I see some files there we will need to address but I would like more information before continuing.
Download WinPFind2.zip and unzip it to your Desktop. It will create a folder named WinPFind2. Do NOT run the program directly from the zip file.
- Open the folder and double-click on winpfind2.exe to start the program.
- Keep the standard settings
- Now click the Run All Scans button on the toolbar.
- When the scans are complete click the Simple Report button in the lower right-hand corner to create a report file. Notepad will open with the report file loaded in it.
- Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Here's the WinPfind2 Log file
Logfile created on: 08/22/2006 15:36
WinPFind2 by OldTimer - Version 1.0.7 Folder = C:\Documents and Settings\User\Desktop\WinPFind2\
Microsoft Windows XP (Version = Service Pack 2)
Internet Explorer (Version - 6.0.2900.2180)
< Processes (Non-Microsoft Only) >
c:\windows\system32\ati2evxx.exe - (ATI Technologies Inc. )
c:\windows\system32\ati2evxx.exe - (ATI Technologies Inc. )
c:\program files\ray adams\ati tray tools\atitray.exe - (Ray Adams )
c:\progra~1\bandwi~1\bandwidth monitor pro.exe - (Pro²soft )
c:\progra~1\softwin\bitdef~1\bdmcon.exe - (SOFTWIN S.R.L. )
c:\progra~1\softwin\bitdef~1\bdnagent.exe - (SOFTWIN S.R.L )
c:\program files\softwin\bitdefender9\bdoesrv.exe - (SOFTWIN SRL )
c:\program files\common files\softwin\bitdefender scan server\bdss.exe - ( )
c:\progra~1\softwin\bitdef~1\bdswitch.exe - ( )
c:\program files\executive software\diskeeper\dkservice.exe - (Executive Software International, Inc. )
c:\windows\system32\dla\dlactrlw.exe - (Sonic Solutions )
c:\program files\java\jre1.5.0_06\bin\jusched.exe - (Sun Microsystems, Inc. )
c:\program files\common files\softwin\bitdefender update service\livesrv.exe - (SOFTWIN S.R.L. )
c:\program files\opera 9\opera.exe - (Opera Software )
c:\program files\analog devices\soundmax\smagent.exe - (Analog Devices, Inc. )
c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe - (Rocket Division Software )
c:\program files\softwin\bitdefender9\vsserv.exe - (SOFTWIN S.R.L. )
c:\documents and settings\user\desktop\winpfind2\winpfind2.exe - (OldTimer Tools )
c:\program files\common files\softwin\bitdefender communicator\xcommsvr.exe - (Softwin )
< Registry Entries >
[>> Internet Explorer Settings <<]
HKLM->Main\\Start Page - http://www.microsoft...p...ER}&ar=home
HKLM->Main\\Search Page -
HKLM->Main\\Default Page - http://www.microsoft...p...&ar=msnhome
HKLM->Main\\Default Search - http://www.microsoft...amp;ar=iesearch
HKLM->Main\\Local Page - %SystemRoot%\system32\blank.htm
HKCU->Main\\Start Page - http://www.google.com.mt/en
HKCU->Main\\Search Page -
HKCU->Main\\Local Page - C:\WINDOWS\system32\blank.htm
HKCU->Internet Settings\\ProxyEnable - 0
HKCU->Internet Settings\\ProxyOverride -
[>> BHO's <<]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated )
{53707962-6F74-2D53-2644-206D7942484F} - = C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited )
{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions )
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc. )
[>> Internet Explorer Bars, Toolbars and Extensions <<]
[HKLM-> Internet Explorer Bars]
{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
[HKCU-> Internet Explorer Bars]
{21569614-B795-46B1-85F4-E737A8DC09AD} - Shell Search Band = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} - &Research = C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation )
[HKLM-> Internet Explorer ToolBars]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar = C:\PROGRA~1\FLASHGET\fgiebar.dll (Amaze Soft )
[HKCU-> Internet Explorer ToolBars]
ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
ShellBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Data missing or invalid = Reg Data missing or invalid (File not found))
WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
[HKCU-> Internet Explorer CmdMapping]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8194 - Sun Java Console
{905A31AA-BDD1-44bd-9920-53D34E5953A4} - 8195 - Reg Data missing or invalid
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8193 -
{9543741D-4E79-4f0d-8E60-A702CDF8B2D2} - 8196 - Reg Data missing or invalid
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - 8198 - Reg Data missing or invalid
