Ok Here it is my friend.
WinPFind3.Txt
WinPFind3 logfile created on: 6/27/2007 11:02:35 AM
WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\Documents and Settings\Star Wars\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
254.48 Mb Total Physical Memory | 23.46 Mb Available Physical Memory | 9.22% Memory free
1009.38 Mb Paging File | 812.25 Mb Available in Paging File | 80.47% Paging File free
Paging file location(s): C:\pagefile.sys 768 768;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 36.49 Gb Free Space | 48.96% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Computer Name: HPXT928
Current User Name: Star Wars
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> [Ver = | Size = 397312 bytes | Modified Date = 5/14/2004 12:05:08 AM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> [Ver = | Size = 397312 bytes | Modified Date = 5/14/2004 12:05:08 AM | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5090 | Size = 335872 bytes | Modified Date = 3/3/2004 12:00:00 PM | Attr = ]
iamapp.exe -> %ProgramFiles%\Norton Internet Security\IAMAPP.EXE -> Symantec Corporation [Ver = 4.0.0.82 | Size = 373888 bytes | Modified Date = 8/30/2001 1:32:20 AM | Attr = ]
incd.exe -> %ProgramFiles%\Ahead\InCD\InCD.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 1398272 bytes | Modified Date = 3/23/2006 5:06:50 PM | Attr = ]
incdsrv.exe -> %ProgramFiles%\Ahead\InCD\incdsrv.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 880128 bytes | Modified Date = 3/23/2006 5:06:38 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 36975 bytes | Modified Date = 4/13/2005 3:48:52 AM | Attr = ]
kbd.exe -> %SystemDrive%\hp\kbd\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 7/6/2001 1:56:56 PM | Attr = ]
navapsvc.exe -> %ProgramFiles%\Norton SystemWorks\Norton AntiVirus\Navapsvc.exe -> Symantec Corporation [Ver = 8.00.58 | Size = 115792 bytes | Modified Date = 8/16/2001 6:16:12 PM | Attr = ]
navapw32.exe -> %ProgramFiles%\Norton SystemWorks\Norton AntiVirus\Navapw32.exe -> Symantec Corporation [Ver = 8.00.58 | Size = 74832 bytes | Modified Date = 8/16/2001 5:52:42 PM | Attr = ]
netscp.exe -> %ProgramFiles%\Netscape\Netscape\Netscp.exe -> Mozilla, Netscape [Ver = 7.1 | Size = 568096 bytes | Modified Date = 6/24/2003 12:09:00 PM | Attr = ]
netscp.exe -> %ProgramFiles%\Netscape\Netscape\Netscp.exe -> Mozilla, Netscape [Ver = 7.1 | Size = 568096 bytes | Modified Date = 6/24/2003 12:09:00 PM | Attr = ]
nisserv.exe -> %ProgramFiles%\Norton Internet Security\NISSERV.EXE -> Symantec Corporation [Ver = 4.0.0.82 | Size = 62592 bytes | Modified Date = 8/30/2001 1:32:44 AM | Attr = ]
nisum.exe -> %ProgramFiles%\Norton Internet Security\NISUM.EXE -> Symantec Corporation [Ver = 4.0.0.82 | Size = 87168 bytes | Modified Date = 8/30/2001 1:32:52 AM | Attr = ]
nopdb.exe -> %ProgramFiles%\Norton SystemWorks\Speed Disk\NOPDB.EXE -> Symantec Corporation [Ver = 6.0.0.20 | Size = 176161 bytes | Modified Date = 8/9/2001 6:00:00 AM | Attr = ]
nprotect.exe -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> Symantec Corporation [Ver = 15.0.0.20 | Size = 135168 bytes | Modified Date = 8/10/2001 6:00:00 AM | Attr = ]
symproxysvc.exe -> %ProgramFiles%\Norton Internet Security\SymProxySvc.exe -> Symantec Corporation [Ver = 4.0.0.82 | Size = 54400 bytes | Modified Date = 8/30/2001 1:31:58 AM | Attr = ]
sysdoc32.exe -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE -> Symantec Corporation [Ver = 15.0.0.20 | Size = 24614 bytes | Modified Date = 8/10/2001 6:00:00 AM | Attr = ]
uaservice7.exe -> %System32%\UAService7.exe -> [Ver = | Size = 126976 bytes | Modified Date = 3/7/2007 8:08:48 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 6/23/2007 3:15:54 PM | Attr = ]
