Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Admin To Do Analysis On Logfile


  • Please log in to reply
3 replies to this topic

#1 alexdbest2000

alexdbest2000

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 06 January 2007 - 01:53 AM

many small bugs in computer, need help

-open icons not selected with mouse
-"selects all" sometimes when clicking on 1 icon
- pages (documents, internet homepage) come up occasionally without being selected



Logfile of HijackThis v1.99.1
Scan saved at 1:47:11 AM, on 06/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ATI Multimedia\main\LaunchPd.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Alex\My Documents\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [Soltek] C:\WINDOWS\system32\autorun.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\LaunchPd.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163546822906
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: MBackMonitor - Unknown owner - C:\Program Files\McAfee\MBK\MBackMonitor.exe (file missing)

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:10 PM

Posted 10 January 2007 - 06:31 PM

Hello alexdbest2000 and welcome to the BC HijackThis forum. I see no signs of viruses or malware in the log. It is clean.

It sounds like a mouse or mouse driver issue. If you have a wireless mouse, check the batteries (or charge status). If it's a wired mouse, try a different mouse and see if the problem persists.

In any case. let's do a more in-depth scan and see what it shows us.

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 alexdbest2000

alexdbest2000
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 14 January 2007 - 10:11 PM

WinPFind3 logfile created on: 14/01/2007 10:04:48 PM
WinPFind3U by OldTimer - Version 1.0.10 Folder = C:\Documents and Settings\Alex\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

785196 Kb Total Physical Memory | 383108 Kb Available Physical Memory | 48.79% Memory free
1132972 Kb Paging File | 701772 Kb Available in Paging File | 61.94% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156280288 Kb Total Space | 67537716 Kb Free Space | 43.22% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 8299344 Kb Total Space | 0 Kb Free Space | 0.00% Space Free


