1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

desktop and start menu icons not displaying properly

Discussion in 'Windows XP' started by icon7zero, Feb 24, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    My desktop icons and a few icons in my start menu have started displaying improperly. Here is a picture of what I am talking about. I circled the icons that aren't working. As you can see, it looks like they have been assigned some default icon. How can I get the regular icons to display again? Thanks

    [​IMG]
     
  2. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Hi, icon7zero :)

    Lets check the registry on some of these icons:

    Download the enclosed folder and extract its contents to the desktop. It is a folder containg a Query.bat file. Once extracted, double click on the Query.bat file and post the contents of the document it will produce.
     

    Attached Files:

  3. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    ! REG.EXE VERSION 3.0

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}
    <NO NAME> REG_SZ Search
    LocalizedString REG_SZ @explorer.exe,-7020
    InfoTip REG_SZ @explorer.exe,-7000

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon
    <NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\shell32.dll,-23

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\InProcServer32
    <NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\shdocvw.dll
    ThreadingModel REG_SZ Apartment

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\Instance
    CLSID REG_SZ {3f454f0e-42ae-4d7c-8ea3-328250d6e272}

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\Instance\InitPropertyBag
    CLSID REG_SZ {13709620-C279-11CE-A49E-444553540000}
    command REG_SZ @shell32.dll,-12708
    method REG_SZ FindFiles

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\shellex

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\shellex\ContextMenuHandlers

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\shellex\ContextMenuHandlers\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}
    <NO NAME> REG_SZ

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\shellex\MayChangeDefaultMenu
    <NO NAME> REG_SZ

    HKEY_CLASSES_ROOT\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\ShellFolder
    Attributes REG_DWORD 0x0

    ! REG.EXE VERSION 3.0

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
    <NO NAME> REG_SZ Run...
    LocalizedString REG_SZ @explorer.exe,-7023
    InfoTip REG_SZ @explorer.exe,-7003

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon
    <NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\shell32.dll,-25

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\InProcServer32
    <NO NAME> REG_EXPAND_SZ %SystemRoot%\system32\shdocvw.dll
    ThreadingModel REG_SZ Apartment

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\Instance
    CLSID REG_SZ {3f454f0e-42ae-4d7c-8ea3-328250d6e272}

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\Instance\InitPropertyBag
    CLSID REG_SZ {13709620-C279-11CE-A49E-444553540000}
    command REG_SZ @shell32.dll,-12710
    method REG_SZ FileRun

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\shellex

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\shellex\ContextMenuHandlers

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\shellex\ContextMenuHandlers\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
    <NO NAME> REG_SZ

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\shellex\MayChangeDefaultMenu
    <NO NAME> REG_SZ

    HKEY_CLASSES_ROOT\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\ShellFolder
    Attributes REG_DWORD 0x0
     
  4. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    I also just noticed that some other files, when I put them on the desktop, have the same image for their icon. The zip file you had me download had the same icon and so do image files.
     
  5. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Hi, con7zero.:)

    The entries are correct in the registry. Lets check your System.

    [​IMG]Click here to download HJTsetup.exe
    • Save HJTsetup.exe to your desktop.
    • Doubleclick on the HJTsetup.exe icon on your desktop.
    • By default it will install to C:\Program Files\Hijack This.
    • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    • Put a check by Create a desktop icon then click Next again.
    • Continue to follow the rest of the prompts from there.
    • At the final dialogue box click Finish and it will launch Hijack This.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

    If the above link is broken, try this link. Make sure you extract and save the Hijackthis.exe file in a Permanent folder, rather than a Temp folder.
     
  6. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    Logfile of HijackThis v1.99.1
    Scan saved at 2:12:20 PM, on 2/25/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\nvraidservice.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
    C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\RunDLL32.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe
    C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
    C:\Program Files\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
    C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
    C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
    C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
    O4 - HKLM\..\Run: [Echovoice Gamer Statistics] C:\Program Files\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158514679578
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
     
  7. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Hi, icon7zero :)

    There is no sign of Malware in your system. You need however, an AntiVirus program. Place click Here to download and install AVG Free.

    Lets take a deeper look:

    Click here to download WinPFind.
    • Right Click the Zip Folder and Select "Extract All"
    • Extract it somewhere you will remember like the Desktop
    • Dont do anything with it yet!

    Reboot into Safe Mode

    Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

    • Double click WinPFind.exe
    • Click "Start Scan"
    • It will scan the entire System, so please be patient!
    • Once the Scan is Complete, restart the computer back in Normal Mode.
    • Go to the WinPFind folder
    • Locate WinPFind.txt
    • Place those results in the next reply!
     
