Hope this is helpfull:
Logfile of HijackThis v1.99.1
Scan saved at 22:37:27, on 21/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ntl\ntl Netguard\fws.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Tweak-XP Pro 4\transtask.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Documents and Settings\Pip\Start Menu\Programs\Admin Folder\Utilities\HijackThis.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\ntl\ntl Netguard\SwchMonR.exe
C:\Program Files\ntl\ntl Netguard\RPS.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\msiexec.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.wow-europe.com/en/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.wow-europe.com/en/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 4\transtask.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search -
res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -
res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -
res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -
res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English -
res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pip\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) -
http://212.100.229.166/CFIDE/classes/CFJava.cab
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) -
http://esupport.epson-europe.com/ePC/ac ... nSetup.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/ ... 1.1.74.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/activex ... 0-3-30.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 7159132109
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Winfind:
Logfile created on: 08/21/2006 21:59
WinPFind2 by OldTimer - Version 1.0.6 Folder = C:\Documents and Settings\Pip\Desktop\LOG\SVCH\Tools\winpfind2\WinPFind2\
Microsoft Windows XP (Version = Service Pack 2)
Internet Explorer (Version - 6.0.2900.2180)
< Processes (Non-Microsoft Only) >
c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe - (Adobe Systems Inc. )
c:\progra~1\grisoft\avgfre~1\avgamsvr.exe - (GRISOFT, s.r.o. )
c:\progra~1\grisoft\avgfre~1\avgupsvc.exe - (GRISOFT, s.r.o. )
c:\program files\cursorxp\cursorxp.exe - ( )
c:\program files\d-tools\daemon.exe - (DAEMON'S HOME )
c:\program files\common files\command software\dvpapi.exe - (Command Software Systems, Inc. )
c:\windows\system32\spool\drivers\w32x86\3\e_fatiace.exe - (SEIKO EPSON CORPORATION )
c:\program files\ewido anti-spyware 4.0\ewido.exe - (Anti-Malware Development a.s. )
c:\program files\ntl\ntl netguard\fws.exe - (Radialpoint Inc. )
c:\program files\ewido anti-spyware 4.0\guard.exe - (Anti-Malware Development a.s. )
c:\program files\java\jre1.5.0_06\bin\jusched.exe - (Sun Microsystems, Inc. )
c:\windows\system32\nvsvc32.exe - (NVIDIA Corporation )
c:\program files\ntl\ntl netguard\rps.exe - (ntl )
c:\progra~1\common~1\stardock\sdmcp.exe - (Stardock )
c:\windows\soundman.exe - (Realtek Semiconductor Corp. )
c:\program files\tweak-xp pro 4\transtask.exe - (Totalidea Software, Germany, New Zealand )
c:\documents and settings\pip\desktop\log\svch\tools\winpfind2\winpfind2\winpfind2.exe - (OldTimer Tools )
c:\program files\tuneup utilities 2006\winstylerthemesvc.exe - (TuneUp Software GmbH )
< Registry Entries >
[>> Internet Explorer Settings <<]
HKLM->Main\\Start Page -
http://www.wow-europe.com/en/
HKLM->Main\\Search Page -
HKLM->Main\\Default Page -
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM->Main\\Default Search -
http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM->Main\\Local Page -
HKCU->Main\\Start Page -
http://www.wow-europe.com/en/
HKCU->Main\\Search Page -
http://www.google.com
HKCU->Main\\Local Page - C:\WINDOWS\system32\blank.htm
HKCU->Internet Settings\\ProxyEnable - 0
HKCU->Internet Settings\\ProxyOverride -
[>> BHO's <<]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated )
{3C060EA2-E6A9-4E49-A530-D4657B8C449A} - PopKill Class = C:\Program Files\ntl\ntl Netguard\pkR.dll (Radialpoint Inc. )
{53707962-6F74-2D53-2644-206D7942484F} - = C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited )
{56071E0D-C61B-11D3-B41C-00E02927A304} - ZKBho Class = C:\Program Files\ntl\ntl Netguard\FBHR.dll (Radialpoint Inc. )
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc. )
{AA58ED58-01DD-4d91-8333-CF10577473F7} - Google Toolbar Helper = c:\program files\google\googletoolbar2.dll (Google Inc. )
{AE7CD045-E861-484f-8273-0445EE161910} - AcroIEToolbarHelper Class = C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ( )
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - EpsonToolBandKicker Class = C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION )
[>> Internet Explorer Bars, Toolbars and Extensions <<]
[HKLM-> Internet Explorer Bars]
{182EC0BE-5110-49C8-A062-BEB1D02A220B} - Adobe PDF = C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ( )
{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
[HKCU-> Internet Explorer Bars]