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - 8197 - &FlashGet
{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8192 - Windows Messenger
NextId - 8199
[HKLM-> Internet Explorer Extensions]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc. )
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} (HKCU CLSID) - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc. )
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Research = (File not found))
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - ButtonText: FlashGet = C:\PROGRA~1\FLASHGET\flashget.exe (Amaze Soft )
{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation )
[HKCU-> Internet Explorer Menu Extensions]
Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm ( )
Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm ( )
[>> Approved Shell Extensions (Non-Microsoft only) <<]
[HKLM-> Approved Shell Extensions]
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = Reg Data missing or invalid (File not found))
{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = Reg Data missing or invalid (File not found))
{32020A01-506E-484D-A2A8-BE3CF17601C3} - AlcoholShellEx = C:\PROGRA~1\ALCOHO~2\ALCOHO~1\AXShlEx.dll (Alcohol Soft Development Team )
{36A21736-36C2-4C11-8ACB-D4136F2B57BD} - AutoCAD Digital Signatures Icon Overlay Handler = C:\WINDOWS\system32\AcSignIcon.dll (Autodesk )
{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll (File not found))
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} - {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = C:\Program Files\Microsoft Office\Visio11\VISSHE.DLL ( )
{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions )
{6DEA92E9-8682-4b6a-97DE-354772FE5727} - Autodesk DWF Preview = C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcDwfThmbPrxy16.dll (Autodesk )
{73B24247-042E-4EF5-ADC2-42F62E6FD654} - ICQ Lite Shell Extension = Reg Data missing or invalid (File not found))
{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = Reg Data missing or invalid (File not found))
{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = Reg Data missing or invalid (File not found))
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = Reg Data missing or invalid (File not found))
{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc. )
{9DED7A30-D572-4D21-8D82-6945EA697400} - Macromedia FlashPaper Context Menu = C:\Program Files\Macromedia\FlashPaper 2\FlashPaperContextMenu.dll ( )
{AC1DB655-4F9A-4c39-8AD2-A65324A4C446} - Autodesk Drawing Preview = C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll (Autodesk )
{B28C18DB-6816-4F31-9630-397683E3C2C3} - Filzip Shell Extension = Reg Data missing or invalid (File not found))
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} - Adobe.Acrobat.ContextMenu = C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc. )
{D653647D-D607-4DF6-A5B8-48D2BA195F7B} - BitDefender Antivirus v9 = C:\Program Files\Softwin\BitDefender9\bdshelxt.dll ( )
{D66DC78C-4F61-447F-942B-3FB6980118CF} - {D66DC78C-4F61-447F-942B-3FB6980118CF} = C:\Program Files\Microsoft Office\Visio11\VISSHE.DLL ( )
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - Shell Extensions for RealOne Player = Reg Data missing or invalid (File not found))
[>> ContextMenuHandlers (Non-Microsoft only) <<]
[HKLM-> ContextMenuHandlers]
* - Adobe.Acrobat.ContextMenu - {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc. )
* - BitDefender Antivirus v8 - {D653647D-D607-4DF6-A5B8-48D2BA195F7B} = C:\Program Files\Softwin\BitDefender9\bdshelxt.dll ( )
* - Macromedia.FlashPaper.ContextMenu - {9DED7A30-D572-4D21-8D82-6945EA697400} = C:\Program Files\Macromedia\FlashPaper 2\FlashPaperContextMenu.dll ( )
* - WinRAR - = Reg Data missing or invalid (File not found))
Directory - ICQLiteMenu - {73B24247-042E-4EF5-ADC2-42F62E6FD654} = Reg Data missing or invalid (File not found))
Directory - WinRAR - = Reg Data missing or invalid (File not found))
Folder - BitDefender Antivirus v8 - {D653647D-D607-4DF6-A5B8-48D2BA195F7B} = C:\Program Files\Softwin\BitDefender9\bdshelxt.dll ( )
Folder - WinRAR - = Reg Data missing or invalid (File not found))
[>> ColumnHandlers (Non-Microsoft only) <<]
[HKLM-> ColumnHandlers]
Folder - {F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Shell Extension = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc. )
