Logfile created on: 10/16/2006 21:19
WinPFind2 by OldTimer - Version 1.0.11 Folder = C:\Documents and Settings\David\Desktop\WinPFind2\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
< Processes (Non-Microsoft Only) >
c:\program files\symantec\liveupdate\aluschedulersvc.exe - (Symantec Corporation )
c:\windows\system32\ati2evxx.exe - ( )
c:\windows\system32\ati2evxx.exe - ( )
c:\program files\ati technologies\ati control panel\atiptaxx.exe - (ATI Technologies, Inc. )
c:\windows\atk0100\atkosd.exe - ( )
c:\program files\common files\symantec shared\ccapp.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\ccevtmgr.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\ccproxy.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\ccsetmgr.exe - (Symantec Corporation )
c:\windows\atk0100\hcontrol.exe - ( )
c:\program files\sony\hotkey utility\hkserv.exe - (Sony Corporation )
c:\program files\sony\hotkey utility\hkwnd.exe - (Sony Corporation )
c:\program files\hp\hpcoretech\hpcmpmgr.exe - (Hewlett-Packard Company )
c:\program files\hewlett-packard\hp software update\hpwuschd2.exe - (Hewlett-Packard Co. )
c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe - (HP )
c:\windows\system32\ico.exe - (Primax Electronics Ltd. )
c:\program files\sony\isb utility\isbmgr.exe - (Sony Corporation )
c:\program files\java\jre1.5.0_06\bin\jusched.exe - (Sun Microsystems, Inc. )
c:\program files\norton internet security\norton antivirus\navapsvc.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\security console\nscsrvce.exe - (Symantec Corporation )
c:\program files\quicktime\qttask.exe - (Apple Computer, Inc. )
c:\program files\common files\real\update_ob\realsched.exe - (RealNetworks, Inc. )
c:\program files\sony\giga pocket\rm_sv.exe - (Sony Corporation )
c:\program files\sony\giga pocket\shwserv.exe - (Sony Corporation )
c:\program files\common files\symantec shared\sndsrvc.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe - (Symantec Corporation )
c:\program files\sony\vaio power management\spmgr.exe - (Sony Corporation )
c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe - (Symantec Corporation )
c:\program files\sony\usbsircs\usbsircs.exe - (Sony Corporation )
c:\program files\sony\vaio update 2\vaioupdt.exe - (Sony Corporation )
c:\documents and settings\david\desktop\winpfind2\winpfind2.exe - (OldTimer Tools )
< Registry Entries >
[>> Internet Explorer Settings <<]
HKLM->Main\\Start Page -
http://www.microsoft...p...ER}&ar=home HKLM->Main\\Search Page -
http://www.microsoft...amp;ar=iesearch HKLM->Main\\Default_Page_URL -
http://www.sony.com/vaiopeople HKLM->Main\\Default_Search_URL -
http://www.microsoft...amp;ar=iesearch HKLM->Main\\Local Page - %SystemRoot%\system32\blank.htm
HKCU->Main\\Start Page -
http://www.msn.com/ HKCU->Main\\Search Bar -
http://g.msn.com/0SE...S01?FORM=TOOLBR HKCU->Main\\Search Page -
http://g.msn.com/0SE...S01?FORM=TOOLBR HKCU->Main\\Local Page - C:\WINDOWS\system32\blank.htm
HKLM->Search\\CustomizeSearch -
http://ie.search.msn...st/srchcust.htm HKLM->Search\\SearchAssistant -
http://ie.search.msn...st/srchasst.htm HKCU->URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
HKCU->Internet Settings\\ProxyEnable - 0
[>> BHO's <<]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Adobe PDF Reader Link Helper = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated )
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc. )
{9030D464-4C02-4ABF-8ECC-5164760863C6} - Windows Live Sign-in Helper = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation )
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} - CNisExtBho Class = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation )
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - CNavExtBho Class = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN Search Toolbar Helper = C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (Microsoft Corporation )
[>> Internet Explorer Bars, Toolbars and Extensions <<]
[HKLM-> Internet Explorer Bars]
{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
[HKCU-> Internet Explorer Bars]
