WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding. If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly. »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Logfile created on: 11/24/2006 3:13:54 AM WinPFind v1.5.0 Folder = C:\Documents and Settings\Vi\Desktop\WinPFind\WinPFind\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 6.0.2900.2180) »»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»» Checking %SystemDrive% folder... Checking %ProgramFilesDir% folder... Checking %WinDir% folder... Items found in C:\WINDOWS\hosts Checking %System% folder... PEC2 3/31/2003 4:00:00 AM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc () PEC2 4/9/2006 9:40:52 PM 619668 C:\WINDOWS\SYSTEM32\DivX.dll (DivX, Inc.) PECompact2 4/9/2006 9:40:52 PM 619668 C:\WINDOWS\SYSTEM32\DivX.dll (DivX, Inc.) PTech 6/19/2006 3:19:42 PM 571184 C:\WINDOWS\SYSTEM32\LegitCheckControl.dll (Microsoft Corporation) PECompact2 11/15/2006 9:20:40 PM 10474920 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation) aspack 11/15/2006 9:20:40 PM 10474920 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation) aspack 8/3/2004 11:56:36 PM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll (Microsoft Corporation) WSUD 8/3/2004 11:56:58 PM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation) Umonitor 8/3/2004 11:56:44 PM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll (Microsoft Corporation) winsync 3/31/2003 4:00:00 AM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu () PTech 6/19/2006 3:19:26 PM 304944 C:\WINDOWS\SYSTEM32\WgaTray.exe (Microsoft Corporation) Checking %System%\Drivers folder and sub-folders... PTech 8/3/2004 9:41:38 PM 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys (Smart Link) Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts Checking the Windows folder and sub-folders for system and hidden files within the last 60 days... 11/24/2006 3:12:08 AM S 2048 C:\WINDOWS\bootstat.dat () 11/23/2006 10:17:58 PM H 54156 C:\WINDOWS\QTFont.qfn () 10/5/2006 11:56:52 AM H 66752 C:\WINDOWS\Minidump\Mini100506-01.dmp () 10/5/2006 5:28:32 PM H 66752 C:\WINDOWS\Minidump\Mini100506-02.dmp () 10/6/2006 12:34:20 AM H 66752 C:\WINDOWS\Minidump\Mini100606-01.dmp () 11/12/2006 12:15:44 AM H 66752 C:\WINDOWS\Minidump\Mini111206-01.dmp () 11/15/2006 10:15:58 PM H 66752 C:\WINDOWS\Minidump\Mini111506-01.dmp () 10/16/2006 7:35:46 AM S 10965 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920213.cat () 10/13/2006 4:55:52 AM S 10965 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923980.cat () 10/13/2006 5:33:10 AM S 10259 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924270.cat () 11/24/2006 3:11:58 AM H 8192 C:\WINDOWS\system32\config\default.LOG () 11/24/2006 3:12:28 AM H 1024 C:\WINDOWS\system32\config\SAM.LOG () 11/24/2006 3:12:10 AM H 16384 C:\WINDOWS\system32\config\SECURITY.LOG () 11/24/2006 3:13:34 AM H 143360 C:\WINDOWS\system32\config\software.LOG () 11/24/2006 3:12:14 AM H 962560 C:\WINDOWS\system32\config\system.LOG () 11/18/2006 5:46:52 PM H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG () 11/7/2006 3:01:36 AM S 558 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD () 11/7/2006 3:01:36 AM S 146 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD () 11/15/2006 11:06:32 AM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\a3ea6b25-4729-4ea9-b73b-5d7e38ba76dd () 11/15/2006 11:06:32 AM HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred () 9/25/2006 5:59:06 AM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\2e7bf1ca-56d1-42eb-9899-82b5b01957ec () 9/25/2006 5:59:06 AM HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred () 11/24/2006 3:11:20 AM H 6 C:\WINDOWS\Tasks\SA.DAT () Checking for CPL files... 8/3/2004 11:56:58 PM 68608 C:\WINDOWS\SYSTEM32\access.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 135168 C:\WINDOWS\SYSTEM32\desk.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 80384 C:\WINDOWS\SYSTEM32\firewall.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl (Microsoft Corporation) 4/6/2003 11:14:30 PM 94208 C:\WINDOWS\SYSTEM32\igfxcpl.cpl (Intel Corporation) 8/3/2004 11:56:58 PM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 129536 C:\WINDOWS\SYSTEM32\intl.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 68608 C:\WINDOWS\SYSTEM32\joy.cpl (Microsoft Corporation) 4/13/2005 3:48:52 AM 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl (Sun Microsystems, Inc.) 3/31/2003 4:00:00 AM 187904 C:\WINDOWS\SYSTEM32\main.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl (Microsoft Corporation) 3/31/2003 4:00:00 AM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl (Microsoft Corporation) 3/31/2003 4:00:00 AM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl (Microsoft Corporation) 8/3/2004 11:56:58 PM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl (Microsoft Corporation) 12/5/2003 12:33:12 PM 118784 C:\WINDOWS\SYSTEM32\tvtuner.cpl (Sony Corporation) 12/4/1999 3:11:30 AM 151552 C:\WINDOWS\SYSTEM32\UILib.cpl (Sony Corporation) 8/3/2004 11:56:58 PM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl (Microsoft Corporation) 5/26/2005 3:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl (Microsoft Corporation) 4/6/2003 11:14:30 PM 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0011\DriverFiles\igfxcpl.cpl (Intel Corporation) Checking for Downloaded Program Files... {0E5F0222-96B9-11D3-8997-00104BD12D94} - PCPitstop Utility - CodeBase = http://pcpitstop.com/pcpitstop/PCPitStop.CAB {14B87622-7E19-4EA8-93B3-97215F77A6BC} - MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll {8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_03 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab {B8BE5E93-A60C-4D26-A2DC-220313175592} - ZoneIntro Class - CodeBase = http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} - Java Plug-in 1.4.2_01 - CodeBase = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - Java Plug-in 1.5.0_03 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - Solitaire Showdown Class - CodeBase = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab »»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»» Checking files in %ALLUSERSPROFILE%\Startup folder... 4/3/2006 6:47:26 PM 1757 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk () 3/31/2004 1:07:48 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini () 10/2/2005 10:15:52 PM 1730 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk () 6/30/2005 3:35:50 PM 527 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk () Checking files in %ALLUSERSPROFILE%\Application Data folder... 