser.job -> [Ver = | Size = 338 bytes | Modified Date = 6/17/2007 8:52:02 PM | Attr = ]
acs.exe -> %System32%\acs.exe -> [Ver = | Size = 36864 bytes | Modified Date = 6/18/2007 6:39:40 PM | Attr = ]
@Alternate Data Stream - 88 bytes -> %System32%\acs.exe:SummaryInformation ->
@Alternate Data Stream - 0 bytes -> %System32%\acs.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 6/20/2007 6:47:24 PM | Attr = ]
d3d8caps.dat -> %System32%\d3d8caps.dat -> [Ver = | Size = 552 bytes | Modified Date = 6/19/2007 11:14:58 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 6/20/2007 8:56:18 AM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 6/20/2007 8:37:06 PM | Attr = ]
en-us -> %System32%\en-us -> [Folder | Modified Date = 6/19/2007 9:42:34 PM | Attr = ]
spupdsvc.inf -> %System32%\spupdsvc.inf -> [Ver = | Size = 230 bytes | Modified Date = 6/19/2007 11:56:42 AM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2478 bytes | Modified Date = 6/21/2007 9:57:34 AM | Attr = ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 6/17/2007 6:33:38 PM | Attr = ]
avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 6/17/2007 6:33:56 PM | Attr = ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 6/17/2007 6:33:58 PM | Attr = ]
avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 6/17/2007 6:34:00 PM | Attr = ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Modified Date = 6/17/2007 6:33:58 PM | Attr = ]
avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 6/17/2007 6:33:58 PM | Attr = ]
[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 88 bytes -> %System32%\acs.exe:SummaryInformation ->
@Alternate Data Stream - 0 bytes -> %System32%\acs.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ]
UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 6/17/2007 6:33:38 PM | Attr = ]
< End of report >