{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} - &Research = C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation )
[HKLM-> Internet Explorer ToolBars]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar2.dll (Google Inc. )
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF = C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ( )
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar = C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll (ImageShack Corp. )
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page = C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION )
[HKCU-> Internet Explorer ToolBars]
ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar2.dll (Google Inc. )
ShellBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF = C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ( )
WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar2.dll (Google Inc. )
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF = C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ( )
WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page = C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION )
[HKCU-> Internet Explorer CmdMapping]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8192 - Sun Java Console
{1A6FC8DB-8953-47E9-968D-6E599A819B4F} - 8198 - Reg Data missing or invalid
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - 8196 - Reg Data missing or invalid
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - 8197 - Reg Data missing or invalid
{6511EABA-FC46-45EF-AC00-1D3B18F23C84} - 8200 - Reg Data missing or invalid
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8193 -
{C2C41359-B7AF-4295-88F2-FF3875292739} - 8199 - Reg Data missing or invalid
{d9288080-1baa-4bc4-9cf8-a92d743db949} - 8195 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - 8201 - @xpsp3res.dll,-20001
{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8194 - Windows Messenger
NextId - 8202
[HKLM-> Internet Explorer Extensions]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc. )
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} (HKCU CLSID) - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc. )
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Research = (File not found))
{d9288080-1baa-4bc4-9cf8-a92d743db949} - ButtonText: Run IMVU = C:\Documents and Settings\Pip\Start Menu\Programs\IMVU\Run IMVU.lnk ( )
{e2e2dd38-d088-4134-82b7-f2ba38496583} - MenuText: @xpsp3res.dll,-20001 = Reg Data missing or invalid (File not found))
{e2e2dd38-d088-4134-82b7-f2ba38496583} (HKCU CLSID) - MenuText: @xpsp3res.dll,-20001 = Reg Data missing or invalid (File not found))
{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation )
[HKCU-> Internet Explorer Menu Extensions]
&Google Search -
res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html (Google Inc. )
&Translate English Word -
res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html (Google Inc. )
Backward Links -
res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html (Google Inc. )
Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar2.dll/cmcache.html (Google Inc. )
E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation )
Post Image to Blog -
res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003 (ImageShack Corp. )
Similar Pages -
res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html (Google Inc. )
Tag This Image -
res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002 (ImageShack Corp. )
Translate Page into English -
res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html (Google Inc. )
Upload All Images to ImageShack -
res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000 (ImageShack Corp. )
Upload Image to ImageShack -
res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001 (ImageShack Corp. )
[HKLM-> Internet Explorer Plugins]
.spop - = C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc. )
[>> Approved Shell Extensions (Non-Microsoft only) <<]
[HKLM-> Approved Shell Extensions]
{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} - TuneUp Shredder Shell Context Menu Extension = "C:\Program Files\TuneUp Utilities 2006\sdshelex.dll" (TuneUp Software GmbH )
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = Reg Data missing or invalid (File not found))
{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = Reg Data missing or invalid (File not found))
{11C1D741-A95B-11d2-8A80-0080ADB32FF4} - FTP Surfer Shell Extension = Reg Data missing or invalid (File not found))
{11C1D741-A95B-11d2-8A80-0080ADB32FF4} (HKCU CLSID) - FTP Surfer Shell Extension = C:\Program Files\Whisper Technology\FTP Surfer\wtftpshx.dll (Whisper Technology Limited )
{1CDB2949-8F65-4355-8456-263E7C208A5D} - Desktop Explorer = C:\WINDOWS\system32\nvshell.dll ( )
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} - Desktop Explorer Menu = C:\WINDOWS\system32\nvshell.dll ( )
