[freestyle252]

Hi,

I have a fairly old computer running Windows 98, it is son's computer with a few problems.

Systen Info.
Compaq Presario
Pentium® 11 Processor
48.0MB RAM
Windows 98
Second Edition
4.10.2222 A

It has AVG and Zone Alarm, SpywareGaurd , CCleaner and SpywareBlaster also Diskeeper Lite. Problems he is having is very slow response also when i try to run AVG it just sits there running but doesnt scan, I tried in safe mode and same thing. I know its infected with something but dont know what it is. I have no idea where to start any help will be greatly appreciated. Thanks

Oops
Sorry, in the process of going through, the Read me before posting a HJT log I over looked that!

Okay, I went through the Read me before posting a HJT log. Well just about all the scanners say they dont support my Operating System.

I did manage to run SUPERAntiSpyware, well after 54 hours of running and was still running, figured it would take all week if not more so i stopped it.

It found

Parasite.WareOut 5
Adware.SBSoft 1
Adware.Tracking cookies 4 Here is the report

SUPERAntiSpyware Scan Log
Generated 06/29/2008 at 09:35 PM

Application Version : 3.6.1000

Core Rules Database Version : 3492
Trace Rules Database Version: 1483

Scan type : Complete Scan
Total Scan Time : 06:16:14

Memory items scanned : 232
Memory threats detected : 0
Registry items scanned : 1735
Registry threats detected : 5
File items scanned : 3386
File threats detected : 5

Parasite.WareOut
HKLM\Software\Classes\CLSID\{F5899416-D823-D57A-41C2-AB3B42F695CF}
HKCR\CLSID\{F5899416-D823-D57A-41C2-AB3B42F695CF}
HKCR\CLSID\{F5899416-D823-D57A-41C2-AB3B42F695CF}\InprocServer32
PROGMEN.DLL
HKU\.Default\Software\Microsoft\Internet Explorer\URLSearchHooks#{F5899416-D823-D57A-41C2-AB3B42F695CF}

Adware.SBSoft
HKU\.Default\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser#{08BEC6AA-49FC-4379-3587-4B21E286C19E}

Adware.Tracking Cookie
C:\WINDOWS\Cookies\anyuser@realmedia[1].txt
C:\WINDOWS\Cookies\[email protected][2].txt
C:\WINDOWS\Cookies\anyuser@adserver[1].txt
C:\WINDOWS\Cookies\[email protected][2].txt

If you note the 6 hours it took add another 48 hours to it

Downloaded HJT and here is their report

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:45:39 PM, on 6/29/08
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE
C:\PROGRAM FILES\COMPAQ\COMPAQ EASY ACCESS BUTTON SUPPORT\CPQBZL.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\AMEDDTCT.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRA~1\COMPAQ\COMPAQ~1\OSD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\ATIKEY32.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\COMPAQ\INTERNET\WATCHDOG.EXE
C:\PROGRAM FILES\HOMECLICK\HCDETECT.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R3 - URLSearchHook: (no name) - {F5899416-D823-D57A-41C2-AB3B42F695CF} - PROGMEN.DLL (file missing)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN
O4 - HKLM\..\Run: [Encompass Monitor] C:\Program Files\Encompass\MONITOR.EXE
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [AppMasterCenter] browsebar.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Essdc] essdc.exe
O4 - HKLM\..\Run: [AtiKey] Atikey32.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [Watch Dog Program] C:\COMPAQ\INTERNET\WATCHDOG.EXE
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [HCDetect] C:\Program Files\HomeClick\HCDetect.exe
O4 - HKLM\..\Run: [PrcIdle] dialer423.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [DkService] C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
O4 - HKLM\..\RunServices: [CPQEASYACC] C:\Program Files\Compaq\Compaq Easy Access Button Support\cpqbzl.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [SAPSTR] MONITER.exe
O4 - HKCU\..\Run: [AliceSD] DTOURS.exe
O4 - HKCU\..\Run: [Serviceprocess] utsgmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKCU\..\RunServices: [SAPSTR] MONITER.exe
O4 - HKCU\..\RunServices: [AliceSD] DTOURS.exe
O4 - HKCU\..\RunServices: [Serviceprocess] utsgmon.exe
O4 - HKCU\..\RunServices: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKUS\.DEFAULT\..\Run: [SAPSTR] MONITER.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AliceSD] DTOURS.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Serviceprocess] utsgmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE (User 'Default user')
O4 - .DEFAULT Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O13 - WWW. Prefix: http://
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht!http://195.95.218.83...hm::/update.exe
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...canner37380.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.gam...ts/y/poti_x.cab
O16 - DPF: DigiChat Applet - http://palatka.digi-..._IE_5_1_0_1.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.184.86,85.255.112.9
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL

--
End of file - 5490 bytes

I also ran ATF cleaner but after running it i found in another thread that ATF cleaner was for Widows XP or 2000 nothing about Windows 98 SE, hope i didnt do any harm by running it!

I ran CCleaner and Diskeeper Lite, but computer is still slower than slow. PLease point me in the right direction. Thanks


Reason for Edit: Merged posts.

Please don't post more than once or bump the topic as Helpers usually first look for threads with no replies.

Edited by Octagonal, 30 June 2008 - 04:07 AM.

[Advertisements]

Hi there and sorry for the delay - it has been a while since I worked on 98

If you have AVG8 it will not work on 98 and if you have AVG7 I'm not sure if it updates.

Please download FixWareout from here:
http://downloads.sub.../Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. If your firewall gives an alert, (because this tool will download an additional file from the internet), please don't let your firewall block it, but allow it instead.
Then you will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log

[Essexboy]

Hi there and sorry for the delay - it has been a while since I worked on 98

If you have AVG8 it will not work on 98 and if you have AVG7 I'm not sure if it updates.

Please download FixWareout from here:
http://downloads.sub.../Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. If your firewall gives an alert, (because this tool will download an additional file from the internet), please don't let your firewall block it, but allow it instead.
Then you will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log

[freestyle252]

Hi, Essexboy

I am running AVG 7.5 and i am able to still get updates.

Did as you instructed, ran FixWareout but it didnt produce a (report.txt) so i ran it 2 more times and still never got a (report.txt)

HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:22:49 PM, on 7/2/08
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE
C:\PROGRAM FILES\COMPAQ\COMPAQ EASY ACCESS BUTTON SUPPORT\CPQBZL.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\AMEDDTCT.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRA~1\COMPAQ\COMPAQ~1\OSD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\ATIKEY32.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\COMPAQ\INTERNET\WATCHDOG.EXE
C:\PROGRAM FILES\HOMECLICK\HCDETECT.EXE
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R3 - URLSearchHook: (no name) - {F5899416-D823-D57A-41C2-AB3B42F695CF} - PROGMEN.DLL (file missing)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN
O4 - HKLM\..\Run: [Encompass Monitor] C:\Program Files\Encompass\MONITOR.EXE
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [AppMasterCenter] browsebar.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Essdc] essdc.exe
O4 - HKLM\..\Run: [AtiKey] Atikey32.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [Watch Dog Program] C:\COMPAQ\INTERNET\WATCHDOG.EXE
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [HCDetect] C:\Program Files\HomeClick\HCDetect.exe
O4 - HKLM\..\Run: [PrcIdle] dialer423.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [DkService] C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
O4 - HKLM\..\RunServices: [CPQEASYACC] C:\Program Files\Compaq\Compaq Easy Access Button Support\cpqbzl.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [SAPSTR] MONITER.exe
O4 - HKCU\..\Run: [AliceSD] DTOURS.exe
O4 - HKCU\..\Run: [Serviceprocess] utsgmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKUS\.DEFAULT\..\Run: [SAPSTR] MONITER.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AliceSD] DTOURS.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Serviceprocess] utsgmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE (User 'Default user')
O4 - .DEFAULT Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O13 - WWW. Prefix: http://
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht!http://195.95.218.83...hm::/update.exe
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...canner37380.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.gam...ts/y/poti_x.cab
O16 - DPF: DigiChat Applet - http://palatka.digi-..._IE_5_1_0_1.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.184.86,85.255.112.9
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL

--
End of file - 5337 bytes

[Essexboy]

OK then manual cleaning time

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

R3 - URLSearchHook: (no name) - {F5899416-D823-D57A-41C2-AB3B42F695CF} - PROGMEN.DLL (file missing)
O4 - HKLM\..\Run: [AppMasterCenter] browsebar.exe
O4 - HKLM\..\Run: [PrcIdle] dialer423.exe
O4 - HKCU\..\Run: [SAPSTR] MONITER.exe
O4 - HKCU\..\Run: [AliceSD] DTOURS.exe
O4 - HKCU\..\Run: [Serviceprocess] utsgmon.exe
O4 - HKUS\.DEFAULT\..\Run: [SAPSTR] MONITER.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AliceSD] DTOURS.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Serviceprocess] utsgmon.exe (User 'Default user')
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht!http://195.95.218.83...hm::/update.exe
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.184.86,85.255.112.9

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

THEN

Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.