  8. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    WinPFind logfile created on: 2/25/2007 3:23:37 PM
    WinPFind by OldTimer - v2.0.2 Folder = C:\Documents and Settings\Admin\Desktop\WinPFind\

    »»»»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»

    Product Name: Microsoft Windows XP Service Pack 2 | Version: 5.1.2600
    Internet Explorer Version: 6.0.2900.2180

    »»»»»»»»»»»»»»»»»»»» Memory/Drive Info »»»»»»»»»»»»»»»»»»»»»»»»»»

    2096336 Kb Total Physical Memory | 1854664 Kb Available Physical Memory | 88.47% Memory free
    2728792 Kb Paging File | 2671196 Kb Available in Paging File | 97.89% Paging File free
    Paging file location: C:\pagefile.sys 768 1536

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 321661428 Kb Total Space | 167819324 Kb Free Space | 52.17% Space Free
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded

    »»»»»»»»»»»»»»»»»»»» Running Processes (Non-Microsoft) »»»»»»»»

    C:\Documents and Settings\Admin\Desktop\WinPFind\WinPFind.exe (OldTimer Tools)

    »»»»»»»»»»»»»»»»»»»» Win32 Services (Non-Microsoft) »»»»»»»»»»»

    (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped]
    = C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)

    (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Stopped]
    = C:\Program Files\Grisoft\AVG7\avgamsvr.exe (GRISOFT, s.r.o.)

    (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Stopped]
    = C:\Program Files\Grisoft\AVG7\avgupsvc.exe (GRISOFT, s.r.o.)

    (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Stopped]
    = C:\Program Files\Grisoft\AVG7\avgemc.exe (GRISOFT, s.r.o.)

    (Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Stopped]
    = C:\WINDOWS\system32\CTSVCCDA.EXE (Creative Technology Ltd)

    (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped]
    = C:\WINDOWS\system32\dmadmin.exe (Microsoft Corp., Veritas Software)

    (nTuneService) nTune Service [Win32_Own | Auto | Stopped]
    = C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)

    (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Stopped]
    = C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

    »»»»»»»»»»»»»»»»»»»» Registry Items (Non-Microsoft) »»»»»»»»»»»

    >>>>> Run Keys and Auto-Start Folders <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    AsioReg = REGSVR32.EXE /S CTASIO.DLL (File not found)
    AVG7_CC = C:\Program Files\Grisoft\AVG7\avgcc.exe (GRISOFT, s.r.o.)
    CTDVDDET = C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe (Creative Technology Ltd)
    CTHelper = C:\WINDOWS\system32\CTHELPER.EXE (Creative Technology Ltd)
    CTSysVol = C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
    Echovoice Gamer Statistics = C:\Program Files\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe (Echovoice)
    Launch LCDMon = C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
    Launch LGDCore = C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
    NvCplDaemon = C:\WINDOWS\system32\nvcpl.dll (NVIDIA Corporation)
    NVIDIA nTune = C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
    NvMediaCenter = C:\WINDOWS\system32\nvmctray.dll (NVIDIA Corporation)
    NVRaidService = C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation)
    nwiz = C:\WINDOWS\system32\nwiz.exe ()
    SBDrvDet = C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe (Creative Technology Ltd)
    SoundMan = C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
    SunJavaUpdateSched = C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
    UpdReg = C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    Aim6 = (File not found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]*


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    Installed = 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    Installed = 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    Installed = 1

    < Common Startup Folder = C:\Documents and Settings\All Users\Start Menu\Programs\Startup >
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
    = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini ()

    < User Startup Folder = C:\Documents and Settings\Admin\Start Menu\Programs\Startup >
    C:\Documents and Settings\Admin\Start Menu\Programs\Startup\desktop.ini ()

    >>>>> MsConfig Disabled Items <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Admin^Start Menu^Programs^Startup^Adobe Gamma.lnk]
    path = C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Adobe Gamma.lnk (File not found)
    backup = C:\WINDOWS\pss\Adobe Gamma.lnk (File not found)
    location = Startup
    command = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    item = Adobe Gamma

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ()
    backup = C:\WINDOWS\pss\Adobe Reader Speed Launch.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
    item = Adobe Reader Speed Launch

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk (File not found)
    backup = C:\WINDOWS\pss\HP Digital Imaging Monitor.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    item = HP Digital Imaging Monitor

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item =
    hkey = HKLM
    command =
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    hkey = HKCU
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = HPWuSchd2
    hkey = HKLM
    command = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = iTunesHelper
    hkey = HKLM
    command = C:\Program Files\iTunes\iTunesHelper.exe (File not found)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = dumprep 0 -k
    hkey = HKLM
    command = %systemroot%\system32\dumprep 0 -k
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = msmsgs
    hkey = HKCU
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = PWRISOVM
    hkey = HKLM
    command = C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = qttask
    hkey = HKLM
    command = C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMan]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
    hkey = HKLM
    command = C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item =
    hkey = HKCU
    command =
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WatchDog]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = WatchDog
    hkey = HKLM
    command = C:\Program Files\mobile PhoneTools\WatchDog.exe (File not found)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
    system.ini = 0
    win.ini = 0
    bootini = 0
    services = 0
    startup = 2