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} - nView Desktop Context Menu = C:\WINDOWS\system32\nvshell.dll ( )
{32A9D769-5B55-4a25-9A62-86B5683FE50A} - NikonView Drop Extension = C:\Program Files\Nikon\NkView6\NkvDropExt.dll (Nikon Corporation )
{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll (File not found))
{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = Reg Data missing or invalid (File not found))
{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = Reg Data missing or invalid (File not found))
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = Reg Data missing or invalid (File not found))
{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc. )
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - AVG7 Shell Extension = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} - AVG7 Find Extension = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
{A5110426-177D-4e08-AB3F-785F10B4439C} - Sony Ericsson File Manager = C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll (Sony Ericsson Mobile Communications AB )
{A70C977A-BF00-412C-90B7-034C51DA2439} - NvCpl DesktopContext Class = C:\WINDOWS\system32\nvcpl.dll (NVIDIA Corporation )
{B41DB860-8EE4-11D2-9906-E49FADC173CA} - WinRAR shell extension = C:\Program Files\WinRAR\rarext.dll ( )
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - iTunes = C:\Program Files\iTunes\iTunesMiniPlayer.dll (Apple Computer, Inc. )
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} - Adobe.Acrobat.ContextMenu = C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc. )
{D9872D13-7651-4471-9EEE-F0A00218BEBB} - Multiscan = Reg Data missing or invalid (File not found))
{E0D79304-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing LP )
{E0D79305-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing LP )
{E0D79306-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing LP )
{E0D79307-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing LP )
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} - TrojanHunter Menu Shell Extension = C:\PROGRA~1\TROJAN~1.5\contmenu.dll ( )
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - Shell Extensions for RealOne Player = C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc. )
{FFB699E0-306A-11d3-8BD1-00104B6F7516} - Play on my TV helper = C:\WINDOWS\system32\nvcpl.dll (NVIDIA Corporation )
[>> ContextMenuHandlers (Non-Microsoft only) <<]
[HKLM-> ContextMenuHandlers]
* - {FFFFE5C1-34AF-4d4d-B3D3-5BB86A2BAA7B} - = C:\Program Files\ntl\ntl Netguard\AVCntxtR.dll (Radialpoint Inc. )
* - Adobe.Acrobat.ContextMenu - {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc. )
* - Ashampoo Illuminator Shell Extension - {9237118F-C934-45bf-B5FA-B41A733B0FBE} = C:\Program Files\ashampoo\Ashampoo Photo Illuminator 2\IlluminatorShellExt.dll ( )
* - AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
* - EPPShellEx - {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} = C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll (SEIKO EPSON CORPORATION )
* - ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s. )
* - TrojanHunter - {EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.5\contmenu.dll ( )
* - TuneUp Shredder - {00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} = C:\Program Files\TuneUp Utilities 2006\sdshelex.dll (TuneUp Software GmbH )
* - WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ( )
* - WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing LP )
Directory - {FFFFE5C1-34AF-4d4d-B3D3-5BB86A2BAA7B} - = C:\Program Files\ntl\ntl Netguard\AVCntxtR.dll (Radialpoint Inc. )
Directory - ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s. )
Directory - TrojanHunter - {EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.5\contmenu.dll ( )
Directory - TuneUp Shredder - {00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} = C:\Program Files\TuneUp Utilities 2006\sdshelex.dll (TuneUp Software GmbH )
Directory - WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ( )
Directory - WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing LP )
Directory\Background - 00nView - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} = C:\WINDOWS\system32\nvshell.dll ( )
Directory\Background - NvCplDesktopContext - {A70C977A-BF00-412C-90B7-034C51DA2439} = C:\WINDOWS\system32\nvcpl.dll (NVIDIA Corporation )
Folder - {FFFFE5C1-34AF-4d4d-B3D3-5BB86A2BAA7B} - = C:\Program Files\ntl\ntl Netguard\AVCntxtR.dll (Radialpoint Inc. )
Folder - AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
Folder - TrojanHunter - {EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.5\contmenu.dll ( )
Folder - WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ( )
Folder - WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing LP )
[>> ColumnHandlers (Non-Microsoft only) <<]
[HKLM-> ColumnHandlers]
Folder - {F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Shell Extension = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc. )