• Save it to your desktop.
• Please double-click Killbox.exe to run it.
• Select:
  • Delete on Reboot
  • then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
  
  C:\WINDOWS\SYSTEM\browsebar.exe
  C:\WINDOWS\SYSTEM\dialer423.exe
  C:\WINDOWS\SYSTEM\MONITER.exe
  C:\WINDOWS\SYSTEM\DTOURS.exe
  C:\WINDOWS\SYSTEM\utsgmon.exe
  
  
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.

FINALLY FOR NOW

Please RIGHT-CLICK HERE and Save As (in IE it's "Save Target As", in FF it's "Save Link As") to download Silent Runners.

• Save it to the desktop.
• Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
• You will receive a prompt:
  
  • Do you want to skip supplementary searches?
    click NO
• If you receive an error just click OK and double-click it to run it again - sometimes it won't run as it's supposed to the first time but will in subsequent runs.
• You will see a text file appear on the desktop - it's not done, let it run (it won't appear to be doing anything!)
• Once you receive the prompt All Done!, open the text file on the desktop, copy that entire log, and paste it here.

*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.

[freestyle252]

Hello again Essexboy,

Sorry for the delay but was away from the computer for a few days.

Did as you instructed but ran into a little problem on the second part, when i tried to paste the file paths to clipboard, it wouldnt take them so i used Notpad and copied and paste one entry at a time and followed directions, I think it worked.

I did not receive the message ( If your computer does not restart automatically, please restart it manually).

I also had to download wmi9x.exe to beable to run Silent Runner, here is its log

"Silent Runners.vbs", revision 58, http://www.silentrunners.org/
Operating System: Windows 98
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"SUPERAntiSpyware" = "C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" ["SUPERAntiSpyware.com"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"SystemTray" = "SysTray.Exe" [MS]
"Compaq Internet Setup" = "C:\Compaq\Internet\InetWizard.exe /RUN" ["Compaq Computer Corp."]
"Encompass Monitor" = "C:\Program Files\Encompass\MONITOR.EXE" ["Encompass, Inc."]
"ScanRegistry" = "c:\windows\scanregw.exe /autorun" [MS]
"TaskMonitor" = "c:\windows\taskmon.exe" [MS]
"LoadPowerProfile" = "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme" [MS]
"AVG7_CC" = "C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP" ["GRISOFT, s.r.o."]
"AVG7_EMC" = "C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE" ["GRISOFT, s.r.o."]
"AVG7_AMSVR" = "C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE" ["GRISOFT, s.r.o."]
"Zone Labs Client" = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" ["Zone Labs, LLC"]
"Essdc" = "essdc.exe" [file not found]
"AtiKey" = "Atikey32.exe" ["ATI Technologies, Inc."]
"AtiCwd32" = "Aticwd32.exe" ["ATI Technologies Inc."]
"Watch Dog Program" = "C:\COMPAQ\INTERNET\WATCHDOG.EXE" ["Compaq Computer Corp."]
"BillMinder" = "C:\QUICKENW\BILLMIND.EXE" ["Intuit"]
"HCDetect" = "C:\Program Files\HomeClick\HCDetect.exe" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\ {++}
"EncMonitor" = "C:\Program Files\Encompass\Monitor.exe" ["Encompass, Inc."]
"LoadPowerProfile" = "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme" [MS]
"TrueVector" = "C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service" ["Zone Labs, LLC"]
"KB891711" = "c:\windows\SYSTEM\KB891711\KB891711.EXE" [MS]
"KB918547" = "C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE" [MS]
"DkService" = "C:\Program Files\Executive Software\DiskeeperLite\DkService.exe" ["Executive Software International, Inc."]
"CPQEASYACC" = "C:\Program Files\Compaq\Compaq Easy Access Button Support\cpqbzl.exe" ["Compaq Computer Corporation"]
"SchedulingAgent" = "mstask.exe" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{4A368E80-174F-4872-96B5-0B27DDD11DB2}\(Default) = "SpywareGuard Download Protection"
-> {HKLM...CLSID} = "SpywareGuardDLBLOCK.CBrowserHelper"
\InProcServer32\(Default) = "C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{D76FDCA0-592A-11D0-B7FD-00C04FD706EC}" = "BMP Thumbnail Extractor"
-> {HKLM...CLSID} = "BMP Thumbnail Extractor"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\THUMBVW.DLL" [MS]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {HKLM...CLSID} = "AVG7 Find Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{81559C35-8464-49F7-BB0E-07A383BEF910}" = (no title provided)
-> {HKLM...CLSID} = "SpywareGuard.Handler"
\InProcServer32\(Default) = "C:\PROGRAM FILES\SPYWAREGUARD\SPYWAREGUARD.DLL" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{81559C35-8464-49F7-BB0E-07A383BEF910}" = (no title provided)
-> {HKLM...CLSID} = "SpywareGuard.Handler"
\InProcServer32\(Default) = "C:\PROGRAM FILES\SPYWAREGUARD\SPYWAREGUARD.DLL" [null data]
<<!>> "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" = (no title provided)
-> {HKLM...CLSID} = "SABShellExecuteHook Class"
\InProcServer32\(Default) = "C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL" ["SuperAdBlocker.com"]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NetwareUNCMenu\(Default) = "{B91C21C0-0050-101B-8A87-00AA000C4F5D}"
-> {HKLM...CLSID} = "Netware UNC Folder Menu"
\InProcServer32\(Default) = "mpr.dll" [MS]
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]


System Policies {policy setting}:
---------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"EditLevel" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoRun" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoClose" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoSaveSettings" = (REG_DWORD) dword:0x00000000
{Don't save settings at exit}

"NoFileMenu" = (REG_DWORD) dword:0x00000000
{unrecognized setting}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by System Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "c:\windows\Clouds.bmp"

Displayed if Active Desktop disabled and wallpaper not set by System Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "c:\windows\Clouds.bmp"


WIN.INI & SYSTEM.INI launch points:
-----------------------------------

SYSTEM.INI
[boot]
"SCRNSAVE.EXE=C:\WINDOWS\SYSTEM\FLYING~2.SCR" (Flying Through Space.scr) [MS]


Startup items in "Startup" & "All Users...Startup" folders:
-----------------------------------------------------------

C:\WINDOWS\Start Menu\Programs\StartUp
"SpywareGuard" -> shortcut to: "C:\Program Files\SpywareGuard\sgmain.exe" [null data]


Enabled Scheduled Tasks:
------------------------

"Tune-up Application Start" -> launches: "walign" [MS]
"{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_Rusty" -> launches: "mobsync.exe /Schedule="{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_Rusty"" [MS]
"{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_Default" -> launches: "mobsync.exe /Schedule="{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_Default"" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "c:\windows\SYSTEM\rnr20.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
00000000000#\PackedCatalogItem (contains) DLL [Company Name], (at) # range:
c:\windows\SYSTEM\msafd.dll [MS], 1 - 3
c:\windows\SYSTEM\rsvpsp.dll [MS], 4 - 5
c:\windows\SYSTEM\mswsosp.dll [MS], 6 - 9


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
Microsoft Fax Monitor\Driver = "AWFMON32.DLL" [MS]


---------- (launch time: 2008-07-07 20:15:29)
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 30 seconds.
---------- (total run time: 118 seconds)


Also a HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:44:30 PM, on 7/7/08
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE
C:\PROGRAM FILES\COMPAQ\COMPAQ EASY ACCESS BUTTON SUPPORT\CPQBZL.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\AMEDDTCT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRA~1\COMPAQ\COMPAQ~1\OSD.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\ATIKEY32.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\COMPAQ\INTERNET\WATCHDOG.EXE
C:\PROGRAM FILES\HOMECLICK\HCDETECT.EXE
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN
O4 - HKLM\..\Run: [Encompass Monitor] C:\Program Files\Encompass\MONITOR.EXE
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Essdc] essdc.exe
O4 - HKLM\..\Run: [AtiKey] Atikey32.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [Watch Dog Program] C:\COMPAQ\INTERNET\WATCHDOG.EXE
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [HCDetect] C:\Program Files\HomeClick\HCDetect.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [DkService] C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
O4 - HKLM\..\RunServices: [CPQEASYACC] C:\Program Files\Compaq\Compaq Easy Access Button Support\cpqbzl.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKUS\.DEFAULT\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE (User 'Default user')
O4 - .DEFAULT Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O13 - WWW. Prefix: http://
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...canner37380.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.gam...ts/y/poti_x.cab
O16 - DPF: DigiChat Applet - http://palatka.digi-..._IE_5_1_0_1.cab
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL

--
End of file - 4654 bytes


Hope this is what you wanted I tried very hard to follow your directions the best i could.

[Essexboy]

Hope this is what you wanted I tried very hard to follow your directions the best i could

You did good

That looks a lot better now, how is your computer running ?

