it seems Im stuck in safe mode again. its not staying in nomal mode like it was earlier.
but anyway, heres the scan.
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.
If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.
»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Logfile created on: 9/17/2006 5:54:39 AM
WinPFind v1.5.0 Folder = C:\WinPFind\WinPFind\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»
Checking %SystemDrive% folder...
WSUD 6/14/2006 3:55:38 PM 5321978 C:\Ainrtro.gbm ()
WSUD 8/29/2004 4:13:06 PM 1471946 C:\crash.txt ()
UPX! 8/8/2006 3:11:36 AM 58381 C:\windr64.exe ()
Checking %ProgramFilesDir% folder...
Checking %WinDir% folder...
UPX! 8/22/2004 5:04:56 PM 69120 C:\WINDOWS2\daemon.dll ()
UPX! 10/13/2005 9:27:00 PM RHS 422400 C:\WINDOWS2\x2.64.exe ()
Checking %System% folder...
UPX! 10/7/2005 7:14:52 PM RHS 308224 C:\WINDOWS2\SYSTEM32\avisynth.dll (The Public)
UPX! 7/9/2004 3:47:04 AM RHS 167936 C:\WINDOWS2\SYSTEM32\CoreAAC.ax ()
aspack 3/18/2005 5:19:58 PM 2337488 C:\WINDOWS2\SYSTEM32\d3dx9_25.dll (Microsoft Corporation)
aspack 5/26/2005 3:34:52 PM 2297552 C:\WINDOWS2\SYSTEM32\d3dx9_26.dll (Microsoft Corporation)
aspack 7/22/2005 7:59:04 PM 2319568 C:\WINDOWS2\SYSTEM32\d3dx9_27.dll (Microsoft Corporation)
aspack 12/5/2005 6:09:18 PM 2323664 C:\WINDOWS2\SYSTEM32\d3dx9_28.dll (Microsoft Corporation)
aspack 2/3/2006 8:43:16 AM 2332368 C:\WINDOWS2\SYSTEM32\d3dx9_29.dll (Microsoft Corporation)
aspack 3/31/2006 12:40:58 PM 2388176 C:\WINDOWS2\SYSTEM32\d3dx9_30.dll (Microsoft Corporation)
PEC2 9/3/2002 12:30:40 PM 41397 C:\WINDOWS2\SYSTEM32\dfrg.msc ()
FSG! 2/23/2004 10:44:22 AM 236544 C:\WINDOWS2\SYSTEM32\divxdec.ax (DivXNetworks, Inc.)
UPX! 1/25/2004 RHS 70656 C:\WINDOWS2\SYSTEM32\i420vfw.dll (www.helixcommunity.org)
PTech 6/19/2006 4:19:42 PM 571184 C:\WINDOWS2\SYSTEM32\LegitCheckControl.dll (Microsoft Corporation)
UPX! 5/18/2005 5:22:16 PM 204288 C:\WINDOWS2\SYSTEM32\mpgvout.001 (MainConcept AG)
UPX! 5/18/2005 5:22:16 PM 204288 C:\WINDOWS2\SYSTEM32\mpgvout.002 (MainConcept AG)
UPX! 5/18/2005 5:22:16 PM 205312 C:\WINDOWS2\SYSTEM32\mpgvout.003 (MainConcept AG)
UPX! 5/18/2005 5:22:16 PM 205312 C:\WINDOWS2\SYSTEM32\mpgvout.004 (MainConcept AG)
UPX! 5/18/2005 5:22:16 PM 5632 C:\WINDOWS2\SYSTEM32\mpgvout.dll (MainConcept AG)
PECompact2 8/9/2006 3:03:04 PM 8325544 C:\WINDOWS2\SYSTEM32\MRT.exe (Microsoft Corporation)
aspack 8/9/2006 3:03:04 PM 8325544 C:\WINDOWS2\SYSTEM32\MRT.exe (Microsoft Corporation)
aspack 8/4/2004 3:56:36 AM 708096 C:\WINDOWS2\SYSTEM32\ntdll.dll (Microsoft Corporation)
WSUD 8/4/2004 3:56:58 AM 257024 C:\WINDOWS2\SYSTEM32\nusrmgr.cpl (Microsoft Corporation)
UPX! 2/12/2003 8:56:30 AM 283648 C:\WINDOWS2\SYSTEM32\patin.cpl (VSO Software)
Umonitor 8/4/2004 3:56:44 AM 657920 C:\WINDOWS2\SYSTEM32\rasdlg.dll (Microsoft Corporation)
aspack 5/16/2002 6:12:30 PM 117248 C:\WINDOWS2\SYSTEM32\SKCL.dll (Concept Software, Inc.)