[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4140 | Size = 401408 bytes | Modified Date = 02/08/2006 5:01:22 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4140 | Size = 401408 bytes | Modified Date = 02/08/2006 5:01:22 PM | Attr = ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
ctsvccda.exe -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13/12/1999 1:01:00 AM | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.0.9: 2006120612 | Size = 7200365 bytes | Modified Date = 20/12/2006 2:10:32 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 9:13:20 AM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 30/10/2006 9:36:32 AM | Attr = ]
itunes.exe -> %ProgramFiles%\iTunes\iTunes.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 15338560 bytes | Modified Date = 30/10/2006 9:36:32 AM | Attr = ]
mplayer2.exe -> %ProgramFiles%\Windows Media Player\mplayer2.exe -> [Ver = | Size = 18463 bytes | Modified Date = 12/12/2005 7:00:00 AM | Attr = ]
powerdvd.exe -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PowerDVD.exe -> CyberLink Corp. [Ver = 6.00.1424 | Size = 512000 bytes | Modified Date = 24/02/2005 8:29:20 PM | Attr = ]
soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.14 | Size = 62464 bytes | Modified Date = 13/11/2003 5:23:52 AM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.10.0 | Size = 306176 bytes | Modified Date = 12/01/2007 4:20:26 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4140 | Size = 401408 bytes | Modified Date = 02/08/2006 5:01:22 PM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 02/08/2006 9:27:00 AM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 9:13:20 AM | Attr = ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13/12/1999 1:01:00 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 12/12/2005 7:00:00 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 03/04/2005 4:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 30/10/2006 9:36:32 AM | Attr = ]
(KodakCCS) Kodak Camera Connection Software [Win32_Own | On_Demand | Stopped] -> %System32%\drivers\KodakCCS.exe -> Eastman Kodak Company [Ver = 1.1.5100.4 | Size = 411920 bytes | Modified Date = 30/03/2005 8:46:56 AM | Attr = ]
(MBackMonitor) MBackMonitor [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\MBK\MBackMonitor.exe -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
Soltek -> %System32%\Autorun.exe -> [Ver = | Size = 61440 bytes | Modified Date = 29/10/2001 9:00:16 AM | Attr = ]
SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.14 | Size = 62464 bytes | Modified Date = 13/11/2003 5:23:52 AM | Attr = ]
< RunOnceEx [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
-> -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
PowerBar -> -> File not found
< Disabled MSConfig Folder Items[HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\
C:^Documents and Settings^Alex^Start Menu^Programs^Startup^Calendar 2000.lnk -> Reg Data - Value does not exist -> File not found
C:^Documents and Settings^Alex^Start Menu^Programs^Startup^LimeWire On Startup.lnk -> Reg Data - Value does not exist -> File not found
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 23/09/2005 2:05:26 PM | Attr = ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk -> %ProgramFiles%\Kodak\Kodak EasyShare software\bin\EasyShare.exe -> [Ver = 5, 0, 25, 230 | Size = 151552 bytes | Modified Date = 21/07/2005 7:47:22 PM | Attr = ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk -> %ProgramFiles%\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe -> [Ver = | Size = 16423 bytes | Modified Date = 13/02/2004 6:12:08 AM | Attr = ]
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ZDWLan Utility.lnk -> %ProgramFiles%\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe -> [Ver = 2, 13, 0, 0 | Size = 475136 bytes | Modified Date = 16/08/2005 7:13:14 AM | Attr = ]
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
ATI DeviceDetect -> %ProgramFiles%\ATI Multimedia\main\atidtct.exe -> ATI Technologies Inc. [Ver = 9.15.001 | Size = 57344 bytes | Modified Date = 12/07/2006 9:22:36 PM | Attr = ]
ATI Launchpad -> %ProgramFiles%\ATI Multimedia\main\LaunchPd.exe -> ATI Technologies Inc. [Ver = 9.15.001 | Size = 102400 bytes | Modified Date = 12/07/2006 9:25:40 PM | Attr = ]
ATI Remote Control -> %ProgramFiles%\ATI Multimedia\RemCtrl\ATIRW.EXE -> ATI Technologies Inc. [Ver = 3.04.001 | Size = 1622016 bytes | Modified Date = 05/04/2006 10:03:40 PM | Attr = ]
ATICCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLIStart.exe -> [Ver = | Size = 90112 bytes | Modified Date = 10/05/2006 3:12:06 AM | Attr = ]
Aups -> Reg Data - Value does not exist -> File not found
AVG7_CC -> Reg Data - Value does not exist -> File not found
BearShare -> Reg Data - Value does not exist -> File not found
Creative Detector -> %ProgramFiles%\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 3.0.2.0 | Size = 102400 bytes | Modified Date = 02/12/2004 6:23:34 PM | Attr = ]
DAEMON Tools -> %ProgramFiles%\DAEMON Tools\daemon.exe -> DT Soft Ltd. [Ver = 4.08.0.0 | Size = 157592 bytes | Modified Date = 12/11/2006 5:48:48 AM | Attr = ]
Ddd -> Reg Data - Value does not exist -> File not found
EA Core -> Reg Data - Value does not exist -> File not found
EbatesMoeMoneyMaker -> -> File not found
InCD -> Reg Data - Value does not exist -> File not found
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 30/10/2006 9:36:36 AM | Attr = ]
McAfee Backup -> %ProgramFiles%\McAfee\MBK\McAfeeDataBackup.exe -> McAfee [Ver = 0.9.2400.27542 | Size = 4814376 bytes | Modified Date = 31/08/2006 2:36:44 PM | Attr = ]
MskAgentexe -> Reg Data - Value does not exist -> File not found
NeroCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09/07/2001 10:50:42 AM | Attr = ]
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09/07/2001 10:50:42 AM | Attr = ]
PSPVideo9 -> Reg Data - Value does not exist -> File not found
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 25/10/2006 6:58:18 PM | Attr = ]
RemoteControl -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 6.00.1027 | Size = 32768 bytes | Modified Date = 02/11/2004 8:24:46 PM | Attr = ]
Steam -> %ProgramFiles%\Steam\steam.exe -> Valve Corporation [Ver = 1.0.0.0 | Size = 1249280 bytes | Modified Date = 01/09/2006 4:28:52 AM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_09\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 49263 bytes | Modified Date = 12/10/2006 3:10:54 AM | Attr = ]
swg -> Reg Data - Value does not exist -> File not found
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Modified Date = 06/09/2006 8:11:08 AM | Attr = ]
updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 30/03/2006 8:45:08 AM | Attr = R ]
WeatherBug -> Reg Data - Value does not exist -> File not found
Zone Labs Client -> Reg Data - Value does not exist -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28/09/2006 9:13:28 AM | Attr = ]