Would you like to try Superantispyware again to see if there is any residue

Run SAS

• On the first page select Check for Updates
• On completion select SCAN YOUR COMPUTER
• On the next page select COMPLETE SCAN and tick ALL your drives
• The next stage will take a while as your entire drive(s), memory and registry are scanned
• When it has completed click NEXT
• The next screen shows the problems found click OK
• On the next screen place a tick against all items and select NEXT
• Now to get the log Go to the PREFERENCES button on the right bottom
• Select the STATISTICS/LOG tab
• Highlight the scan just completed and click VIEW LOG
• This will open a notepad text file copy and paste this to your next reply

[freestyle252]

I don't see any noticeable improvements yet.

Still in the process of running SAS, its been 20 hours of running so far, it takes forever to scan one file

It did find 4 Parasite.WareOut's again. Should i let it keep running? Might take a couple of days at this rate for it to finish (if it finishes)

The first time i ran it , it took almost 54 hours and it still wasn't finish. I think that is why AVG doesn't scan at all.

Is there another Anti Virus program i could use thats for Windows 98 all the ones i have been finding is for later Operating Systems ?

Edited by freestyle252, 09 July 2008 - 09:06 AM.

[Essexboy]

The problem is that nearly everyone is ending support for 98. I will do some searching and be back soon

[Essexboy]

Whoosh and I am back-- It looks like AVZ works on 98 so we will try that

We will now do a deep search of your processes and files

Download avz4.zip from here

• Unzip it to your desktop to a folder named avz4
• Double click on AVZ.exe to run it.
• Run an update by clicking the Auto Update button on the Right of the Log window:
• Click Start to begin the update

Note: If you recieve an error message, chose a different source, then click Start again

• Start AVZ.
  
• Choose from the menu "File" => "Standard scripts " and mark the "Healing/Quarantine and Advanced System Investigation" check box.
• Click on the “Execute selected scripts”.
• Automatic scanning, healing and system check will be executed.
• A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
• It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
• All applications will work properly after the system restart.

When restarted

• Start AVZ.
  
• Choose from the menu "File" => "Standard scripts " and mark the “Advanced System Investigation" check box.
• Click on the "Execute selected scripts".
• A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.

Attach both zip files to your next post

[freestyle252]

Sorry Essexboy, excuse me for the lack of expereance but i never unzipped anything before.

How do i go about unziping avz4.zip to my decktop?

[Essexboy]

Sorry Essexboy, excuse me for the lack of expereance but i never unzipped anything before.

No need to apologise, everyone has a varying level of knowledge

I can't remember if win98 has a built in zip. So first right click the zip file and if you see an extract command then use that. If that is not available then download and run Winzip from this site http://oldversion.co...am.php?n=winzip do not download a version later than 8.0 (I would recommend 7.0 to be on the safe side )

Programme usage information is here
http://www.winzip.com/aboutzip.htm

[freestyle252]

Hi again Essexboy,

This is the log for ASA i ran again after 30 hours of running and still wasnt finished

SUPERAntiSpyware Scan Log
Generated 07/09/2008 at 07:35 PM

Application Version : 3.6.1000

Core Rules Database Version : 3499
Trace Rules Database Version: 1490

Scan type : Complete Scan
Total Scan Time : 05:40:51 (note: 24 hours + 5:40 hours and still wasnt finished

Memory items scanned : 230
Memory threats detected : 0
Registry items scanned : 1767
Registry threats detected : 3
File items scanned : 2454
File threats detected : 1

Parasite.WareOut
HKLM\Software\Classes\CLSID\{F5899416-D823-D57A-41C2-AB3B42F695CF}
HKCR\CLSID\{F5899416-D823-D57A-41C2-AB3B42F695CF}
HKCR\CLSID\{F5899416-D823-D57A-41C2-AB3B42F695CF}\InprocServer32
PROGMEN.DLL