UPX! 4/27/2006 5:49:30 PM 288417 C:\WINDOWS2\SYSTEM32\SrchSTS.exe (S!Ri)
UPX! 1/9/2006 10:36:04 AM 42496 C:\WINDOWS2\SYSTEM32\swreg.exe ()
UPX! 1/9/2006 10:36:06 AM 40960 C:\WINDOWS2\SYSTEM32\swsc.exe ()
winsync 9/3/2002 1:10:48 PM 1309184 C:\WINDOWS2\SYSTEM32\wbdbase.deu ()
PTech 6/19/2006 4:19:26 PM 304944 C:\WINDOWS2\SYSTEM32\WgaTray.exe (Microsoft Corporation)
WSUD 5/9/2006 10:26:34 PM 7706112 C:\WINDOWS2\SYSTEM32\wmploc.dll (Microsoft Corporation)
UPX! 2/28/2005 1:16:22 PM RHS 240128 C:\WINDOWS2\SYSTEM32\x.264.exe ()
UPX! 1/25/2004 RHS 70656 C:\WINDOWS2\SYSTEM32\yv12vfw.dll (www.helixcommunity.org)
Checking %System%\Drivers folder and sub-folders...
PTech 8/4/2004 1:41:38 AM 1309184 C:\WINDOWS2\SYSTEM32\drivers\mtlstrm.sys (Smart Link)
Items found in C:\WINDOWS2\SYSTEM32\drivers\etc\hosts
Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
9/17/2006 5:53:38 AM S 2048 C:\WINDOWS2\bootstat.dat ()
9/16/2006 7:11:00 PM H 54156 C:\WINDOWS2\QTFont.qfn ()
9/2/2006 12:48:22 AM HS 22528 C:\WINDOWS2\Thumbs.db ()
8/14/2006 6:49:48 PM H 0 C:\WINDOWS2\inf\oem11.inf ()
8/14/2006 6:49:48 PM H 0 C:\WINDOWS2\inf\oem11.PNF ()
8/14/2006 6:49:48 PM H 0 C:\WINDOWS2\inf\oem12.inf ()
8/14/2006 6:49:48 PM H 0 C:\WINDOWS2\inf\oem12.PNF ()
8/14/2006 6:49:48 PM H 0 C:\WINDOWS2\inf\oem13.inf ()
8/14/2006 6:49:48 PM H 0 C:\WINDOWS2\inf\oem13.PNF ()
8/14/2006 6:49:50 PM H 0 C:\WINDOWS2\inf\oem14.inf ()
8/14/2006 6:49:50 PM H 0 C:\WINDOWS2\inf\oem14.PNF ()
8/14/2006 6:49:50 PM H 0 C:\WINDOWS2\inf\oem15.inf ()
8/14/2006 6:49:50 PM H 0 C:\WINDOWS2\inf\oem15.PNF ()
8/14/2006 6:49:50 PM H 0 C:\WINDOWS2\inf\oem16.inf ()
8/14/2006 6:49:50 PM H 0 C:\WINDOWS2\inf\oem16.PNF ()
8/14/2006 6:49:56 PM H 0 C:\WINDOWS2\inf\oem17.inf ()
8/14/2006 6:49:56 PM H 0 C:\WINDOWS2\inf\oem17.PNF ()
8/14/2006 6:49:56 PM H 0 C:\WINDOWS2\inf\oem18.inf ()
8/14/2006 6:49:56 PM H 0 C:\WINDOWS2\inf\oem18.PNF ()
9/16/2006 3:40:10 PM H 0 C:\WINDOWS2\LastGood\INF\oem27.inf ()