wkcalrem.exe -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkCalRem.exe -> Microsoft® Corporation [Ver = 7.02.0620.0 | Size = 24651 bytes | Modified Date = 6/20/2002 7:21:32 AM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> [Ver = | Size = 397312 bytes | Modified Date = 5/14/2004 12:05:08 AM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0017 | Size = 516096 bytes | Modified Date = 3/3/2004 12:00:00 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 3:56:48 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 10/22/2004 4:24:18 AM | Attr = ]
(InCDsrv) InCD Helper [Win32_Own | Auto | Running] -> %ProgramFiles%\Ahead\InCD\incdsrv.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 880128 bytes | Modified Date = 3/23/2006 5:06:38 PM | Attr = ]
(navapsvc) Norton AntiVirus Auto Protect Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Norton AntiVirus\Navapsvc.exe -> Symantec Corporation [Ver = 8.00.58 | Size = 115792 bytes | Modified Date = 8/16/2001 6:16:12 PM | Attr = ]
(NISSERV) Norton Internet Security Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\NISSERV.EXE -> Symantec Corporation [Ver = 4.0.0.82 | Size = 62592 bytes | Modified Date = 8/30/2001 1:32:44 AM | Attr = ]
(NISUM) Norton Internet Security Accounts Manager [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Norton Internet Security\NISUM.EXE -> Symantec Corporation [Ver = 4.0.0.82 | Size = 87168 bytes | Modified Date = 8/30/2001 1:32:52 AM | Attr = ]
(NProtectService) Norton Unerase Protection [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> Symantec Corporation [Ver = 15.0.0.20 | Size = 135168 bytes | Modified Date = 8/10/2001 6:00:00 AM | Attr = ]
(PREVXAgent) Prevx Agent [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Prevx2\PXAgent.exe -> File not found
(SBService) ScriptBlocking Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\Script Blocking\SBServ.exe -> Symantec Corporation [Ver = 1, 1, 0, 126 | Size = 54408 bytes | Modified Date = 8/13/2001 11:18:36 PM | Attr = ]
(SDService) SDService [Win32_Own | Auto | Stopped] -> %ProgramFiles%\SpywareDetector\SDService.exe -> File not found
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.4.4.17 | Size = 206552 bytes | Modified Date = 1/21/2005 11:32:12 PM | Attr = ]
(Speed Disk service) Speed Disk service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Speed Disk\NOPDB.EXE -> Symantec Corporation [Ver = 6.0.0.20 | Size = 176161 bytes | Modified Date = 8/9/2001 6:00:00 AM | Attr = ]
(SymProxySvc) Norton Internet Security Proxy Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\SymProxySvc.exe -> Symantec Corporation [Ver = 4.0.0.82 | Size = 54400 bytes | Modified Date = 8/30/2001 1:31:58 AM | Attr = ]
(UserAccess7) SecuROM User Access Service (V7) [Win32_Own | Auto | Running] -> %System32%\UAService7.exe -> [Ver = | Size = 126976 bytes | Modified Date = 3/7/2007 8:08:48 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
AtariBanner -> %ProgramFiles%\Infogrames\Atari Anniversary Edition\Volume 2\Banner.exe -> Infogrames [Ver = 1, 0, 0, 1 | Size = 49152 bytes | Modified Date = 5/22/2001 6:17:32 PM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5090 | Size = 335872 bytes | Modified Date = 3/3/2004 12:00:00 PM | Attr = ]
iamapp -> %ProgramFiles%\Norton Internet Security\IAMAPP.EXE -> Symantec Corporation [Ver = 4.0.0.82 | Size = 373888 bytes | Modified Date = 8/30/2001 1:32:20 AM | Attr = ]
InCD -> %ProgramFiles%\Ahead\InCD\InCD.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 1398272 bytes | Modified Date = 3/23/2006 5:06:50 PM | Attr = ]
KBD -> %SystemDrive%\hp\kbd\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 7/6/2001 1:56:56 PM | Attr = ]
MS_imeService -> %SystemRoot%\ime\imeupdt.exe -> [Ver = | Size = 116047 bytes | Modified Date = 8/4/2004 3:56:50 AM | Attr = H ]
NAV Agent -> %ProgramFiles%\Norton SystemWorks\Norton AntiVirus\Navapw32.exe -> Symantec Corporation [Ver = 8.00.58 | Size = 74832 bytes | Modified Date = 8/16/2001 5:52:42 PM | Attr = ]