    >>>>> Disabled Startup Folder Items <<<<<

    >>>>> File Associations <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\]
    .bat [@ = batfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .cmd [@ = cmdfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .com [@ = comfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb}
    .cpl [@ = cplfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb}
    .exe [@ = exefile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb}
    .hta [@ = htafile] -> PersistentHandler = Reg Data - Key not found
    .html [@ = FirefoxHTML] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20}
    .inf [@ = inffile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .ini [@ = inifile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .url [@ = InternetShortcut] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .js [@ = JSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .jse [@ = JSEFile] -> PersistentHandler = Reg Data - Key not found
    .pif [@ = piffile] -> PersistentHandler = Reg Data - Key not found
    .reg [@ = regfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .scr [@ = scrfile] -> PersistentHandler = Reg Data - Key not found
    .txt [@ = txtfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .vbe [@ = VBEFile] -> PersistentHandler = Reg Data - Key not found
    .vbs [@ = VBSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb}
    .wsf [@ = WSFFile] -> PersistentHandler = Reg Data - Key not found
    .wsh [@ = WSHFile] -> PersistentHandler = Reg Data - Key not found

    >>>>> Registry Shell Spawning <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -> "%1" %* (File not found)
    batfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

    cmdfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -> "%1" %* (File not found)
    cmdfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

    comfile [open] -> "%1" %* (File not found)

    cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)

    exefile [open] -> "%1" %* (File not found)

    htafile [open] -> C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)

    htmlfile [edit] -> Reg Data - Key not found
    htmlfile [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    htmlfile [opennew] -> "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -> rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

    http [open] -> C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1" (Mozilla Corporation)

    https [open] -> C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1" (Mozilla Corporation)

    inffile [install] -> %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

    inifile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

    InternetShortcut [open] -> rundll32.exe shdocvw.dll,OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -> rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

    jsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

    jsefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

    piffile [open] -> "%1" %* (File not found)

    regfile [edit] -> %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    regfile [open] -> regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -> Reg Data - Key not found
    regfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

    scrfile [config] -> "%1" (File not found)
    scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -> "%1" /S (File not found)

    txtfile [edit] -> Reg Data - Key not found
    txtfile [open] -> %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -> %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)

    vbefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

    vbsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

    wsffile [edit] -> %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    wsffile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    wsffile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

    wshfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)

    Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 (Microsoft Corporation)

    Directory [find] -> %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Winamp.Bookmark] -> "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
    Directory [Winamp.Enqueue] -> "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
    Directory [Winamp.Play] -> "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)

    Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

    Drive [find] -> %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    >>>>> ActiveX StubPath settings <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
    StubPath =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4b218e3e-bc98-4770-93d3-2731b9329278}]
    StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
    StubPath =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    StubPath = %SystemRoot%\system32\ie4uinit.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    >>>>> WOW Settings <<<<<

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW]
    cmdline = %SystemRoot%\system32\ntvdm.exe
    wowcmdline = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386

    >>>>> Session Manager Settings <<<<<

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
    BootExecute = autocheck autochk *;
    ExcludeFromKnownDlls =

    >>>>> SafeBoot Option Settings <<<<<

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Option]

    >>>>> Items Started Through Miscellaneous Registry Keys <<<<<




    >>>>> Security Providers <<<<<

    >>>>> Winlogon Keys <<<<<


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
    Control_RunDLL (File not found)
    >>>>> Policy Keys <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum]
    {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = 1
    {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = 1073741857
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} = 32

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    dontdisplaylastusername = 0
    legalnoticecaption =
    legalnoticetext =
    shutdownwithoutlogon = 1
    undockwithoutlogon = 1

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]*

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    NoDriveTypeAutoRun = 145

    >>>>> Desktop Components <<<<<

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    FriendlyName = My Current Home Page
    Source = About:Home
    SubscribedURL = About:Home

    >>>>> HOSTS File <<<<<

    HOSTS file found at: C:\WINDOWS\System32\drivers\etc\Hosts (Size: 731 bytes | Modified Date: 11/3/2005 8:54:06 PM)
    127.0.0.1 localhost

    >>>>> Internet Explorer Settings <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
    Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Local Page = %SystemRoot%\system32\blank.htm
    Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
    CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
    Local Page = C:\WINDOWS\system32\blank.htm
    Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome


    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    ProxyEnable = 0

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\free]
    http

    >>>>> Browser Helper Objects <<<<<

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    - Adobe PDF Reader Link Helper ( HKLM = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) )

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    - SSVHelper Class ( HKLM = C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
    - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )

    >>>>> Bars, Toolbars and Extensions <<<<<

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\ToolBar\WebBrowser]
    {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} = 8193 - Reg Data - Value does not exist ( HKLM = Reg Data - Key not found (File not found) )
    {92780B25-18CC-41C8-B9BE-3C9C571A8263} = 8194 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {FB5F1910-F110-11d2-BB9E-00C04F795683} = 8192 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    NextId = 8195