[>> Registry Run Keys <<]
HKLM->Run\\BDMCon - c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe (SOFTWIN S.R.L. )
HKLM->Run\\BDNewsAgent - "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe" (SOFTWIN S.R.L )
HKLM->Run\\BDOESRV - "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" (SOFTWIN SRL )
HKLM->Run\\BDSwitchAgent - "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe" ( )
HKLM->Run\\DiskeeperSystray - "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" (Executive Software International, Inc. )
HKLM->Run\\DLA - C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions )
HKLM->Run\\NeroFilterCheck - C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh )
HKLM->Run\\QuickTime Task - "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc. )
HKLM->Run\\SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc. )
HKLM->Run\\Windows Defender - "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation )
HKLM->Run\OptionalComponents\IMAIL - Installed = 1
HKLM->Run\OptionalComponents\MAPI - Installed = 1
HKLM->Run\OptionalComponents\MSFS - Installed = 1
HKCU->Run\\AtiTrayTools - "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" (Ray Adams )
HKCU->Run\\ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation )
[>> Startup Lnks <<]
HKLM->Common Startup - Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated )
HKLM->Common Startup - desktop.ini - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini ( )
HKCU->Startup - desktop.ini - C:\Documents and Settings\User\Start Menu\Programs\Startup\desktop.ini ( )
[>> Disabled MSConfig Items <<]
Services - SymWSC
Services - VC6SecS
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - Adobe Gamma Loader = C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE (Adobe Systems, Inc. )
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Metacafe.lnk - Metacafe = C:\PROGRA~1\Metacafe\METACA~1.EXE /startup ( )
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Metacafe.lnk.disabled - Metacafe.lnk = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Metacafe.lnk.disabled (File not found))
StartUpFolder\C:^Documents and Settings^stephen^Start Menu^Programs^Startup^Konfabulator.lnk - Konfabulator = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe (File not found))
StartUpFolder\C:^Documents and Settings^stephen^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk - MyWebSearch Email Plugin = C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (File not found))
StartUpReg\areslite - AresLite = "C:\Documents and Settings\stephen\My Documents\Ares Lite Edition\AresLite.exe" -h (File not found))
StartUpReg\eZmmod - mmod = C:\PROGRA~1\ezula\mmod.exe (File not found))
StartUpReg\eZWO - wo = C:\PROGRA~1\Web Offer\wo.exe (File not found))
StartUpReg\gah95on6 - gah95on6 = C:\WINDOWS\system32\gah95on6.exe (File not found))
StartUpReg\hohkhkv - hohkhkv = C:\WINDOWS\hohkhkv.exe (File not found))
StartUpReg\Hot_Tarts_mc - Hot_Tarts_mc = C:\Program Files\Video1\Dialers\Hot_Tarts_mc\Hot_Tarts_mc.exe /dontdial (File not found))
StartUpReg\LiveRealLocksPop - OnceStop = C:\Documents and Settings\All Users\Application Data\flawbiblivereal\OnceStop.exe (File not found))
StartUpReg\Media Pass - MediaPassK = C:\Program Files\Media Pass\MediaPassK.exe (File not found))
StartUpReg\MessengerPlus3 - MsgPlus = "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" (Patchou )
StartUpReg\Mfcd Bias - Drivestop = C:\DOCUME~1\User\APPLIC~1\BINDMO~1\Drivestop.exe (File not found))
StartUpReg\MyWebSearch Email Plugin - mwsoemon = C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe (File not found))
StartUpReg\New.net Startup - NEWDOT~2 = rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s (File not found))
StartUpReg\NWEReboot - = (File not found))
StartUpReg\RTEGPRS - RTEGPRS = "C:\Program Files\Common Files\RTE\RTEGPRS.exe" tray (File not found))
StartUpReg\RTHRTGVL - rthrtgvl = c:\windows\system32\rthrtgvl.exe /install (File not found))
StartUpReg\saap - saap = c:\program files\kiwi alpha\partner\saap.exe (File not found))
StartUpReg\Shareaza - Shareaza = "C:\Program Files\Shareaza\Shareaza.exe" -tray (File not found))
StartUpReg\Skype - Skype = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized ( )
StartUpReg\sp2ctr - sp2ctr = c:\windows\system32\sp2ctr.exe /nocomm (File not found))