9/16/2006 3:40:10 PM H 0 C:\WINDOWS2\LastGood\INF\oem27.PNF ()
9/8/2006 12:39:20 AM H 65536 C:\WINDOWS2\Minidump\Mini090806-01.dmp ()
10/24/2010 8:19:02 AM HS 1025 C:\WINDOWS2\page files\maxmeg.sys ()
8/18/2006 2:06:40 AM HS 13824 C:\WINDOWS2\system32\Thumbs.db ()
7/28/2006 8:16:08 AM S 23751 C:\WINDOWS2\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918899.cat ()
7/27/2006 10:00:28 AM S 10337 C:\WINDOWS2\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920214.cat ()
7/21/2006 5:03:14 AM S 10925 C:\WINDOWS2\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920670.cat ()
9/17/2006 5:53:32 AM H 8192 C:\WINDOWS2\system32\config\default.LOG ()
9/17/2006 5:53:50 AM H 1024 C:\WINDOWS2\system32\config\SAM.LOG ()
9/17/2006 5:53:40 AM H 12288 C:\WINDOWS2\system32\config\SECURITY.LOG ()
9/17/2006 5:53:58 AM H 118784 C:\WINDOWS2\system32\config\software.LOG ()
9/17/2006 5:54:00 AM H 1212416 C:\WINDOWS2\system32\config\system.LOG ()
8/14/2006 6:01:58 AM H 1024 C:\WINDOWS2\system32\config\systemprofile\ntuser.dat.LOG ()
9/14/2006 9:16:36 AM HS 388 C:\WINDOWS2\system32\Microsoft\Protect\S-1-5-18\d4a91345-f0ba-4ee7-b234-7d89ad891dba ()
9/14/2006 9:16:36 AM HS 24 C:\WINDOWS2\system32\Microsoft\Protect\S-1-5-18\Preferred ()
9/17/2006 5:52:22 AM H 6 C:\WINDOWS2\Tasks\SA.DAT ()
8/11/2006 2:06:40 AM HS 8 C:\WINDOWS2\Temp\$_2341235.TMP ()
9/14/2006 7:44:10 PM HS 113 C:\WINDOWS2\Temp\History\History.IE5\desktop.ini ()
9/14/2006 7:44:08 PM HS 67 C:\WINDOWS2\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()
9/14/2006 7:44:08 PM HS 67 C:\WINDOWS2\Temp\Temporary Internet Files\Content.IE5\AFKXMP63\desktop.ini ()
9/14/2006 7:44:08 PM HS 67 C:\WINDOWS2\Temp\Temporary Internet Files\Content.IE5\CPKLAT6D\desktop.ini ()
9/14/2006 7:44:08 PM HS 67 C:\WINDOWS2\Temp\Temporary Internet Files\Content.IE5\KPARGHMN\desktop.ini ()
9/14/2006 7:44:08 PM HS 67 C:\WINDOWS2\Temp\Temporary Internet Files\Content.IE5\X5DAUYG6\desktop.ini ()
Checking for CPL files...