{EFA24E61-B078-11D0-89E4-00C04FC9E26E} - Favorites Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
{EFA24E62-B078-11D0-89E4-00C04FC9E26E} - History Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
[HKLM-> Internet Explorer ToolBars]
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - Norton Internet Security 2006 = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation )
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN Search Toolbar = C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (Microsoft Corporation )
{C4069E3A-68F1-403E-B40E-20066696354B} - Norton AntiVirus = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
[HKCU-> Internet Explorer ToolBars]
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Data missing or invalid = Reg Data missing or invalid (File not found)
ShellBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN Search Toolbar = C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (Microsoft Corporation )
ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} - Norton AntiVirus = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Norton Internet Security 2006 = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation )
WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Data missing or invalid = Reg Data missing or invalid (File not found)
WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN Search Toolbar = C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (Microsoft Corporation )
[HKCU-> Internet Explorer CmdMapping]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8192 - Sun Java Console
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8194 - Reg Data missing or invalid
{A75C6120-9B36-11d4-A3F0-009027427750} - 8196 - Reg Data missing or invalid
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - 8195 - Reg Data missing or invalid
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - 8197 - Reg Data missing or invalid
{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8193 - Windows Messenger
NextId - 8198
[HKLM-> Internet Explorer Extensions]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc. )
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} (HKCU CLSID) - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc. )
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Research = Reg Data missing or invalid (File not found)
{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation )
[HKCU-> Internet Explorer Menu Extensions]
&MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm (File not found)
E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation )
Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?1659f11ff8f64ee38b9d963cd2cddbc2 (Microsoft Corporation )
Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?1659f11ff8f64ee38b9d963cd2cddbc2 (Microsoft Corporation )
[>> Approved Shell Extensions (Non-Microsoft only) <<]
[HKLM-> Approved Shell Extensions]
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = Reg Data missing or invalid (File not found)
{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = Reg Data missing or invalid (File not found)
{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll (File not found)
{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = Reg Data missing or invalid (File not found)
{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = Reg Data missing or invalid (File not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = Reg Data missing or invalid (File not found)
{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc. )
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} - RecordNow! SendToExt = C:\Program Files\Sonic\RecordNow!\shlext.dll ( )
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} - TrojanHunter Menu Shell Extension = Reg Data missing or invalid (File not found)
{ED58A35B-B554-42AF-A26C-6F3D424200D3} - Sony Power Management Extensiond = C:\Program Files\Sony\VAIO Power Management\SPMPanel.dll (Sony Corporation )
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - Shell Extensions for RealOne Player = C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc. )
[>> ContextMenuHandlers (Non-Microsoft only) <<]
[HKLM-> ContextMenuHandlers]
