here is the spybot log. i ran the new spybot. not sure what you wanted me to do other than that. here it is.
--- Search result list ---
E-Ventures N.V.: Autorun settings (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSetter
BackWeb lite: User settings (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\BackWeb
BackWeb lite: User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\BackWeb
BackWeb lite: User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\BackWeb
BackWeb lite: Netscape viewer (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Netscape\Netscape Navigator\Viewers\application/x-bwpreview
BackWeb lite: Netscape viewer (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Netscape\Netscape Navigator\Viewers\application/x-bwpreview
BackWeb lite: Netscape viewer (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Netscape\Netscape Navigator\Viewers\application/x-iad
BackWeb lite: Netscape viewer (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Netscape\Netscape Navigator\Viewers\application/x-iad
OpaServ: Executable (File, nothing done)
C:\WINDOWS\scrsvr.exe
Common Dialogs: History (49 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Log: Activity: COM+.log (Backup file, nothing done)
C:\WINDOWS\COM+.log
Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt
Log: Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log
Log: Activity: OEWABLog.txt (Backup file, nothing done)
C:\WINDOWS\OEWABLog.txt
Log: Activity: ntbtlog.txt (Backup file, nothing done)
C:\WINDOWS\ntbtlog.txt
Log: Install: Active Setup Log.txt (Backup file, nothing done)
C:\WINDOWS\Active Setup Log.txt
Log: Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log
Log: Install: Directx.log (Backup file, nothing done)
C:\WINDOWS\Directx.log
Log: Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log
Log: Install: setupact.log (Backup file, nothing done)
C:\WINDOWS\setupact.log
Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log
Log: Install: setuplog.txt (Backup file, nothing done)
C:\WINDOWS\setuplog.txt
Log: Install: svcpack.log (Backup file, nothing done)
C:\WINDOWS\svcpack.log
Log: Install: wmsetup.log (Backup file, nothing done)
C:\WINDOWS\wmsetup.log
Log: Install: DtcInstall.log (Backup file, nothing done)
C:\WINDOWS\DtcInstall.log
Log: Shutdown: System32\wbem\logs\mofcomp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log
Log: Shutdown: System32\wbem\logs\setup.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log
Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Log: Shutdown: System32\wbem\logs\wbemsnmp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemsnmp.log
Log: Shutdown: System32\wbem\logs\winmgmt.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\winmgmt.log
Log: Shutdown: System32\wbem\logs\wmiadap.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log
Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
ABI Coder: Last used folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\ABI Software Development\Coder\StartingPath!=
Ahead Nero Burning Rom: Recent file list (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Ahead\Nero - Burning Rom\Recent file list
Ahead Nero Burning Rom: Compilation directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation!=
Ahead Nero Burning Rom: Browser directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Ahead\Nero - Burning Rom\Settings\BrowserDir!=
Ahead Nero Burning Rom: Working directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Ahead\Nero - Burning Rom\Settings\WorkingDir!=
Ahead Nero Burning Rom: Last ISO directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\ahead\Nero - Burning Rom\General\OFDLastISODir!=
Ahead Nero Burning Rom: Last Video directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\ahead\Nero - Burning Rom\General\OFDLastVideoDir!=
Ahead Nero Burning Rom: Last Audio directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir!=
CloneCD: Last created CD image (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Elaborate Bytes\CloneCD\Settings\ImageFileName!=
CloneCD: Last created log file (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Elaborate Bytes\CloneCD\Settings\LogFileName!=
dBpowerAMP: Last conversion format (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Illustrate\dBpowerAMP\CDInput-RipTo!=