AVZ report

<?xml version="1.0" encoding="windows-1251" ?>
- <!-- AVZ XML Report
-->
- <AVZ>
- <PROCESS>
<ITEM PID="4294779235" File="c:\windows\ameddtct.exe" CheckResult="-1" Descr="Automatic Media Detection (OLE Automation) Server Application" LegalCopyright="Copyright © 1997" CmdLine="" Size="204288" Attr="rsAh" CreateDate="1/1/97 6:49:38 AM" ChageDate="8/14/97 9:56:06 AM" MD5="72053E41315C5D23769B953DA5CA1B85" />
<ITEM PID="4290945419" File="c:\windows\system\aticwd32.exe" CheckResult="-1" Descr="ATI Setup Program Resource File" LegalCopyright="Copyright © ATI Technologies Inc. 1997" CmdLine="" Size="20480" Attr="rsAh" />
<ITEM PID="4290998331" File="c:\windows\system\atikey32.exe" CheckResult="-1" Descr="ATI Keyboard Monitor Resource Dll" LegalCopyright="Copyright © ATI Technologies Inc. 1997" CmdLine="" Size="51712" Attr="rsAh" />
<ITEM PID="4290955331" File="c:\program files\grisoft\avg free\avgamsvr.exe" CheckResult="0" Descr="AVG Alert Manager" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." Hidden="-1" CmdLine="" Size="418816" Attr="rsAh" CreateDate="5/10/08 6:22:27 PM" ChageDate="5/10/08 6:22:28 PM" MD5="3C7B93F947355E374A49564D0D017B7B" />
<ITEM PID="4290993539" File="c:\program files\grisoft\avg free\avgcc.exe" CheckResult="-1" Descr="AVG Control Center" LegalCopyright="Copyright © 2008 GRISOFT, s.r.o." CmdLine="" Size="579584" Attr="rsAh" CreateDate="6/25/08 9:58:30 AM" ChageDate="6/25/08 9:58:32 AM" MD5="25A49E5BFF4E6424FA5E27C81269041D" />
<ITEM PID="4290981883" File="c:\program files\grisoft\avg free\avgemc.exe" CheckResult="-1" Descr="AVG E-Mail Scanner" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." CmdLine="" Size="406528" Attr="rsAh" CreateDate="5/10/08 6:22:30 PM" ChageDate="5/10/08 6:22:32 PM" MD5="FC0B2AE890BB0DC8C2306DABEDC8A4BA" />
<ITEM PID="4291067707" File="c:\windows\desktop\avz4\avz4\avz.exe" CheckResult="0" Descr="____________ _______ AVZ" LegalCopyright="____________ _______ AVZ" Hidden="-1" CmdLine="" Size="733696" Attr="rsAh" CreateDate="7/10/08 6:45:41 PM" ChageDate="4/6/08 5:22:50 PM" MD5="DAC7D894EC8C7E5746AE3B8941DE7906" />
<ITEM PID="4294848423" File="c:\program files\compaq\compaq easy access button support\cpqbzl.exe" CheckResult="-1" Descr="CPQBZL : Compaq Easy Access Button Support + Services Daemon" LegalCopyright="Copyright © 1996-97" CmdLine="" Size="637440" Attr="rsAh" CreateDate="1/1/97 6:49:37 AM" ChageDate="11/18/97 1:48:16 PM" MD5="92AD2E2237A5C37DBA7CB50505E80F64" />
<ITEM PID="4291104055" File="c:\windows\system\ddhelp.exe" CheckResult="0" Descr="Microsoft DirectX Helper" LegalCopyright="Copyright © Microsoft Corp. 1994-1999" Hidden="-1" CmdLine="" Size="49152" Attr="rsAh" CreateDate="2/17/05 11:58:32 AM" ChageDate="4/23/99 10:22:00 PM" MD5="0677824ECBB0E8D08BEB93FFE9AB60D8" />
<ITEM PID="4294817863" File="c:\program files\executive software\diskeeperlite\dkservice.exe" CheckResult="-1" Descr="DKSERVICE.EXE" LegalCopyright="© 1995-2002 Executive Software Int@apos;l, Inc." CmdLine="" Size="163840" Attr="rsAh" CreateDate="10/16/02 10:00:40 PM" ChageDate="10/16/02 10:00:40 PM" MD5="2BF1916F280E0CDA681408F98CBD1C9C" />
<ITEM PID="4294753015" File="c:\windows\explorer.exe" CheckResult="0" Descr="Windows Explorer" LegalCopyright="Copyright © Microsoft Corp. 1981-1997" Hidden="-1" CmdLine="" Size="180224" Attr="rsAh" CreateDate="2/17/05 11:58:34 AM" ChageDate="4/23/99 10:22:00 PM" MD5="B22B28F61B1BB06723019307F0FAACFC" />
<ITEM PID="4290917179" File="c:\program files\homeclick\hcdetect.exe" CheckResult="-1" Descr="HomeClick Network Detect" LegalCopyright="Copyright © 1999 Microsoft Corporation" CmdLine="" Size="61440" Attr="rsAh" CreateDate="9/10/99 5:51:52 PM" ChageDate="9/10/99 5:51:52 PM" MD5="3FC68782F0D7E736790F0FFEE1389F3C" />
<ITEM PID="4291082731" File="c:\program files\internet explorer\iexplore.exe" CheckResult="0" Descr="Internet Explorer" LegalCopyright="© Microsoft Corporation. All rights reserved." Hidden="-1" CmdLine="" Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="EB9EAF627F705525D01DE5FA07EA1818" />
<ITEM PID="4294829491" File="c:\windows\system\kb918547\kb918547.exe" CheckResult="-1" Descr="Windows KB918547 EXE component" LegalCopyright="Copyright © Microsoft Corp. 1991-2005" CmdLine="" Size="8256" Attr="rsAh" CreateDate="4/24/06 2:24:20 AM" ChageDate="4/24/06 2:24:20 AM" MD5="E5C7486D02E0D17E11C840694A5C55B5" />
<ITEM PID="4294880291" File="c:\program files\encompass\monitor.exe" CheckResult="-1" Descr="Monitor Application" LegalCopyright="Copyright © 1997" CmdLine="" Size="73216" Attr="rsAh" CreateDate="1/1/97 8:22:19 AM" ChageDate="10/1/97 12:04:50 AM" MD5="03036990FAC2A77D8D839B4957EF4711" />
<ITEM PID="4294916423" File="c:\windows\system\msgsrv32.exe" CheckResult="0" Descr="Windows 32-bit VxD Message Server" LegalCopyright="Copyright © Microsoft Corp. 1992-1998" Hidden="-1" CmdLine="" Size="11920" Attr="rsAh" CreateDate="2/17/05 12:02:57 PM" ChageDate="4/23/99 10:22:00 PM" MD5="15020A139F22CDBF9C70AA8D80F6AE0E" />
<ITEM PID="4294848795" File="c:\windows\system\mstask.exe" CheckResult="0" Descr="Task Scheduler Engine" LegalCopyright="Copyright © Microsoft Corp. 2000" Hidden="-1" CmdLine="" Size="111888" Attr="rsah" CreateDate="2/24/05 8:45:50 AM" ChageDate="2/24/05 8:45:52 AM" MD5="E2460018CB7C7D185B6278F7C1770151" />
<ITEM PID="4294734559" File="c:\progra~1\compaq\compaq~1\osd.exe" CheckResult="-1" Descr="Onscreen Display" LegalCopyright="Copyright © 1997 Mediascape, Inc. All Rights Reserved." CmdLine="" Size="248832" Attr="rsAh" CreateDate="1/1/97 6:49:37 AM" ChageDate="8/23/97 7:27:54 PM" MD5="E351B08155983FB934879F4A6B45C869" />
<ITEM PID="4291294211" File="c:\program files\spywareguard\sgbhp.exe" CheckResult="-1" Descr="SG Browser Hijacking Protection" LegalCopyright="Copyright © 2002-2003 Javacool Software LLC." CmdLine="" Size="233472" Attr="rsAh" CreateDate="8/29/03 11:14:56 AM" ChageDate="8/29/03 11:14:58 AM" MD5="A80D0704537C0EF97DB2BEF24B99AF1A" />
<ITEM PID="4290877635" File="c:\program files\spywareguard\sgmain.exe" CheckResult="0" Descr="SpywareGuard" LegalCopyright="Copyright © 2002-2003 Javacool Software LLC" Hidden="-1" CmdLine="" Size="360448" Attr="rsAh" CreateDate="8/29/03 7:05:35 PM" ChageDate="8/29/03 7:05:36 PM" MD5="61C028ABA5E49573A6332F4A7C744E87" />
<ITEM PID="4294914495" File="c:\windows\system\spool32.exe" CheckResult="0" Descr="Spooler Sub System Process" LegalCopyright="Copyright © Microsoft Corp. 1994 - 1998" Hidden="-1" CmdLine="" Size="45056" Attr="rsAh" CreateDate="2/17/05 12:03:01 PM" ChageDate="4/23/99 10:22:00 PM" MD5="DB3BEE092F0E90CF799D69F99C001DAE" />
<ITEM PID="4290895419" File="c:\program files\superantispyware\superantispyware.exe" CheckResult="-1" Descr="SUPERAntiSpyware" LegalCopyright="Copyright © 2005-2007 by SUPERAntiSpyware.com and SUPERAdBlocker.com" CmdLine="" Size="1310720" Attr="rsAh" CreateDate="2/27/07 11:39:26 AM" ChageDate="2/27/07 11:39:26 AM" MD5="F53FC0D24B70637776F1FCAF7809F917" />
<ITEM PID="4291031111" File="c:\windows\system\systray.exe" CheckResult="0" Descr="System Tray Applet" LegalCopyright="Copyright © Microsoft Corp. 1993-1998" Hidden="-1" CmdLine="" Size="32768" Attr="rsAh" CreateDate="2/17/05 12:03:02 PM" ChageDate="4/23/99 10:22:00 PM" MD5="73681085DCD0997E531240100CA12B28" />
<ITEM PID="4294862295" File="c:\windows\system\zonelabs\vsmon.exe" CheckResult="0" Descr="TrueVector Service" LegalCopyright="Copyright © 1998-2005, Zone Labs, LLC" Hidden="-1" CmdLine="" Size="1677056" Attr="rsAh" CreateDate="10/21/05 7:44:51 PM" ChageDate="8/29/05 7:08:50 PM" MD5="EDA6C13F88B228AE2633636D3DDF64C8" />
<ITEM PID="4290928075" File="c:\compaq\internet\watchdog.exe" CheckResult="-1" Descr="WATCHDOG MFC Application" LegalCopyright="Copyright © 1997 Compaq Computer Corp." CmdLine="" Size="138240" Attr="rsAh" CreateDate="1/1/97 7:15:06 AM" ChageDate="10/15/97 5:56:46 PM" MD5="41B32876DD2C7053DDD426A089B2BEC9" />
<ITEM PID="4290943823" File="c:\program files\zone labs\zonealarm\zlclient.exe" CheckResult="0" Descr="Zone Labs Client" LegalCopyright="Copyright © 1998-2005, Zone Labs, LLC" Hidden="-1" CmdLine="" Size="980736" Attr="rsAh" CreateDate="10/21/05 7:45:08 PM" ChageDate="8/29/05 7:09:38 PM" MD5="A069F614D143770EB857F274F81D19A9" />
</PROCESS>
- <DLL>
<ITEM File="C:\PROGRAM FILES\ENCOMPASS\ENCMON.DLL" CheckResult="-1" Descr="ENCMON DLL" LegalCopyright="Copyright © 1997" UsedBy="4294779235,4290998331,4290955331,4290993539,4290981883,4291067707,429484842
3,4291104055,4294753015,4290917179,4291082731,4294880291,4290877635,4290895419,4
2
91031111,4294862295,4290943823" Hidden="-1" Size="12800" Attr="rsAh" CreateDate="1/1/97 8:22:20 AM" ChageDate="9/30/97 6:01:54 PM" MD5="1C45E18C7AEE9CE8FFDEC38C4549F05E" />
<ITEM File="C:\WINDOWS\AMEDDTCT.EXE" CheckResult="-1" Descr="Automatic Media Detection (OLE Automation) Server Application" LegalCopyright="Copyright © 1997" UsedBy="4294779235" Hidden="-1" Size="204288" Attr="rsAh" CreateDate="1/1/97 6:49:38 AM" ChageDate="8/14/97 9:56:06 AM" MD5="72053E41315C5D23769B953DA5CA1B85" />