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
    MenuText = Sun Java Console
    ClsidExtension = {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - Java Plug-in 1.6.0 ( HKLM C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.) )
    ClsidExtension = {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - Java Plug-in 1.6.0 ( HKCU C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}]
    ButtonText = Research

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel]
    @ = 000 (File not found)

    >>>>> Approved Shell Extensions <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
    {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} = Shell Autoplay for Slideshow ( HKLM = Reg Data - Key not found (File not found) )
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} = Taskbar and Start Menu ( HKLM = Reg Data - Key not found (File not found) )
    {1CDB2949-8F65-4355-8456-263E7C208A5D} = Desktop Explorer ( HKLM = C:\WINDOWS\system32\nvshell.dll () )
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47} = Desktop Explorer Menu ( HKLM = C:\WINDOWS\system32\nvshell.dll () )
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48} = nView Desktop Context Menu ( HKLM = C:\WINDOWS\system32\nvshell.dll () )
    {42071714-76d4-11d1-8b24-00a0c9068ff3} = Display Panning CPL Extension ( HKLM = deskpan.dll (File not found) )
    {764BF0E1-F219-11ce-972D-00AA00A14F56} = Shell extensions for file compression ( CLSID not found! )
    {7A9D77BD-5403-11d2-8785-2E0420524153} = User Accounts ( HKLM = Reg Data - Key not found (File not found) )
    {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Encryption Context Menu ( CLSID not found! )
    {88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal Icon Ext ( HKLM = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc.) )
    {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = PowerISO ( HKLM = C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) )
    {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = AVG7 Shell Extension Class ( HKLM = C:\Program Files\Grisoft\AVG7\avgse.dll (GRISOFT, s.r.o.) )
    {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} = AVG7 Find Extension Class ( HKLM = C:\Program Files\Grisoft\AVG7\avgse.dll (GRISOFT, s.r.o.) )
    {A70C977A-BF00-412C-90B7-034C51DA2439} = DesktopContext Class ( HKLM = C:\WINDOWS\system32\nvcpl.dll (NVIDIA Corporation) )
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )
    {FFB699E0-306A-11d3-8BD1-00104B6F7516} = NVIDIA CPL Extension ( HKLM = C:\WINDOWS\system32\nvcpl.dll (NVIDIA Corporation) )
     
  9. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    >>>>> Context Menu Handlers / Column Handlers <<<<<

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\AVG7 Shell Extension]
    @ = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ( HKLM = C:\Program Files\Grisoft\AVG7\avgse.dll (GRISOFT, s.r.o.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\PowerISO]
    @ = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} ( HKLM = C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR]
    @ = {B41DB860-8EE4-11D2-9906-E49FADC173CA} ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\PowerISO]
    @ = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} ( HKLM = C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR]
    @ = {B41DB860-8EE4-11D2-9906-E49FADC173CA} ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers\00nView]
    @ = {1E9B04FB-F9E5-4718-997B-B8DA88302A48} ( HKLM = C:\WINDOWS\system32\nvshell.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers\NvCplDesktopContext]
    @ = {A70C977A-BF00-412C-90B7-034C51DA2439} ( HKLM = C:\WINDOWS\system32\nvcpl.dll (NVIDIA Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension]
    @ = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ( HKLM = C:\Program Files\Grisoft\AVG7\avgse.dll (GRISOFT, s.r.o.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\PowerISO]
    @ = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} ( HKLM = C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR]
    @ = {B41DB860-8EE4-11D2-9906-E49FADC173CA} ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}]
    - PDF Shell Extension ( HKLM = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll (Adobe Systems, Inc.) )

    >>>>> User Agent Post Platform <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    SV1 =

    >>>>> TCP/IP Configuration <<<<<

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4839C61F-B351-4644-BFFC-477435585F81}] ( Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller )
    DefaultGateway =
    Domain =
    EnableDHCP = 1
    IPAddress = 0.0.0.0;
    NameServer =
    SubnetMask = 0.0.0.0;

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8F3B040C-3848-4CC4-95AB-2ED4D4FEF14F}] ( 1394 Net Adapter )
    DefaultGateway =
    Domain =
    EnableDHCP = 1
    IPAddress = 0.0.0.0;
    NameServer =
    SubnetMask = 0.0.0.0;

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A1ECF0B3-9CF7-4FFD-8891-ED8704636F57}] ( 1394 Net Adapter )
    DefaultGateway =
    Domain =
    EnableDHCP = 1
    IPAddress = 0.0.0.0;
    NameServer =
    SubnetMask = 0.0.0.0;

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B530CB44-0DF3-4E35-BC08-9B53E8074CF5}] ( NVIDIA nForce Networking Controller )
    DefaultGateway =
    DhcpDefaultGateway = 209.0.48.1;
    DhcpIPAddress = 209.0.48.21
    DhcpNameServer = 209.0.51.130 209.0.51.131
    DhcpServer = 209.0.51.130
    DhcpSubnetMask = 255.255.255.192
    Domain =
    EnableDHCP = 1
    IPAddress = 0.0.0.0;
    IPAutoconfigurationAddress = 0.0.0.0
    NameServer =
    SubnetMask = 0.0.0.0;