* - Symantec.Norton.Antivirus.IEContextMenu - {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
Folder - Symantec.Norton.Antivirus.IEContextMenu - {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
[>> ColumnHandlers (Non-Microsoft only) <<]
[HKLM-> ColumnHandlers]
Folder - {F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Shell Extension = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc. )
[>> File Associations Keys <<]
HKLM->SOFTWARE\Classes\.bat\\'' - batfile
HKLM->SOFTWARE\Classes\batfile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.cmd\\'' - cmdfile
HKLM->SOFTWARE\Classes\cmdfile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.com\\'' - comfile
HKLM->SOFTWARE\Classes\comfile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.exe\\'' - exefile
HKLM->SOFTWARE\Classes\exefile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.hta\\'' - htafile
HKLM->SOFTWARE\Classes\htafile\shell\open\command\\'' - C:\WINDOWS\system32\mshta.exe "%1" %*
HKLM->SOFTWARE\Classes\.js\\'' - JSFile
HKLM->SOFTWARE\Classes\jsfile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.jse\\'' - JSEFile
HKLM->SOFTWARE\Classes\jsefile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.scr\\'' - scrfile
HKLM->SOFTWARE\Classes\scrfile\shell\open\command\\'' - "%1" /S
HKLM->SOFTWARE\Classes\.vbe\\'' - VBEFile
HKLM->SOFTWARE\Classes\vbefile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.vbs\\'' - VBSFile
HKLM->SOFTWARE\Classes\vbsfile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.wsf\\'' - WSFFile
HKLM->SOFTWARE\Classes\wsffile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.wsh\\'' - WSHFile
HKLM->SOFTWARE\Classes\wshfile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.txt\\'' - txtfile
HKLM->SOFTWARE\Classes\txtfile\shell\open\command\\'' - %SystemRoot%\system32\NOTEPAD.EXE %1
[>> Registry Run Keys <<]
HKLM->Run\\Apoint - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd. )
HKLM->Run\\ATIPTA - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc. )
HKLM->Run\\BluetoothAuthenticationAgent - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation )
HKLM->Run\\ccApp - "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation )
HKLM->Run\\Hcontrol - C:\WINDOWS\ATK0100\Hcontrol.exe ( )
HKLM->Run\\HKSERV.EXE - C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation )
HKLM->Run\\HP Component Manager - "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company )
HKLM->Run\\HP Software Update - C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co. )
HKLM->Run\\HPDJ Taskbar Utility - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP )
HKLM->Run\\IntelliPoint - "C:\Program Files\Microsoft IntelliPoint\point32.exe" (Microsoft Corporation )
HKLM->Run\\ISBMgr.exe - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation )
HKLM->Run\\Mouse Suite 98 Daemon - ICO.EXE (Primax Electronics Ltd. )
HKLM->Run\\QuickTime Task - "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc. )
HKLM->Run\\SonyPowerCfg - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation )
HKLM->Run\\SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc. )
HKLM->Run\\Switcher.exe - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation )
HKLM->Run\\TkBellExe - "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc. )
HKLM->Run\\type32 - "C:\Program Files\Microsoft IntelliType Pro\type32.exe" (Microsoft Corporation )
HKLM->Run\\VAIO Recovery - C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc )
HKLM->Run\\VAIO Update 2 - "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary (Sony Corporation )
HKLM->Run\\VAIOSurvey - c:\program files\sony\vaio survey\surveysa.exe (Sony Electronics )
HKLM->Run\OptionalComponents\IMAIL - Installed = 1
HKLM->Run\OptionalComponents\MAPI - Installed = 1
HKLM->Run\OptionalComponents\MSFS - Installed = 1
[>> Miscellaneous Startup Keys <<]
[AppInit DLLs]
AppInit_DLL - (File not found)
[Image File Execution Options]
Your Image File Name Here without a path - Debugger = ntsd -d
[Shell Service Object Delay Load]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation )
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll (Microsoft Corporation )