5/25/2004 11:06:58 AM 417792 C:\WINDOWS2\SYSTEM32\ac3filter.cpl ()
8/4/2004 3:56:58 AM 68608 C:\WINDOWS2\SYSTEM32\access.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 549888 C:\WINDOWS2\SYSTEM32\appwiz.cpl (Microsoft Corporation)
11/11/1999 12:11:00 PM 183808 C:\WINDOWS2\SYSTEM32\bdeadmin.cpl ()
8/4/2004 3:56:58 AM 110592 C:\WINDOWS2\SYSTEM32\bthprops.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 135168 C:\WINDOWS2\SYSTEM32\desk.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 80384 C:\WINDOWS2\SYSTEM32\firewall.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 155136 C:\WINDOWS2\SYSTEM32\hdwwiz.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 358400 C:\WINDOWS2\SYSTEM32\inetcpl.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 129536 C:\WINDOWS2\SYSTEM32\intl.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 380416 C:\WINDOWS2\SYSTEM32\irprops.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 68608 C:\WINDOWS2\SYSTEM32\joy.cpl (Microsoft Corporation)
5/3/2006 2:56:54 AM 49265 C:\WINDOWS2\SYSTEM32\jpicpl32.cpl (Sun Microsystems, Inc.)
9/3/2002 12:40:02 PM 187904 C:\WINDOWS2\SYSTEM32\main.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 618496 C:\WINDOWS2\SYSTEM32\mmsys.cpl (Microsoft Corporation)
9/3/2002 12:47:04 PM 35840 C:\WINDOWS2\SYSTEM32\ncpa.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 25600 C:\WINDOWS2\SYSTEM32\netsetup.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 257024 C:\WINDOWS2\SYSTEM32\nusrmgr.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 32768 C:\WINDOWS2\SYSTEM32\odbccp32.cpl (Microsoft Corporation)
2/12/2003 8:56:30 AM 283648 C:\WINDOWS2\SYSTEM32\patin.cpl (VSO Software)
6/17/2005 4:01:26 PM 1265664 C:\WINDOWS2\SYSTEM32\PenTablet.cpl (Wacom Technology, Corp.)
8/4/2004 3:56:58 AM 114688 C:\WINDOWS2\SYSTEM32\powercfg.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 298496 C:\WINDOWS2\SYSTEM32\sysdm.cpl (Microsoft Corporation)
9/3/2002 1:06:38 PM 28160 C:\WINDOWS2\SYSTEM32\telephon.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 94208 C:\WINDOWS2\SYSTEM32\timedate.cpl (Microsoft Corporation)
8/4/2004 3:56:58 AM 148480 C:\WINDOWS2\SYSTEM32\wscui.cpl (Microsoft Corporation)
5/26/2005 4:16:30 AM 174360 C:\WINDOWS2\SYSTEM32\wuaucpl.cpl (Microsoft Corporation)
9/3/2002 12:40:02 PM 187904 C:\WINDOWS2\SYSTEM32\dllcache\main.cpl (Microsoft Corporation)
9/3/2002 12:47:04 PM 35840 C:\WINDOWS2\SYSTEM32\dllcache\ncpa.cpl (Microsoft Corporation)
9/3/2002 1:06:38 PM 28160 C:\WINDOWS2\SYSTEM32\dllcache\telephon.cpl (Microsoft Corporation)
5/26/2005 4:16:30 AM 174360 C:\WINDOWS2\SYSTEM32\dllcache\wuaucpl.cpl (Microsoft Corporation)
Checking for Downloaded Program Files...