{F89688C0-370E-4E5D-A473-299B383A41E5} [HKLM] -> Reg Data - Key not found [NSIS Media Extension] -> File not found
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktopCleanupWizard -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInstrumentation -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoLowDiskSpaceChecks -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = ->
0 -> Source = http://www.scottpommier.com/images/two_pic...d-overcrook.jpg ->
0 -> SubscribedURL = http://www.scottpommier.com/images/two_pic...d-overcrook.jpg ->
1 -> [Key] ->
1 -> FriendlyName = My Current Home Page ->
1 -> Source = About:Home ->
1 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\SYSTEM32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKCU: SearchAssistant -> http://www.google.com/ie ->
HKCU: SearchURL\g\ -> http://www.google.com/search?hl=en&q=%s ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 16/04/2001 4:39:02 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 30/05/2005 5:04:00 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_09\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 434279 bytes | Modified Date = 12/10/2006 3:25:44 AM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8193 - Sun Java Console ->
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} -> 8194 - Reg Data - Key not found ->
{44226DFF-747E-4edc-B30C-78752E50CD0C} -> 8195 - Reg Data - Value does not exist ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8192 - Reg Data - Value does not exist ->
NextId -> 8196 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_09\bin\npjpi150_09.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 69746 bytes | Modified Date = 12/10/2006 3:25:44 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_09\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 434279 bytes | Modified Date = 12/10/2006 3:25:44 AM | Attr = ]
{44226DFF-747E-4edc-B30C-78752E50CD0C} -> Reg Data - Value does not exist [ButtonText: ATI TV] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&xport to Microsoft Excel -> -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> Intertrust Technologies, Inc. [Ver = 1.0.0.32 | Size = 270336 bytes | Modified Date = 01/08/2001 5:05:42 PM | Attr = ]
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> Reg Data - Key not found [Display Panning CPL Extension] -> File not found
{45A9B2C0-0D04-4AE6-B2F6-544B5C5E1EF3} [HKLM] -> Reg Data - Key not found [ProxyExtExt Extension] -> File not found
{5E2121EE-0300-11D4-8D3B-444553540000} [HKLM] -> %ProgramFiles%\ATI Technologies\ATI.ACE\atiacmxx.dll [Catalyst Context Menu extension] -> [Ver = 1, 0, 0, 1 | Size = 73728 bytes | Modified Date = 19/10/2005 2:17:58 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 12/12/2005 7:00:00 AM | Attr = ]
{8A4DE897-E609-4670-8E8F-B813B8DF31A3} [HKLM] -> Reg Data - Key not found [PegasusExtExt Extension] -> File not found
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
{acb4a560-3606-11d3-aef4-00104bd0f92d} [HKLM] -> %CommonProgramFiles%\Kodak\ifscore\KodakShX.dll [KodakShellExtension] -> Eastman Kodak Company [Ver = 2.0.2300.3 | Size = 183296 bytes | Modified Date = 30/03/2005 11:53:42 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 126464 bytes | Modified Date = 13/09/2006 11:20:24 PM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 30/10/2006 9:36:36 AM | Attr = ]
{E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing LP [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 06/04/2006 9:00:00 AM | Attr = ]
{E0D79305-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing LP [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 06/04/2006 9:00:00 AM | Attr = ]
{E0D79306-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing LP [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 06/04/2006 9:00:00 AM | Attr = ]
{E0D79307-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing LP [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 06/04/2006 9:00:00 AM | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2237 | Size = 49198 bytes | Modified Date = 06/09/2006 8:11:12 AM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 06/10/2006 6:40:48 AM | Attr = ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
{DB85C504-C730-49DD-BEC1-7B39C6103B7A} [HKLM] -> %ProgramFiles%\MagicISO\misosh.dll [MagicISO] -> MagicISO, Inc. [Ver = 5, 3, 0, 198 | Size = 20992 bytes | Modified Date = 05/06/2006 1:06:22 PM | Attr = ]
{162EFDC5-2957-465D-887B-590AF4A7E84D} [HKLM] -> Reg Data - Key not found [MCVSRIGHTCLICKSCANNER] -> File not found
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 13/09/2006 11:20:24 PM | Attr = ]
{E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing LP [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 06/04/2006 9:00:00 AM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 06/10/2006 6:40:48 AM | Attr = ]
{DB85C504-C730-49DD-BEC1-7B39C6103B7A} [HKLM] -> %ProgramFiles%\MagicISO\misosh.dll [MagicISO] -> MagicISO, Inc. [Ver = 5, 3, 0, 198 | Size = 20992 bytes | Modified Date = 05/06/2006 1:06:22 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 13/09/2006 11:20:24 PM | Attr = ]
{E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing LP [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 06/04/2006 9:00:00 AM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{5E2121EE-0300-11D4-8D3B-444553540000} [HKLM] -> %ProgramFiles%\ATI Technologies\ATI.ACE\atiacmxx.dll [ACE] -> [Ver = 1, 0, 0, 1 | Size = 73728 bytes | Modified Date = 19/10/2005 2:17:58 AM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 14/11/2006 5:54:52 PM | Attr = ]
{54F51408-DD44-4a12-82EF-519AD2A80DE9} [HKLM] -> %ProgramFiles%\ATI Multimedia\mlibrary\MLShell.dll [Library] -> ATI Technologies Inc. [Ver = 9.15.001 | Size = 61440 bytes | Modified Date = 12/07/2006 9:08:36 PM | Attr = ]
{DB85C504-C730-49DD-BEC1-7B39C6103B7A} [HKLM] -> %ProgramFiles%\MagicISO\misosh.dll [MagicISO] -> MagicISO, Inc. [Ver = 5, 3, 0, 198 | Size = 20992 bytes | Modified Date = 05/06/2006 1:06:22 PM | Attr = ]
{162EFDC5-2957-465D-887B-590AF4A7E84D} [HKLM] -> Reg Data - Key not found [MCVSRIGHTCLICKSCANNER] -> File not found
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 13/09/2006 11:20:24 PM | Attr = ]
{E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing LP [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 06/04/2006 9:00:00 AM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 13/12/2004 6:20:02 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/pub/shock...director/sw.cab ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase = http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1163546822906 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase = http://www.crucial.com/controls/cpcScanner.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab ->