[Shell Execute Hooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation )
[Shared Task Scheduler]
{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
[SafeBoot Option]
[HKLM Command Processor AutoRun]
HKLM->Command Processor\\AutoRun -
[HKCU Command Processor AutoRun]
[Security Providers]
SecurityProviders\\SecurityProviders - msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
[BootExecute]
Session Manager\\BootExecute - autocheck autochk *;
[PendingFileRenameOperations]
[FileRenameOperations]
[ExcludeFromKnownDlls]
Session Manager\\ExcludeFromKnownDlls -
[>> Disabled MSConfig Items <<]
[>> User Agent Post Platform <<]
SV1 -
[>> Winlogon <<]
HMLM->UserInit - C:\WINDOWS\system32\userinit.exe, (Microsoft Corporation )
HKLM->Shell - Explorer.exe (Microsoft Corporation )
HKLM->System - (File not found)
HKLM->VMApplet - rundll32 shell32,Control_RunDLL "sysdm.cpl"
Notify\AtiExtEvent - Ati2evxx.dll ( )
Notify\crypt32chain - crypt32.dll (Microsoft Corporation )
Notify\cryptnet - cryptnet.dll (Microsoft Corporation )
Notify\cscdll - cscdll.dll (Microsoft Corporation )
Notify\ScCertProp - wlnotify.dll (Microsoft Corporation )
Notify\Schedule - wlnotify.dll (Microsoft Corporation )
Notify\sclgntfy - sclgntfy.dll (Microsoft Corporation )
Notify\SensLogn - WlNotify.dll (Microsoft Corporation )
Notify\termsrv - wlnotify.dll (Microsoft Corporation )
Notify\WgaLogon - WgaLogon.dll (Microsoft Corporation )
Notify\wlballoon - wlnotify.dll (Microsoft Corporation )
[>> DNS Name Servers <<]
{177F73B7-C30F-41CB-8B3B-483E933C8AA5} - ()
{36070E1C-A3E4-402E-95FF-38E1098F6EEF} - (Intel® PRO/1000 MT Network Connection)
{3861BFED-BCAC-4B11-8B68-D7ADE1D622A1} - (D-Link AirPlus G DWL-G630 Wireless Cardbus Adapter)
{79BB6356-8851-4011-9DAC-ED76102E5C97} - (1394 Net Adapter)
{BC8F1A27-4E5D-4C4A-A7B0-2DA59720B59C} - (Intel® PRO/Wireless 2200BG Network Connection)
{CF8C85FE-45B4-4F34-94FE-62A3073E83E5} - ()
[>> All Winsock2 Catalogs <<]
NameSpace_Catalog5\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
[>> Protocol Handlers (Non-Microsoft only) <<]
cetihpz - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company )
ipp - (File not found)
msdaipp - (File not found)
[>> Protocol Filters (Non-Microsoft only) <<]
< Services (Non-Microsoft Only) >
Ati HotKey Poller (Ati HotKey Poller) - C:\WINDOWS\system32\Ati2evxx.exe ( ) [Automatic - Running - Win32, running in it's own process]
Automatic LiveUpdate Scheduler (Automatic LiveUpdate Scheduler) - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Event Manager (ccEvtMgr) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Network Proxy (ccProxy) - "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Settings Manager (ccSetMgr) - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Giga Pocket Hardware Detector (Giga Pocket Hardware Detector) - C:\Program Files\Sony\Giga Pocket\shwserv.exe (Sony Corporation ) [Automatic - Running - Win32, running in it's own process]
Norton AntiVirus Auto-Protect Service (navapsvc) - "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Norton Protection Center Service (NSCService) - "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE" (Symantec Corporation ) [On Demand - Running - Win32, running in it's own process]
Symantec Network Drivers Service (SNDSrvc) - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Sony TV Tuner Manager (Sony TV Tuner Manager) - C:\Program Files\Sony\Giga Pocket\RM_SV.exe (Sony Corporation ) [On Demand - Running - Win32, running in it's own process]
Symantec SPBBCSvc (SPBBCSvc) - "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Core LC (Symantec Core LC) - "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
< Files >
Auto-Start Folders
HKLM->Explorer\Shell Folders\\Common Startup = C:\Documents and Settings\All Users\Start Menu\Programs\Startup
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Date = 09/24/2005 02:05 | Attr = ])
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 08/13/2004 22:54 | Attr = HS])
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk - C:\Program Files\sony\usbsircs\usbsircs.exe (Sony Corporation [Ver = 6. 2. 05. 06230 | Size = 229376 bytes | Date = 06/23/2004 21:04 | Attr = ])