StartUpReg\upsbwl - upsbwl = C:\WINDOWS\upsbwl.exe (File not found))
StartUpReg\webHancer Agent - whAgent = "C:\Program Files\webHancer\Programs\whAgent.exe" (File not found))
StartUpReg\webHancer Survey Companion - whSurvey = "C:\Program Files\webHancer\Programs\whSurvey.exe" (File not found))
StartUpReg\xhrmy - Xhrmy = C:\WINDOWS\Xhrmy.exe (File not found))
[>> User Agent Post Platform <<]
SV1 -
[>> AppInit DLLs <<]
AppInit_DLL - sockspy.dll ( )
[>> Image File Execution Options <<]
Your Image File Name Here without a path - Debugger = ntsd -d
[>> Shell Service Object Delay Load <<]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation )
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll (Microsoft Corporation )
[>> Shell Execute Hooks <<]
{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - Microsoft AntiMalware ShellExecuteHook = C:\PROGRA~1\WIFD1F~1\MpShHook.dll (Microsoft Corporation )
{93994DE8-8239-4655-B1D1-5F4E91300429} - DVDIdleShell Class = C:\Program Files\DVD Region-Free\DVDShell.dll (Fengtao Software )
{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation )
[>> Shared Task Scheduler <<]
{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
[>> Winlogon <<]
UserInit - C:\WINDOWS\system32\userinit.exe, (Microsoft Corporation )
Shell - Explorer.exe (Microsoft Corporation )
System - (File not found))
Notify\AtiExtEvent - Ati2evxx.dll (ATI Technologies Inc. )
Notify\crypt32chain - crypt32.dll (Microsoft Corporation )
Notify\cryptnet - cryptnet.dll (Microsoft Corporation )
Notify\cscdll - cscdll.dll (Microsoft Corporation )
Notify\LMIinit - LMIinit.dll (LogMeIn, Inc. )
Notify\ScCertProp - wlnotify.dll (Microsoft Corporation )
Notify\Schedule - wlnotify.dll (Microsoft Corporation )
Notify\sclgntfy - sclgntfy.dll (Microsoft Corporation )
Notify\SensLogn - WlNotify.dll (Microsoft Corporation )
Notify\termsrv - wlnotify.dll (Microsoft Corporation )
Notify\wlballoon - wlnotify.dll (Microsoft Corporation )
[>> DNS Name Servers <<]
{0FE2D37C-79C5-4389-B675-05116AD1B69B} - (Realtek RTL8139/810x Family Fast Ethernet NIC)
{969FFCCC-4983-4D3F-80A3-E820550DAD55} - ()
{A4F168BA-E08A-4F25-B61C-3F0F6EAA612C} - 194.158.37.196,194.158.37.211 (VIA Rhine II Fast Ethernet Adapter)
[>> All Winsock2 Catalogs <<]
NameSpace_Catalog5\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\00000000001 - 225,5temRoot%\system32\mswsock.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
[>> Protocol Handlers (Non-Microsoft only) <<]
ipp - (File not found))
msdaipp - (File not found))
[>> Protocol Filters (Non-Microsoft only) <<]
< Services (Non-Microsoft Only) >
Ati HotKey Poller (Ati HotKey Poller) - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc. ) [Automatic - Running - Win32, running in it's own process]
Bandwidth Monitor Pro (Bandwidth Monitor Pro) - C:\PROGRA~1\BANDWI~1\Bandwidth Monitor Pro.exe (Pro²soft ) [Automatic - Running - Win32, running in it's own process]
BitDefender Scan Server (bdss) - "C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service ( ) [Automatic - Running - Win32, running in it's own process]
Diskeeper (Diskeeper) - "C:\Program Files\Executive Software\Diskeeper\DkService.exe" (Executive Software International, Inc. ) [Automatic - Running - Win32, running in it's own process]
BitDefender Desktop Update Service (LIVESRV) - "C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (SOFTWIN S.R.L. ) [Automatic - Running - Win32, running in it's own process]
SoundMAX Agent Service (SoundMAX Agent Service (default)) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc. ) [Automatic - Running - Win32, running in it's own process]
StarWind iSCSI Service (StarWindService) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software ) [Automatic - Running - Win32, running in it's own process]
BitDefender Virus Shield (VSSERV) - "C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (SOFTWIN S.R.L. ) [Automatic - Running - Win32, running in it's own process]
BitDefender Communicator (XCOMM) - "C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (Softwin ) [Automatic - Running - Win32, running in it's own process]
< Files >
AllUsers ApplicationData Folder
C:\Documents and Settings\All Users\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 11/16/2004 16:29 | Attr = HS])
C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache - ( [Ver = | Size = 1763 bytes | Date = 06/14/2006 18:31 | Attr = ])
CurrentUser ApplicationData Folder
C:\Documents and Settings\User\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 11/16/2004 16:29 | Attr = HS])
C:\Documents and Settings\User\Application Data\Taxi4.MCS - ( [Ver = | Size = 369 bytes | Date = 02/04/2006 00:25 | Attr = ])
C:\Documents and Settings\User\Application Data\.googlewebacchosts - ( [Ver = | Size = 241 bytes | Date = 04/02/2006 22:52 | Attr = ])
C:\Documents and Settings\User\Application Data\mpauth.dat - ( [Ver = | Size = 784 bytes | Date = 07/14/2006 15:59 | Attr = ])
DPF files
{00B71CFB-6864-4346-A978-C0A14556272C} - Checkers Class - CodeBase = http://messenger.zon...kr.cab31267.cab
{01010E00-5E80-11D8-9E86-0007E96C65AE} - SupportSoft SmartIssue - CodeBase = http://www.symantec....trl/tgctlsi.cab
{01012101-5E80-11D8-9E86-0007E96C65AE} - SupportSoft Script Runner Class - CodeBase = http://www.symantec....trl/tgctlsr.cab
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - CKAVWebScan Object - CodeBase = http://www.kaspersky...can_unicode.cab
{14B87622-7E19-4EA8-93B3-97215F77A6BC} - MessengerStatsClient Class - CodeBase = http://messenger.zon...nt.cab31267.cab
{166B1BCA-3F9C-11CF-8075-444553540000} - Shockwave ActiveX Control - CodeBase = http://download.macr...director/sw.cab
{17492023-C23A-453E-A040-C7C580BBF700} - Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft....k/?linkid=39204
{1F2F4C9E-6F09-47BC-970D-3C54734667FE} - LSSupCtl Class - CodeBase = http://www.symantec....rl/LSSupCtl.cab
{2917297F-F02B-4B9D-81DF-494B6333150B} - Minesweeper Flags Class - CodeBase = http://messenger.zon...er.cab31267.cab
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - Symantec AntiVirus scanner - CodeBase = http://security.syma...bin/AvSniff.cab
{31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - Cult3D ActiveX Player - CodeBase = http://www.cult3d.co...wnload/cult.cab
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - Office Update Installation Engine - CodeBase = http://office.micros...ontent/opuc.cab
{556DDE35-E955-11D0-A707-000000521957} - - CodeBase = http://www.xblock.co...clean_micro.exe
{5ED80217-570B-4DA9-BF44-BE107C0EC166} - Windows Live Safety Center Base Module - CodeBase = https://scan.safety....lscbase3401.cab
{644E432F-49D3-41A1-8DD5-E099162EEEC5} - Symantec RuFSI Utility Class - CodeBase = http://security.syma...n/bin/cabsa.cab
{6E5A37BF-FD42-463A-877C-4EB7002E68AE} - Trend Micro ActiveX Scan Agent 6.5 - CodeBase = http://housecall65.t...ivex/hcImpl.cab
{74D05D43-3236-11D4-BDCD-00C04F9A3B61} - HouseCall Control - CodeBase = http://a840.g.akamai...all/xscan53.cab
{7B297BFD-85E4-4092-B2AF-16A91B2EA103} - WScanCtl Class - CodeBase = http://www3.ca.com/s...nfo/webscan.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/...indows-i586.cab
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - MessengerStatsClient Class - CodeBase = http://messenger.zon...nt.cab31267.cab
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - ActiveScan Installer Class - CodeBase = http://acs.pandasoft...free/asinst.cab
{B8BE5E93-A60C-4D26-A2DC-220313175592} - ZoneIntro Class - CodeBase = http://messenger.zon...ro.cab32846.cab
{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - Java Plug-in 1.5.0_02 - CodeBase = http://java.sun.com/...indows-i586.cab
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - Java Plug-in 1.5.0_04 - CodeBase = http://java.sun.com/...indows-i586.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/...indows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/...indows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash Object - CodeBase = http://download.macr...ash/swflash.cab
{E6187999-9FEC-46A1-A20F-F4CA977D5643} - ZoneChess Object - CodeBase = http://messenger.zon...ss.cab31267.cab
{EB387D2F-E27B-4D36-979E-847D1036C65D} - QDiagHUpdateObj Class - CodeBase = http://h30043.www3.h.../qdiagh.cab?326
{F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - Solitaire Showdown Class - CodeBase = http://messenger.zon...wn.cab31267.cab
Microsoft XML Parser for Java - - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab
Hosts file (Non-Standard entries only). File size = 504630 bytes. C:\WINDOWS\System32\drivers\etc\Hosts
< End of report >