<ITEM File="C:\WINDOWS\SYSTEM\SHLWAPI.DLL" CheckResult="-1" Descr="Shell Light-weight Utility Library" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4294779235,4290955331,4290993539,4290981883,4291067707,4294848423,429481786
3,4294753015,4290917179,4291082731,4294880291,4294916423,4294848795,4290877635,4
2
94914495,4290895419,4291031111,4294862295,4290928075,4290943823" Hidden="-1" Size="409088" Attr="rsAh" CreateDate="8/31/05 6:49:30 PM" ChageDate="8/31/05 6:49:30 PM" MD5="D311A7FC4E081EE7AAAA6F581CF3C471" />
<ITEM File="C:\WINDOWS\SYSTEM\ATICWD32.EXE" CheckResult="-1" Descr="ATI Setup Program Resource File" LegalCopyright="Copyright © ATI Technologies Inc. 1997" UsedBy="4290945419" Hidden="-1" Size="20480" Attr="rsAh" />
<ITEM File="C:\WINDOWS\SYSTEM\ATIKEY32.EXE" CheckResult="-1" Descr="ATI Keyboard Monitor Resource Dll" LegalCopyright="Copyright © ATI Technologies Inc. 1997" UsedBy="4290998331" Hidden="-1" Size="51712" Attr="rsAh" />
<ITEM File="C:\WINDOWS\SYSTEM\ATICWDDE.DLL" CheckResult="-1" Descr="ATI Common Windows Display Driver Extensions" LegalCopyright="Copyright © ATI Technologies Inc. 1997" UsedBy="4290998331" Hidden="-1" Size="20992" Attr="rsAh" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMINT.DLL" CheckResult="-1" Descr="AVG Alert Manager Internal Plugin" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290955331" Hidden="-1" Size="278016" Attr="rsAh" CreateDate="5/10/08 6:22:26 PM" ChageDate="5/10/08 6:22:28 PM" MD5="A487A2BDC8EF099CEDE6DAFE7B5525CE" />
<ITEM File="C:\WINDOWS\SYSTEM\WININET.DLL" CheckResult="-1" Descr="Internet Extensions for Win32" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4290955331,4290981883,4291067707,4294753015,4290917179,4291082731,429488029
1,4290895419,4294862295,4290943823" Hidden="-1" Size="575488" Attr="rsAh" CreateDate="4/28/06 10:58:58 AM" ChageDate="4/28/06 10:58:58 AM" MD5="3D5062A7667913B9B515CC5769E9FB31" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCFG.DLL" CheckResult="-1" Descr="AVG Configuration Module" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290955331,4290993539,4290981883" Hidden="-1" Size="572928" Attr="rsAh" CreateDate="5/10/08 6:22:28 PM" ChageDate="5/10/08 6:22:30 PM" MD5="EE3201BF942FB000B8C98A6CEB9C4105" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMSUI.DLL" CheckResult="-1" Descr="AVG Settings Library for EMS" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290993539" Hidden="-1" Size="416768" Attr="rsAh" CreateDate="5/10/08 6:22:31 PM" ChageDate="5/10/08 6:22:32 PM" MD5="50DC3099980F7073EB891306DE67AC43" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCCKRN.DLL" CheckResult="-1" Descr="AVG Kernel Plugin Module" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290993539" Hidden="-1" Size="582656" Attr="rsAh" CreateDate="5/10/08 6:22:28 PM" ChageDate="5/10/08 6:22:30 PM" MD5="E7588025E17A4C60231A96B4021EF3F2" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGRESF.DLL" CheckResult="-1" Descr="AVG Resource Library" LegalCopyright="Copyright © AVG Technologies CZ, s.r.o. 2000-2008" UsedBy="4290993539" Hidden="-1" Size="1175552" Attr="rsAh" CreateDate="6/24/08 7:12:52 PM" ChageDate="6/25/08 7:29:06 AM" MD5="835C1AA3E4C7B21DCC7A9B542F4A5AD9" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE" CheckResult="-1" Descr="AVG Control Center" LegalCopyright="Copyright © 2008 GRISOFT, s.r.o." UsedBy="4290993539" Hidden="-1" Size="579584" Attr="rsAh" CreateDate="6/25/08 9:58:30 AM" ChageDate="6/25/08 9:58:32 AM" MD5="25A49E5BFF4E6424FA5E27C81269041D" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGTEST.DLL" CheckResult="-1" Descr="AVG Test User Interface" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290993539" Hidden="-1" Size="604160" Attr="rsAh" CreateDate="5/10/08 6:22:36 PM" ChageDate="5/10/08 6:22:38 PM" MD5="C7F153B54C1DF8C8E03828C7EE3A74E4" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGSET.DLL" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="4290993539" Hidden="-1" Size="467456" Attr="rsAh" CreateDate="5/10/08 6:22:35 PM" ChageDate="5/10/08 6:22:36 PM" MD5="940BE885A17CBD5D6AD82C3FA0BB1BF3" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGABOUT.DLL" CheckResult="-1" Descr="AVG About Box Library" LegalCopyright="Copyright © 2008 GRISOFT, s.r.o." UsedBy="4290993539" Hidden="-1" Size="9162240" Attr="rsAh" CreateDate="6/25/08 9:58:27 AM" ChageDate="6/25/08 9:58:28 AM" MD5="1BC66DFDA896D8E799DA6BEA89696B02" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCTRL.DLL" CheckResult="-1" Descr="AVG Control Library" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290993539" Hidden="-1" Size="905728" Attr="rsAh" CreateDate="5/10/08 6:22:30 PM" ChageDate="5/10/08 6:22:32 PM" MD5="129BCCA44DD86F63532D59F4377918DC" />
<ITEM File="C:\WINDOWS\SYSTEM\SCHANNEL.DLL" CheckResult="-1" Descr="TLS / SSL Security Provider (US and Canada Use Only)" LegalCopyright="Copyright © Microsoft Corp. 1981-1998" UsedBy="4290981883" Hidden="-1" Size="112912" Attr="rsah" CreateDate="10/22/05 6:28:33 PM" ChageDate="9/26/02 12:38:44 PM" MD5="6E980769A2DFA186A0CE5E8DD00DF9DC" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGSCAN.DLL" CheckResult="-1" Descr="AVG Scanning Module" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290981883" Hidden="-1" Size="392704" Attr="rsAh" CreateDate="5/10/08 6:22:34 PM" ChageDate="5/10/08 6:22:36 PM" MD5="3A68865B43C361A227B9BD8DA49E71E4" />
<ITEM File="C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE" CheckResult="-1" Descr="AVG E-Mail Scanner" LegalCopyright="Copyright © 2007 GRISOFT, s.r.o." UsedBy="4290981883" Hidden="-1" Size="406528" Attr="rsAh" CreateDate="5/10/08 6:22:30 PM" ChageDate="5/10/08 6:22:32 PM" MD5="FC0B2AE890BB0DC8C2306DABEDC8A4BA" />
<ITEM File="C:\WINDOWS\SYSTEM\MSIOSD32.DLL" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="4294848423" Hidden="-1" Size="28672" Attr="rsAh" CreateDate="1/1/97 6:49:38 AM" ChageDate="8/19/97 10:00:06 AM" MD5="B565292364D7C573CC209A2BCEE0FB83" />
<ITEM File="C:\WINDOWS\SYSTEM\CPQMIXER.DLL" CheckResult="-1" Descr="CPQMIXER DLL" LegalCopyright="Copyright © 1997" UsedBy="4294848423" Hidden="-1" Size="121856" Attr="rsAh" CreateDate="1/1/97 6:49:38 AM" ChageDate="4/27/97 11:00:00 PM" MD5="3484ABDCA6B9767E7F81EA6921882312" />
<ITEM File="C:\PROGRAM FILES\COMPAQ\COMPAQ EASY ACCESS BUTTON SUPPORT\CPQBZL.EXE" CheckResult="-1" Descr="CPQBZL : Compaq Easy Access Button Support + Services Daemon" LegalCopyright="Copyright © 1996-97" UsedBy="4294848423" Hidden="-1" Size="637440" Attr="rsAh" CreateDate="1/1/97 6:49:37 AM" ChageDate="11/18/97 1:48:16 PM" MD5="92AD2E2237A5C37DBA7CB50505E80F64" />
<ITEM File="C:\WINDOWS\SYSTEM\ATIVPE32.DLL" CheckResult="-1" Descr="ATIVPE32" LegalCopyright="Copyright © ATI Technologies Inc., 1996-1997" UsedBy="4291104055" Hidden="-1" Size="33280" Attr="rsAh" />
<ITEM File="C:\WINDOWS\SYSTEM\ATID3D.DLL" CheckResult="-1" Descr="ATI Technologies Direct 3D HAL." LegalCopyright="Copyright © ATI Technologies Inc., 1997" UsedBy="4291104055" Hidden="-1" Size="182272" Attr="rsAh" />
<ITEM File="C:\WINDOWS\SYSTEM\MACXDD32.DLL" CheckResult="-1" Descr="DirectDraw ATI Mach64 Driver 32-bit HAL" LegalCopyright="Copyright© ATI Technologies Inc., 1995 - 1997" UsedBy="4291104055" Hidden="-1" Size="383488" Attr="rsAh" />
<ITEM File="C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE" CheckResult="-1" Descr="DKSERVICE.EXE" LegalCopyright="© 1995-2002 Executive Software Int@apos;l, Inc." UsedBy="4294817863" Hidden="-1" Size="163840" Attr="rsAh" CreateDate="10/16/02 10:00:40 PM" ChageDate="10/16/02 10:00:40 PM" MD5="2BF1916F280E0CDA681408F98CBD1C9C" />
<ITEM File="C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKLIB.DLL" CheckResult="-1" Descr="DKLIB.LIB" LegalCopyright="© 1995-2002 Executive Software Int@apos;l, Inc." UsedBy="4294817863" Hidden="-1" Size="86016" Attr="rsAh" CreateDate="10/16/02 10:00:40 PM" ChageDate="10/16/02 10:00:40 PM" MD5="A6C6A559DAF7C58A337419439C75E51B" />
<ITEM File="C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKRES.DLL" CheckResult="-1" Descr="DKRES.DLL" LegalCopyright="© 1995-2002 Executive Software Int@apos;l, Inc." UsedBy="4294817863" Hidden="-1" Size="180224" Attr="rsAh" CreateDate="10/16/02 10:00:40 PM" ChageDate="10/16/02 10:00:40 PM" MD5="7E7E4A17DC637CC68C1AC23DD2785FE5" />
<ITEM File="C:\WINDOWS\SYSTEM\JSCRIPT.DLL" CheckResult="-1" Descr="Microsoft ® JScript" LegalCopyright="Copyright © Microsoft Corp. 2002" UsedBy="4294753015,4291082731" Hidden="-1" Size="465864" Attr="rsAh" CreateDate="7/24/06 8:48:39 PM" ChageDate="5/17/06 11:43:58 AM" MD5="E360E9FA0D2BC67603AD8AA4328136C6" />
<ITEM File="C:\WINDOWS\SYSTEM\URLMON.DLL" CheckResult="-1" Descr="OLE32 Extensions for Win32" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4294753015,4291082731,4290895419" Hidden="-1" Size="461824" Attr="rsAh" CreateDate="5/8/06 10:50:58 AM" ChageDate="5/8/06 10:50:58 AM" MD5="9FC2C7CA18818D22012A7BC1384D30AA" />
<ITEM File="C:\WINDOWS\SYSTEM\ES.DLL" CheckResult="-1" Descr="COM+ EventSystem Library" LegalCopyright="Copyright © Microsoft Corp. 1995-1998" UsedBy="4294753015" Hidden="-1" Size="103696" Attr="rsah" CreateDate="2/24/05 8:45:53 AM" ChageDate="2/24/05 8:45:54 AM" MD5="30B6DB93F268D77E782D7FC971403D14" />
<ITEM File="C:\WINDOWS\SYSTEM\ESTIER2.DLL" CheckResult="-1" Descr="COM+ EventSystem Service Library" LegalCopyright="Copyright © Microsoft Corp. 1995-1998" UsedBy="4294753015" Hidden="-1" Size="53520" Attr="rsah" CreateDate="2/24/05 8:45:53 AM" ChageDate="2/24/05 8:45:54 AM" MD5="FFCFB6E8597BBAC08A227B45A9344637" />
<ITEM File="C:\WINDOWS\SYSTEM\ESSHARED.DLL" CheckResult="-1" Descr="COM+ EventSystem Shared Utilities" LegalCopyright="Copyright © Microsoft Corp. 1995-1998" UsedBy="4294753015" Hidden="-1" Size="56592" Attr="rsah" CreateDate="2/24/05 8:45:53 AM" ChageDate="2/24/05 8:45:54 AM" MD5="709201410146FD3A8BC52B083864C28A" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4294753015,4291082731,4290895419" Hidden="-1" Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\PROGRAM FILES\HOMECLICK\HCDETECT.EXE" CheckResult="-1" Descr="HomeClick Network Detect" LegalCopyright="Copyright © 1999 Microsoft Corporation" UsedBy="4290917179" Hidden="-1" Size="61440" Attr="rsAh" CreateDate="9/10/99 5:51:52 PM" ChageDate="9/10/99 5:51:52 PM" MD5="3FC68782F0D7E736790F0FFEE1389F3C" />
<ITEM File="C:\WINDOWS\SYSTEM\DXTMSFT.DLL" CheckResult="-1" Descr="DirectX Media -- Image DirectX Transforms" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4291082731" Hidden="-1" Size="351744" Attr="rsAh" CreateDate="4/28/06 10:57:16 AM" ChageDate="4/28/06 10:57:16 AM" MD5="89AB05B3A5E3C9AC4C1644E99356F825" />
<ITEM File="C:\WINDOWS\SYSTEM\DXTRANS.DLL" CheckResult="-1" Descr="DirectX Media -- DirectX Transform Core" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4291082731" Hidden="-1" Size="192512" Attr="rsAh" CreateDate="2/24/06 3:24:10 PM" ChageDate="2/24/06 3:24:10 PM" MD5="BEC6E753DA8F98A0BAE041834B8C2BBB" />
<ITEM File="C:\WINDOWS\SYSTEM\MSHTML.DLL" CheckResult="-1" Descr="Microsoft ® HTML Viewer" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4291082731,4290895419" Hidden="-1" Size="2702848" Attr="rsAh" CreateDate="5/19/06 3:52:28 PM" ChageDate="5/19/06 3:52:28 PM" MD5="2B4C44316B82AE0772FA8562A6AD6AC9" />
<ITEM File="C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE" CheckResult="-1" Descr="Monitor Application" LegalCopyright="Copyright © 1997" UsedBy="4294880291" Hidden="-1" Size="73216" Attr="rsAh" CreateDate="1/1/97 8:22:19 AM" ChageDate="10/1/97 12:04:50 AM" MD5="03036990FAC2A77D8D839B4957EF4711" />
<ITEM File="C:\PROGRAM FILES\ENCOMPASS\BR_SRVC.DLL" CheckResult="-1" Descr="br_srvc DLL" LegalCopyright="Copyright © 1997" UsedBy="4294880291" Hidden="-1" Size="82432" Attr="rsAh" CreateDate="1/1/97 8:22:20 AM" ChageDate="10/1/97 12:05:36 AM" MD5="BF3AB82384D9487A37D513F0B4F293E7" />
<ITEM File="C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL" CheckResult="-1" Descr="ShellExecuteHook" LegalCopyright="© Copyright 2004-2006 SuperAdBlocker.com" UsedBy="4294916423" Hidden="-1" Size="77824" Attr="rsAh" CreateDate="12/20/06 12:55:48 PM" ChageDate="12/20/06 12:55:48 PM" MD5="5F79547B99988B4DE1FF55E9E451F0F8" />
<ITEM File="C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE" CheckResult="-1" Descr="SG Browser Hijacking Protection" LegalCopyright="Copyright © 2002-2003 Javacool Software LLC." UsedBy="4291294211" Hidden="-1" Size="233472" Attr="rsAh" CreateDate="8/29/03 11:14:56 AM" ChageDate="8/29/03 11:14:58 AM" MD5="A80D0704537C0EF97DB2BEF24B99AF1A" />
<ITEM File="C:\WINDOWS\SYSTEM\MSCOMCTL.OCX" CheckResult="-1" Descr="Windows Common Controls ActiveX Control DLL" LegalCopyright="Copyright © 1987-2000 Microsoft Corp." UsedBy="4290877635" Hidden="-1" Size="1071088" Attr="rsAh" CreateDate="5/10/08 7:46:48 PM" ChageDate="4/15/05 7:58:16 PM" MD5="D268668751EE22997D7EF1417034CB04" />
<ITEM File="C:\WINDOWS\SYSTEM\AWFMON32.DLL" CheckResult="-1" Descr="Microsoft Fax Print Monitor DLL" LegalCopyright="Copyright © Microsoft Corp. 1994-1995" UsedBy="4294914495" Hidden="-1" Size="15360" Attr="rsAh" />
<ITEM File="C:\WINDOWS\SYSTEM\HHCTRL.OCX" CheckResult="-1" Descr="Microsoft® HTML Help Control" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="4290895419" Hidden="-1" Size="519168" Attr="rsAh" CreateDate="4/14/05 12:44:04 PM" ChageDate="4/14/05 12:44:04 PM" MD5="8643DF5B973A763D35A5CC83B790B671" />
<ITEM File="C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" CheckResult="-1" Descr="SUPERAntiSpyware" LegalCopyright="Copyright © 2005-2007 by SUPERAntiSpyware.com and SUPERAdBlocker.com" UsedBy="4290895419" Hidden="-1" Size="1310720" Attr="rsAh" CreateDate="2/27/07 11:39:26 AM" ChageDate="2/27/07 11:39:26 AM" MD5="F53FC0D24B70637776F1FCAF7809F917" />
<ITEM File="C:\PROGRAM FILES\SUPERANTISPYWARE\DEUPX.DLL" CheckResult="-1" Descr="deupx.dll" LegalCopyright="Copyright © 2006 by SUPERAntiSpyware.com and SUPERAdBlocker.com" UsedBy="4290895419" Hidden="-1" Size="360448" Attr="RsAh" CreateDate="9/19/06 2:55:38 PM" ChageDate="9/19/06 2:55:38 PM" MD5="31A7AA2DEDEFBD3927B0CADE051AAC2C" />
<ITEM File="C:\WINDOWS\SYSTEM\ZONELABS\SSLEAY32.DLL" CheckResult="-1" Descr="TrueVector Service" LegalCopyright="Copyright © 1998-2005, Zone Labs, LLC" UsedBy="4294862295" Hidden="-1" Size="452352" Attr="rsAh" CreateDate="10/21/05 7:44:57 PM" ChageDate="8/29/05 7:08:04 PM" MD5="B94CC8D0237AEDD0FC1536672FCA1528" />
<ITEM File="C:\PROGRAM FILES\ZONE LABS\ZONEALARM\CAM.ZAP" CheckResult="-1" Descr="Anti-Virus Monitoring Module" LegalCopyright="Copyright © 1998-2005, Zone Labs, LLC" UsedBy="4290943823" Hidden="-1" Size="79616" Attr="rsAh" CreateDate="10/21/05 7:45:22 PM" ChageDate="8/29/05 6:48:24 PM" MD5="5E3B575390F3365E1106970EFD0CB3A8" />
</DLL>
- <AUTORUN>
<ITEM File="C:\COMPAQ\INTERNET\WATCHDOG.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="138240" Attr="rsAh" CreateDate="1/1/97 7:15:06 AM" ChageDate="10/15/97 5:56:46 PM" MD5="41B32876DD2C7053DDD426A089B2BEC9" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="Watch Dog Program" />
<ITEM File="C:\Compaq\Internet\InetWizard.exe" CheckResult="-1" Enabled="1" Type="REG" Size="539648" Attr="rsAh" CreateDate="1/1/97 7:15:06 AM" ChageDate="10/15/97 4:24:04 PM" MD5="6ACF42B2A7F72AFF2A5FB32FD34645CD" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="Compaq Internet Setup" />
<ITEM File="C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL" CheckResult="-1" Enabled="1" Type="REG" Size="77824" Attr="rsAh" CreateDate="12/20/06 12:55:48 PM" ChageDate="12/20/06 12:55:48 PM" MD5="5F79547B99988B4DE1FF55E9E451F0F8" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" X3="{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" />
<ITEM File="C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL" CheckResult="-1" Enabled="1" Type="REG" Size="282624" Attr="rsAh" CreateDate="2/27/07 11:39:26 AM" ChageDate="2/27/07 11:39:26 AM" MD5="F6597F9F732453DAF4D3A86170DA63D5" X1="HKEY_LOCAL_MACHINE" X2="SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon" X3="DLLName" />
<ITEM File="C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="1310720" Attr="rsAh" CreateDate="2/27/07 11:39:26 AM" ChageDate="2/27/07 11:39:26 AM" MD5="F53FC0D24B70637776F1FCAF7809F917" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="SUPERAntiSpyware" />
<ITEM File="C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="1310720" Attr="rsAh" CreateDate="2/27/07 11:39:26 AM" ChageDate="2/27/07 11:39:26 AM" MD5="F53FC0D24B70637776F1FCAF7809F917" X1="HKEY_USERS" X2=".DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" X3="SUPERAntiSpyware" />
<ITEM File="C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="579584" Attr="rsAh" CreateDate="6/25/08 9:58:30 AM" ChageDate="6/25/08 9:58:32 AM" MD5="25A49E5BFF4E6424FA5E27C81269041D" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="AVG7_CC" />
<ITEM File="C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="406528" Attr="rsAh" CreateDate="5/10/08 6:22:30 PM" ChageDate="5/10/08 6:22:32 PM" MD5="FC0B2AE890BB0DC8C2306DABEDC8A4BA" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="AVG7_EMC" />
<ITEM File="C:\Program Files\Compaq\Compaq Easy Access Button Support\cpqbzl.exe" CheckResult="-1" Enabled="1" Type="REG" Size="637440" Attr="rsAh" CreateDate="1/1/97 6:49:37 AM" ChageDate="11/18/97 1:48:16 PM" MD5="92AD2E2237A5C37DBA7CB50505E80F64" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\RunServices" X3="CPQEASYACC" />
<ITEM File="C:\Program Files\Encompass\MONITOR.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="73216" Attr="rsAh" CreateDate="1/1/97 8:22:19 AM" ChageDate="10/1/97 12:04:50 AM" MD5="03036990FAC2A77D8D839B4957EF4711" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="Encompass Monitor" />
<ITEM File="C:\Program Files\Encompass\Monitor.exe" CheckResult="-1" Enabled="1" Type="REG" Size="73216" Attr="rsAh" CreateDate="1/1/97 8:22:19 AM" ChageDate="10/1/97 12:04:50 AM" MD5="03036990FAC2A77D8D839B4957EF4711" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\RunServices" X3="EncMonitor" />