dBpowerAMP: Last MP3 user folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Illustrate\dBpowerAMP\dMCCodec\Mp3 (Lame)\DMCUserFolderStr!=
Gabest Media Player Classic: Recent file list (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Gabest\Media Player Classic\Recent File List
Internet Explorer: Typed URL list (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
MS Media Player: Recent open directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir!=
MS Media Player: Search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch
MS Media Player: Last opened playlist (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist
MS Media Player: Last selected track index (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex
MS Media Player: Last selected node (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode!=
MS Media Player: Manually modified tags history (8 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\AutoComplete\MediaEdit
MS Media Player: Client ID (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID!=
MS Media Player: Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\Player\Settings\Client ID!=
MS Media Player: Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID!=
MS Media Player: Anonymous ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0
MS Direct3D: Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name!=
MS DirectDraw: Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=
MS DirectInput: Last mapped application ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\DirectInput\MostRecentMapperApplication\ID!=
MS DirectInput: Last mapped application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\DirectInput\MostRecentMapperApplication\Name!=
MS Office 10.0 (Word): Recently used documents list (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Office\10.0\Word\Data\Settings
MS Fax: Last country ID (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Fax\UserInfo\LastCountryID
MS Fax: Last recipient name (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Fax\UserInfo\LastRecipientName
MS Fax: Last recipient number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Fax\UserInfo\LastRecipientNumber
MS Search Assistant: Typed search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Search Assistant\ACMru
RealOne Player 2 (aka RealPlayer 6.0): Last open file directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir\!=
Windows: Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources!=
Windows.OpenWith: Open with list - .000 extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000\OpenWithList
Windows.OpenWith: Open with list - .001 extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
Windows.OpenWith: Open with list - .003 extension (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.003\OpenWithList
Windows.OpenWith: Open with list - .006 extension (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.006\OpenWithList
Windows.OpenWith: Open with list - .8 extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.8\OpenWithList
Windows.OpenWith: Open with list - .ASF extension (10 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
Windows.OpenWith: Open with list - .ASX extension (6 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList
Windows.OpenWith: Open with list - .AU extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AU\OpenWithList
Windows.OpenWith: Open with list - .AVI extension (11 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows.OpenWith: Open with list - .BAK extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
Windows.OpenWith: Open with list - .BIN extension (6 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
Windows.OpenWith: Open with list - .BMP extension (10 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Windows.OpenWith: Open with list - .C extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.C\OpenWithList
Windows.OpenWith: Open with list - .CAB extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
Windows.OpenWith: Open with list - .CCC extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCC\OpenWithList
Windows.OpenWith: Open with list - .CDA extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
Windows.OpenWith: Open with list - .CSS extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
