Hi Don,
Here they are
TY
http://virusscan.jotti.org/Last file scanned at least one scanner reported something about: PcHide1.sys, detected by:
Scanner Malware name
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV X
Dr.Web X
F-Prot Antivirus X
Fortinet W32/RKPort.B04A-tr
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
UNA X
VBA32 X
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.
If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.
»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Windows 98 Version: 4.10.2222
Internet Explorer Version: 6.0.2800.1106
»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»
Checking %SystemDrive% folder...
Checking %ProgramFilesDir% folder...
Checking %WinDir% folder...
Items found in C:\WINDOWS\hosts
Checking %System% folder...
UPX! 18/05/03 10:53:56 AM 60928 C:\WINDOWS\SYSTEM\HDResources.dll
UPX! 24/03/99 7:00:00 AM 35328 C:\WINDOWS\SYSTEM\ATL.DLL
Checking %System%\Drivers folder and sub-folders...
Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
13/09/05 12:43:50 PM RH 1450016 C:\WINDOWS\USER.DAT
13/09/05 12:43:50 PM RH 9912352 C:\WINDOWS\SYSTEM.DAT
13/09/05 11:36:42 AM RH 712736 C:\WINDOWS\HWINFO.DAT
5/09/05 10:08:08 AM H 13122 C:\WINDOWS\folder.htt
5/09/05 10:08:08 AM H 266 C:\WINDOWS\desktop.ini
13/09/05 12:42:24 PM H 1101846 C:\WINDOWS\ShellIconCache
5/09/05 2:18:12 PM H 29038 C:\WINDOWS\ttfCache
11/09/05 9:23:20 PM HS 32 C:\WINDOWS\{20653645-230A-11DA-9081-000FEA5517D8}.dat
5/09/05 10:08:08 AM H 13122 C:\WINDOWS\SYSTEM\folder.htt
5/09/05 10:08:08 AM H 266 C:\WINDOWS\SYSTEM\desktop.ini
11/09/05 9:23:20 PM HS 32 C:\WINDOWS\SYSTEM\{20653644-230A-11DA-9081-000FEA5517D8}.dat
6/09/05 9:42:36 AM H 9793 C:\WINDOWS\HELP\windows.GID
4/09/05 10:35:30 AM H 8628 C:\WINDOWS\HELP\SECAUTH.GID
5/09/05 10:08:10 AM H 13122 C:\WINDOWS\SYSTEM32\folder.htt
5/09/05 10:08:10 AM H 266 C:\WINDOWS\SYSTEM32\desktop.ini
5/09/05 10:08:10 AM H 19600 C:\WINDOWS\WEB\WVLOGO.GIF
5/09/05 10:08:10 AM H 4204 C:\WINDOWS\WEB\CONTROLP.HTT
5/09/05 10:08:10 AM H 11530 C:\WINDOWS\WEB\FOLDER.HTT
5/09/05 10:08:10 AM H 4988 C:\WINDOWS\WEB\MYCOMP.HTT
5/09/05 10:08:10 AM H 5044 C:\WINDOWS\WEB\PRINTERS.HTT
5/09/05 10:08:10 AM H 855 C:\WINDOWS\WEB\webview.css
5/09/05 10:08:10 AM H 14258 C:\WINDOWS\WEB\default.htt
5/09/05 10:08:10 AM H 5403 C:\WINDOWS\WEB\nethood.htt
5/09/05 10:08:10 AM H 8088 C:\WINDOWS\WEB\recycle.htt
5/09/05 10:08:10 AM H 5495 C:\WINDOWS\WEB\schedule.htt
5/09/05 10:08:10 AM H 5521 C:\WINDOWS\WEB\dialup.htt
5/09/05 10:08:10 AM H 44686 C:\WINDOWS\WEB\wvleft.bmp
5/09/05 10:08:10 AM H 840 C:\WINDOWS\WEB\wvline.gif
5/09/05 10:08:10 AM H 10931 C:\WINDOWS\WEB\ftp.htt
7/09/05 7:48:50 AM HS 1422 C:\WINDOWS\Application Data\Microsoft\Internet Explorer\Desktop.htt
13/09/05 11:13:16 AM H 376 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata00.sqm
18/08/05 8:34:50 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata01.sqm
19/08/05 8:51:50 AM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata02.sqm
19/08/05 8:45:28 PM H 1192 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata03.sqm
19/08/05 8:45:30 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata04.sqm
20/08/05 7:40:32 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata05.sqm
21/08/05 7:52:46 PM H 1300 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata06.sqm
21/08/05 7:52:48 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata07.sqm
22/08/05 8:31:30 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata08.sqm
23/08/05 6:39:18 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata09.sqm
24/08/05 7:21:14 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata10.sqm
24/08/05 7:37:46 PM H 328 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata11.sqm
25/08/05 3:05:16 PM H 1192 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata12.sqm
25/08/05 9:02:36 PM H 1084 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata13.sqm