[>> Registry Run Keys <<]
HKLM->Run\\ - (File not found))
HKLM->Run\\!ewido - "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized (Anti-Malware Development a.s. )
HKLM->Run\\DAEMON Tools-1033 - "C:\Program Files\D-Tools\daemon.exe" -lang 1033 (DAEMON'S HOME )
HKLM->Run\\EPSON Stylus DX3800 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800" (SEIKO EPSON CORPORATION )
HKLM->Run\\ntl Netguard - "C:\Program Files\ntl\ntl Netguard\RPS.exe" (ntl )
HKLM->Run\\NvCplDaemon - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (File not found))
HKLM->Run\\NvMediaCenter - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (File not found))
HKLM->Run\\nwiz - nwiz.exe /install ( )
HKLM->Run\\SoundMan - SOUNDMAN.EXE (Realtek Semiconductor Corp. )
HKLM->Run\\SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc. )
HKLM->Run\\Windows Defender - "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation )
HKLM->Run\OptionalComponents\IMAIL - Installed = 1
HKLM->Run\OptionalComponents\MAPI - Installed = 1
HKLM->Run\OptionalComponents\MSFS - Installed = 1
HKCU->Run\\ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation )
HKCU->Run\\CursorXP - C:\Program Files\CursorXP\CursorXP.exe ( )
HKCU->Run\\TransTask - "C:\Program Files\Tweak-XP Pro 4\transtask.exe" (Totalidea Software, Germany, New Zealand )
[>> Startup Lnks <<]
HKLM->Common Startup - Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc. )
HKLM->Common Startup - Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc. )
HKLM->Common Startup - Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated )
HKLM->Common Startup - desktop.ini - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini ( )
HKCU->Startup - Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc. )
HKCU->Startup - desktop.ini - C:\Documents and Settings\Pip\Start Menu\Programs\Startup\desktop.ini ( )
[>> Disabled MSConfig Items <<]
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^broadband medic.lnk - broadband medic = C:\PROGRA~1\ntl\BROADB~1\bin\matcli.exe -boot (Motive Communications, Inc. )
StartUpReg\QuickTime Task - qttask = "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc. )
[>> User Agent Post Platform <<]
SV1 -
[>> AppInit DLLs <<]
AppInit_DLL - wbsys.dll (Stardock.Net, Inc )
[>> Image File Execution Options <<]
Your Image File Name Here without a path - Debugger = ntsd -d
[>> Shell Service Object Delay Load <<]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} = C:\PROGRA~1\COMMON~1\Stardock\MCPCore.dll (Stardock )
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation )
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll (Microsoft Corporation )
[>> Shell Execute Hooks <<]
{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - Microsoft AntiMalware ShellExecuteHook = C:\PROGRA~1\WIFD1F~1\MpShHook.dll (Microsoft Corporation )
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} - CShellExecuteHookImpl Object = C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll (Anti-Malware Development a.s. )
{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation )
[>> Shared Task Scheduler <<]
{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
[>> Winlogon <<]
UserInit - C:\WINDOWS\system32\userinit.exe, (Microsoft Corporation )
Shell - Explorer.exe (Microsoft Corporation )
System - (File not found))
Notify\crypt32chain - crypt32.dll (Microsoft Corporation )
Notify\cryptnet - cryptnet.dll (Microsoft Corporation )
Notify\cscdll - cscdll.dll (Microsoft Corporation )
Notify\MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll (Stardock )
Notify\ScCertProp - wlnotify.dll (Microsoft Corporation )
Notify\Schedule - wlnotify.dll (Microsoft Corporation )
Notify\sclgntfy - sclgntfy.dll (Microsoft Corporation )
Notify\SensLogn - WlNotify.dll (Microsoft Corporation )
Notify\termsrv - wlnotify.dll (Microsoft Corporation )
Notify\WB - C:\Program Files\AlienGUIse\fastload.dll (Stardock )
Notify\WgaLogon - WgaLogon.dll (Microsoft Corporation )
Notify\wlballoon - wlnotify.dll (Microsoft Corporation )
[>> DNS Name Servers <<]
{7409954A-2610-4FE5-AF01-AD17A3B6197A} - (VIA Rhine II Fast Ethernet Adapter)
[>> All Winsock2 Catalogs <<]
NameSpace_Catalog5\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
[>> Protocol Handlers (Non-Microsoft only) <<]
belarc - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc. )
ipp - (File not found))
msdaipp - (File not found))
[>> Protocol Filters (Non-Microsoft only) <<]
< Services (Non-Microsoft Only) >
AVG7 Alert Manager Server (Avg7Alrt) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (GRISOFT, s.r.o. ) [Automatic - Running - Win32, running in it's own process]
AVG7 Update Service (Avg7UpdSvc) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (GRISOFT, s.r.o. ) [Automatic - Running - Win32, running in it's own process]
DvpApi (dvpapi) - "C:\Program Files\Common Files\Command Software\dvpapi.exe" (Command Software Systems, Inc. ) [Automatic - Running - Win32, running in it's own process]