Windows.OpenWith: Open with list - .CUE extension (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList
Windows Explorer: Recent wallpaper list (145 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Windows Explorer: Run history (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: Stream history (43 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: User Assistant history IE (53 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: User Assistant history files (707 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: Last visited history (9 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}
Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}
Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}
Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
WinRAR: Recent file list (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\WinRAR\ArcHistory
WinRAR: Recent exe file list (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\WinRAR\DialogEditHistory\ArcName
WinRAR: Last used directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\WinRAR\General\LastFolder!=
WinRAR: Extraction directory history (16 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\WinRAR\DialogEditHistory\ExtrPath
WinRAR: Managed by wizard archives history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\WinRAR\DialogEditHistory\WizArcName
WinZip: Recent wizard folder list (44 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\WIZDIR
WinZip: Recent created file list (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\filemenu
WinZip: Wizard Extraction folder history (10 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\select
WinZip: Number of times run (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\rrs\Opened!=
WinZip: Default directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\directories\DefDir!=
WinZip: Default directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\directories\zDefDir!=
WinZip: Add files directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\directories\AddDir!=
WinZip: Destination directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\directories\ExtractTo!=
WinZip: Add files directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\directories\gzAddDir!=
WinZip: Destination directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-914090876-2942328611-1021817841-1006\Software\Nico Mak Computing\WinZip\directories\gzExtractTo!=
Cookie: Cookie (2) (Cookie, nothing done)
Cache: Cache (354) (Cache, nothing done)
Cookie: Cookie (189) (Cookie, nothing done)
Cookie: Cookie (255) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 RC2 (build: 20050427) ---
2005-04-27 blindman.exe (1.0.0.1)
2005-04-28 SpybotSD.exe (1.4.0.2)
2005-04-28 TeaTimer.exe (1.4.0.1)
2005-05-19 unins000.exe (51.34.0.0)
2005-04-27 Update.exe (1.4.0.0)
2005-04-27 advcheck.dll (1.0.2.0)
2005-04-27 aports.dll (2.0.0.0)
2005-04-27 borlndmm.dll (7.0.4.453)
2005-04-27 delphimm.dll (7.0.4.453)
2005-04-27 SDHelper.dll (1.4.0.0)
2005-04-27 Tools.dll (2.0.0.1)
2005-04-27 UnzDll.dll (1.73.1.1)
2005-04-27 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-04-27 Includes\Dialer.sbi (*)
2005-05-12 Includes\Hijackers.sbi (*)
2005-04-15 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-05-11 Includes\Malware.sbi (*)
2005-05-11 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-02-09 Includes\Security.sbi (*)
2005-05-11 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2005-05-11 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB886906)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3 (KB867461)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Patch Available For XMLHTTP Vulnerability
/ DataAccess: Patch Available For XMLHTTP Vulnerability
/ DataAccess: Security update for Microsoft Data Access Components
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX: DirectX Update 819696
/ DirectX / DX9 / SP1: DirectX 9 Hotfix - KB839643
/ Windows Media Player / SP0: Windows Media Player Hotfix [See wm828026 for more information]
/ Windows Media Player: Windows Media Update 320920
/ Windows Media Player: Windows Media Update 320920
/ Windows Media Player: Windows Media Update 819639
/ Windows Media Player: Windows Media Update 828026
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Windows XP Hotfix - KB893066
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
--- Startup entries list ---
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 347136
MD5: 7f0c2657b39969d424b6604443992352
Located: HK_LM:Run, AVG7_EMC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
size: 271872
MD5: af9354bef717bd60e04f5bf5b9c9eaa2
Located: HK_LM:Run, DellTouch
command: C:\WINDOWS\MMKeybd.exe
file: C:\WINDOWS\MMKeybd.exe
size: 163840
MD5: 0161cd469eb389e2aad1c1f389dbdd0e
Located: HK_LM:Run, DeviceDiscovery
command: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
file: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
size: 229437
MD5: 7eef9e578d2aa3d562d074bfdfe56825
Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 106551
MD5: b308ec7c60cdbe4d49048c2ad234a2db
Located: HK_LM:Run, DVDBitSet
command: "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /NOUI
file: C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe
size: 204800
MD5: d3116386fa95a644b4d4c63d35b224c5
Located: HK_LM:Run, DVDTray
command: "C:\Program Files\HP CD-DVD\Umbrella\DVDTray.exe"
file: C:\Program Files\HP CD-DVD\Umbrella\DVDTray.exe
size: 53248
MD5: 12a2d6dc1e4dcafb5f627c4bfd667058
Located: HK_LM:Run, ElbyCheckElbyCDFL
command: "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
file: C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe
size: 45056
MD5: fb408b5e89b7eb5720e04485b847cbd4
Located: HK_LM:Run, FoxMediaCenter
command: C:\Program Files\FoxMediaCenter\FoxMediaCenter.exe
file:
Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 212992
MD5: 00644f0c78c1d450394585f9133bf265
Located: HK_LM:Run, HP Software Update
command: "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
file: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 6ad9dcb0257b10ea458165f70634dabc
Located: HK_LM:Run, HPDJ Taskbar Utility
command: C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
file: C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
size: 176128
MD5: 5ad8c9b7c23428ab2e795f1d4b423805
Located: HK_LM:Run, KL AntiFunLove
command: C:\WINDOWS\system32\flcss.exe
file: C:\WINDOWS\system32\flcss.exe
size: 131136
MD5: 622d90ebe8170f853f92453ee6e76f32
Located: HK_LM:Run, LexStart
command: C:\Program Files\FoxMediaCenter\FoxMediaCenter.exe
file:
Located: HK_LM:Run, Logitech Utility
command: Logi_MwX.Exe
file: C:\WINDOWS\Logi_MwX.Exe
size: 19968
MD5: 47f4c8707de00f5f18f6cd524df02879
Located: HK_LM:Run, lxamsp32.exe
command: lxamsp32.exe
file: C:\WINDOWS\SYSTEM32\lxamsp32.exe
size: 45056
MD5: acb761c48b7807ac1278163253ff6c36
Located: HK_LM:Run, NeroCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, NeroFilterCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff
Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\SYSTEM32\nwiz.exe
size: 843776
MD5: e56f22ff356570413a81be1e01c46419
Located: HK_LM:Run, Pop-Up Stopper
command: "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"
file: C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe
size: 675840
MD5: 737a1477a0aa32cb0e1c80b24bb94d07
Located: HK_LM:Run, PrinTray
command: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
size: 36864
MD5: eafd9b9426defb0f5852acc6b75867b7
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: 76a3a30b58405c2c6d833895253a51a9
Located: HK_LM:Run, SpeedUpMyPC
command: C:\Program Files\LIUtilities\SpeedUpMyPC\SpeedUpMyPC.exe traybar
file:
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
size: 36975
MD5: 1f6573d67dd5dc06dd29ec7fcf81dc6f
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: b8e684df9a97497edd2f87444a6307fb
Located: HK_CU:Run, AIM
command: C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
file:
Located: HK_CU:Run, Bandwidth Monitor Pro
command: "C:\Documents and Settings\Brian\Desktop\Torrent\Bandwidth Monitor Pro-fixed-working\Bandwidth Monitor Pro.exe" /minimized
file:
Located: HK_CU:Run, CommCtr
command: C:\PROGRA~1\NET2PH~1\CommCtr.exe -auto
file:
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8
Located: HK_CU:Run, FreeRAM XP
command: "C:\Documents and Settings\Brian\Local Settings\Temp\Rar$EX00.906\FreeRAM XP Pro 1.40.exe" -win
file:
Located: HK_CU:Run, Microsoft Works Update Detection
command: C:\Program Files\Microsoft Works\WkDetect.exe
file:
Located: HK_CU:Run, MsnMsgr