3/31/2004 5:03:40 AM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini () 3/22/2006 8:09:36 AM 3328 C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache () Checking files in %USERPROFILE%\Startup folder... 3/31/2004 1:07:48 PM HS 84 C:\Documents and Settings\Vi\Start Menu\Programs\Startup\desktop.ini () Checking files in %USERPROFILE%\Application Data folder... 3/31/2004 5:03:40 AM HS 62 C:\Documents and Settings\Vi\Application Data\desktop.ini () »»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»» >>> Internet Explorer Settings <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] \\Start Page - http://www.yahoo.com/ \\Search Bar - http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html \\Search Page - http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com \\Default_Page_URL - http://www.yahoo.com/ \\Default_Search_URL - http://www.google.com/ie \\Local Page - %SystemRoot%\system32\blank.htm [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main] \\Start Page - http://www.sony.com/vaiopeople \\Search Bar - http://www.google.com/ie \\Search Page - http://www.google.com \\Local Page - C:\WINDOWS\system32\blank.htm [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] \\CustomizeSearch - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm \\SearchAssistant - http://www.google.com/ie [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search] \\SearchAssistant - http://www.google.com/ie [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] \\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation) \\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) >>> BHO's <<< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] \{02478D38-C3F9-4EFB-9B51-7695ECA05670} - Yahoo! Toolbar Helper = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) \{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) \{53707962-6F74-2D53-2644-206D7942484F} - = C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) \{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - Yahoo! IE Services Button = C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) \{9030D464-4C02-4ABF-8ECC-5164760863C6} - Windows Live Sign-in Helper = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) \{9ECB9560-04F9-4bbc-943D-298DDF1699E1} - CNisExtBho Class = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation) \{AA58ED58-01DD-4d91-8333-CF10577473F7} - Google Toolbar Helper = c:\program files\google\googletoolbar2.dll (Google Inc.) \{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar Helper = C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) \{BDF3E430-B101-42AD-A544-FADC6B084872} - CNavExtBho Class = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation) >>> Internet Explorer Bars, Toolbars and Extensions <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] \{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars] \{32683183-48a0-441b-a342-7c2a440a9478} - = () [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] \\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation) \\{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar2.dll (Google Inc.) \\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar = C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) \\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar] \ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation) \ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\System32\browseui.dll (Microsoft Corporation) \WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\System32\browseui.dll (Microsoft Corporation) \WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar2.dll (Google Inc.) \WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Web assistant = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation) \WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation) \WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) \WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar = C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\CmdMapping] \\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8192 = Sun Java Console \\NEXTID - 8201 \\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8193 = \\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - 8195 = \\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - 8197 = PartyPoker.com \\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - 8198 = \\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - 8199 = Yahoo! Messenger \\{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8200 = Windows Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] \{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = () \{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - ButtonText: Yahoo! Services = \{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - ButtonText: AIM = C:\Program Files\AIM\aim.exe (America Online, Inc.) \{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - ButtonText: PartyPoker.com = C:\Program Files\PartyGaming\PartyPoker\RunApp.exe () \{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - ButtonText: Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) \{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) >>> Approved Shell Extensions (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] \\{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll () \\{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = () \\{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = () \\{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\System32\hticons.dll (Hilgraeve, Inc.) \\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = () \\{32683183-48a0-441b-a342-7c2a440a9478} - Media Band = () \\{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = () \\{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - Shell Extensions for RealOne Player = C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc.) \\{5464D816-CF16-4784-B9F3-75C0DB52B499} - Yahoo! Mail = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc.) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] >>> Context Menu Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers] \ResizeShellExt - {933E93E1-B249-46BA-8F1B-B1D9A12AE7C0} = C:\Program Files\XemiComputers\Photo Gadget\ShellResize.dll () \Symantec.Norton.Antivirus.IEContextMenu - {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation) \Yahoo! Mail - {5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc.) [HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers] \igfxcui - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = C:\WINDOWS\System32\igfxpph.dll (Intel Corporation) [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers] \Symantec.Norton.Antivirus.IEContextMenu - {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation) >>> Column Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers] \{F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Column Info = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.) >>> Registry Run Keys <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] AGRSMMSG - C:\WINDOWS\AGRSMMSG.exe (Agere Systems) IgfxTray - C:\WINDOWS\System32\igfxtray.exe (Intel Corporation) HotKeysCmds - C:\WINDOWS\System32\hkcmd.exe (Intel Corporation) ATIPTA - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) VAIO Update 2 - C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation) ezShieldProtector for Px - C:\WINDOWS\System32\ezSP_Px.exe (Easy Systems Japan Ltd.) ccApp - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) URLLSTCK.exe - C:\Program Files\Norton Internet Security\UrlLstCk.exe (Symantec Corporation) VAIO Recovery - C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc) Symantec NetDriver Monitor - C:\PROGRA~1\SYMNET~1\SNDMon.exe (Symantec Corporation) QuickTime Task - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) TkBellExe - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MSConfig - C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] IMAIL Installed = 1 MAPI Installed = 1 MSFS Installed = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] AIM - C:\Program Files\AIM\aim.exe -cnetwait.odl () FreeRAM XP - C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions (TM)) Steam - C:\Documents and Settings\Steam\Steam.exe (Valve Corporation) swg - C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run] >>> Startup Links <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Common Startup] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini () C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk - C:\Program Files\sony\usbsircs\usbsircs.exe (Sony Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Startup] C:\Documents and Settings\Vi\Start Menu\Programs\Startup\desktop.ini () >>> MSConfig Disabled Items <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state system.ini 0 win.ini 0 bootini 2 services 0 startup 0 [All Users Startup Folder Disabled Items] [Current User Startup Folder Disabled Items] >>> User Agent Post Platform <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] \\SV1 - >>> AppInit Dll's <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs] >>> Image File Execution Options <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] \Your Image File Name Here without a path - Debugger = ntsd -d >>> Shell Service Object Delay Load <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] \\PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \\CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \\WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll (Microsoft Corporation) \\SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll (Microsoft Corporation) >>> Shell Execute Hooks <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] \\{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation) >>> Shared Task Scheduler <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] \\{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\System32\browseui.dll (Microsoft Corporation) \\{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\System32\browseui.dll (Microsoft Corporation) >>> Winlogon <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] \\UserInit = C:\WINDOWS\system32\userinit.exe, \\Shell = Explorer.exe \\System = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] \crypt32chain - crypt32.dll = (Microsoft Corporation) \cryptnet - cryptnet.dll = (Microsoft Corporation) \cscdll - cscdll.dll = (Microsoft Corporation) \igfxcui - igfxsrvc.dll = (Intel Corporation) \ScCertProp - wlnotify.dll = (Microsoft Corporation) \Schedule - wlnotify.dll = (Microsoft Corporation) \sclgntfy - sclgntfy.dll = (Microsoft Corporation) \SensLogn - WlNotify.dll = (Microsoft Corporation) \termsrv - wlnotify.dll = (Microsoft Corporation) \WgaLogon - WgaLogon.dll = (Microsoft Corporation) \wlballoon - wlnotify.dll = (Microsoft Corporation) >>> DNS Name Servers <<< {7119509D-54D8-42A2-A2BE-DF7CDD4F6DFD} - (1394 Net Adapter) {A75EA991-9622-45DA-8887-AA4851ED3899} - () {BF4799B5-CDE2-40DB-8361-4AB70D89C196} - (Intel(R) PRO/100 VE Network Connection) >>> All Winsock2 Catalogs <<< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries] \000000000001\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation) \000000000002\\LibraryPath - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation) \000000000003\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries] \000000000001\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000002\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000003\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000004\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation) \000000000005\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation) \000000000006\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000007\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000008\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000009\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000010\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000011\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000012\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000013\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000014\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000015\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000016\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000017\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000018\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000019\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) >>> Protocol Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler] \ipp - () \msdaipp - () >>> Protocol Filters (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter] >>> Selected AddOn's <<< »»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»