{00000161-0000-0010-8000-00AA00389B71} - - CodeBase =
http://codecs.micros...386/msaudio.cab{32564D57-0000-0010-8000-00AA00389B71} - - CodeBase =
http://codecs.micros...i386/wmv8ax.cab{33564D57-0000-0010-8000-00AA00389B71} - - CodeBase =
http://download.micr...922/wmv9VCM.CAB{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - McAfee.com Operating System Class - CodeBase =
http://download.mcaf...01/mcinsctl.cab{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - MUWebControl Class - CodeBase =
http://update.micros...b?1141738553078{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_07 - CodeBase =
http://java.sun.com/...indows-i586.cab{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - ActiveScan Installer Class - CodeBase =
http://acs.pandasoft...free/asinst.cab{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - DwnldGroupMgr Class - CodeBase =
http://download.mcaf...,26/mcgdmgr.cab{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - Java Plug-in 1.5.0_01 - CodeBase =
http://java.sun.com/...indows-i586.cab{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - Java Plug-in 1.5.0_02 - CodeBase =
http://java.sun.com/...indows-i586.cab{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase =
http://java.sun.com/...indows-i586.cab{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - Java Plug-in 1.5.0_07 - CodeBase =
http://java.sun.com/...indows-i586.cab{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_07 - CodeBase =
http://java.sun.com/...indows-i586.cab{D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash Object - CodeBase =
http://download.macr...ash/swflash.cabDirectAnimation Java Classes - - CodeBase =
Microsoft XML Parser for Java - - CodeBase =
»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»
Checking files in %ALLUSERSPROFILE%\Startup folder...
10/30/2005 2:00:34 AM 1759 C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ()
5/16/2005 7:29:14 PM HS 84 C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\desktop.ini ()
6/2/2006 7:03:50 PM 685 C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\Event Reminder.lnk ()
Checking files in %ALLUSERSPROFILE%\Application Data folder...
5/16/2005 3:16:04 PM HS 62 C:\Documents and Settings\All Users.WINDOWS2\Application Data\desktop.ini ()
9/17/2006 12:36:24 AM 3695 C:\Documents and Settings\All Users.WINDOWS2\Application Data\QTSBandwidthCache ()
Checking files in %USERPROFILE%\Startup folder...
5/16/2005 7:29:14 PM HS 84 C:\Documents and Settings\robert\Start Menu\Programs\Startup\desktop.ini ()
9/16/2006 3:36:48 PM 2247 C:\Documents and Settings\robert\Start Menu\Programs\Startup\Styler.lnk ()
Checking files in %USERPROFILE%\Application Data folder...
3/13/2006 11:14:30 PM 1561 C:\Documents and Settings\robert\Application Data\AdobeDLM.log ()
5/1/2006 2:56:56 AM 325 C:\Documents and Settings\robert\Application Data\AutoGK.ini ()
5/17/2005 9:57:36 AM 1578 C:\Documents and Settings\robert\Application Data\D - LITEON - DVD-ROM LTD163 - GDHG.dat ()
5/16/2005 3:16:04 PM HS 62 C:\Documents and Settings\robert\Application Data\desktop.ini ()
3/13/2006 11:14:30 PM 0 C:\Documents and Settings\robert\Application Data\dm.ini ()
5/17/2005 9:57:36 AM 1856 C:\Documents and Settings\robert\Application Data\E - _NEC - DVD+RW ND-1100A - 108B.dat ()
7/14/2005 10:07:36 PM 12358 C:\Documents and Settings\robert\Application Data\PFP100JCM.{PB ()
7/14/2005 10:07:36 PM 61678 C:\Documents and Settings\robert\Application Data\PFP100JPR.{PB ()
»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»
>>> Internet Explorer Settings <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page -
http://www.microsoft...p...ER}&ar=home \\Search Page -
http://www.microsoft...amp;ar=iesearch \\Default_Page_URL -
http://www.microsoft...p...&ar=msnhome \\Default_Search_URL -
http://www.microsoft...amp;ar=iesearch \\Local Page - C:\WINDOWS2\SYSTEM32\blank.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page -
http://www.microsoft...p...&ar=msnhome \\Search Page -
http://www.microsoft...amp;ar=iesearch \\Default_Search_URL -
http://www.microsoft...amp;ar=iesearch \\Local Page - C:\WINDOWS2\SYSTEM32\blank.htm
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
\\CustomizeSearch -
http://ie.search.msn...st/srchcust.htm \\SearchAssistant -
http://ie.search.msn...st/srchasst.htm[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)
>>> BHO's <<<
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
\{4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - Comcast Toolbar = C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL (Comcast Cable Communications)
\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
>>> Internet Explorer Bars, Toolbars and Extensions <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
\{4528BBE0-4E08-11D5-AD55-00010333D0AD} - &Yahoo! Messenger = C:\PROGRA~1\Yahoo!\Common\yhexbmesus.dll (Yahoo! Inc.)
\{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
\{21569614-B795-46B1-85F4-E737A8DC09AD} - Shell Search Band = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)
\{32683183-48a0-441b-a342-7c2a440a9478} - = ()
\{4528BBE0-4E08-11D5-AD55-00010333D0AD} - &Yahoo! Messenger = C:\PROGRA~1\Yahoo!\Common\yhexbmesus.dll (Yahoo! Inc.)
\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} - File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\{EFA24E61-B078-11D0-89E4-00C04FC9E26E} - Favorites Band = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)
\{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
\\{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar = C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
\\{4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - Comcast Toolbar = C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL (Comcast Cable Communications)
\\{BA52B914-B692-46c4-B683-905236F6F655} - McAfee VirusScan = c:\progra~1\mcafee.com\vso\mcvsshl.dll (McAfee, Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - = ()
\ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)
\ShellBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)
\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - = ()
\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\WebBrowser\\{4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - Comcast Toolbar = C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL (Comcast Cable Communications)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\CmdMapping]
\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - 8192 =
\\NEXTID - 8197
\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - 8193 =
\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8195 = Sun Java Console
\\{A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - 8196 = Happytofind Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_07\bin\npjpi150_07.dll (Sun Microsystems, Inc.)
\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll (Sun Microsystems, Inc.)(HKCU CLSID)
\{A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - ButtonText: Happytofind Toolbar =
\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - ButtonText: AIM = C:\Program Files\AIM\aim.exe (America Online, Inc.)
>>> Approved Shell Extensions (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
\\{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll ()
\\{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = ()
\\{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = ()
\\{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS2\System32\hticons.dll (Hilgraeve, Inc.)
\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = ()
\\{32683183-48a0-441b-a342-7c2a440a9478} - Media Band = ()
\\{A08C11D2-A228-11d0-825B-00AA005B4383} - Address EditBox = ()
\\{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = ()
\\{5464D816-CF16-4784-B9F3-75C0DB52B499} - Yahoo! Mail = C:\PROGRA~1\Yahoo!\Common\ymmapi20041123.dll (Yahoo! Inc.)
\\{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - Shell Extensions for RealOne Player = C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc.)
\\{B41DB860-8EE4-11D2-9906-E49FADC173CA} - WinRAR shell extension = C:\Program Files\WinRAR\rarext.dll ()
\\{2AA59FC0-31E8-42DA-9D3C-E9A52953853B} - CopyToCD shell extension = ()
\\{05D5F383-D518-4E4E-87FD-F69CACD3A75A} - SUPERCMCUTIL Menu Extension = ()
\\{F5D92341-0A64-11D0-9956-0000E8096023} - CD Copy Shell Extension = ()
\\{F5D92342-0A64-11D0-9956-0000E8096023} - CD Wizard Shell Extension = ()
\\{32020A01-506E-484D-A2A8-BE3CF17601C3} - AlcoholShellEx = C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll (Alcohol Soft Development Team)
\\{EBCF1A16-C835-1B36-865F-3162AF3E95A6} - Image Converter and Editor menu = C:\PROGRA~1\IMAGEC~1\icae.dll ()
\\{B8323370-FF27-11D2-97B6-204C4F4F5020} - SmartFTP Shell Extension DLL = C:\Program Files\SmartFTP\smarthook.dll (SmartFTP)
\\{9F36F9B4-8298-4920-BB2C-BE456B4F3D3D} - = ()
\\{DDFA2C51-B381-43A7-8815-F5AB5C8A22A6} - = ()
\\{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - iTunes = C:\Program Files\iTunes\iTunesMiniPlayer.dll (Apple Computer, Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
>>> Context Menu Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers]
\ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s.)
\Image Converter and Editor - {EBCF1A16-C835-1B36-865F-3162AF3E95A6} = C:\PROGRA~1\IMAGEC~1\icae.dll ()
\WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ()
\Yahoo! Mail - {5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi20041123.dll (Yahoo! Inc.)
\{CFC7205E-2792-4378-9591-3879CC6C9022} - = c:\progra~1\mcafee.com\vso\mcvsshl.dll (McAfee, Inc.)
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers]
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers]
\ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s.)
\WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ()
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers]
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers]
\Image Converter and Editor - {EBCF1A16-C835-1B36-865F-3162AF3E95A6} = C:\PROGRA~1\IMAGEC~1\icae.dll ()
\MP3ToWave - {DC6FA7E0-6666-11D5-8CE2-444553540000} = ()
\StopSignRCS - {BB83FD23-AC96-472D-8AA2-7D8560A61D1A} = ()
\WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ()
\{CFC7205E-2792-4378-9591-3879CC6C9022} - = c:\progra~1\mcafee.com\vso\mcvsshl.dll (McAfee, Inc.)
>>> Column Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
\{F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Column Info = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.)
>>> Registry Run Keys <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
EPSON Stylus Photo R220 Series - C:\WINDOWS2\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE (SEIKO EPSON CORPORATION)
KernelFaultCheck - ()
WinampAgent - C:\Program Files\Winamp\winampa.exe ()
VSOCheckTask - C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe (McAfee, Inc.)
VOBRegCheck - C:\WINDOWS2\System32\VOBREGCheck.exe ()
VirusScan Online - C:\Program Files\McAfee.com\VSO\mcvsshld.exe (McAfee, Inc.)
TkBellExe - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
tgcmd - C:\Program Files\Support.com\bin\tgcmd.exe (Comcast)
SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
RemoteControl - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
QuickTime Task - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
OASClnt - C:\Program Files\McAfee.com\VSO\oasclnt.exe (McAfee, Inc.)
MPFExe - C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe (McAfee Security)
MCUpdateExe - c:\PROGRA~1\mcafee.com\agent\mcupdate.exe (McAfee, Inc)
MCAgentExe - c:\PROGRA~1\mcafee.com\agent\McAgent.exe (McAfee, Inc)
LanguageShortcut - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
IPHSend - C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe (America Online, Inc.)
DAEMON Tools-1033 - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
C-Media Mixer - C:\WINDOWS2\Mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Yahoo! Pager - C:\Program Files\Yahoo!\Messenger\ypager.exe ()
Uniblue Registry Booster - C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe (Uniblue Registry Booster)
PlaxoUpdate - C:\Program Files\Plaxo\2.6.2.15\PlaxoHelper.exe (Plaxo, Inc.)
MSMSGS - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
Aim6 - Reg Data missing or invalid ()
AIM - C:\Program Files\AIM\aim.exe -cnetwait.odl ()
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
CheckNetworkConnection - C:\Program Files\Support.com\providerComcast\desktopdoctor.exe (SupportSoft, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]
>>> Startup Links <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Common Startup]
C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\desktop.ini ()
C:\Documents and Settings\All Users.WINDOWS2\Start Menu\Programs\Startup\Event Reminder.lnk - C:\Program Files\PrintMaster Gold 17\Remind.exe (Broderbund Properties LLC)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Startup]
C:\Documents and Settings\robert\Start Menu\Programs\Startup\desktop.ini ()
C:\Documents and Settings\robert\Start Menu\Programs\Startup\Styler.lnk - C:\Documents and Settings\robert\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe ()
>>> MSConfig Disabled Items <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS2^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk
backup C:\WINDOWS2\pss\Adobe Gamma Loader.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
item Adobe Gamma Loader
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS2^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk
backup C:\WINDOWS2\pss\InterVideo WinCinema Manager.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE
item InterVideo WinCinema Manager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^robert^Start Menu^Programs^Startup^Adobe Gamma.lnk
backup C:\WINDOWS2\pss\Adobe Gamma.lnkStartup
location Startup
command C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
item Adobe Gamma
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\1VACAwT
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item dikvlow
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BullsEye Network
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item bargains
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gcasServ
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item gcasServ
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ggttmjg9
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ggttmjg9
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IST Service
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item istsvc
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LimeWire Download Accelerator Pro
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item LimeWire Download Accelerator Pro
hkey HKCU
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Load
key SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
item ? ???????Ÿ
?? ?? ????