ewido anti-spyware 4.0 guard (ewido anti-spyware 4.0 guard) - C:\Program Files\ewido anti-spyware 4.0\guard.exe (Anti-Malware Development a.s. ) [Automatic - Running - Win32, running in it's own process]
Radialpoint Service (FWS) - C:\Program Files\ntl\ntl Netguard\fws.exe (Radialpoint Inc. ) [Automatic - Running - Win32, running in it's own process]
NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation ) [Automatic - Running - Win32, running in it's own process]
TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - "C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe" (TuneUp Software GmbH ) [Automatic - Running - Win32, running in it's own process]
< Files >
%SystemDrive%
%ProgramFilesDir%
%WinDir%
C:\WINDOWS\daemon.dll - UPX! ( [Ver = 3.47.0.0 | Size = 69120 bytes | Date = 08/22/2004 17:04 | Attr = ])
%System%
C:\WINDOWS\SYSTEM32\alsndmgr.cpl - Abf:CFIILWSUd^_jgihgj_XYwtv(Realtek Semiconductor Corp. [Ver = 2, 2, 0, 63 | Size = 18800640 bytes | Date = 07/19/2006 05:13 | Attr = ])
C:\WINDOWS\SYSTEM32\ChComp.dll - UPX! (TechCity Solutions France [Ver = 1.0.0.20 | Size = 13824 bytes | Date = 07/12/2005 13:03 | Attr = ])
C:\WINDOWS\SYSTEM32\ChEPSON.dll - UPX! (TechCity Solutions France [Ver = 1.0.0.91 | Size = 17408 bytes | Date = 07/12/2005 13:04 | Attr = ])
C:\WINDOWS\SYSTEM32\ChLPT.dll - UPX! (TechCity Solutions France [Ver = 1.0.0.28 | Size = 11264 bytes | Date = 07/12/2005 13:05 | Attr = ])
C:\WINDOWS\SYSTEM32\ChUSB.dll - UPX! (TechCity Solutions France [Ver = 1.0.0.23 | Size = 18432 bytes | Date = 07/12/2005 13:05 | Attr = ])
C:\WINDOWS\SYSTEM32\d3dx9_25.dll - D3DXUVAtlasPack (Microsoft Corporation [Ver = 9.06.168.0000 | Size = 2337488 bytes | Date = 03/18/2005 18:19 | Attr = ])
C:\WINDOWS\SYSTEM32\d3dx9_26.dll - D3DXUVAtlasPack (Microsoft Corporation [Ver = 9.07.239.0000 | Size = 2297552 bytes | Date = 05/26/2005 16:34 | Attr = ])
C:\WINDOWS\SYSTEM32\d3dx9_27.dll - D3DXUVAtlasPack (Microsoft Corporation [Ver = 9.08.299.0000 | Size = 2319568 bytes | Date = 07/22/2005 19:59 | Attr = ])
C:\WINDOWS\SYSTEM32\d3dx9_28.dll - D3DXUVAtlasPack (Microsoft Corporation [Ver = 9.10.455.0000 | Size = 2323664 bytes | Date = 12/05/2005 18:09 | Attr = ])
C:\WINDOWS\SYSTEM32\d3dx9_29.dll - D3DXUVAtlasPack (Microsoft Corporation [Ver = 9.11.519.0000 | Size = 2332368 bytes | Date = 02/03/2006 08:43 | Attr = ])
C:\WINDOWS\SYSTEM32\d3dx9_30.dll - D3DXUVAtlasPack (Microsoft Corporation [Ver = 9.12.589.0000 | Size = 2388176 bytes | Date = 03/31/2006 12:40 | Attr = ])
C:\WINDOWS\SYSTEM32\dfrg.msc - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213( [Ver = | Size = 41397 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\LegitCheckControl.dll - RIMAPPTECHNOLOGIES (Microsoft Corporation [Ver = 1.5.0540.0 | Size = 571184 bytes | Date = 06/19/2006 16:19 | Attr = ])
C:\WINDOWS\SYSTEM32\MRT.exe - (PeCompact2) (Microsoft Corporation [Ver = 1.19.1567.0 | Size = 8325544 bytes | Date = 08/09/2006 12:03 | Attr = ])
C:\WINDOWS\SYSTEM32\MRT.exe - (ASPack) (Microsoft Corporation [Ver = 1.19.1567.0 | Size = 8325544 bytes | Date = 08/09/2006 12:03 | Attr = ])
C:\WINDOWS\SYSTEM32\ntbackup.exe - VWSuD (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1200128 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\ntdll.dll - .aspack (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 708096 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\nusrmgr.cpl - Pln``pmlidb_[ZYWSUdxa\^`^Tsfbeffhjol(Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\rasdlg.dll - \DuMonitor SendMessage(WM_RASEVENT) done(Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 657920 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\saxzip.ocx - UPX! (Sax Software Corp. [Ver = 1.0.1211 | Size = 552960 bytes | Date = 07/23/2001 06:29 | Attr = ])
C:\WINDOWS\SYSTEM32\wbdbase.deu - msubjsuchsullsupeswinsyncszens( [Ver = | Size = 1309184 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\WgaTray.exe - RIMAPPTECHNOLOGIES (Microsoft Corporation [Ver = 1.5.0540.0 | Size = 304944 bytes | Date = 06/19/2006 16:19 | Attr = ])
%System%\Drivers folder and sub-folders
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - error finding UPX! header(GRISOFT, s.r.o. [Ver = 7,1,0,402 | Size = 777472 bytes | Date = 08/20/2006 00:46 | Attr = ])
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - FSG!u.h (GRISOFT, s.r.o. [Ver = 7,1,0,402 | Size = 777472 bytes | Date = 08/20/2006 00:46 | Attr = ])
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - pec2-ext.exe (GRISOFT, s.r.o. [Ver = 7,1,0,402 | Size = 777472 bytes | Date = 08/20/2006 00:46 | Attr = ])
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - ;PE_ASPACK (GRISOFT, s.r.o. [Ver = 7,1,0,402 | Size = 777472 bytes | Date = 08/20/2006 00:46 | Attr = ])
C:\WINDOWS\SYSTEM32\drivers\css-dvp.sys - .aspack (Command Software Systems, Inc. [Ver = 4,93,7,60117 | Size = 783984 bytes | Date = 01/20/2006 14:40 | Attr = R ])