command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 4882432
MD5: f914c780dc4a3eb6eec812f0dddc0e3a
Located: HK_CU:Run, SearchSetter
command: C:\WINDOWS\System32\searchsetter[1].exe
file:
Located: HK_CU:Run, SpybotSD TeaTimer
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1318568
MD5: d8e54b412f51053aa8ac6f84369f6f9d
Located: HK_CU:Run, STYLEXP
command: C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
file:
Located: Startup (common), Adobe Gamma Loader.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Startup (common), Camio Viewer 2000.lnk
command: C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
file: C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
size: 49152
MD5: 5fe69e9c6d0f16895a805514ff0b15c6
Located: Startup (common), HotSync Manager.lnk
command: C:\Program Files\Sony Handheld\HOTSYNC.EXE
file: C:\Program Files\Sony Handheld\HOTSYNC.EXE
size: 299008
MD5: 47233f2abb77fb6f456202937f29211d
Located: Startup (common), Microsoft Works Calendar Reminders.lnk
command: C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
file: C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
size: 24633
MD5: 39fdfd34f7b04290d1bc53e3d6ec7d83
Located: Startup (user), Introducing Media Manager.lnk
command: C:\Program Files\Common Files\Microsoft Shared\Media Manager\SPLASHA.EXE
file: C:\Program Files\Common Files\Microsoft Shared\Media Manager\SPLASHA.EXE
size: 156160
MD5: e4d805724f0fef09e3d9afc027b8b269
Located: Startup (user), Mobipocket Web Companion.lnk
command: C:\Program Files\MobiPocket.com\MobiPocket Reader\webcomp.exe
file:
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, WB
command: C:\Program Files\AlienGUIse\fastload.dll
file: C:\Program Files\AlienGUIse\fastload.dll
size: 24576
MD5: 9f884c45f10aaee442d4370ba90a1f89
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 5/30/2004 7:31:00 PM
Date (last access): 5/19/2005 9:25:26 PM
Date (last write): 11/19/2002 4:50:00 AM
Filesize: 94262
Attributes: archive
MD5: 758B33FF028CF30984B24E0081665CEC
CRC32: 7482DE22
Version: 3.50.22.0
--- ActiveX list ---
ClientDownLoad3 (ClientDownLoad3)
DPF name: ClientDownLoad3
CLSID name:
Installer:
Codebase:
http://www.phonefree...ntDownload3.cabcpcScanner (cpcScanner)
DPF name: cpcScanner
CLSID name:
Installer:
Codebase:
http://www.crucial.c.../cpcScanner.cab{0000000A-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WMAVAX.inf
Codebase:
http://download.micr...0367/wmavax.CAB{01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class)
DPF name:
CLSID name: Support.com Configuration Class
Installer: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\tgctlcm.inf
Codebase:
http://usercenter.co.../cx_tgctlcm.jsp Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\
Long name: tgctlcm.dll
Short name:
Date (created): 4/24/2002 7:37:44 PM
Date (last access): 5/18/2005 8:14:18 PM
Date (last write): 4/24/2002 7:37:44 PM
Filesize: 188416
Attributes: archive
MD5: EC4392EACD7874CE19AB8756B58BE19E
CRC32: 1532BCAD
Version: 5.5.402.0
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase:
http://go.microsoft....467&clcid=0x409 Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 1/28/2005 3:38:00 PM
Date (last access): 5/18/2005 8:24:48 PM
Date (last write): 1/28/2005 3:38:00 PM
Filesize: 421128
Attributes: archive
MD5: C3C3864DA698F0CC1BE56F9695534DD8
CRC32: C0FC216A
Version: 1.0.132.4
{33363249-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\i263_32.inf
Codebase:
http://codecs.micros...386/i263_32.cab{3A6401EE-B00C-4CB8-9C1D-DB00CD78E318} (Paygator Object)
DPF name:
CLSID name: Paygator Object
Installer:
Codebase:
http://www.pcbang.co...nt/paygator.CAB Path: C:\WINDOWS\DOWNLO~1\
Long name: paygator.dll
Short name:
Date (created): 12/17/2001 3:58:14 PM
Date (last access): 5/18/2005 8:14:26 PM
Date (last write): 12/17/2001 3:58:14 PM
Filesize: 414208
Attributes: archive
MD5: 92E05DDDF2AC9D8BDB7C4586F460BA58
CRC32: 480E43F4
Version: 2.0.0.0
{525A15D0-4938-11D4-94C7-0050DA20189B} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\iesnoopy.INF
Codebase:
http://www.ea.com/do...py/iesnoopy.cab{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
Codebase:
http://www.pandasoft.../as5/asinst.cab Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 4/11/2005 12:20:22 PM
Date (last access): 5/19/2005 9:29:48 PM
Date (last write): 4/11/2005 12:20:22 PM