<ITEM File="C:\Program Files\Executive Software\DiskeeperLite\DkService.exe" CheckResult="-1" Enabled="1" Type="REG" Size="163840" Attr="rsAh" CreateDate="10/16/02 10:00:40 PM" ChageDate="10/16/02 10:00:40 PM" MD5="2BF1916F280E0CDA681408F98CBD1C9C" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\RunServices" X3="DkService" />
<ITEM File="C:\Program Files\HomeClick\HCDetect.exe" CheckResult="-1" Enabled="1" Type="REG" Size="61440" Attr="rsAh" CreateDate="9/10/99 5:51:52 PM" ChageDate="9/10/99 5:51:52 PM" MD5="3FC68782F0D7E736790F0FFEE1389F3C" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="HCDetect" />
<ITEM File="C:\QUICKENW\BILLMIND.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="25600" Attr="rsAh" CreateDate="1/1/97 8:51:43 AM" ChageDate="9/30/97 3:00:50 PM" MD5="1093684BF379B46C9C6E60A93D3B41C3" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="BillMinder" />
<ITEM File="C:\WINDOWS\SYSTEM\Aticwd32.exe" CheckResult="-1" Enabled="1" Type="REG" Size="20480" Attr="rsAh" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="AtiCwd32" />
<ITEM File="C:\WINDOWS\SYSTEM\Atikey32.exe" CheckResult="-1" Enabled="1" Type="REG" Size="51712" Attr="rsAh" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="AtiKey" />
<ITEM File="C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE" CheckResult="-1" Enabled="1" Type="REG" Size="8256" Attr="rsAh" CreateDate="4/24/06 2:24:20 AM" ChageDate="4/24/06 2:24:20 AM" MD5="E5C7486D02E0D17E11C840694A5C55B5" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\RunServices" X3="KB918547" />
<ITEM File="C:\WINDOWS\SYSTEM\digest.dll" CheckResult="-1" Enabled="-1" Type="REG" Size="55296" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="22B63BCB8244367FDAE258F7FA6D2615" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Control\SecurityProviders" X3="SecurityProviders" />
<ITEM File="essdc.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="Essdc" />
<ITEM File="mmc.exe C:\PROGRA~1\EXECUT~1\DISKEE~2\DKLITE.MSC %c:" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\DefragPath" X3="" />
</AUTORUN>
- <BHO>
<ITEM File="C:\WINDOWS\SYSTEM\MSDXM.OCX" CheckResult="-1" Enabled="1" BHOType="2" RegKey="SOFTWARE\Microsoft\Internet Explorer\Toolbar" CLSID="{8E718888-423F-11D2-876E-00A0C9082467}" Descr="Windows Media Player 2 ActiveX Control" LegalCopyright="Copyright © 1992-1999 Microsoft Corp." Size="1676800" Attr="rsah" CreateDate="2/24/05 8:47:01 AM" ChageDate="5/13/02 1:54:16 PM" MD5="D3D8B0684ED7A88FFCE4956880907827" />
</BHO>
- <ExplorerExt>
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Shell Automation Inproc Service" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{0A89A860-D7B1-11CE-8350-444553540000}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Shell DocObject Viewer" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\shdocvw.dll" CheckResult="-1" Enabled="1" ExtName="InternetShortcut" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Microsoft Url History Service" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{3C374A40-BAE4-11CF-BF7D-00AA006946EE}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="History" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{FF393560-C2A7-11CF-BFF4-444553540000}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Temporary Internet Files" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{7BD29E00-76C1-11CF-9DD0-00A0C9034933}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Microsoft Url Search Hook" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Name Space Control Band" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{3AD1E410-AAB9-11d0-89D7-00C04FC9E26E}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Favorites Band" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{EFA24E61-B078-11d0-89E4-00C04FC9E26E}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="IE4 Suite Splash Screen" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="CDF Extension Copy Hook" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{67EA19A0-CCEF-11d0-8024-00C04FD75D13}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="ISFBand OC" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{131A6951-7F78-11D0-A979-00C04FD705A2}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="The Internet" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Search Assistant OC" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{9461b922-3c5a-11d2-bf8b-00c04fb93661}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Internet Name Space" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{871C5380-42A0-1069-A2EA-08002B30309D}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Microsoft Browser Architecture" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Temporary Internet Files" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{7BD29E01-76C1-11CF-9DD0-00A0C9034933}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\WINDOWS\SYSTEM\SHDOCVW.DLL" CheckResult="-1" Enabled="1" ExtName="Explorer Band" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{EFA24E64-B078-11d0-89E4-00C04FC9E26E}" Descr="Shell Doc Object and Control Library" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="1339904" Attr="rsAh" CreateDate="5/26/06 3:40:58 PM" ChageDate="5/26/06 3:40:58 PM" MD5="5DA079903B3E2EC6F74EC1ACB6AD6792" />
<ITEM File="C:\Program Files\7-Zip\7-zip.dll" CheckResult="-1" Enabled="1" ExtName="7-Zip Shell Extension" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{23170F69-40C1-278A-1000-000100020000}" Descr="7-Zip Shell Extension" LegalCopyright="Copyright © 1999-2008 Igor Pavlov" Size="69120" Attr="rsAh" CreateDate="6/24/08 3:36:26 AM" ChageDate="6/24/08 3:36:26 AM" MD5="C7619C86EC33214D66EFBE1F29DA1F34" />
</ExplorerExt>
- <PrintEXT>
<ITEM File="C:\WINDOWS\SYSTEM\AWFMON32.DLL" CheckResult="-1" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors" Descr="Microsoft Fax Print Monitor DLL" LegalCopyright="Copyright © Microsoft Corp. 1994-1995" Size="15360" Attr="rsAh" />
</PrintEXT>
- <TaskScheduler>
<ITEM File="C:\WINDOWS\SYSTEM\mobsync.exe" CheckResult="-1" Enabled="187924484" Descr="Microsoft Synchronization Manager" LegalCopyright="Copyright © Microsoft Corp. 1981-1999" Size="120672" Attr="rsah" CreateDate="2/24/05 8:45:53 AM" ChageDate="2/24/05 8:45:54 AM" MD5="09F6C3A3AA94F241CFD2EFF4BA98D258" />
<ITEM File="C:\WINDOWS\SYSTEM\mobsync.exe" CheckResult="-1" Enabled="187924484" Descr="Microsoft Synchronization Manager" LegalCopyright="Copyright © Microsoft Corp. 1981-1999" Size="120672" Attr="rsah" CreateDate="2/24/05 8:45:53 AM" ChageDate="2/24/05 8:45:54 AM" MD5="09F6C3A3AA94F241CFD2EFF4BA98D258" />
</TaskScheduler>
- <DPF>
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="Microsoft XML Parser for Java" CodeBase="file://c:\windows\Java\classes\xmldso.cab" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="Internet Explorer Classes for Java" CodeBase="file://c:\windows\SYSTEM\iejava.cab" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="DirectAnimation Java Classes" CodeBase="file://c:\windows\SYSTEM\dajava.cab" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{33564D57-9980-0010-8000-00AA00389B71}" CodeBase="http://download.micr...0C/wmv9dmo.cab" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{33564D57-0000-0010-8000-00AA00389B71}" CodeBase="http://download.micr...22/wmv9VCM.CAB" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}" CodeBase="http://www.apple.com...x/qtplugin.cab" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\DOWNLOADED PROGRAM FILES\ICSSCAN.DLL" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{7F8C8173-AD80-4807-AA75-5672F22B4582}" CodeBase="http://download.zone...anner37380.cab" Descr="ICS Scanner (COM Module)" LegalCopyright="Copyright © 2003-2004 Zone Labs, Inc" Size="1201912" Attr="rsah" CreateDate="10/14/05 1:28:38 PM" ChageDate="10/14/05 1:28:38 PM" MD5="FCB84C39EBDF4DDC1D58EC64D8AE3E16" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="Yahoo! Pool 2" CodeBase="http://download2.gam...s/y/poti_x.cab" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="DigiChat Applet" CodeBase="http://palatka.digi-...IE_5_1_0_1.cab" Descr="" LegalCopyright="" />
</DPF>
- <CPL>
<ITEM File="C:\WINDOWS\SYSTEM\INETCPL.CPL" CheckResult="-1" Enabled="1" Descr="Internet Control Panel" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="292352" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4640E32774BA57BC298CC88C0B3433CC" />
<ITEM File="C:\WINDOWS\SYSTEM\MLCFG32.CPL" CheckResult="-1" Enabled="1" Descr="Microsoft Mail Configuration Library" LegalCopyright="Copyright © Microsoft Corp. 1986-1996" Size="45968" Attr="rsAh" />
<ITEM File="C:\WINDOWS\SYSTEM\Cpqsetup.cpl" CheckResult="-1" Enabled="1" Descr="Presario Setup Control Panel Extension" LegalCopyright="Copyright © Compaq Computer Corporation, 1997" Size="197120" Attr="rsAh" CreateDate="1/1/97 6:49:38 AM" ChageDate="6/11/97 5:28:46 PM" MD5="0BDA34D220B65312C211181171A209B1" />
<ITEM File="C:\WINDOWS\SYSTEM\CPQDIAG.CPL" CheckResult="-1" Enabled="1" Descr="" LegalCopyright="" Size="29184" Attr="rsAh" />
</CPL>
- <ActiveSetup>
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{44BBA842-CC51-11CF-AAFA-00AA00B6015C}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey=

Edited by freestyle252, 10 July 2008 - 08:56 PM.

[freestyle252]

The rest of log

<ActiveSetup>
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{44BBA842-CC51-11CF-AAFA-00AA00B6015C}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{89820200-ECBD-11cf-8B85-00AA005B4383}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{89820200-ECBD-11cf-8B85-00AA005B4395}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{5A8D6EE0-3E18-11D0-821E-444553540000}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="Chlen-us" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{44BBA840-CC51-11CF-AAFA-00AA00B6015C}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{44BBA844-CC51-11CF-AAFA-00AA00B6015C}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{58A00AC3-777B-11CF-827D-0020AFF5FF72}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{44BBA851-CC51-11CF-AAFA-00AA00B6015C}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="AppletsPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="FontsPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_ICW_Inis" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\SYSTEM\IEDKCS32.DLL" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="@gt;{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS" Descr="Microsoft Internet Explorer Customization DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="294912" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="C4CD0D228DEAB0A80A6125FD36EDCE5E" />
<ITEM File="C:\WINDOWS\SYSTEM\setupx.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{CA0A4247-44BE-11d1-A005-00805F8ABE06}" Descr="Windows Setup Functions" LegalCopyright="Copyright © Microsoft Corp. 1993-1998" Size="745168" Attr="rsAh" CreateDate="2/17/05 12:00:41 PM" ChageDate="4/23/99 10:22:00 PM" MD5="BBAFBD0FADCAADA6FF4A604863F44B42" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Msinfo" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Msinfo2" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="MotownMmsysPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="MotownAvivideoPerUser" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{22d6f312-b0f6-11d0-94ab-0080c74c7e95}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="MotownMPlayPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Base" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="ShellPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="Shell2PerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_winbase_Links" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_winapps_Links" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="TapiPerUser" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{73fa19d0-2d75-11d2-995d-00c04f98bbc9}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUserOldLinks" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="MmoptRegisterPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="OlsPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="OlsMsnPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="NetservrPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Paint_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Calc_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_dxxspace_Links" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_MSBackup_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_CVT_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="MotownRecPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Vol" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_MSWordPad_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_RNA_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_DCC_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Wingames_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Sysmon_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Sysmeter_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_CharMap_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Onlinelnks_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_Dialer_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_ClipBrd_Inis" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="PerUser_CDPlayer_Inis" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{7790769C-0471-11d2-AF11-00C04FA35D02}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="OlsAolPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="OlsAttPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="OlsCompuservePerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="OlsProdigyPerUser" Descr="" LegalCopyright="" />
<ITEM File=".exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="Shell3PerUser" Descr="" LegalCopyright="" />
<ITEM File="C:\WINDOWS\SYSTEM\advpack.dll" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{6BF52A52-394A-11d3-B153-00C04F79FAA6}" Descr="ADVPACK" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="91136" Attr="rsAh" CreateDate="8/29/02" ChageDate="8/29/02" MD5="4B70DBED3678E592D749FF8C0574E5CD" />
</ActiveSetup>
- <HOSTS>
<ITEM Line="127.0.0.1 localhost" />
</HOSTS>
- <SuspFiles>
<ITEM File="C:\PROGRAM FILES\ENCOMPASS\ENCMON.DLL" VirType="5" Descr="Suspicion for Keylogger or Trojan DLL" />
</SuspFiles>
- <KEYLOGGER>
<ITEM File="C:\PROGRAM FILES\ENCOMPASS\ENCMON.DLL" Verdict="" CheckResult="-1" Size="12800" Attr="rsAh" CreateDate="1/1/97 8:22:20 AM" ChageDate="9/30/97 6:01:54 PM" MD5="1C45E18C7AEE9CE8FFDEC38C4549F05E" />
</KEYLOGGER>
- <WIZARD-TSW>
<ITEM ID="19" Level="2" Fixed="0" />
<ITEM ID="58" Level="3" Fixed="0" />
<ITEM ID="59" Level="3" Fixed="0" />
<ITEM ID="61" Level="2" Fixed="0" />
</WIZARD-TSW>
</AVZ>


I cant seem to post the other zipp file you asked for I tried to copy and paste the zipp files but only could copy and not paste, really getting confused now

[Essexboy]

I need you to attach the entire zip files produced

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

[freestyle252]

Hope this is what you wanted.  virusinfo_cure.zip   6.32KB   74 downloads  virusinfo_syscure.zip   26.56KB   83 downloads