    >>>>> WinSock2 Parameters <<<<<

    >>>>> Protocol Handlers <<<<<

    >>>>> Protocol Filters <<<<<

    >>>>> Downloaded Program Files <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6414512B-B978-451D-A0D8-FCFDF33E833C}\DownloadInformation]
    CODEBASE = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158514679578
    INF = C:\WINDOWS\Downloaded Program Files\wuweb.inf

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation]
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    INF =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\DownloadInformation]
    CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    INF =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\DownloadInformation]
    CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
    INF =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\DownloadInformation]
    CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
    INF =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\DownloadInformation]
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    INF =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation]
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    INF =

    »»»»»»»»»»»»»»»»»»»» Files Created Within 30 Days »»»»»»»»»»»»»

    C:\sqmdata13.sqm [Ver = | Size = 268 bytes | Created Date = 1/30/2007 7:00:16 PM | Attr = H ]
    C:\sqmdata14.sqm [Ver = | Size = 268 bytes | Created Date = 2/3/2007 2:11:42 AM | Attr = H ]
    C:\sqmdata15.sqm [Ver = | Size = 268 bytes | Created Date = 2/3/2007 8:18:58 PM | Attr = H ]
    C:\sqmnoopt14.sqm [Ver = | Size = 244 bytes | Created Date = 1/30/2007 7:00:16 PM | Attr = H ]
    C:\sqmnoopt15.sqm [Ver = | Size = 244 bytes | Created Date = 2/3/2007 2:11:42 AM | Attr = H ]
    C:\sqmnoopt16.sqm [Ver = | Size = 244 bytes | Created Date = 2/3/2007 8:18:58 PM | Attr = H ]
    C:\Documents and Settings\Admin\My Documents\LINK16.EXE [Ver = | Size = 364544 bytes | Created Date = 1/29/2007 3:04:09 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\avg75free_446a965.exe [Ver = | Size = 19755560 bytes | Created Date = 2/25/2007 3:07:57 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\Hijackthis.lnk [Ver = | Size = 658 bytes | Created Date = 2/25/2007 2:12:06 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\HJTsetup.exe Soeperman Enterprises Ltd [Ver = | Size = 488144 bytes | Created Date = 2/25/2007 2:11:24 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\winpfind.exe [Ver = | Size = 264211 bytes | Created Date = 2/25/2007 3:08:13 PM | Attr = ]
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [Ver = | Size = 1765 bytes | Created Date = 2/7/2007 11:15:55 AM | Attr = ]
    C:\WINDOWS\System32\asutl8.dll [Ver = | Size = 29696 bytes | Created Date = 1/30/2007 3:57:12 PM | Attr = ]
    C:\WINDOWS\System32\DivX.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 638554 bytes | Created Date = 1/29/2007 10:56:47 PM | Attr = ]
    C:\WINDOWS\System32\DivXsm.exe DivX Inc. [Ver = 6, 5, 0, 0 | Size = 524288 bytes | Created Date = 1/29/2007 11:03:44 PM | Attr = ]
    C:\WINDOWS\System32\divxsm.tlb [Ver = | Size = 4816 bytes | Created Date = 1/29/2007 11:03:45 PM | Attr = ]
    C:\WINDOWS\System32\divx_xx07.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 823296 bytes | Created Date = 1/29/2007 10:56:47 PM | Attr = ]
    C:\WINDOWS\System32\divx_xx0c.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 823296 bytes | Created Date = 1/29/2007 10:56:47 PM | Attr = ]
    C:\WINDOWS\System32\divx_xx11.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 802816 bytes | Created Date = 1/29/2007 10:56:47 PM | Attr = ]
    C:\WINDOWS\System32\dpl100.dll DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 73728 bytes | Created Date = 1/29/2007 10:56:56 PM | Attr = ]
    C:\WINDOWS\System32\dpu10.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 1/29/2007 10:56:52 PM | Attr = ]
    C:\WINDOWS\System32\dpu11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 1/29/2007 10:56:52 PM | Attr = ]
    C:\WINDOWS\System32\dpuGUI10.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 1/29/2007 10:56:54 PM | Attr = ]
    C:\WINDOWS\System32\dpuGUI11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Created Date = 1/29/2007 10:56:52 PM | Attr = ]
    C:\WINDOWS\System32\dpus11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 1/29/2007 10:56:52 PM | Attr = ]
    C:\WINDOWS\System32\dpv11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Created Date = 1/29/2007 10:56:52 PM | Attr = ]
    C:\WINDOWS\System32\dtu100.dll DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 196608 bytes | Created Date = 1/29/2007 10:56:56 PM | Attr = ]
    C:\WINDOWS\System32\java.exe Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Created Date = 2/6/2007 5:12:09 PM | Attr = ]
    C:\WINDOWS\System32\javacpl.cpl Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 69632 bytes | Created Date = 2/6/2007 5:12:09 PM | Attr = ]
    C:\WINDOWS\System32\javaw.exe Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Created Date = 2/6/2007 5:12:09 PM | Attr = ]
    C:\WINDOWS\System32\javaws.exe Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 139264 bytes | Created Date = 2/6/2007 5:12:09 PM | Attr = ]
    C:\WINDOWS\System32\libdivx.dll The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Created Date = 1/29/2007 11:03:26 PM | Attr = ]
    C:\WINDOWS\System32\pxafs.dll Sonic Solutions [Ver = 3.4.46.500 | Size = 129784 bytes | Created Date = 1/30/2007 9:01:37 PM | Attr = ]
    C:\WINDOWS\System32\qt-dx331.dll [Ver = | Size = 3596288 bytes | Created Date = 1/29/2007 11:03:40 PM | Attr = ]
    C:\WINDOWS\System32\ssldivx.dll The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Created Date = 1/29/2007 11:03:26 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avg7core.sys GRISOFT, s.r.o. [Ver = 7.5.0.444 | Size = 775680 bytes | Created Date = 2/25/2007 3:15:39 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avg7rsw.sys GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Created Date = 2/25/2007 3:15:47 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avg7rsxp.sys GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Created Date = 2/25/2007 3:15:48 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avgclean.sys GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 2/25/2007 3:15:50 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avgmfx86.sys GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 19392 bytes | Created Date = 2/25/2007 3:15:50 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avgtdi.sys GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Created Date = 2/25/2007 3:15:50 PM | Attr = ]