Filesize: 118784
Attributes: archive
MD5: 36259D36E842FCF12B3D2F3766E7529F
CRC32: F62E6268
Version: 57.6.0.0
{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_02
Installer:
Codebase:
http://java.sun.com/...indows-i586.cab Path: C:\Program Files\Java\jre1.5.0_02\bin\
Long name: NPJPI150_02.dll
Short name: NPJPI1~1.DLL
Date (created): 3/4/2005 3:36:50 AM
Date (last access): 5/18/2005 8:02:12 PM
Date (last write): 3/4/2005 3:54:18 AM
Filesize: 69746
Attributes: archive
MD5: 6C9A4C573C0C771D99D902EE06DA3CBB
CRC32: 55F989EE
Version: 5.0.20.9
--- Process list ---
PID: 0 ( 0) [System]
PID: 420 ( 4) \SystemRoot\System32\smss.exe
PID: 468 ( 420) \??\C:\WINDOWS\system32\csrss.exe
PID: 492 ( 420) \??\C:\WINDOWS\SYSTEM32\winlogon.exe
PID: 536 ( 492) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 548 ( 492) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 728 ( 536) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 780 ( 536) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 848 ( 536) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 964 ( 536) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1024 ( 536) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1156 ( 492) C:\Program Files\AlienGUIse\wbload.exe
size: 422912
MD5: B783DC03A3D1049A79CED85EB8960079
PID: 1228 ( 536) C:\WINDOWS\system32\LEXBCES.EXE
size: 301568
MD5: 20155A2B80C6C3C6284CB158FF998700
PID: 1256 ( 536) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: 7435B108B935E42EA92CA94F59C8E717
PID: 1264 (1228) C:\WINDOWS\system32\LEXPPS.EXE
size: 169984
MD5: 89BC6CAB12559139AC086CCC96E6FEAA
PID: 1360 ( 536) C:\WINDOWS\System32\SCardSvr.exe
size: 95744
MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
PID: 1496 (1456) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1632 (1496) C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: DA285490BBD8A1D0CE6623577D5BA1FF
PID: 1648 (1496) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 347136
MD5: 7F0C2657B39969D424B6604443992352
PID: 1656 (1496) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
size: 271872
MD5: AF9354BEF717BD60E04F5BF5B9C9EAA2
PID: 1672 (1496) C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
size: 36975
MD5: 1F6573D67DD5DC06DD29EC7FCF81DC6F
PID: 1696 (1496) C:\WINDOWS\system32\lxamsp32.exe
size: 45056
MD5: ACB761C48B7807AC1278163253FF6C36
PID: 1720 (1496) C:\Program Files\HP CD-DVD\Umbrella\DVDTray.exe
size: 53248
MD5: 12A2D6DC1E4DCAFB5F627C4BFD667058
PID: 1744 (1496) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 106551
MD5: B308EC7C60CDBE4D49048C2AD234A2DB
PID: 1760 (1496) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: B8E684DF9A97497EDD2F87444A6307FB
PID: 1776 (1496) C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 6AD9DCB0257B10EA458165F70634DABC
PID: 1784 (1496) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 212992
MD5: 00644F0C78C1D450394585F9133BF265
PID: 1800 (1496) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
size: 229437
MD5: 7EEF9E578D2AA3D562D074BFDFE56825
PID: 1808 (1496) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 1868 (1496) C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
size: 24633
MD5: 39FDFD34F7B04290D1BC53E3D6EC7D83
PID: 184 (1704) C:\Program Files\Logitech\MouseWare\system\em_exec.exe
size: 37888
MD5: 7D325EC9B9B1589DF12D0874700BC59E
PID: 320 ( 536) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 332 ( 536) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
size: 329728
MD5: A98CFCB4B47BE1ABEF98C903A6AA873E
PID: 360 ( 536) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
size: 70144
MD5: 64BD967BD30437F32A658E09B04C967A
PID: 400 ( 536) C:\WINDOWS\System32\cisvc.exe
size: 5632
MD5: 3192BD04D032A9C4A85A3278C268A13A
PID: 440 ( 536) C:\WINDOWS\System32\dllhost.exe
size: 5120
MD5: DD87DB7387B9EB441C5674888A0D840C
PID: 868 ( 536) C:\Program Files\ewido\security suite\ewidoctrl.exe
size: 16448
MD5: 867D9D1FA818F8629BB7A4A26E94B06A
PID: 944 ( 536) C:\Program Files\ewido\security suite\ewidoguard.exe
size: 159808
MD5: 01180CB2FD28E7F0728EC1A0C9B98273
PID: 1112 ( 536) C:\Program Files\F-Secure Anti-Virus\fswsclds.exe
size: 40960
MD5: A9D204CA083E66B9C1D79045B39604B1
PID: 1152 (1752) C:\Program Files\Netropa\OSD.exe
size: 90112
MD5: 57E48E299BD2ED12E25EEE1992701BCC
