yes they really are following this time:
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.
If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.
»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Windows 98 Version: 4.10.2222
Internet Explorer Version: 6.0.2800.1106
»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»
Checking %SystemDrive% folder...
Checking %ProgramFilesDir% folder...
Checking %WinDir% folder...
KavSvc 13/09/05 08:43:16 RH 9699360 C:\WINDOWS\SYSTEM.DAT
PECompact2 07/09/05 07:35:52 15759249 C:\WINDOWS\VPTNFILE.823
qoologic 07/09/05 07:35:52 15759249 C:\WINDOWS\VPTNFILE.823
SAHAgent 07/09/05 07:35:52 15759249 C:\WINDOWS\VPTNFILE.823
PECompact2 07/09/05 07:35:52 15759249 C:\WINDOWS\lpt$vpn.823
qoologic 07/09/05 07:35:52 15759249 C:\WINDOWS\lpt$vpn.823
SAHAgent 07/09/05 07:35:52 15759249 C:\WINDOWS\lpt$vpn.823
UPX! 07/09/05 08:24:56 1044560 C:\WINDOWS\vsapi32.dll
aspack 07/09/05 08:24:56 1044560 C:\WINDOWS\vsapi32.dll
UPX! 17/08/05 13:31:22 170053 C:\WINDOWS\tsc.exe
web-nex 11/08/05 12:41:00 3951 C:\WINDOWS\kojmj.dll
Checking %System% folder...
PTech 09/11/99 22:55:54 88571 C:\WINDOWS\SYSTEM\MDACRDME.HTM
PTech 22/08/98 00:24:08 74460 C:\WINDOWS\SYSTEM\OLFAXDRV.DRV
PEC2 14/03/97 358096 C:\WINDOWS\SYSTEM\CRPAIGE.DLL
Checking %System%\Drivers folder and sub-folders...
Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
13/09/05 08:43:16 RH 1126432 C:\WINDOWS\USER.DAT
13/09/05 08:43:16 RH 9699360 C:\WINDOWS\SYSTEM.DAT
09/09/05 22:28:58 H 27440 C:\WINDOWS\ttfCache
13/09/05 08:40:52 H 915443 C:\WINDOWS\ShellIconCache
09/09/05 09:01:10 H 54156 C:\WINDOWS\QTFont.qfn
20/07/05 08:10:10 H 8628 C:\WINDOWS\SYSTEM\BROHL04B.GID
12/09/05 20:23:16 H 90 C:\WINDOWS\TEMP\ffastlog.txt
06/09/05 19:53:16 H 26 C:\WINDOWS\Application Data\OLYMPUS\Camedia Master 4\Album\Samples\cat\olyalbum.inf
22/07/05 11:58:00 H 26 C:\WINDOWS\Application Data\OLYMPUS\Camedia Master 4\Album\Sue\Summer 05\olyalbum.inf
09/08/05 11:28:12 H 26 C:\WINDOWS\Application Data\OLYMPUS\Camedia Master 4\Album\Sue\Family Day donation 2004\olyalbum.inf
05/09/05 13:55:36 H 26 C:\WINDOWS\Application Data\OLYMPUS\Camedia Master 4\Album\Sue\Family Day 2005\olyalbum.inf
13/09/05 08:32:30 H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\250002175\sqmdata00.sqm
26/08/05 00:01:58 H 1524 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\4034896720\sqmdata02.sqm
26/08/05 05:51:02 H 352 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\4034896720\sqmdata03.sqm
26/08/05 05:51:02 H 328 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\4034896720\sqmdata04.sqm
26/07/05 17:15:02 H 1776 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata00.sqm
30/07/05 17:35:06 H 2172 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata01.sqm
01/08/05 12:18:34 H 1572 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata02.sqm
01/08/05 12:19:34 H 732 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata03.sqm
01/08/05 12:22:14 H 424 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata04.sqm
01/08/05 12:22:24 H 400 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata05.sqm
01/08/05 12:22:42 H 424 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata06.sqm