hkey HKCU
command ? ???????Ÿ
?? ?? ????
inimapping 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Access
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item MediaAccK
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nmapp
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item nmapp
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\pslcr
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item pslcr
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RSync
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item netsync
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Run
key SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
item ? ???????Ÿ
?? ?? ????
hkey HKCU
command ? ???????Ÿ
?? ?? ????
inimapping 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\sais
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item sais
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vidctrl
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item vidctrl
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ViewMgr
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ViewMgr
hkey HKLM
inimapping 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
system.ini 0
win.ini 0
bootini 0
services 0
startup 0
[All Users Startup Folder Disabled Items]
[Current User Startup Folder Disabled Items]
>>> User Agent Post Platform <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
\\{15FCED28-98DF-0E60-7B17-855ACD9147DF} - = ()
>>> AppInit Dll's <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs]
>>> Image File Execution Options <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
\Your Image File Name Here without a path - Debugger = ntsd -d
>>> Shell Service Object Delay Load <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
\\PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll (Microsoft Corporation)
\\SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS2\System32\stobject.dll (Microsoft Corporation)
\\WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} = C:\WINDOWS2\system32\WPDShServiceObj.dll (Microsoft Corporation)
>>> Shell Execute Hooks <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation)
\\{57B86673-276A-48B2-BAE7-C6DBB3020EB8} - CShellExecuteHookImpl Object = C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll (Anti-Malware Development a.s.)
>>> Shared Task Scheduler <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
\\{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)
\\{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)
>>> Winlogon <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
\\UserInit = C:\WINDOWS2\system32\userinit.exe,
\\Shell = Explorer.exe
\\System =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
\crypt32chain - crypt32.dll = (Microsoft Corporation)
\cryptnet - cryptnet.dll = (Microsoft Corporation)
\cscdll - cscdll.dll = (Microsoft Corporation)
\ScCertProp - wlnotify.dll = (Microsoft Corporation)
\Schedule - wlnotify.dll = (Microsoft Corporation)
\sclgntfy - sclgntfy.dll = (Microsoft Corporation)
\SensLogn - WlNotify.dll = (Microsoft Corporation)
\termsrv - wlnotify.dll = (Microsoft Corporation)
\WgaLogon - WgaLogon.dll = (Microsoft Corporation)
\wlballoon - wlnotify.dll = (Microsoft Corporation)
\wzcnotif - wzcdlg.dll = (Microsoft Corporation)
>>> DNS Name Servers <<<
{4EE29974-2C43-43AC-B613-20D47556A729} - (Intel® PRO/100 VE Network Connection)
{EE4C11BB-FB06-4F26-8925-A6A7D565848B} - ()
>>> All Winsock2 Catalogs <<<
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries]
\000000000001\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation)
\000000000002\\LibraryPath - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation)
\000000000003\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation)
\000000000004\\LibraryPath - %SystemRoot%\System32\nwprovau.dll (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries]
\000000000001\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000002\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000003\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000004\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation)
\000000000005\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation)
\000000000006\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000007\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000008\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000009\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000010\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000011\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000012\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000013\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000014\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000015\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000016\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000017\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000018\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
>>> Protocol Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler]
\ipp - ()
\msdaipp - ()
>>> Protocol Filters (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter]
>>> Selected AddOn's <<<
»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»