    »»»»»»»»»»»»»»»»»»»» Files Modified Within 30 Days »»»»»»»»»»»»»

    C:\sqmdata13.sqm [Ver = | Size = 268 bytes | Modified Date = 1/30/2007 7:00:18 PM | Attr = H ]
    C:\sqmdata14.sqm [Ver = | Size = 268 bytes | Modified Date = 2/3/2007 2:11:44 AM | Attr = H ]
    C:\sqmdata15.sqm [Ver = | Size = 268 bytes | Modified Date = 2/3/2007 8:19:00 PM | Attr = H ]
    C:\sqmnoopt14.sqm [Ver = | Size = 244 bytes | Modified Date = 1/30/2007 7:00:18 PM | Attr = H ]
    C:\sqmnoopt15.sqm [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 2:11:44 AM | Attr = H ]
    C:\sqmnoopt16.sqm [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 8:19:00 PM | Attr = H ]
    C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [Ver = | Size = 81920 bytes | Modified Date = 2/24/2007 6:34:38 PM | Attr = ]
    C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [Ver = | Size = 65928 bytes | Modified Date = 2/6/2007 5:09:24 PM | Attr = ]
    C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db [Ver = | Size = 4288444 bytes | Modified Date = 2/25/2007 3:20:54 PM | Attr = H ]
    C:\Documents and Settings\Admin\My Documents\LINK16.EXE [Ver = | Size = 364544 bytes | Modified Date = 1/29/2007 3:04:12 PM | Attr = ]
    C:\Documents and Settings\Admin\My Documents\My Sharing Folders.lnk [Ver = | Size = 600 bytes | Modified Date = 2/25/2007 1:59:32 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\avg75free_446a965.exe [Ver = | Size = 19755560 bytes | Modified Date = 2/25/2007 3:14:50 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\Hijackthis.lnk [Ver = | Size = 658 bytes | Modified Date = 2/25/2007 2:12:08 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\HJTsetup.exe Soeperman Enterprises Ltd [Ver = | Size = 488144 bytes | Modified Date = 2/25/2007 2:11:34 PM | Attr = ]
    C:\Documents and Settings\Admin\Desktop\winpfind.exe [Ver = | Size = 264211 bytes | Modified Date = 2/25/2007 3:08:14 PM | Attr = ]
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [Ver = | Size = 1765 bytes | Modified Date = 2/7/2007 11:15:56 AM | Attr = ]
    C:\WINDOWS\bootstat.dat [Ver = | Size = 2048 bytes | Modified Date = 2/25/2007 3:23:00 PM | Attr = S]
    C:\WINDOWS\CTWave32.ini [Ver = | Size = 67 bytes | Modified Date = 2/19/2007 6:46:58 PM | Attr = ]
    C:\WINDOWS\imsins.BAK [Ver = | Size = 1374 bytes | Modified Date = 2/17/2007 3:45:32 AM | Attr = ]
    C:\WINDOWS\QTFont.qfn [Ver = | Size = 54156 bytes | Modified Date = 2/25/2007 2:17:46 PM | Attr = H ]
    C:\WINDOWS\SBWIN.INI [Ver = | Size = 136 bytes | Modified Date = 2/20/2007 2:57:56 PM | Attr = ]
    C:\WINDOWS\win.ini [Ver = | Size = 728 bytes | Modified Date = 1/29/2007 10:53:58 PM | Attr = ]
    C:\WINDOWS\{00000009-00000000-00000006-00001102-00000004-20021102}.CDF [Ver = | Size = 4925268 bytes | Modified Date = 2/25/2007 3:20:50 PM | Attr = ]
    C:\WINDOWS\System32\BMXBkpCtrlState-{00000009-00000000-00000006-00001102-00000004-20021102}.rfx [Ver = | Size = 32052 bytes | Modified Date = 2/25/2007 4:17:34 AM | Attr = ]
    C:\WINDOWS\System32\BMXCtrlState-{00000009-00000000-00000006-00001102-00000004-20021102}.rfx [Ver = | Size = 32052 bytes | Modified Date = 2/25/2007 4:17:34 AM | Attr = ]
    C:\WINDOWS\System32\BMXState-{00000009-00000000-00000006-00001102-00000004-20021102}.rfx [Ver = | Size = 32976 bytes | Modified Date = 2/25/2007 3:21:18 PM | Attr = ]
    C:\WINDOWS\System32\BMXStateBkp-{00000009-00000000-00000006-00001102-00000004-20021102}.rfx [Ver = | Size = 32976 bytes | Modified Date = 2/25/2007 3:21:18 PM | Attr = ]
    C:\WINDOWS\System32\DivX.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 638554 bytes | Modified Date = 1/29/2007 10:56:48 PM | Attr = ]
    C:\WINDOWS\System32\divxdec.ax DivX, Inc. [Ver = 6.5.0.1 | Size = 675840 bytes | Modified Date = 1/29/2007 10:56:32 PM | Attr = ]
    C:\WINDOWS\System32\DivXsm.exe DivX Inc. [Ver = 6, 5, 0, 0 | Size = 524288 bytes | Modified Date = 1/29/2007 11:03:46 PM | Attr = ]
    C:\WINDOWS\System32\divxsm.tlb [Ver = | Size = 4816 bytes | Modified Date = 1/29/2007 11:03:46 PM | Attr = ]
    C:\WINDOWS\System32\divx_xx07.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 823296 bytes | Modified Date = 1/29/2007 10:56:48 PM | Attr = ]
    C:\WINDOWS\System32\divx_xx0c.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 823296 bytes | Modified Date = 1/29/2007 10:56:48 PM | Attr = ]
    C:\WINDOWS\System32\divx_xx11.dll DivX, Inc. [Ver = 6.5.0.47 | Size = 802816 bytes | Modified Date = 1/29/2007 10:56:48 PM | Attr = ]
    C:\WINDOWS\System32\dpl100.dll DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 73728 bytes | Modified Date = 1/29/2007 10:56:58 PM | Attr = ]
    C:\WINDOWS\System32\dpu10.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/29/2007 10:56:54 PM | Attr = ]
    C:\WINDOWS\System32\dpu11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/29/2007 10:56:54 PM | Attr = ]