01/08/05 12:22:52 H 424 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata07.sqm
01/08/05 12:29:34 H 1108 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata08.sqm
01/08/05 12:35:20 H 1084 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata09.sqm
01/08/05 12:40:48 H 1096 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata10.sqm
01/08/05 12:44:00 H 1144 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata11.sqm
01/08/05 13:43:06 H 804 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata12.sqm
01/08/05 13:47:30 H 1120 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata13.sqm
01/08/05 14:04:14 H 1264 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata14.sqm
01/08/05 14:09:32 H 1156 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata15.sqm
01/08/05 14:21:44 H 1072 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata16.sqm
01/08/05 21:41:26 H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata17.sqm
01/08/05 21:59:14 H 352 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata18.sqm
01/08/05 21:59:14 H 328 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\524316863\sqmdata19.sqm
01/08/05 22:57:04 HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\R6KZR1OH\desktop.ini
01/08/05 22:57:04 HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\UXN8PCVM\desktop.ini
01/08/05 22:57:04 HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\RRXJ3T8W\desktop.ini
01/08/05 22:57:04 HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\4HS7KRKR\desktop.ini
13/09/05 06:53:24 H 6 C:\WINDOWS\Tasks\SA.DAT
Checking for CPL files...
Microsoft Corporation 23/04/99 22:22:00 221280 C:\WINDOWS\SYSTEM\DESK.CPL
Microsoft Corporation 29/08/02 292352 C:\WINDOWS\SYSTEM\INETCPL.CPL
Microsoft Corporation 23/04/99 22:22:00 60928 C:\WINDOWS\SYSTEM\INTL.CPL
Microsoft Corporation 23/04/99 22:22:00 420864 C:\WINDOWS\SYSTEM\MMSYS.CPL
Microsoft Corporation 23/04/99 22:22:00 93248 C:\WINDOWS\SYSTEM\MODEM.CPL
Microsoft Corporation 23/04/99 22:22:00 14448 C:\WINDOWS\SYSTEM\NETCPL.CPL
Microsoft Corporation 23/04/99 22:22:00 47104 C:\WINDOWS\SYSTEM\PASSWORD.CPL
Microsoft Corporation 23/04/99 22:22:00 51984 C:\WINDOWS\SYSTEM\POWERCFG.CPL
Microsoft Corporation 30/10/01 08:10:00 442368 C:\WINDOWS\SYSTEM\JOY.CPL
Microsoft Corporation 23/04/99 22:22:00 72192 C:\WINDOWS\SYSTEM\APPWIZ.CPL
Microsoft Corporation 23/04/99 22:22:00 103424 C:\WINDOWS\SYSTEM\MAIN.CPL
23/04/99 22:22:00 70656 C:\WINDOWS\SYSTEM\STICPL.CPL
Microsoft Corporation 23/04/99 22:22:00 387072 C:\WINDOWS\SYSTEM\SYSDM.CPL
Microsoft Corporation 23/04/99 22:22:00 14848 C:\WINDOWS\SYSTEM\TELEPHON.CPL
Microsoft Corporation 23/04/99 22:22:00 37376 C:\WINDOWS\SYSTEM\TIMEDATE.CPL
Microsoft Corporation 23/04/99 22:22:00 15360 C:\WINDOWS\SYSTEM\THEMES.CPL
Intel Corporation 22/05/03 23:44:44 192512 C:\WINDOWS\SYSTEM\INTELSCP.CPL
Realtek Semiconductor Corp. 19/03/04 10:44:32 14250496 C:\WINDOWS\SYSTEM\alsndmgr.cpl
Microsoft Corporation 10/02/99 11:48:46 40960 C:\WINDOWS\SYSTEM\FINDFAST.CPL
Microsoft Corporation 26/07/00 16:37:08 41232 C:\WINDOWS\SYSTEM\odbccp32.cpl
Apple Computer, Inc. 03/10/03 15:14:30 314880 C:\WINDOWS\SYSTEM\QuickTime.cpl
»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»
Checking files in %ALLUSERSPROFILE%\Startup folder...