PID: 1480 ( 536) C:\Program Files\Common Files\Microsoft Shared\Media Manager\airsvcu.exe
size: 136704
MD5: 70A1096E60A8B99B8A0B0DE74E6ACFB6
PID: 1668 ( 536) C:\WINDOWS\System32\msdtc.exe
size: 6144
MD5: C7C3D89EB0A6F3DBA622EA737FA335B1
PID: 2104 ( 536) C:\WINDOWS\system32\nvsvc32.exe
size: 114755
MD5: E0F8F86EECAC5D01AF9BB4406A347178
PID: 2328 ( 536) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2404 ( 536) C:\WINDOWS\System32\dllhost.exe
size: 5120
MD5: DD87DB7387B9EB441C5674888A0D840C
PID: 2544 ( 536) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 2884 ( 536) C:\WINDOWS\System32\vssvc.exe
size: 289792
MD5: 3EE00364AE0FD8D604F46CBAF512838A
PID: 2928 ( 536) C:\WINDOWS\System32\wbem\wmiapsrv.exe
size: 126464
MD5: BA8CECC3E813E1F7C441B20393D4F86C
PID: 2996 ( 536) C:\WINDOWS\System32\dmadmin.exe
size: 224768
MD5: 554C7CB178FE3BD12450B81AD63ADBC3
PID: 3028 ( 536) C:\WINDOWS\system32\fxssvc.exe
size: 267776
MD5: FCBD571FA0EE8DC238944AE5FAB74461
PID: 2748 (1544) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1318568
MD5: D8E54B412F51053AA8AC6F84369F6F9D
PID: 3264 (1496) C:\Program Files\Mozilla Firefox\firefox.exe
size: 6631012
MD5: 4ABE7358AFA12D5F0C7F293C642EB66C
PID: 1492 (2748) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4382856
MD5: 4554CD6D9BAE96822EC533CC70C6D161
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 5/19/2005 9:34:05 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://home.microsof...ss/allinone.aspHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://home.microsof...obby/search.aspHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.bbc.co.uk...ice/index.shtmlHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dellnet.com/HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htmHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsof...search.asp?p=%sHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.comHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft...B_PVER}&ar=homeHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft...er=6&ar=msnhomeHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft...=ie&ar=iesearchHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htmHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm--- Winsock Layered Service Provider list ---
--- Uninstall list ---
3Deep Space 1.1 (3D Interstellar Voyager Screensaver_is1)
uninstall cmd: "C:\Program Files\3Deep Space\3D Interstellar Voyager Screensaver\unins000.exe"
publisher: 3Deep Space. Ltd
help link:
http://www.3deepspace.comAd-Aware SE Personal (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~2\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\INSTALL.LOG
publisher: Lavasoft
help link:
http://www.lavasoft.de (AddressBook)
Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: C:\Program Files\Adobe\Acrobat 5.0
install source: C:\Documents and Settings\Brian\Local Settings\Temp\pftBB~tmp\
uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link:
http://www.adobe.com...robat/main.htmlAlienGUIse (AlienGUIse)
uninstall cmd: C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise
AsianSuite 2000 (AsianSuite 2000)
AVG Free Edition (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
AVIcodec (remove only) (AVIcodec)
uninstall cmd: "C:\Program Files\AVIcodec\uninst.exe"
Bejeweled 1.23 (Bejeweled 1.23)
uninstall cmd: C:\WINDOWS\UnGins.exe "C:\Program Files\PopCap Games\Bejeweled\install.log"
BitTornado 0.3.8 0.3.8 (BitTornado)
uninstall cmd: C:\Program Files\BitTornado\uninst.exe
publisher: John Hoffman
BitTorrent 3.4.2 (BitTorrent)
uninstall cmd: "C:\Program Files\BitTorrent\uninstall.exe"
(Branding)
BSPlayer (BSPlayer1)
uninstall cmd: "C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Calm Before the Storm Full Screen Saver 1.0 (Calm Before the Storm Full Screen Saver)
uninstall cmd: "C:\PROGRA~1\SCREEN~1.COM\Calm Before the Storm Full\UNINSTAL.EXE"
publisher: Freeze.com, LLC
help link:
http://www.freeze.comCleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe
CloneCD (CloneCD)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Elaborate Bytes\CloneCD\Uninst.isu" -c"C:\Program Files\Elaborate Bytes\CloneCD\InstallHelp.dll"
Conexant HSF V92 56K RTAD Speakerphone PCI Modem (CNXT_MODEM_PCI_VEN_14F1&DEV_2016&SUBSYS_021913E0)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2016&SUBSYS_021913E0\