    C:\WINDOWS\System32\dpuGUI10.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 1/29/2007 10:56:56 PM | Attr = ]
    C:\WINDOWS\System32\dpuGUI11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 1/29/2007 10:56:54 PM | Attr = ]
    C:\WINDOWS\System32\dpus11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 1/29/2007 10:56:54 PM | Attr = ]
    C:\WINDOWS\System32\dpv11.dll DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 1/29/2007 10:56:54 PM | Attr = ]
    C:\WINDOWS\System32\dtu100.dll DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 196608 bytes | Modified Date = 1/29/2007 10:56:58 PM | Attr = ]
    C:\WINDOWS\System32\DVCState-{00000009-00000000-00000006-00001102-00000004-20021102}.dat [Ver = | Size = 384 bytes | Modified Date = 2/25/2007 3:21:18 PM | Attr = ]
    C:\WINDOWS\System32\DVCStateBkp-{00000009-00000000-00000006-00001102-00000004-20021102}.dat [Ver = | Size = 384 bytes | Modified Date = 2/25/2007 3:21:18 PM | Attr = ]
    C:\WINDOWS\System32\FNTCACHE.DAT [Ver = | Size = 245512 bytes | Modified Date = 2/6/2007 5:18:14 PM | Attr = ]
    C:\WINDOWS\System32\java.exe Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Modified Date = 2/6/2007 5:11:44 PM | Attr = ]
    C:\WINDOWS\System32\javacpl.cpl Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 69632 bytes | Modified Date = 2/6/2007 5:11:44 PM | Attr = ]
    C:\WINDOWS\System32\javaw.exe Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 135168 bytes | Modified Date = 2/6/2007 5:11:44 PM | Attr = ]
    C:\WINDOWS\System32\javaws.exe Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 139264 bytes | Modified Date = 2/6/2007 5:11:44 PM | Attr = ]
    C:\WINDOWS\System32\libdivx.dll The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 1/29/2007 11:03:28 PM | Attr = ]
    C:\WINDOWS\System32\nvapps.xml [Ver = | Size = 88556 bytes | Modified Date = 2/25/2007 3:20:24 PM | Attr = ]
    C:\WINDOWS\System32\px.dll Sonic Solutions [Ver = 3.4.46.500 | Size = 527096 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxafs.dll Sonic Solutions [Ver = 3.4.46.500 | Size = 129784 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxcpya64.exe Sonic Solutions [Ver = 1.00.39a | Size = 64760 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxcpyi64.exe Sonic Solutions [Ver = 1.00.39a | Size = 116472 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxdrv.dll Sonic Solutions [Ver = 1.02.01a | Size = 502520 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxhpinst.exe Sonic Solutions [Ver = 3.00.43J | Size = 72440 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxinsa64.exe Sonic Solutions [Ver = 3.00.43J | Size = 64760 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxinsi64.exe Sonic Solutions [Ver = 3.00.43J | Size = 118520 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxmas.dll Sonic Solutions [Ver = 3.4.46.500 | Size = 183032 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxsfs.dll Sonic Solutions [Ver = 3.4.46.500 | Size = 1329912 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\pxwave.dll Sonic Solutions [Ver = 3.4.46.500 | Size = 379640 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\qt-dx331.dll [Ver = | Size = 3596288 bytes | Modified Date = 1/29/2007 11:03:42 PM | Attr = ]
    C:\WINDOWS\System32\settings.sfm [Ver = | Size = 1080 bytes | Modified Date = 2/25/2007 3:21:18 PM | Attr = ]
    C:\WINDOWS\System32\settingsbkup.sfm [Ver = | Size = 1080 bytes | Modified Date = 2/25/2007 3:21:18 PM | Attr = ]
    C:\WINDOWS\System32\ssldivx.dll The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 1/29/2007 11:03:28 PM | Attr = ]
    C:\WINDOWS\System32\vxblock.dll Sonic Solutions [Ver = 1.00.74a | Size = 39672 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]
    C:\WINDOWS\System32\wpa.dbl [Ver = | Size = 2206 bytes | Modified Date = 2/25/2007 1:57:06 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avg7core.sys GRISOFT, s.r.o. [Ver = 7.5.0.444 | Size = 775680 bytes | Modified Date = 2/25/2007 3:15:40 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avg7rsw.sys GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 2/25/2007 3:15:48 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avg7rsxp.sys GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 2/25/2007 3:15:50 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avgclean.sys GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 2/25/2007 3:15:52 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avgmfx86.sys GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 19392 bytes | Modified Date = 2/25/2007 3:15:52 PM | Attr = ]
    C:\WINDOWS\System32\drivers\avgtdi.sys GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 2/25/2007 3:15:52 PM | Attr = ]
    C:\WINDOWS\System32\drivers\PxHelp20.sys Sonic Solutions [Ver = 3.00.43J | Size = 36624 bytes | Modified Date = 1/29/2007 11:03:36 PM | Attr = ]