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 10:50:42 AM | Attr = ]
PS2 -> %System32%\ps2.EXE -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 81920 bytes | Modified Date = 7/3/2001 1:13:56 PM | Attr = ]
QD FastAndSafe -> %ProgramFiles%\Norton Internet Security\IAMAPP.EXE -> Symantec Corporation [Ver = 4.0.0.82 | Size = 373888 bytes | Modified Date = 8/30/2001 1:32:20 AM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 36975 bytes | Modified Date = 4/13/2005 3:48:52 AM | Attr = ]
Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.4.4.17 | Size = 95960 bytes | Modified Date = 11/25/2006 5:55:22 PM | Attr = ]
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Mozilla Quick Launch -> %ProgramFiles%\Netscape\Netscape\Netscp.exe -> Mozilla, Netscape [Ver = 7.1 | Size = 568096 bytes | Modified Date = 6/24/2003 12:09:00 PM | Attr = ]
NBJ -> %ProgramFiles%\Ahead\Nero BackItUp\NBJ.exe -> Ahead Software AG [Ver = 1, 2, 0, 61 | Size = 1961984 bytes | Modified Date = 10/11/2005 6:25:32 PM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 11/4/1999 3:06:48 PM | Attr = ]
%AllUsersStartup%\Norton System Doctor.lnk -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE -> Symantec Corporation [Ver = 15.0.0.20 | Size = 24614 bytes | Modified Date = 8/10/2001 6:00:00 AM | Attr = ]
< User Startup > -> C:\Documents and Settings\Star Wars\Start Menu\Programs\Startup ->
%UserStartup%\wkcalrem.LNK -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkCalRem.exe -> Microsoft® Corporation [Ver = 7.02.0620.0 | Size = 24651 bytes | Modified Date = 6/20/2002 7:21:32 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %System32%\ati2evxx.dll -> [Ver = | Size = 86016 bytes | Modified Date = 5/14/2004 12:05:08 AM | Attr = ]
SDNotify -> %ProgramFiles%\SpywareDetector\SDNotify.dll -> File not found
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
< HOSTS File > (686 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL ->
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome ->
HKLM: Main\\Default_Search_URL ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Start Page ->
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Start Page -> about:blank ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton SystemWorks\Norton AntiVirus\NAVShExt.dll [CNavExtBho Class] -> Symantec Corporation [Ver = 8.00.58 | Size = 102400 bytes | Modified Date = 8/16/2001 4:35:10 PM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton SystemWorks\Norton AntiVirus\NAVShExt.dll [Norton AntiVirus] -> Symantec Corporation [Ver = 8.00.58 | Size = 102400 bytes | Modified Date = 8/16/2001 4:35:10 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton SystemWorks\Norton AntiVirus\NAVShExt.dll [Norton AntiVirus] -> Symantec Corporation [Ver = 8.00.58 | Size = 102400 bytes | Modified Date = 8/16/2001 4:35:10 PM | Attr = ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&D&ownload &with BitComet -> %UserDocuments%\Matthew ''Nemesis'' Smith\BitComet_0.86\BitComet.exe\AddLink.htm -> File not found
&D&ownload all video with BitComet -> %UserDocuments%\Matthew ''Nemesis'' Smith\BitComet_0.86\BitComet.exe\AddVideo.htm -> File not found
&D&ownload all with BitComet -> %UserDocuments%\Matthew ''Nemesis'' Smith\BitComet_0.86\BitComet.exe\AddAllLink.htm -> File not found
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{BF8FCE17-0A6A-4999-B23F-23FE66B4D8D5} -> (Linksys NC100 Fast Ethernet Adapter) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_03 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} -> Java Plug-in 1.4.1_02 - CodeBase =
http://java.sun.com/products/plugin/1.4 ... s-i586.cab ->
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_03 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://fpdownload.macromedia.com/get/fl ... wflash.cab ->
[Registry - Additional Scans - Non-Microsoft Only]
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
Service Host -> %SystemDrive%\DOCUME~1\STARWA~1\LOCALS~1\Temp\svchost.exe -> File not found
Start WingMan Profiler -> -> File not found
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.chm [@ = chm.file] -> PersistentHandler = Reg Data - Key not found ->
.cmd [@ = cmdfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.com [@ = comfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.cpl [@ = cplfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.exe [@ = exefile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.hlp [@ = hlpfile] -> PersistentHandler = Reg Data - Key not found ->
.hta [@ = htafile] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} ->
.html [@ = MozillaHTML] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} ->
.inf [@ = inffile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.ini [@ = inifile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.url [@ = InternetShortcut] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.js [@ = JSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.jse [@ = JSEFile] -> PersistentHandler = Reg Data - Key not found ->
.pif [@ = piffile] -> PersistentHandler = Reg Data - Key not found ->
.reg [@ = regfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.scr [@ = scrfile] -> PersistentHandler = Reg Data - Key not found ->
.txt [@ = txtfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.vbe [@ = VBEFile] -> PersistentHandler = Reg Data - Key not found ->
.vbs [@ = VBSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.wsf [@ = WSFFile] -> PersistentHandler = Reg Data - Key not found ->
.wsh [@ = WSHFile] -> PersistentHandler = Reg Data - Key not found ->
[Files/Folders - Created Within 60 days]
63765cb01d7f41e98e8384aa -> %SystemDrive%\63765cb01d7f41e98e8384aa -> [Folder | Created Date = 6/20/2007 7:26:45 AM | Attr = ]
a82ab439fa1e9c8e12 -> %SystemDrive%\a82ab439fa1e9c8e12 -> [Folder | Created Date = 6/20/2007 5:55:38 AM | Attr = ]
AnalysisLog.sr0 -> %SystemDrive%\AnalysisLog.sr0 -> [Ver = | Size = 209017 bytes | Created Date = 6/1/2007 1:18:31 PM | Attr = ]
SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 6/27/2007 8:23:48 AM | Attr = ]
test.ini -> %SystemDrive%\test.ini -> [Ver = | Size = 30 bytes | Created Date = 5/23/2007 4:21:40 PM | Attr = ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 5/15/2007 6:45:52 PM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 5/15/2007 6:45:38 PM | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 5/15/2007 6:45:05 PM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 5/15/2007 6:46:47 PM | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Created Date = 5/15/2007 6:46:14 PM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 5/15/2007 6:47:02 PM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 5/15/2007 6:45:26 PM | Attr = H ]
BZII.INI -> %SystemRoot%\BZII.INI -> [Ver = | Size = 888 bytes | Created Date = 5/23/2007 4:16:03 PM | Attr = ]
CoD.INI -> %SystemRoot%\CoD.INI -> [Ver = | Size = 632 bytes | Created Date = 6/6/2007 4:24:27 PM | Attr = ]
npl.pln -> %SystemRoot%\npl.pln -> [Ver = | Size = 23448 bytes | Created Date = 6/25/2007 9:38:06 PM | Attr = ]
ua2.dll -> %SystemRoot%\ua2.dll -> [Ver = | Size = 77312 bytes | Created Date = 6/23/2007 1:52:54 PM | Attr = ]
War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [Ver = | Size = 76324 bytes | Created Date = 6/1/2007 9:03:48 AM | Attr = ]
War3Unin.exe -> %SystemRoot%\War3Unin.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 0 | Size = 139264 bytes | Created Date = 6/1/2007 9:03:42 AM | Attr = ]
War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [Ver = | Size = 2829 bytes | Created Date = 6/1/2007 9:03:43 AM | Attr = ]
Winchat.ini -> %SystemRoot%\Winchat.ini -> [Ver = | Size = 137 bytes | Created Date = 6/19/2007 3:28:27 PM | Attr = ]
ACTSKN43.OCX -> %System32%\ACTSKN43.OCX -> [Ver = 4, 3, 0, 0 | Size = 389120 bytes | Created Date = 6/25/2007 11:32:04 AM | Attr = ]
actsplash.ocx -> %System32%\actsplash.ocx -> SoftShape Development [Ver = 1, 0, 2, 2 | Size = 188416 bytes | Created Date = 6/25/2007 11:32:04 AM | Attr = ]
bitcometres.dll -> %System32%\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Created Date = 6/1/2007 6:45:09 AM | Attr = ]
CmdLineExt03.dll -> %System32%\CmdLineExt03.dll -> [Ver = | Size = 43520 bytes | Created Date = 6/22/2007 4:25:40 PM | Attr = ]
d3d8caps.dat -> %System32%\d3d8caps.dat -> [Ver = | Size = 552 bytes | Created Date = 6/25/2007 5:32:23 PM | Attr = ]
Flash.ocx -> %System32%\Flash.ocx -> Macromedia, Inc. [Ver = 8,0,22,0 | Size = 1435272 bytes | Created Date = 6/25/2007 11:32:04 AM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 49248 bytes | Created Date = 5/21/2007 1:45:20 PM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 49250 bytes | Created Date = 5/21/2007 1:45:20 PM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.30.7 | Size = 127078 bytes | Created Date = 5/21/2007 1:45:20 PM | Attr = ]
ProgressBar4.ocx -> %System32%\ProgressBar4.ocx -> Ariad Software [Ver = 4.01.0007 | Size = 89088 bytes | Created Date = 6/25/2007 11:32:03 AM | Attr = ]
SDRemoveDB.db -> %System32%\SDRemoveDB.db -> [Ver = | Size = 184 bytes | Created Date = 6/23/2007 11:10:44 AM | Attr = ]
threadapi.tlb -> %System32%\threadapi.tlb -> [Ver = | Size = 11012 bytes | Created Date = 6/25/2007 11:32:03 AM | Attr = ]
VchReg.dll -> %System32%\VchReg.dll -> Max Secure Software [Ver = 6, 0, 3, 7 | Size = 1044480 bytes | Created Date = 6/23/2007 11:03:28 AM | Attr = ]
XceedBkp.dll -> %System32%\XceedBkp.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 1.0.108.0 | Size = 423784 bytes | Created Date = 6/25/2007 11:32:05 AM | Attr = ]
XceedCry.dll -> %System32%\XceedCry.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 1.1.107.0 | Size = 512688 bytes | Created Date = 6/25/2007 11:32:05 AM | Attr = ]
hamachi.sys -> %System32%\drivers\hamachi.sys -> LogMeIn, Inc. [Ver = 6.0.1.0 | Size = 26056 bytes | Created Date = 5/19/2007 1:41:00 PM | Attr = ]
hosts.backup -> %System32%\drivers\etc\hosts.backup -> [Ver = | Size = 813 bytes | Created Date = 6/23/2007 11:03:28 AM | Attr = ]
hosts.bak -> %System32%\drivers\etc\hosts.bak -> [Ver = | Size = 813 bytes | Created Date = 6/20/2007 7:20:19 AM | Attr = ]
[Files/Folders - Modified Within 60 days]
63765cb01d7f41e98e8384aa -> %SystemDrive%\63765cb01d7f41e98e8384aa -> [Folder | Modified Date = 6/20/2007 8:26:48 AM | Attr = ]
a82ab439fa1e9c8e12 -> %SystemDrive%\a82ab439fa1e9c8e12 -> [Folder | Modified Date = 6/20/2007 8:22:42 AM | Attr = ]
AnalysisLog.sr0 -> %SystemDrive%\AnalysisLog.sr0 -> [Ver = | Size = 209017 bytes | Modified Date = 6/1/2007 2:19:16 PM | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 6/23/2007 6:07:30 PM | Attr = RHS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 6/26/2007 6:06:02 PM | Attr = HS]
DeusEx -> %SystemDrive%\DeusEx -> [Folder | Modified Date = 6/14/2007 11:19:28 AM | Attr = ]
DOWNLOADS -> %SystemDrive%\DOWNLOADS -> [Folder | Modified Date = 5/23/2007 12:30:06 PM | Attr = ]
POOHPS -> %SystemDrive%\POOHPS -> [Folder | Modified Date = 6/7/2007 11:44:30 AM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 6/27/2007 10:51:44 AM | Attr = R ]
SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 6/27/2007 9:48:26 AM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 6/25/2007 3:41:00 PM | Attr = HS]
Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 5/19/2007 2:39:48 PM | Attr = ]
test.ini -> %SystemDrive%\test.ini -> [Ver = | Size = 30 bytes | Modified Date = 5/23/2007 5:21:42 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 6/27/2007 9:27:04 AM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 6/13/2007 7:04:54 AM | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 5/15/2007 7:45:54 PM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 5/15/2007 7:45:40 PM | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 5/15/2007 7:45:08 PM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 5/15/2007 7:46:50 PM | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Modified Date = 5/15/2007 7:46:20 PM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 5/15/2007 7:47:04 PM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 5/15/2007 7:45:28 PM | Attr = H ]
A5W.INI -> %SystemRoot%\A5W.INI -> [Ver = | Size = 35 bytes | Modified Date = 5/25/2007 5:11:34 PM | Attr = ]
A5W_DATA -> %SystemRoot%\A5W_DATA -> [Folder | Modified Date = 5/25/2007 5:11:34 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 6/27/2007 10:51:36 AM | Attr = S]
BZII.INI -> %SystemRoot%\BZII.INI -> [Ver = | Size = 888 bytes | Modified Date = 5/23/2007 6:24:46 PM | Attr = ]
cdplayer.ini -> %SystemRoot%\cdplayer.ini -> [Ver = | Size = 8809 bytes | Modified Date = 6/19/2007 1:12:56 PM | Attr = ]
CoD.INI -> %SystemRoot%\CoD.INI -> [Ver = | Size = 632 bytes | Modified Date = 6/8/2007 11:42:42 AM | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 6/23/2007 12:58:00 PM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 6/20/2007 10:01:34 AM | Attr = S]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 6/11/2007 12:45:18 PM | Attr = R S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 6/12/2007 2:18:08 PM | Attr = ]
ime -> %SystemRoot%\ime -> [Folder | Modified Date = 6/19/2007 1:23:52 PM | Attr = H ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 6/26/2007 6:00:26 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 6/26/2007 6:06:02 PM | Attr = HS]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 6/23/2007 12:58:00 PM | Attr = ]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 5/15/2007 7:54:24 PM | Attr = ]
npl.pln -> %SystemRoot%\npl.pln -> [Ver = | Size = 23448 bytes | Modified Date = 6/25/2007 10:44:32 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 6/27/2007 11:01:34 AM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 6/26/2007 1:54:44 PM | Attr = ]
QTW.INI -> %SystemRoot%\QTW.INI -> [Ver = | Size = 304 bytes | Modified Date = 5/25/2007 5:11:32 PM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 6/26/2007 2:07:34 PM | Attr = ]
Run32A50.mch -> %SystemRoot%\Run32A50.mch -> [Ver = | Size = 12218 bytes | Modified Date = 5/25/2007 5:11:38 PM | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 6/19/2007 1:38:30 PM | Attr = ]
Sof2.INI -> %SystemRoot%\Sof2.INI -> [Ver = | Size = 604 bytes | Modified Date = 6/19/2007 4:56:00 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 5/23/2007 1:28:30 PM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 6/23/2007 12:04:14 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 243 bytes | Modified Date = 6/26/2007 1:54:44 PM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 6/26/2007 6:00:26 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 6/26/2007 1:32:32 PM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 6/27/2007 10:52:14 AM | Attr = ]
TrpMaker.INI -> %SystemRoot%\TrpMaker.INI -> [Ver = | Size = 510 bytes | Modified Date = 6/15/2007 7:31:26 PM | Attr = ]
ua2.dll -> %SystemRoot%\ua2.dll -> [Ver = | Size = 77312 bytes | Modified Date = 6/23/2007 2:52:56 PM | Attr = ]
War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [Ver = | Size = 76324 bytes | Modified Date = 6/1/2007 2:09:40 PM | Attr = ]
War3Unin.exe -> %SystemRoot%\War3Unin.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 0 | Size = 139264 bytes | Modified Date = 6/1/2007 10:21:08 AM | Attr = ]
War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [Ver = | Size = 2829 bytes | Modified Date = 6/1/2007 10:21:08 AM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1109 bytes | Modified Date = 6/26/2007 1:54:46 PM | Attr = ]
Winchat.ini -> %SystemRoot%\Winchat.ini -> [Ver = | Size = 137 bytes | Modified Date = 6/19/2007 4:28:42 PM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 6/23/2007 2:52:52 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 6/27/2007 10:51:40 AM | Attr = H ]
Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [Ver = | Size = 420 bytes | Modified Date = 6/27/2007 10:52:22 AM | Attr = ]
bitcometres.dll -> %System32%\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Modified Date = 6/1/2007 7:45:12 AM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 6/26/2007 7:27:12 PM | Attr = ]
CmdLineExt.dll -> %System32%\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Modified Date = 5/27/2007 5:59:02 PM | Attr = ]
CmdLineExt03.dll -> %System32%\CmdLineExt03.dll -> [Ver = | Size = 43520 bytes | Modified Date = 6/24/2007 3:15:18 PM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 6/26/2007 2:07:46 PM | Attr = ]
d3d8caps.dat -> %System32%\d3d8caps.dat -> [Ver = | Size = 552 bytes | Modified Date = 6/25/2007 6:32:30 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 6/12/2007 2:25:14 PM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 6/26/2007 1:10:00 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 247104 bytes | Modified Date = 6/25/2007 3:40:46 PM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 52764 bytes | Modified Date = 6/25/2007 5:51:30 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 380350 bytes | Modified Date = 6/25/2007 5:51:30 PM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 6/25/2007 3:41:00 PM | Attr = ]
SDRemoveDB.db -> %System32%\SDRemoveDB.db -> [Ver = | Size = 184 bytes | Modified Date = 6/23/2007 12:10:46 PM | Attr = ]
VchReg.dll -> %System32%\VchReg.dll -> Max Secure Software [Ver = 6, 0, 3, 7 | Size = 1044480 bytes | Modified Date = 5/29/2007 11:18:22 AM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 6/26/2007 2:07:34 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 6/25/2007 3:40:52 PM | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 6/27/2007 9:31:36 AM | Attr = ]
hamachi.sys -> %System32%\drivers\hamachi.sys -> LogMeIn, Inc. [Ver = 6.0.1.0 | Size = 26056 bytes | Modified Date = 5/24/2007 8:57:02 AM | Attr = ]
hosts.backup -> %System32%\drivers\etc\hosts.backup -> [Ver = | Size = 813 bytes | Modified Date = 6/20/2007 8:29:34 AM | Attr = ]
hosts.bak -> %System32%\drivers\etc\hosts.bak -> [Ver = | Size = 813 bytes | Modified Date = 6/20/2007 8:20:20 AM | Attr = ]
[File String Scan - Non-Microsoft Only]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/23/2001 1:00:00 PM | Attr = ]
UPX! , UPX0 , -> %System32%\fmod.dll -> Firelight Technologies Pty, Ltd [Ver = 3.74 | Size = 161280 bytes | Modified Date = 10/28/2006 12:43:00 PM | Attr = ]
UPX! , UPX0 , -> %System32%\JAMktSetup_uninstall.exe -> JAM [Ver = 1.00 | Size = 5992448 bytes | Modified Date = 5/23/2006 9:33:14 AM | Attr = ]
Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 10/28/2006 6:52:52 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/23/2001 1:00:00 PM | Attr = ]
Thawte Consulting , -> %System32%\XceedBkp.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 1.0.108.0 | Size = 423784 bytes | Modified Date = 5/11/2004 10:56:54 AM | Attr = ]
Thawte Consulting , -> %System32%\XceedCry.dll -> Xceed Software Inc (450) 442-2626
support@xceedsoft.com http://www.xceedsoft.com [Ver = 1.1.107.0 | Size = 512688 bytes | Modified Date = 11/19/2003 2:59:36 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 1:00:00 PM | Attr = ]
PTech , -> %System32%\dllcache\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 1:41:38 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 1:41:38 AM | Attr = ]
< End of report >[/b]