C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys - V90NEC, --------ERROR--------- occured in adaptecho(Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Date = 08/03/2004 22:41 | Attr = ])
%windir% + sub-dirs for System or Hidden files less than 60 days old
C:\WINDOWS\bootstat.dat - ( [Ver = | Size = 2048 bytes | Date = 08/21/2006 17:40 | Attr = S])
C:\WINDOWS\system32\zllictbl.dat - ( [Ver = | Size = 4212 bytes | Date = 06/29/2006 23:01 | Attr = H ])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914440.cat - ( [Ver = | Size = 10690 bytes | Date = 07/07/2006 08:03 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917422.cat - ( [Ver = | Size = 10925 bytes | Date = 07/05/2006 13:21 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918899.cat - ( [Ver = | Size = 23751 bytes | Date = 07/28/2006 13:16 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920214.cat - ( [Ver = | Size = 10337 bytes | Date = 07/27/2006 15:00 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920670.cat - ( [Ver = | Size = 10925 bytes | Date = 07/21/2006 10:03 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920683.cat - ( [Ver = | Size = 11929 bytes | Date = 06/26/2006 20:47 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB921398.cat - ( [Ver = | Size = 13050 bytes | Date = 07/13/2006 15:24 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB921883.cat - ( [Ver = | Size = 10925 bytes | Date = 07/14/2006 17:13 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922616.cat - ( [Ver = | Size = 10925 bytes | Date = 07/14/2006 16:53 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem212.CAT - ( [Ver = | Size = 489395 bytes | Date = 08/03/2006 11:59 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_3_x86.CAT - ( [Ver = | Size = 8225 bytes | Date = 07/28/2006 10:23 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xinput1_2_x86.CAT - ( [Ver = | Size = 7927 bytes | Date = 07/28/2006 10:23 | Attr = S])
C:\WINDOWS\system32\config\default.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/21/2006 17:42 | Attr = H ])
C:\WINDOWS\system32\config\default_TU_75231.LOG - ( [Ver = | Size = 0 bytes | Date = 07/10/2006 18:40 | Attr = H ])
C:\WINDOWS\system32\config\default_TU_84142.LOG - ( [Ver = | Size = 0 bytes | Date = 07/28/2006 18:57 | Attr = H ])
C:\WINDOWS\system32\config\SAM.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/21/2006 17:40 | Attr = H ])
C:\WINDOWS\system32\config\SAM_TU_60748.LOG - ( [Ver = | Size = 0 bytes | Date = 07/28/2006 18:57 | Attr = H ])
C:\WINDOWS\system32\config\SAM_TU_82797.LOG - ( [Ver = | Size = 0 bytes | Date = 07/10/2006 18:40 | Attr = H ])
C:\WINDOWS\system32\config\SECURITY.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/21/2006 17:51 | Attr = H ])
C:\WINDOWS\system32\config\SECURITY_TU_11849.LOG - ( [Ver = | Size = 0 bytes | Date = 07/10/2006 18:40 | Attr = H ])
C:\WINDOWS\system32\config\SECURITY_TU_57391.LOG - ( [Ver = | Size = 0 bytes | Date = 07/28/2006 18:57 | Attr = H ])
C:\WINDOWS\system32\config\software.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/21/2006 21:00 | Attr = H ])
C:\WINDOWS\system32\config\software_TU_74215.LOG - ( [Ver = | Size = 0 bytes | Date = 07/10/2006 18:40 | Attr = H ])
C:\WINDOWS\system32\config\software_TU_77635.LOG - ( [Ver = | Size = 0 bytes | Date = 07/28/2006 18:57 | Attr = H ])
C:\WINDOWS\system32\config\system.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/21/2006 20:43 | Attr = H ])
C:\WINDOWS\system32\config\system_TU_14346.LOG - ( [Ver = | Size = 0 bytes | Date = 07/28/2006 18:57 | Attr = H ])
C:\WINDOWS\system32\config\system_TU_46170.LOG - ( [Ver = | Size = 0 bytes | Date = 07/10/2006 18:40 | Attr = H ])
C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/16/2006 19:44 | Attr = H ])
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/20/2006 01:52 | Attr = H ])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\01e667d1-c856-4c1f-9ee0-3d21bfd7516b - ( [Ver = | Size = 388 bytes | Date = 06/26/2006 06:48 | Attr = HS])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred - ( [Ver = | Size = 24 bytes | Date = 06/26/2006 06:48 | Attr = HS])
C:\WINDOWS\Tasks\MP Scheduled Scan.job - ( [Ver = | Size = 330 bytes | Date = 08/21/2006 17:43 | Attr = H ])
C:\WINDOWS\Tasks\SA.DAT - ( [Ver = | Size = 6 bytes | Date = 08/21/2006 17:40 | Attr = H ])
CPL files -
C:\WINDOWS\SYSTEM32\access.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\AKCPanel.cpl - (Anark Corporation [Ver = 1,2,1,784 | Size = 67072 bytes | Date = 09/06/2002 12:30 | Attr = ])
C:\WINDOWS\SYSTEM32\alsndmgr.cpl - (Realtek Semiconductor Corp. [Ver = 2, 2, 0, 63 | Size = 18800640 bytes | Date = 07/19/2006 05:13 | Attr = ])