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk - C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe (Microsoft Corporation [Ver = 02.05.0001.1119 | Size = 238080 bytes | Date = 09/20/2005 18:10 | Attr = ])
HKLM->Explorer\User Shell Folders\\Common Startup = %ALLUSERSPROFILE%\Start Menu\Programs\Startup
HKLM->Explorer\Shell Folders\\Startup = C:\Documents and Settings\David\Start Menu\Programs\Startup
C:\Documents and Settings\David\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 08/13/2004 22:54 | Attr = HS])
HKCU->Explorer\User Shell Folders\\Startup = %USERPROFILE%\Start Menu\Programs\Startup
Miscellaneous Auto-Start Files
System.ini->[Boot]\\Shell - Explorer.exe
Wininit.ini: Line 1 - [rename]
Wininit.ini: Line 2 - NUL=InitTermMutexedc
Miscellaneous Folders
AllUsers ApplicationData Folder
C:\Documents and Settings\All Users\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 08/13/2004 15:44 | Attr = HS])
CurrentUser ApplicationData Folder
C:\Documents and Settings\David\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 08/13/2004 15:44 | Attr = HS])
C:\Documents and Settings\David\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log - ( [Ver = | Size = 6799 bytes | Date = 09/03/2006 08:19 | Attr = ])
Program Files Folder
Common Files Folder
DPF files
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - QuickTime Object - CodeBase =
http://www.apple.com...ex/qtplugin.cab{02CF1781-EA91-4FA5-A200-646E8241987C} - VaioInfo.CMClass - CodeBase =
http://esupport.sony.com/VaioInfo.CAB{17492023-C23A-453E-A040-C7C580BBF700} - Windows Genuine Advantage Validation Tool - CodeBase =
http://go.microsoft....k/?linkid=39204{193C772A-87BE-4B19-A7BB-445B226FE9A1} - ewidoOnlineScan Control - CodeBase =
http://download.ewid...oOnlineScan.cab{1E2941E3-8E63-11D4-9D5A-00902742D6E0} - iNotes Class - CodeBase =
http://mail3.rhsmith....edu/iNotes.cab{3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - MSN Money Charting - CodeBase =
http://moneycentral....bs/pmupd806.exe{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - Office Update Installation Engine - CodeBase =
http://office.micros...ntent/opuc3.cab{6414512B-B978-451D-A0D8-FCFDF33E833C} - WUWebControl Class - CodeBase =
http://update.micros...b?1120446491124{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - MUWebControl Class - CodeBase =
http://update.micros...b?1120480006086{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - GSDACtl Class - CodeBase =
http://launch.gamesp...nch/alaunch.cab{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_06 - CodeBase =
http://java.sun.com/...indows-i586.cab{9D190AE6-C81E-4039-8061-978EBAD10073} - F-Secure Online Scanner 3.0 - CodeBase =
http://support.f-sec.../ols3/fscax.cab{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - MsnMessengerSetupDownloadControl Class - CodeBase =
http://messenger.msn...pDownloader.cab{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - Java Plug-in 1.5.0_04 - CodeBase =
http://java.sun.com/...indows-i586.cab{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase =
http://java.sun.com/...indows-i586.cab{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase =
http://java.sun.com/...indows-i586.cab{D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase =
http://fpdownload.ma...ent/swflash.cabHosts file = 734 bytes. Reading all entries. C:\WINDOWS\System32\drivers\etc\Hosts
# Copyright © 1993-1999 Microsoft Corp. -
# -
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. -
# -
# This file contains the mappings of IP addresses to host names. Each -
# entry should be kept on an individual line. The IP address should -
# be placed in the first column followed by the corresponding host name. -
# The IP address and the host name should be separated by at least one -
# space. -
# -
# Additionally, comments (such as these) may be inserted on individual -
# lines or following the machine name denoted by a '#' symbol. -
# -
# For example: -
# -
# 102.54.94.97 rhino.acme.com # source server -
# 38.25.63.10 x.acme.com # x client host -
-
127.0.0.1 localhost -