[Files - Created Wihin 30 days]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\Fonts\AdobeFnt.lst -> [Ver = | Size = 118 bytes | Created Date = 25/12/2006 5:23:41 PM | Attr = ]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\TypeSpt\AdobeFnt.lst -> [Ver = | Size = 21761 bytes | Created Date = 25/12/2006 5:23:41 PM | Attr = ]
Aac.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\Aac.dll -> Ahead Software AG [Ver = 2, 5, 9, 991 | Size = 1990656 bytes | Created Date = 25/12/2006 11:42:28 AM | Attr = ]
aacenc32.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\aacenc32.dll -> Nero AG [Ver = 3,2,0,28 | Size = 1150976 bytes | Created Date = 25/12/2006 11:42:19 AM | Attr = ]
Aiff.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\Aiff.dll -> Ahead Software AG [Ver = 2, 0, 1, 0 | Size = 73814 bytes | Created Date = 25/12/2006 11:42:24 AM | Attr = ]
DefConvertor.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\DefConvertor.dll -> [Ver = 2, 0, 2, 0 | Size = 57446 bytes | Created Date = 25/12/2006 11:42:24 AM | Attr = ]
lame_enc.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\lame_enc.dll -> www.mp3dev.org [Ver = 3, 93, 1, 0 | Size = 208896 bytes | Created Date = 25/12/2006 11:42:40 AM | Attr = ]
mp3PP.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\mp3PP.dll -> Ahead Software AG [Ver = 1, 0, 0, 9 | Size = 553049 bytes | Created Date = 25/12/2006 11:42:39 AM | Attr = ]
mp3PRO.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\mp3PRO.dll -> Ahead Software AG [Ver = 2, 0, 4, 8 | Size = 1577050 bytes | Created Date = 25/12/2006 11:42:40 AM | Attr = ]
mp3PRO_dmo.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\mp3PRO_dmo.dll -> Ahead Software AG [Ver = 2, 0, 0, 16 | Size = 94306 bytes | Created Date = 25/12/2006 11:42:40 AM | Attr = ]
mp3PRO_hlp.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\mp3PRO_hlp.dll -> Ahead Software AG [Ver = 2, 0, 0, 16 | Size = 86119 bytes | Created Date = 25/12/2006 11:42:40 AM | Attr = ]
msa.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\msa.dll -> Nero AG [Ver = 2, 0, 9, 37 | Size = 304640 bytes | Created Date = 25/12/2006 11:42:25 AM | Attr = ]
ogg.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\ogg.dll -> Ahead Software AG [Ver = 1, 0, 0, 6 | Size = 1601625 bytes | Created Date = 25/12/2006 11:42:29 AM | Attr = ]
wav.dll -> %CommonProgramFiles%\Ahead\AudioPlugins\wav.dll -> Ahead Software AG [Ver = 2, 0, 2, 0 | Size = 98388 bytes | Created Date = 25/12/2006 11:42:25 AM | Attr = ]
aacplus.dll -> %CommonProgramFiles%\Ahead\DSFilter\aacplus.dll -> Nero AG [Ver = 3,2,0,28 | Size = 303104 bytes | Created Date = 25/12/2006 11:42:19 AM | Attr = ]
dvddisc.dll -> %CommonProgramFiles%\Ahead\DSFilter\dvddisc.dll -> Nero AG [Ver = 3,2,0,2 | Size = 77824 bytes | Created Date = 25/12/2006 11:42:19 AM | Attr = ]
em2v.dll -> %CommonProgramFiles%\Ahead\DSFilter\em2v.dll -> Nero AG [Ver = 3, 2, 0, 24b | Size = 176128 bytes | Created Date = 25/12/2006 11:42:19 AM | Attr = ]
NDParser.ax -> %CommonProgramFiles%\Ahead\DSFilter\NDParser.ax -> Nero AG [Ver = 3,2,0,28 | Size = 352256 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
ndvddisc.dll -> %CommonProgramFiles%\Ahead\DSFilter\ndvddisc.dll -> Nero AG [Ver = 3,2,0,2 | Size = 90112 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
NeAcEnc.dll -> %CommonProgramFiles%\Ahead\DSFilter\NeAcEnc.dll -> Nero AG [Ver = 3,2,0,28 | Size = 184320 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
NeAMR.dll -> %CommonProgramFiles%\Ahead\DSFilter\NeAMR.dll -> Nero AG [Ver = 3,2,0,28 | Size = 372736 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
NeAudCD.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeAudCD.ax -> Nero AG [Ver = 3,2,0,28 | Size = 233472 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
NeAudio.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeAudio.ax -> Nero AG [Ver = 3,2,0,28 | Size = 656896 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
NeAudioConv.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeAudioConv.ax -> Nero AG [Ver = 3,2,0,28 | Size = 217088 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
NeCapture.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeCapture.ax -> Nero AG [Ver = 3,2,0,28 | Size = 139264 bytes | Created Date = 25/12/2006 11:42:20 AM | Attr = ]
NeDVD.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeDVD.ax -> Nero AG [Ver = 3,2,0,28 | Size = 942080 bytes | Created Date = 25/12/2006 11:42:21 AM | Attr = ]
NeDVSplitter.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeDVSplitter.ax -> Nero AG [Ver = 3,2,0,28 | Size = 176128 bytes | Created Date = 25/12/2006 11:42:21 AM | Attr = ]
NeEm2a.dll -> %CommonProgramFiles%\Ahead\DSFilter\NeEm2a.dll -> Nero AG [Ver = 3,2,0,28 | Size = 303104 bytes | Created Date = 25/12/2006 11:42:21 AM | Attr = ]
NeFileSourceAsync.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeFileSourceAsync.ax -> Ahead Software AG [Ver = 3,2,0,28 | Size = 241664 bytes | Created Date = 25/12/2006 11:42:21 AM | Attr = ]
NeFileSrc.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeFileSrc.ax -> Nero AG [Ver = 3,2,0,28 | Size = 86016 bytes | Created Date = 25/12/2006 11:42:21 AM | Attr = ]
NeFSource.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeFSource.ax -> Nero AG [Ver = 3,2,0,28 | Size = 413696 bytes | Created Date = 25/12/2006 11:42:21 AM | Attr = ]
NeNDAud.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeNDAud.ax -> Nero AG [Ver = 3,2,0,28 | Size = 352256 bytes | Created Date = 25/12/2006 11:42:21 AM | Attr = ]
NeNDGui.dll -> %CommonProgramFiles%\Ahead\DSFilter\NeNDGui.dll -> Nero AG [Ver = 3,2,0,28 | Size = 1609728 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NeNDMux.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeNDMux.ax -> Nero AG [Ver = 3,2,0,28 | Size = 430080 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NeNDVid.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeNDVid.ax -> Nero AG [Ver = 3,2,0,28 | Size = 995328 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NePhotoSource.ax -> %CommonProgramFiles%\Ahead\DSFilter\NePhotoSource.ax -> Ahead Software AG [Ver = 3,2,0,28 | Size = 237568 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NePSMuxer.ax -> %CommonProgramFiles%\Ahead\DSFilter\NePSMuxer.ax -> [Ver = | Size = 98304 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NeQTDec.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeQTDec.ax -> Nero AG [Ver = 3,2,0,28 | Size = 61440 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NeRender.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeRender.ax -> Nero AG [Ver = 3,2,0,28 | Size = 69632 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NeResize.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeResize.ax -> Nero AG [Ver = 3,2,0,2 | Size = 65536 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
neroadb.dll -> %CommonProgramFiles%\Ahead\DSFilter\neroadb.dll -> Nero AG [Ver = 3, 2, 0, 28 | Size = 94208 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
neroapl.dll -> %CommonProgramFiles%\Ahead\DSFilter\neroapl.dll -> Nero AG [Ver = 3, 2, 0, 28 | Size = 73728 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NeroFormatConv.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeroFormatConv.ax -> Nero AG [Ver = 3,2,0,28 | Size = 143360 bytes | Created Date = 25/12/2006 11:42:22 AM | Attr = ]
NeroVideoProc.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeroVideoProc.ax -> Nero AG [Ver = 3,2,0,28 | Size = 155648 bytes | Created Date = 25/12/2006 11:42:23 AM | Attr = ]
NeSceneDetector.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeSceneDetector.ax -> Nero AG [Ver = 3,2,0,28 | Size = 77824 bytes | Created Date = 25/12/2006 11:42:23 AM | Attr = ]
NeSplitter.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeSplitter.ax -> Nero AG [Ver = 3,2,0,28 | Size = 204800 bytes | Created Date = 25/12/2006 11:42:23 AM | Attr = ]
NeVcd.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeVcd.ax -> Nero AG [Ver = 3,2,0,28 | Size = 196608 bytes | Created Date = 25/12/2006 11:42:23 AM | Attr = ]
NeVCR.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeVCR.ax -> Nero AG [Ver = 3,2,0,28 | Size = 495616 bytes | Created Date = 25/12/2006 11:42:23 AM | Attr = ]
NeVcr.dll -> %CommonProgramFiles%\Ahead\DSFilter\NeVcr.dll -> Nero AG [Ver = 3,2,0,28 | Size = 278602 bytes | Created Date = 25/12/2006 11:42:24 AM | Attr = ]
NeVideo.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeVideo.ax -> Nero AG [Ver = 3,2,0,28 | Size = 1037312 bytes | Created Date = 25/12/2006 11:42:24 AM | Attr = ]
NeVideoAnalyzer.ax -> %CommonProgramFiles%\Ahead\DSFilter\NeVideoAnalyzer.ax -> Nero AG [Ver = 3,2,0,28 | Size = 131072 bytes | Created Date = 25/12/2006 11:42:24 AM | Attr = ]
AdvrCntr.dll -> %CommonProgramFiles%\Ahead\Lib\AdvrCntr.dll -> Ahead Software AG [Ver = 1,3,6, 2318 | Size = 2478146 bytes | Created Date = 25/12/2006 11:42:28 AM | Attr = ]
apreg.dll -> %CommonProgramFiles%\Ahead\Lib\apreg.dll -> Ahead Software AG [Ver = 2, 0, 0, 7 | Size = 540750 bytes | Created Date = 25/12/2006 11:42:27 AM | Attr = ]
DriveLocker.dll -> %CommonProgramFiles%\Ahead\Lib\DriveLocker.dll -> Ahead Software AG [Ver = 1, 0, 0, 17 | Size = 139264 bytes | Created Date = 25/12/2006 11:42:25 AM | Attr = ]
MultiChannel.dll -> %CommonProgramFiles%\Ahead\Lib\MultiChannel.dll -> Nero AG [Ver = 3,2,0,2 | Size = 311296 bytes | Created Date = 25/12/2006 11:42:19 AM | Attr = ]
NeroCBUI.dll -> %CommonProgramFiles%\Ahead\Lib\NeroCBUI.dll -> Nero AG [Ver = 1, 6, 0, 2 | Size = 1150976 bytes | Created Date = 25/12/2006 11:42:25 AM | Attr = ]
NeroIPP.dll -> %CommonProgramFiles%\Ahead\Lib\NeroIPP.dll -> Nero AG [Ver = 3,2,0,28 | Size = 1564672 bytes | Created Date = 25/12/2006 11:42:23 AM | Attr = ]
NeroMediaCon.dll -> %CommonProgramFiles%\Ahead\Lib\NeroMediaCon.dll -> Nero AG [Ver = 3,2,0,28 | Size = 651264 bytes | Created Date = 25/12/2006 11:42:23 AM | Attr = ]
specialoffer.exe -> %CommonProgramFiles%\Ahead\Lib\specialoffer.exe -> Nero AG [Ver = 1, 0, 0, 3 | Size = 557056 bytes | Created Date = 25/12/2006 11:42:29 AM | Attr = ]
Uninst.dll -> %CommonProgramFiles%\Adobe\Acrobat 5.0\NT\Uninst.dll -> Adobe Systems, Inc. [Ver = 5.0.5.0 | Size = 81920 bytes | Created Date = 25/12/2006 11:37:42 AM | Attr = ]
Uninst.isu -> %CommonProgramFiles%\Adobe\Acrobat 5.0\NT\Uninst.isu -> [Ver = | Size = 114440 bytes | Created Date = 25/12/2006 11:37:41 AM | Attr = ]
lgfwup.ini -> %SystemRoot%\lgfwup.ini -> [Ver = | Size = 0 bytes | Created Date = 25/12/2006 11:38:18 AM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Created Date = 25/12/2006 4:01:26 PM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 14/01/2007 6:19:09 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 14/01/2007 6:19:09 PM | Attr = H ]
ImagX7.dll -> %System32%\ImagX7.dll -> Pegasus Imaging Corp. [Ver = 7.0.46.0 | Size = 1568768 bytes | Created Date = 25/12/2006 11:42:26 AM | Attr = ]
ImagXpr7.dll -> %System32%\ImagXpr7.dll -> Pegasus Imaging Corp. [Ver = 7.0.46.0 | Size = 476320 bytes | Created Date = 25/12/2006 11:42:26 AM | Attr = ]
ImagXR7.dll -> %System32%\ImagXR7.dll -> Pegasus Imaging Corp. [Ver = 7.0.476.0 | Size = 262144 bytes | Created Date = 25/12/2006 11:42:26 AM | Attr = ]
ImagXRA7.dll -> %System32%\ImagXRA7.dll -> Pegasus Imaging Corp. [Ver = 7.0.476.0 | Size = 471040 bytes | Created Date = 25/12/2006 11:42:26 AM | Attr = ]
NeroCheck.exe -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Created Date = 25/12/2006 11:42:24 AM | Attr = ]
TwnLib20.dll -> %System32%\TwnLib20.dll -> Pegasus Software [Ver = 2.02.010 | Size = 106496 bytes | Created Date = 25/12/2006 11:42:31 AM | Attr = ]
TwnLib4.dll -> %System32%\TwnLib4.dll -> Pegasus Imaging Corp. [Ver = 4.0.14.0 | Size = 364544 bytes | Created Date = 25/12/2006 11:42:31 AM | Attr = ]
Pcouffin.sys -> %System32%\drivers\Pcouffin.sys -> VSO Software [Ver = 1.28 | Size = 39488 bytes | Created Date = 16/12/2006 11:53:12 PM | Attr = ]

[Files - Modified Wihin 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 07/01/2007 12:24:24 AM | Attr = HS]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\Fonts\AdobeFnt.lst -> [Ver = | Size = 118 bytes | Modified Date = 25/12/2006 5:23:42 PM | Attr = ]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\TypeSpt\AdobeFnt.lst -> [Ver = | Size = 21761 bytes | Modified Date = 25/12/2006 5:23:42 PM | Attr = ]
Uninst.isu -> %CommonProgramFiles%\Adobe\Acrobat 5.0\NT\Uninst.isu -> [Ver = | Size = 114440 bytes | Modified Date = 25/12/2006 11:37:50 AM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 14/01/2007 3:46:36 PM | Attr = S]
lgfwup.ini -> %SystemRoot%\lgfwup.ini -> [Ver = | Size = 0 bytes | Modified Date = 25/12/2006 11:44:44 AM | Attr = ]
mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 3092 bytes | Modified Date = 24/12/2006 12:27:06 AM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 13/01/2007 11:36:58 PM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 14/01/2007 6:19:10 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 14/01/2007 6:19:10 PM | Attr = H ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 246 bytes | Modified Date = 07/01/2007 12:24:24 AM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 589 bytes | Modified Date = 14/01/2007 1:38:42 AM | Attr = ]
auto.ini -> %System32%\auto.ini -> [Ver = | Size = 17 bytes | Modified Date = 14/01/2007 3:47:14 PM | Attr = ]
micr0st.dll -> %System32%\micr0st.dll -> [Ver = | Size = 4 bytes | Modified Date = 28/12/2006 8:22:26 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 14/01/2007 3:47:14 PM | Attr = ]
Pcouffin.sys -> %System32%\drivers\Pcouffin.sys -> VSO Software [Ver = 1.28 | Size = 39488 bytes | Modified Date = 16/12/2006 11:53:14 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Adobe\ESD\AdobeDownloadManager.exe -> Adobe Systems [Ver = 2.0.0.43 | Size = 414208 bytes | Modified Date = 12/11/2004 10:36:04 PM | Attr = ]
Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 02/03/2006 9:18:34 AM | Attr = ]
USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 12/10/2006 3:41:58 AM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 06/09/2006 8:11:22 AM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Modified Date = 06/09/2006 8:11:22 AM | Attr = ]
WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.10 | Size = 13469696 bytes | Modified Date = 13/11/2003 3:36:40 AM | Attr = ]
UPX! , UPX0 , -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 5, 0 | Size = 284672 bytes | Modified Date = 01/09/2004 9:49:56 AM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 12/12/2005 7:00:00 AM | Attr = ]
PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 635486 bytes | Modified Date = 02/10/2006 2:04:40 PM | Attr = ]
WSUD , -> %System32%\NATURALSCREENSAVER.DAT -> [Ver = | Size = 4393810 bytes | Modified Date = 12/12/2005 7:00:00 AM | Attr = ]
UPX! , UPX0 , -> %System32%\vbskpro2.ocx -> JB [Ver = 2.01 | Size = 412672 bytes | Modified Date = 08/08/2005 5:07:00 PM | Attr = ]
UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 14/11/2006 5:54:58 PM | Attr = ]

< End of report >

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:10 PM

Posted 15 January 2007 - 05:17 PM

Hi alexdbest2000. I don't see any infection problems but we can do a little cleanup of left-overs.

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Registry - Non-Microsoft Only]
< Disabled MSConfig Folder Items[HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\
YN -> C:^Documents and Settings^Alex^Start Menu^Programs^Startup^Calendar 2000.lnk -> Reg Data - Value does not exist
YN -> C:^Documents and Settings^Alex^Start Menu^Programs^Startup^LimeWire On Startup.lnk -> Reg Data - Value does not exist
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
YN -> Aups -> Reg Data - Value does not exist
YN -> AVG7_CC -> Reg Data - Value does not exist
YN -> BearShare -> Reg Data - Value does not exist
YN -> Ddd -> Reg Data - Value does not exist
YN -> EA Core -> Reg Data - Value does not exist
YN -> EbatesMoeMoneyMaker ->
YN -> InCD -> Reg Data - Value does not exist
YN -> MskAgentexe -> Reg Data - Value does not exist
YN -> PSPVideo9 -> Reg Data - Value does not exist
YN -> swg -> Reg Data - Value does not exist
YN -> WeatherBug -> Reg Data - Value does not exist
YN -> Zone Labs Client -> Reg Data - Value does not exist
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
YN -> {F89688C0-370E-4E5D-A473-299B383A41E5} [HKLM] -> Reg Data - Key not found [NSIS Media Extension]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
YN -> {44226DFF-747E-4edc-B30C-78752E50CD0C} -> Reg Data - Value does not exist [ButtonText: ATI TV]
YN -> {92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research]
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
YN -> {45A9B2C0-0D04-4AE6-B2F6-544B5C5E1EF3} [HKLM] -> Reg Data - Key not found [ProxyExtExt Extension]
YN -> {8A4DE897-E609-4670-8E8F-B813B8DF31A3} [HKLM] -> Reg Data - Key not found [PegasusExtExt Extension]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
YN -> {162EFDC5-2957-465D-887B-590AF4A7E84D} [HKLM] -> Reg Data - Key not found [MCVSRIGHTCLICKSCANNER]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
YN -> {162EFDC5-2957-465D-887B-590AF4A7E84D} [HKLM] -> Reg Data - Key not found [MCVSRIGHTCLICKSCANNER]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here and I will review it when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users