C:\WINDOWS\SYSTEM32\appwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 549888 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\bthprops.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 110592 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\desk.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 135168 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\firewall.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 80384 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\hdwwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 155136 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\inetcpl.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 358400 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\intl.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\irprops.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 380416 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\joy.cpl - (Microsoft Corporation [Ver = 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\jpicpl32.cpl - (Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 49265 bytes | Date = 11/10/2005 14:03 | Attr = ])
C:\WINDOWS\SYSTEM32\main.cpl - (Microsoft Corporation [Ver = 5.1.2403.1 | Size = 187904 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\mmsys.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 618496 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\ncpa.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 35840 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\netsetup.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 25600 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\nusrmgr.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\nvcpl.cpl - (NVIDIA Corporation [Ver = 1.2.1.11 | Size = 69632 bytes | Date = 06/01/2006 17:22 | Attr = ])
C:\WINDOWS\SYSTEM32\nvtuicpl.cpl - ( [Ver = | Size = 73728 bytes | Date = 06/01/2006 17:22 | Attr = ])
C:\WINDOWS\SYSTEM32\nwc.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 36864 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\odbccp32.cpl - (Microsoft Corporation [Ver = 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) | Size = 32768 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\powercfg.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 114688 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\sysdm.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\telephon.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 28160 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\timedate.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 94208 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\txp4.cpl - ( [Ver = | Size = 6151 bytes | Date = 09/28/2004 02:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wscui.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 148480 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\wuaucpl.cpl - (Microsoft Corporation [Ver = 5.8.0.2469 built by: lab01_n(wmbla) | Size = 174360 bytes | Date = 05/26/2005 04:16 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\access.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 549888 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\desk.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 135168 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\firewall.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 80384 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 155136 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 358400 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\intl.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\joy.cpl - (Microsoft Corporation [Ver = 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\main.cpl - (Microsoft Corporation [Ver = 5.1.2403.1 | Size = 187904 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 618496 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 35840 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\netsetup.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 25600 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\nwc.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 36864 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl - (Microsoft Corporation [Ver = 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) | Size = 32768 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 114688 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\sapi.cpl - (Microsoft Corporation [Ver = 5.1.4111.00 (xpsp_sp2_rtm.040803-2158) | Size = 155648 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 28160 bytes | Date = 03/31/2003 13:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 94208 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\wscui.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 148480 bytes | Date = 08/04/2004 00:56 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl - (Microsoft Corporation [Ver = 5.8.0.2469 built by: lab01_n(wmbla) | Size = 174360 bytes | Date = 05/26/2005 04:16 | Attr = ])
C:\WINDOWS\SYSTEM32\ReinstallBackups\0009\DriverFiles\ALSNDMGR.CPL - (Realtek Semiconductor Corp. [Ver = 2, 2, 0, 57 | Size = 18780160 bytes | Date = 01/11/2006 18:36 | Attr = ])
AllUsers Startup Folder
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk - ( [Ver = | Size = 1833 bytes | Date = 09/17/2005 21:45 | Attr = ])
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - ( [Ver = | Size = 1829 bytes | Date = 09/27/2005 07:35 | Attr = ])
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - ( [Ver = | Size = 1766 bytes | Date = 07/27/2006 21:43 | Attr = ])
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 09/09/2005 10:46 | Attr = HS])
AllUsers ApplicationData Folder
C:\Documents and Settings\All Users\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 09/09/2005 11:26 | Attr = HS])
C:\Documents and Settings\All Users\Application Data\hpzinstall.log - ( [Ver = | Size = 5023 bytes | Date = 02/18/2006 19:55 | Attr = ])
C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache - ( [Ver = | Size = 1751 bytes | Date = 08/04/2006 22:51 | Attr = ])
CurrentUser Startup Folder
C:\Documents and Settings\Pip\Start Menu\Programs\Startup\Adobe Gamma.lnk - ( [Ver = | Size = 997 bytes | Date = 04/02/2006 14:24 | Attr = ])
C:\Documents and Settings\Pip\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 09/09/2005 10:46 | Attr = HS])
CurrentUser ApplicationData Folder
C:\Documents and Settings\Pip\Application Data\BestModePatch_RubenMain.log - ( [Ver = | Size = 987 bytes | Date = 11/27/2005 22:27 | Attr = ])
C:\Documents and Settings\Pip\Application Data\Cosmos Prefs - ( [Ver = | Size = 130489 bytes | Date = 08/09/2006 18:35 | Attr = ])
C:\Documents and Settings\Pip\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 09/09/2005 11:26 | Attr = HS])
DPF files
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - QuickTime Object - CodeBase =
http://www.apple.com/qtactivex/qtplugin.cab
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - Office Genuine Advantage Validation Tool - CodeBase =
http://go.microsoft.com/fwlink/?linkid=58813
{072D3F2E-5FB6-11D3-B461-00C04FA35A21} - CFForm Runtime - CodeBase =
http://212.100.229.166/CFIDE/classes/CFJava.cab
{0A46CB52-CFA0-4E78-A181-948D5E361BE3} - EpsonObj Class - CodeBase =
http://esupport.epson-europe.com/ePC/ac ... nSetup.cab
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - CKAVWebScan Object - CodeBase =
http://www.kaspersky.com/kos/english/ka ... nicode.cab
{166B1BCA-3F9C-11CF-8075-444553540000} - Shockwave ActiveX Control - CodeBase =
http://fpdownload.macromedia.com/get/sh ... tor/sw.cab
{17492023-C23A-453E-A040-C7C580BBF700} - Windows Genuine Advantage Validation Tool - CodeBase =
http://go.microsoft.com/fwlink/?linkid=39204
{193C772A-87BE-4B19-A7BB-445B226FE9A1} - ewidoOnlineScan Control - CodeBase =
http://download.ewido.net/ewidoOnlineScan.cab
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - Symantec AntiVirus scanner - CodeBase =
http://security.symantec.com/sscv6/Shar ... vSniff.cab
{39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - FilePlanet Download Control Class - CodeBase =
http://www.fileplanet.com/fpdlmgr/cabs/ ... 1.1.74.cab
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - Office Update Installation Engine - CodeBase =
http://office.microsoft.com/officeupdat ... /opuc3.cab
{4B48D5DF-9021-45F7-A240-60304302A215} - Malicious Software Removal Tool - CodeBase =
http://download.microsoft.com/download/ ... leaner.cab
{4C39376E-FA9D-4349-BACC-D305C1750EF3} - EPUImageControl Class - CodeBase =
http://tools.ebayimg.com/eps/wl/activex ... 0-3-30.cab
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - - CodeBase =
http://download.mcafee.com/molbin/share ... insctl.cab
{644E432F-49D3-41A1-8DD5-E099162EEEC5} - Symantec RuFSI Utility Class - CodeBase =
http://security.symantec.com/sscv6/Shar ... /cabsa.cab
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - CodeBase =
http://toolbar.imageshack.us/toolbar/Im ... oolbar.cab
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - MUWebControl Class - CodeBase =
http://update.microsoft.com/microsoftup ... 7159132109
{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_06 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - Java Plug-in 1.5.0_03 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - Java Plug-in 1.5.0_04 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase =
http://download.macromedia.com/pub/shoc ... wflash.cab
Microsoft XML Parser for Java - - CodeBase =
Hosts file (Non-Standard entries only). File size = 2285837 bytes. C:\WINDOWS\System32\drivers\etc\Hosts
< End of report >
Blacklight: 08/21/06 20:23:06 [Info]: BlackLight Engine 1.0.46 initialized
08/21/06 20:23:06 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/21/06 20:23:06 [Note]: 7019 4
08/21/06 20:23:06 [Note]: 7005 0
08/21/06 20:23:13 [Note]: 7006 0
08/21/06 20:23:13 [Note]: 7011 1424
08/21/06 20:23:13 [Note]: 7026 0
08/21/06 20:23:13 [Note]: 7026 0
08/21/06 20:23:32 [Note]: FSRAW library version 1.7.1019
08/21/06 20:29:23 [Note]: 2000 1006
08/21/06 20:38:01 [Note]: 7007 0