< Add On's >
>>>>Output for AddOn file HKCU_IEDesktop.def<<<<
KEY - HKCU\Software\Microsoft\Internet Explorer\Desktop - Include SUBKEYS
HKCU\Software\Microsoft\Internet Explorer\Desktop -
Desktop\Components -
Desktop\Components\\DeskHtmlVersion - 272
Desktop\Components\\DeskHtmlMinorVersion - 5
Desktop\Components\\Settings - 1
Desktop\Components\\GeneralFlags - 1
Desktop\Components\0 -
Desktop\Components\0\\Source - About:Home
Desktop\Components\0\\SubscribedURL - About:Home
Desktop\Components\0\\FriendlyName - My Current Home Page
Desktop\Components\0\\Flags - 2
Desktop\Components\0\\Position - 2C 00 00 00 E4 00 00 00 00 00 00 00 9C 06 00 00 74 04 00 00 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00
Desktop\Components\0\\CurrentState - 04 00 00 40
Desktop\Components\0\\OriginalStateInfo - 18 00 00 00 FF FF 00 00 FF FF 00 00 FF FF FF FF FF FF FF FF 04 00 00 00
Desktop\Components\0\\RestoredStateInfo - 18 00 00 00 6A 02 00 00 23 00 00 00 A4 00 00 00 9A 00 00 00 01 00 00 00
Desktop\General -
Desktop\General\\BackupWallpaper - %SystemRoot%\VAIO SLIT Pattern Wallpaper TrueColor 1440x900.bmp
Desktop\General\\WallpaperFileTime - 00 EF 1F D3 70 55 C4 01
Desktop\General\\WallpaperLocalFileTime - 00 17 C1 26 36 55 C4 01
Desktop\General\\TileWallpaper - 0
Desktop\General\\WallpaperStyle - 2
Desktop\General\\Wallpaper - %SystemRoot%\VAIO SLIT Pattern Wallpaper TrueColor 1440x900.bmp
Desktop\General\\ComponentsPositioned - 1
Desktop\Old WorkAreas -
Desktop\Old WorkAreas\\NoOfOldWorkAreas - 1
Desktop\Old WorkAreas\\OldWorkAreaRects - 00 00 00 00 00 00 00 00 20 03 00 00 34 02 00 00
Desktop\SafeMode -
Desktop\SafeMode\General -
Desktop\SafeMode\General\\Wallpaper - %SystemRoot%\Web\SafeMode.htt
Desktop\SafeMode\General\\VisitGallery - 0
Desktop\Scheme -
Desktop\Scheme\\Edit -
Desktop\Scheme\\Display -
>>>>Output for AddOn file Jobs.def<<<<
DIR - C:\WINDOWS\tasks\*.* - Parameters = Include SubFolders
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - ( [Ver = | Size = 284 bytes | Date = 10/12/2006 21:24 | Attr = ])
C:\WINDOWS\tasks\desktop.ini - ( [Ver = | Size = 65 bytes | Date = 08/04/2004 08:00 | Attr = RH ])
C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - David.job - ( [Ver = | Size = 548 bytes | Date = 10/13/2006 20:48 | Attr = ])
C:\WINDOWS\tasks\Norton AntiVirus - Run Norton QuickScan - David.job - ( [Ver = | Size = 498 bytes | Date = 12/17/2005 18:23 | Attr = ])
C:\WINDOWS\tasks\SA.DAT - ( [Ver = | Size = 6 bytes | Date = 10/15/2006 20:26 | Attr = H ])
>>>>Output for AddOn file Policies.def<<<<
KEY - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -
policies\explorer -
policies\explorer\run -
policies\Ext -
policies\Ext\CLSID -
policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} - 1
policies\NonEnum -
policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} - 1
policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} - 1073741857
policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - 32
policies\Ratings -
policies\system -
policies\system\\dontdisplaylastusername - 0
policies\system\\legalnoticecaption -
policies\system\\legalnoticetext -
policies\system\\shutdownwithoutlogon - 1
policies\system\\undockwithoutlogon - 1
KEY - HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer - Include SUBKEYS
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer not found. -
KEY - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -
policies\Associations -
policies\Explorer -
policies\Explorer\\NoDriveTypeAutoRun - 145
policies\Explorer\Run -
policies\System -
KEY - HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer - Include SUBKEYS
HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer not found. -
>>>>Output for AddOn file SID_Run_Policies.def<<<<
KEY - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run -
KEY - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run -
KEY - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies -
Policies\Explorer -
Policies\Explorer\\NoDriveTypeAutoRun - 145
KEY - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies -
Policies\Explorer -
Policies\Explorer\\NoDriveTypeAutoRun - 145
< End of report >