Checking files in %ALLUSERSPROFILE%\Application Data folder...
Checking files in %USERPROFILE%\Startup folder...
01/05/05 15:24:54 550 C:\WINDOWS\Start Menu\Programs\StartUp\CAMEDIA Master.lnk
04/05/05 12:57:52 482 C:\WINDOWS\Start Menu\Programs\StartUp\CleanSweep Smart Sweep-Internet Sweep.lnk
04/05/05 11:42:10 399 C:\WINDOWS\Start Menu\Programs\StartUp\ONSPEED.lnk
Checking files in %USERPROFILE%\Application Data folder...
11/09/05 15:38:24 4360 C:\WINDOWS\Application Data\dw.log
16/05/05 12:00:02 65312 C:\WINDOWS\Application Data\GDIPFONTCACHEV1.DAT
13/09/05 08:41:06 151 C:\WINDOWS\Application Data\ieproxy.bak
11/05/05 16:09:24 514 C:\WINDOWS\Application Data\QuickBooks Templates.lnk
13/09/05 08:35:54 4194441 C:\WINDOWS\Application Data\sdi.db
11/08/05 13:22:16 54 C:\WINDOWS\Application Data\Sskdmns.dll
11/08/05 12:33:54 173469 C:\WINDOWS\Application Data\Sskknwrd.dll
11/08/05 13:28:56 54 C:\WINDOWS\Application Data\Sskuknwrd.dll
»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
iebar =
acc=ventura5 =
acc= =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\BriefcaseMenu
{85BBD920-42A0-1069-A2E4-08002B30309D} = syncui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Wipe Info
{30424D42-5946-11D2-B8E5-006097C9C6FF} = C:\PROGRA~1\NORTON~1\NORTON~1\WFSHELEX.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\CONTMENU.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\BriefcaseMenu
{85BBD920-42A0-1069-A2E4-08002B30309D} = syncui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\FineReader
{AC0DD14A-8F29-4F88-BE1D-0F0ED1B06C9F} = C:\PROGRAM FILES\ABBYY\FINEREADER 6.0\FECMENU.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Norton WipeInfo
{30424D42-5946-11D2-B8E5-006097C9C6FF} = C:\PROGRA~1\NORTON~1\NORTON~1\WFSHELEX.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\CONTMENU.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\CONTMENU.DLL
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Google Toolbar Helper = c:\program files\google\googletoolbar2.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
= C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
MSNToolBandBHO = C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-GB\MSNTB.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}
ST = C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = C:\WINDOWS\SYSTEM\SHDOCVW.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{8E718888-423F-11D2-876E-00A0C9082467} = &Radio : C:\WINDOWS\SYSTEM\MSDXM.OCX
{2318C2B1-4965-11d4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar2.dll
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN : C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-GB\MSNTB.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
Media Band = C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
Favorites Band = C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}
History Band = C:\WINDOWS\SYSTEM\SHDOCVW.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
{2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar2.dll
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = Yahoo! Toolbar : C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN : C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-GB\MSNTB.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
ScanRegistry C:\WINDOWS\scanregw.exe /autorun
TaskMonitor C:\WINDOWS\taskmon.exe
SystemTray SysTray.Exe
SoundMan SOUNDMAN.EXE
DSLSTATEXE C:\Program Files\Voyager 105 ADSL Modem\dslstat.exe icon
DSLAGENTEXE C:\Program Files\Voyager 105 ADSL Modem\dslagent.exe
TINYDIS c:\program files\tiny disk tools1.0\tinydisk.exe sys_auto_run C:\PROGRAM FILES\TINY DISK TOOLS1.0
ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
NPROTECT C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
ccRegVfy "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
Symantec NetDriver Monitor C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
THGuard "C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE"
msnappau "c:\program files\MSN Apps\Updater\01.03.0000.1005\en-gb\msnappau.exe"
StillImageMonitor C:\WINDOWS\SYSTEM\STIMON.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
MSFS Installed = 1
MAPI Installed = 1
IMAIL Installed = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
SchedulingAgent mstask.exe
Machine Debug Manager C:\WINDOWS\SYSTEM\MDM.EXE
ccEvtMgr "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ccSetMgr "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
SymTray - Norton SystemWorks C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
NPFMonitor C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
ScriptBlocking "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
NPROTECT C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
CSINJECT.EXE C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinject.exe
Nisum C:\Program Files\Norton Personal Firewall\NISUM.EXE
ccPxySvc C:\PROGRA~1\NORTON~2\CCPXYSVC.EXE
KB891711 C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
LoadPowerProfile Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Norton SystemWorks "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun •
CDRAutoRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
crxkbo.exe C:\WINDOWS\SYSTEM\crxkbo.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\SYSTEM\WEBCHECK.DLL
<<< WARNING! - NOT A VALID WIN98/ME KEY! >>>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs apitrap.dll;
»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.3.9 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 13/09/05 08:49:22
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ScanRegistry"="C:\\WINDOWS\\scanregw.exe /autorun"
"TaskMonitor"="C:\\WINDOWS\\taskmon.exe"
"SystemTray"="SysTray.Exe"
"SoundMan"="SOUNDMAN.EXE"
"DSLSTATEXE"="C:\\Program Files\\Voyager 105 ADSL Modem\\dslstat.exe icon"
"DSLAGENTEXE"="C:\\Program Files\\Voyager 105 ADSL Modem\\dslagent.exe"
"TINYDIS"="c:\\program files\\tiny disk tools1.0\\tinydisk.exe sys_auto_run C:\\PROGRAM FILES\\TINY DISK TOOLS1.0"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Symantec Core LC"="C:\\Program Files\\Common Files\\Symantec Shared\\CCPD-LC\\symlcsvc.exe start"
"NPROTECT"="C:\\Program Files\\Norton SystemWorks\\Norton Utilities\\Nprotect.exe"
"ccRegVfy"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMON.EXE /Consumer"
"THGuard"="\"C:\\PROGRAM FILES\\TROJANHUNTER 4.2\\THGUARD.EXE\""
"msnappau"="\"c:\\program files\\MSN Apps\\Updater\\01.03.0000.1005\\en-gb\\msnappau.exe\""
"StillImageMonitor"="C:\\WINDOWS\\SYSTEM\\STIMON.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
-----------------
Logfile of HijackThis v1.99.1
Scan saved at 08:55:10, on 13/09/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\NISUM.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\CCPXYSVC.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\VOYAGER 105 ADSL MODEM\DSLSTAT.EXE
C:\PROGRAM FILES\VOYAGER 105 ADSL MODEM\DSLAGENT.EXE
C:\PROGRAM FILES\TINY DISK TOOLS1.0\TINYDISK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-GB\MSNAPPAU.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\OLYMPUS\CAMEDIA MASTER 4.2\CM_CAMERA.EXE
C:\PROGRAM FILES\ONSPEED\ONSPEED.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\Monwow.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\MY DOCUMENTS\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.farmline.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.tesco.netO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-GB\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-GB\MSNTB.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [TINYDIS] c:\program files\tiny disk tools1.0\tinydisk.exe sys_auto_run C:\PROGRAM FILES\TINY DISK TOOLS1.0
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [THGuard] "C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE"
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\en-gb\msnappau.exe"
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [NPFMonitor] C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinject.exe
O4 - HKLM\..\RunServices: [Nisum] C:\Program Files\Norton Personal Firewall\NISUM.EXE
O4 - HKLM\..\RunServices: [ccPxySvc] C:\PROGRA~1\NORTON~2\CCPXYSVC.EXE
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.2\CM_camera.exe
O4 - Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeed.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://www.tesco.net
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pdownloader.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.popcap.co...aploader_v6.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai...all/xscan53.cabO20 - AppInit_DLLs: apitrap.dll;
Thanks!