25/08/05 9:02:38 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata14.sqm
26/08/05 7:58:22 AM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata15.sqm
26/08/05 5:19:06 PM H 484 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata16.sqm
26/08/05 9:36:52 PM H 352 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata17.sqm
27/08/05 12:00:42 PM H 340 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata18.sqm
27/08/05 6:39:30 PM H 1192 C:\WINDOWS\Application Data\Microsoft\MSN Messenger\3545699001\sqmdata19.sqm
6/09/05 9:38:08 AM H 65 C:\WINDOWS\Downloaded Program Files\desktop.ini
12/09/05 12:54:38 PM HS 67 C:\WINDOWS\Temporary Internet Files\desktop.ini
12/09/05 10:13:34 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\desktop.ini
12/09/05 10:17:02 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\W1UVKPIN\desktop.ini
12/09/05 10:17:14 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\FUSB3P09\desktop.ini
12/09/05 10:22:40 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\C73R60TP\desktop.ini
12/09/05 10:22:56 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\2HLIBAXS\desktop.ini
12/09/05 10:29:58 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\K6EGS30B\desktop.ini
12/09/05 10:46:12 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\66K3VE6P\desktop.ini
12/09/05 11:09:44 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\IR2FGDKP\desktop.ini
12/09/05 11:10:18 AM HS 67 C:\WINDOWS\Temporary Internet Files\Content.IE5\H84BA083\desktop.ini
13/09/05 8:03:30 AM H 6 C:\WINDOWS\Tasks\SA.DAT
12/09/05 3:02:36 PM RHS 227 C:\WINDOWS\assembly\Desktop.ini
6/09/05 9:38:12 AM H 65 C:\WINDOWS\Offline Web Pages\desktop.ini
Checking for CPL files...
Microsoft Corporation 23/04/99 10:22:00 PM 221280 C:\WINDOWS\SYSTEM\DESK.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 60928 C:\WINDOWS\SYSTEM\INTL.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 93248 C:\WINDOWS\SYSTEM\MODEM.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 14448 C:\WINDOWS\SYSTEM\NETCPL.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 7952 C:\WINDOWS\SYSTEM\ODBCCP32.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 47104 C:\WINDOWS\SYSTEM\PASSWORD.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 51984 C:\WINDOWS\SYSTEM\POWERCFG.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 420864 C:\WINDOWS\SYSTEM\MMSYS.CPL
Microsoft Corporation 30/10/01 5:40:00 PM 442368 C:\WINDOWS\SYSTEM\JOY.CPL
Microsoft Corporation 29/08/02 292352 C:\WINDOWS\SYSTEM\INETCPL.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 66048 C:\WINDOWS\SYSTEM\ACCESS.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 103424 C:\WINDOWS\SYSTEM\MAIN.CPL
23/04/99 10:22:00 PM 70656 C:\WINDOWS\SYSTEM\STICPL.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 387072 C:\WINDOWS\SYSTEM\SYSDM.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 14848 C:\WINDOWS\SYSTEM\TELEPHON.CPL
C-Media Corporation 11/12/03 3:44:36 PM 2453504 C:\WINDOWS\SYSTEM\CMICNFG.CPL
Microsoft Corporation 10/02/99 10:18:48 PM 40960 C:\WINDOWS\SYSTEM\FINDFAST.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 72192 C:\WINDOWS\SYSTEM\APPWIZ.CPL
Microsoft Corporation 23/04/99 10:22:00 PM 37376 C:\WINDOWS\SYSTEM\TIMEDATE.CPL
NVIDIA Corporation 12/07/04 4:50:00 PM 73728 C:\WINDOWS\SYSTEM\nvtuicpl.cpl
Apple Computer, Inc. 11/04/01 12:22:06 PM 287232 C:\WINDOWS\SYSTEM\QuickTime.cpl
»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»
Checking files in %ALLUSERSPROFILE%\Startup folder...
Checking files in %ALLUSERSPROFILE%\Application Data folder...
Checking files in %USERPROFILE%\Startup folder...
8/08/05 7:38:24 PM 542 C:\WINDOWS\Start Menu\Programs\StartUp\CleanSweep Smart Sweep-Internet Sweep.lnk
8/08/05 7:38:24 PM 536 C:\WINDOWS\Start Menu\Programs\StartUp\Norton System Doctor.lnk
Checking files in %USERPROFILE%\Application Data folder...
5/09/05 3:57:42 PM 4962 C:\WINDOWS\Application Data\dw.log
»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Norton WipeInfo
{30424D42-5946-11D2-B8E5-006097C9C6FF} = C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\WFSHELEX.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\NortonAntivirus
{067DF822-EAB6-11cf-B56E-00A0244D5087} = C:\Program Files\Norton SystemWorks\Norton AntiVirus\navshell.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail
{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRAM FILES\YAHOO!\COMMON\YMMAPI.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\PROGRAM FILES\WINRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\CONTMENU.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Norton WipeInfo
{30424D42-5946-11D2-B8E5-006097C9C6FF} = C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\WFSHELEX.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\NortonAntivirus
{067DF822-EAB6-11cf-B56E-00A0244D5087} = C:\Program Files\Norton SystemWorks\Norton AntiVirus\navshell.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\PROGRAM FILES\WINRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\CONTMENU.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\PROGRAM FILES\WINRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\CONTMENU.DLL
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}
Yahoo! Companion BHO = C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
AcroIEHlprObj Class = C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
MSNToolBandBHO = C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-AU\MSNTB.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}
ST = C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C7B6DE1-99A4-4CF1-8B44-68889900E1D0}
ActivateBand Class = C:\PROGRAM FILES\TELSTRA\TOOLBAR\BPUMTOOLBAND.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}
EpsonToolBandKicker Class = C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
= C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = ninemsn : C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-AU\MSNTB.DLL
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = &Yahoo! Companion : C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
{7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} = BigPond Toolbar : C:\PROGRAM FILES\TELSTRA\TOOLBAR\BPUMTOOLBAND.DLL
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} = EPSON Web-To-Page : C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL
{8E718888-423F-11D2-876E-00A0C9082467} = &Radio : C:\WINDOWS\SYSTEM\MSDXM.OCX
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
ButtonText = Messenger :
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
Media Band = C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
=
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}
History Band = C:\WINDOWS\SYSTEM\SHDOCVW.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = ninemsn : C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\EN-AU\MSNTB.DLL
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = &Yahoo! Companion : C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
{7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} = BigPond Toolbar : C:\PROGRAM FILES\TELSTRA\TOOLBAR\BPUMTOOLBAND.DLL
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} = EPSON Web-To-Page : C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : C:\WINDOWS\SYSTEM\BROWSEUI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ccRegVfy "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
Symantec NetDriver Monitor C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
Norton eMail Protect C:\Program Files\Norton SystemWorks\Norton AntiVirus\POPROXY.EXE
NAV DefAlert C:\PROGRA~1\NORTON~2\NORTON~2\DEFALERT.EXE
ScanRegistry C:\WINDOWS\scanregw.exe /autorun
NvMediaCenter RunDLL32.exe NvMCTray.dll,NvTaskbarInit
LoadPowerProfile Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Cmaudio RunDll32 cmicnfg.cpl,CMICtrlWnd
SpeedTouch USB Diagnostics "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
TaskMonitor C:\WINDOWS\taskmon.exe
nwiz nwiz.exe /install
NPROTECT C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
Norton Auto-Protect C:\PROGRA~1\NORTON~2\NORTON~2\NAVAPW32.EXE /LOADQUIET
QD FastAndSafe C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /startup
EPSON Stylus C45 Series C:\WINDOWS\SYSTEM\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O5 "LPT1:" /M "Stylus C45"
StillImageMonitor C:\WINDOWS\SYSTEM\STIMON.EXE
SystemTray SysTray.Exe
NvCplDaemon RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
POINTER C:\Program Files\Microsoft Hardware\Mouse\point32.exe
BigPond Toolbar "C:\Program Files\Telstra\Toolbar\bpumTray.exe"
THGuard "C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
MSFS Installed = 1
MAPI Installed = 1
IMAIL Installed = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
ccEvtMgr "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
Nisum C:\Program Files\Norton Personal Firewall\NISUM.EXE
ccPxySvc C:\PROGRA~1\NORTON~1\CCPXYSVC.EXE
LoadPowerProfile Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
NPROTECT C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
CSINJECT.EXE C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
SymTray - Norton SystemWorks C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
KB891711 C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Taskbar Display Controls RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
msnmsgr "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun •
CDRAutoRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\SYSTEM\WEBCHECK.DLL
<<< WARNING! - NOT A VALID WIN98/ME KEY! >>>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs APITRAP.DLL
»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.3.9 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 13/09/05 12:47:32 PM