    »»»»»»»»»»»»»»»»»»»» File String Scan (Non-Microsoft Only) »»»»»
    [WSUD , ]C:\WINDOWS\System32\ALSNDMGR.CPL (Realtek Semiconductor Corp.)
    [PEC2 , ]C:\WINDOWS\System32\dfrg.msc ()
    [PEC2 , PECompact2 , ]C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    [PEC2 , ]C:\WINDOWS\System32\nvCplUI.pdb ()
    [winsync , ]C:\WINDOWS\System32\wbdbase.deu ()
    [UPX0 , WSUD , ]C:\WINDOWS\System32\dllcache\hwxjpn.dll ()
    [aspack , FSG! , PEC2 , UPX! , ]C:\WINDOWS\System32\drivers\avg7core.sys (GRISOFT, s.r.o.)

    < End of report >
     
  10. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Hi, icon7zero :)

    Set Explorer to view Hidden Files and Folders:
    • Right-click your Start button and go to "Explore".
    • Select Tools from the menu
    • Select Folder Options
    • Select the View tab
    • Click on Show all Files and Folders
    • Select Apply to All Folders | Yes | Apply | OK.
    Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete this file (if present):

    C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db

    Set Explorer to Defaults:
    • Right-click your Start button and go to "Explore".
    • Select Tools from the menu
    • Select Folder Options
    • Select the View tab
    • Click on Restore Defaults
    • Select Apply to All Folders | Yes | Apply | OK
    Restart the computer.

    Let me know if that makes a difference.
     
  11. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    I followed your instructions but my icons still aren't displaying properly. Do I need to find a certain file from my xp disc?
     
  12. mike5532g

    mike5532g

    Joined:
    Jun 11, 2004
    Messages:
    2,312
  13. xXbernisXx

    xXbernisXx

    Joined:
    Feb 25, 2007
    Messages:
    197
  14. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    That's a good try. (y)
     
  15. icon7zero

    icon7zero Thread Starter

    Joined:
    Sep 11, 2006
    Messages:
    24
    ShellIconFix got the My Computer and Recycle Bin icons working right again but the icons in my start menu that I have circled in the picture still don't work. Also; zip, image, and text files still don't have the right icon. Thanks for all the help so far, at least we've got something working right now.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/546956

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice