explorer crashes at start

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.
W

will2b

Thread Starter
Joined
Nov 5, 2007
Messages
4
After downloading a zip folder Norton AV detected a Downloader and I allowed it to delete we.exe, being the infected file. Unfortunately this did not do the trick and when I reboot win2k my desktop wallpaper is as far as I get and windows explorer seems to crash. I can restart it with task manager but none of my start up programmes load and it is very flaky. When looking at the task manager processors there is a USERINIT.EXE entry which I am sure was not there before which disappears after a short period. I have attached the HJT and WinPFind logs with erroneous entries like awvvv.dll and pmnkkjh.dll, I have tried fixing these but they keep coming back. I have also run Adaware [no results] and Spybot SD [Virtumonde, Outerinfo, removal.bat - fixed], I have done a full deep scan with Norton AV which showed nothing. I have also tried Trend Micro Housecall, but it could not 'define a native binding'? Just tried Panda so I had to switch from Firefox to IE which completely crashed on startup, as far as I can see most of the online scanners require IE and active x. I am now downloading Fsecure BlackLight to see if I can identify any rootkits, am at my wits end someone pleeeeeeeease help, I need to do some work.
 

Attachments

W

will2b

Thread Starter
Joined
Nov 5, 2007
Messages
4
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:53:10 AM, on 05.11.2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\OO Software\CleverCache\ooccag.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\OO Software\CleverCache\ooccctrl.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINNT\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\Hijack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planning.gov.je/bin/asd.dll/i?n=wrap-choice-wizard2&l=1&url=/content/Ask Wizard.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {FA1CC83B-E99A-45C2-B2F7-5CE576B7953A} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07BE5653-9EAA-4127-987A-FED465855198} - C:\WINNT\system32\awvvv.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: IEEventObj Class - {A69DD619-0385-4347-801D-781C09701BF2} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Autodesk DWF - {C363E0F4-1D07-4ffb-A69F-BB7D3F4E70A5} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll
O3 - Toolbar: Autodesk DWF - {C363E0F4-1D07-4ffb-A69F-BB7D3F4E70A5} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Tottenham Hotspur News Alerts] "C:\Program Files\Tottenham Hotspur News Alerts\spursnewsalerts.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe (User 'Default user')
O4 - .DEFAULT Startup: RK Launcher.lnk = C:\Program Files\rklauncher\RKLauncher.exe (User 'Default user')
O4 - .DEFAULT Startup: RK Taskbar.lnk = C:\Program Files\rklauncher\task bar\RKLauncher.exe (User 'Default user')
O4 - .DEFAULT Startup: stickies.lnk = C:\Program Files\stickies\stickies.exe (User 'Default user')
O4 - .DEFAULT Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe (User 'Default user')
O4 - .DEFAULT Startup: zonealarm.exe.lnk.disabled (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: RK Launcher.lnk = C:\Program Files\rklauncher\RKLauncher.exe
O4 - Startup: RK Taskbar.lnk = C:\Program Files\rklauncher\task bar\RKLauncher.exe
O4 - Startup: stickies.lnk = C:\Program Files\stickies\stickies.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Startup: zonealarm.exe.lnk.disabled
O4 - Global Startup: Panasonic Communications Utility.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\WINNT\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\WINNT\system32\shdocvw.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\WINNT\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\WINNT\system32\shdocvw.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {AEF9B8DB-0DEF-4c0b-8209-661C9E82B8C3} - C:\Program Files\WinSysClean 2008 Trial\UDManager\UDManager.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/raptisoftgameloader.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.inf...W/win/019-0312.20050111.MmVrT/iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1189069139187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1189069608343
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -
O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} - http://dictionary.reference.com/tools/toolbar/lexico.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FE0BDAA-7C39-433C-94B7-27014E90EF90}: NameServer = 212.9.0.135,212.9.0.136
O20 - AppInit_DLLs:
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\program files\a-squared free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINNT\system32\oodag.exe
O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe
O23 - Service: SilverStripe HTTP Server (silverstripehttp) - Unknown owner - C:\lighttpd\sbin\srvany.exe
O23 - Service: SilverSripe MySQL Server (silverstripemysql) - Unknown owner - C:\lighttpd\sbin\srvany.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 1: What Would You Like To Do? - http://www.planning.gov.je/bin/asd.dll/i?n=wrap-choice-wizard2&l=1&url=/content/Ask Wizard.htm
O24 - Desktop Component 2: Product Type Page - http://www.ajspecification.com/Products/P_Type_Page/
O24 - Desktop Component 3: Tottenham Hotspur FC: www.spurs.co.uk - http://www.spurs.co.uk/index.asp

--
End of file - 11324 bytes
 
W

will2b

Thread Starter
Joined
Nov 5, 2007
Messages
4
WinPFind3 logfile created on: 05.11.2007 08:49:15 AM
WinPFind3U by OldTimer - Version 1.0.42 Folder = C:\Documents and Settings\William Harben\Desktop\WinPFind3u\
Microsoft Windows 2000 Service Pack 4 (Version = 5.0.2195)
Internet Explorer (Version = 6.0.2800.1106)

511.01 Mb Total Physical Memory | 263.93 Mb Available Physical Memory | 51.65% Memory free
1.72 Gb Paging File | 1.40 Gb Available in Paging File | 81.50% Paging File free
Paging file location(s): C:\pagefile.sys 1280 1280;

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 35.20 Gb Free Space | 47.25% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: WILL
Current User Name: will
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
defwatch.exe -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 8.00.00.9374 | Size = 32768 bytes | Modified Date = 30.07.2002 11:36:00 AM | Attr = ]
em_exec.exe -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE -> Logitech Inc. [Ver = 9.70.216 | Size = 28672 bytes | Modified Date = 01.07.2002 08:50:00 AM | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.3: 2007030919 | Size = 7633008 bytes | Modified Date = 25.04.2007 10:21:18 AM | Attr = ]
ooccag.exe -> %ProgramFiles%\OO Software\CleverCache\ooccag.exe -> O&O Software GmbH [Ver = 6.0.1.2851 | Size = 391952 bytes | Modified Date = 28.01.2007 02:08:26 PM | Attr = ]
ooccctrl.exe -> %ProgramFiles%\OO Software\CleverCache\ooccctrl.exe -> O&O Software GmbH [Ver = 6.0.1.4036 | Size = 1911568 bytes | Modified Date = 28.01.2007 02:08:36 PM | Attr = ]
rtvscan.exe -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 8.00.00.9374 | Size = 573440 bytes | Modified Date = 30.07.2002 11:40:44 AM | Attr = ]
vsmon.exe -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.408.000 | Size = 75304 bytes | Modified Date = 06.09.2007 03:14:18 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 04.09.2007 10:47:26 AM | Attr = ]
zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.408.000 | Size = 919016 bytes | Modified Date = 06.09.2007 03:14:18 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(a2free) a-squared Free Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\a-squared free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.345 | Size = 217208 bytes | Modified Date = 28.09.2007 08:36:54 AM | Attr = ]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 03.11.2005 02:52:02 PM | Attr = ]
(Autodesk Licensing Service) Autodesk Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> Autodesk [Ver = 2.67.010 | Size = 77944 bytes | Modified Date = 27.07.2005 03:20:48 PM | Attr = ]
(DefWatch) DefWatch [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 8.00.00.9374 | Size = 32768 bytes | Modified Date = 30.07.2002 11:36:00 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> VERITAS Software Corp. [Ver = 2195.6624.297.3 | Size = 147728 bytes | Modified Date = 19.06.2003 07:05:04 PM | Attr = ]
(FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 30.04.2007 02:46:00 PM | Attr = ]
(GoogleDesktopManager) GoogleDesktopManager [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.705.14375 | Size = 1831424 bytes | Modified Date = 04.07.2007 09:50:26 AM | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.699.25363.beta | Size = 135608 bytes | Modified Date = 04.12.2006 04:53:56 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 03.04.2005 11:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.1.0.59 | Size = 500800 bytes | Modified Date = 02.03.2007 03:24:20 PM | Attr = ]
(Norton AntiVirus Server) Symantec AntiVirus Client [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 8.00.00.9374 | Size = 573440 bytes | Modified Date = 30.07.2002 11:40:44 AM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | On_Demand | Stopped] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9136 | Size = 155715 bytes | Modified Date = 12.07.2006 12:19:00 PM | Attr = ]
(O&O Defrag) O&O Defrag [Win32_Own | On_Demand | Stopped] -> %System32%\oodag.exe -> O&O Software GmbH [Ver = 10.0.1634 | Size = 1050120 bytes | Modified Date = 11.05.2007 01:09:48 AM | Attr = ]
(OOCleverCacheAgent) O&O CleverCache Agent [Win32_Own | Auto | Running] -> %ProgramFiles%\OO Software\CleverCache\ooccag.exe -> O&O Software GmbH [Ver = 6.0.1.2851 | Size = 391952 bytes | Modified Date = 28.01.2007 02:08:26 PM | Attr = ]
(silverstripehttp) SilverStripe HTTP Server [Win32_Own | On_Demand | Stopped] -> %SystemDrive%\lighttpd\sbin\srvany.exe -> [Ver = | Size = 15360 bytes | Modified Date = 08.02.2006 12:56:14 PM | Attr = ]
(silverstripemysql) SilverSripe MySQL Server [Win32_Own | On_Demand | Stopped] -> %SystemDrive%\lighttpd\sbin\srvany.exe -> [Ver = | Size = 15360 bytes | Modified Date = 08.02.2006 12:56:14 PM | Attr = ]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.408.000 | Size = 75304 bytes | Modified Date = 06.09.2007 03:14:18 PM | Attr = ]
(winvnc) VNC Server [Win32_Own | Auto | Stopped] -> -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
EM_EXEC -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE -> Logitech Inc. [Ver = 9.70.216 | Size = 28672 bytes | Modified Date = 01.07.2002 08:50:00 AM | Attr = ]
ooccctrl.exe -> %ProgramFiles%\OO Software\CleverCache\ooccctrl.exe -> O&O Software GmbH [Ver = 6.0.1.4036 | Size = 1911568 bytes | Modified Date = 28.01.2007 02:08:36 PM | Attr = ]
ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.408.000 | Size = 919016 bytes | Modified Date = 06.09.2007 03:14:18 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 4, 0, 2 | Size = 1415824 bytes | Modified Date = 02.05.2006 01:56:02 PM | Attr = ]
Tottenham Hotspur News Alerts -> %ProgramFiles%\Tottenham Hotspur News Alerts\spursnewsalerts.exe -> Skinkers Communications [Ver = 1.9.3.3238 | Size = 472064 bytes | Modified Date = 03.10.2005 06:41:08 PM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
-> %AllUsersStartup%\Panasonic Communications Utility.lnk -> File not found
< User Startup > -> C:\Documents and Settings\William Harben\Start Menu\Programs\Startup ->
%UserStartup%\Mozilla Thunderbird.lnk -> %ProgramFiles%\Mozilla Thunderbird\thunderbird.exe -> Mozilla Corporation [Ver = 1.8.1.6: 2007072817 | Size = 8472936 bytes | Modified Date = 02.08.2007 09:04:44 AM | Attr = ]
%UserStartup%\RK Launcher.lnk -> %ProgramFiles%\rklauncher\RKLauncher.exe -> RaduKing [Ver = 0, 41, 0, 0 | Size = 708608 bytes | Modified Date = 16.03.2007 12:05:20 PM | Attr = ]
%UserStartup%\RK Taskbar.lnk -> %ProgramFiles%\rklauncher\task bar\RKLauncher.exe -> RaduKing [Ver = 0, 41, 0, 0 | Size = 708608 bytes | Modified Date = 16.03.2007 12:05:20 PM | Attr = ]
%UserStartup%\stickies.lnk -> %ProgramFiles%\stickies\stickies.exe -> Zhorn Software [Ver = 6.0c | Size = 700416 bytes | Modified Date = 08.03.2007 11:28:20 PM | Attr = ]
%UserStartup%\Yahoo! Widget Engine.lnk -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgetEngine.exe -> Yahoo! Inc. [Ver = 4.0.5 | Size = 2913584 bytes | Modified Date = 20.07.2007 05:57:16 PM | Attr = ]
-> %UserStartup%\zonealarm.exe -> File not found
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
< SSODL [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
{F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} [HKLM] -> Reg Data - Key not found [0aMCPClient] -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{E908A6A7-026C-4FBE-93A9-96020BEEAD53} [HKLM] -> %System32%\pmnkkjh.dll [] -> [Ver = | Size = 36352 bytes | Modified Date = 02.11.2007 10:25:38 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\AdminComponent\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\PlacesBar\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\PlacesBar\\Place0 -> 8 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\PlacesBar\\Place1 -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\PlacesBar\\Place2 -> 5 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\PlacesBar\\Place3 -> 17 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\PlacesBar\\Place4 -> 18 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> •
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoRecentDocsNetHood -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoNetHood -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{20D04FE0-3AEA-1069-A2D8-08002B30309D} -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{450D8FBA-AD25-11D0-98A8-0800361B1103} -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
< HOSTS File > (686 bytes) -> C:\WINNT\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.planning.gov.je/bin/asd.dll/i?n=wrap-choice-wizard2&l=1&url=/content/Ask Wizard.htm ->
HKCU: SearchAssistant -> http://www.google.com/ie ->
HKCU: URLSearchHooks\\{FA1CC83B-E99A-45C2-B2F7-5CE576B7953A} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
HKCU: ProxyEnable -> 0 ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22.10.2006 10:08:42 PM | Attr = ]
{07BE5653-9EAA-4127-987A-FED465855198} [HKLM] -> %System32%\awvvv.dll [Reg Data - Value does not exist] -> [Ver = | Size = 310368 bytes | Modified Date = 02.11.2007 10:30:48 AM | Attr = ]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> %ProgramFiles%\BitComet\tools\BitCometBHO_1.1.7.4.dll [BitComet Helper] -> BitComet [Ver = 20070704 | Size = 513336 bytes | Modified Date = 04.07.2007 04:28:28 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 31.05.2005 12:04:00 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12.07.2007 03:00:36 AM | Attr = ]
{A69DD619-0385-4347-801D-781C09701BF2} [HKLM] -> %ProgramFiles%\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll [IEEventObj Class] -> Autodesk, Inc. [Ver = 3.0.0.0 | Size = 102400 bytes | Modified Date = 16.11.2005 10:23:06 AM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1019, 5266 | Size = 2018368 bytes | Modified Date = 09.08.2006 04:52:58 PM | Attr = R ]
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 10.05.2007 09:47:04 PM | Attr = ]
{C363E0F4-1D07-4ffb-A69F-BB7D3F4E70A5} [HKLM] -> %ProgramFiles%\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll [Autodesk DWF] -> Autodesk, Inc. [Ver = 3.0.0.0 | Size = 102400 bytes | Modified Date = 16.11.2005 10:23:06 AM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 10.05.2007 09:47:04 PM | Attr = ]
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{9455301C-CF6B-11D3-A266-00C04F689C50} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1019, 5266 | Size = 2018368 bytes | Modified Date = 09.08.2006 04:52:58 PM | Attr = R ]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 10.05.2007 09:47:04 PM | Attr = ]
{C363E0F4-1D07-4ffb-A69F-BB7D3F4E70A5} [HKLM] -> %ProgramFiles%\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll [Autodesk DWF] -> Autodesk, Inc. [Ver = 3.0.0.0 | Size = 102400 bytes | Modified Date = 16.11.2005 10:23:06 AM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{11359F4A-B191-42D7-905A-594F8CF0387B} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
ShellBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
ShellBrowser\\{AACBDEE8-0813-4308-8121-94CB60848B2C} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{11359F4A-B191-42D7-905A-594F8CF0387B} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{AACBDEE8-0813-4308-8121-94CB60848B2C} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.07.2007 03:00:36 AM | Attr = ]
{320AF880-6646-11D3-ABEE-C5DBF3571F46} -> Reg Data - Value does not exist [ButtonText: Fill Forms] -> File not found
{320AF880-6646-11D3-ABEE-C5DBF3571F49} -> Reg Data - Value does not exist [ButtonText: Save] -> File not found
{461CC20B-FB6E-4f16-8FE8-C29359DB100E} -> Reg Data - Value does not exist [ButtonText: BitComet Search] -> File not found
{AEF9B8DB-0DEF-4c0b-8209-661C9E82B8C3} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&D&ownload &with BitComet -> %ProgramFiles%\BitComet\BitComet.exe\AddLink.htm -> File not found
&D&ownload all video with BitComet -> %ProgramFiles%\BitComet\BitComet.exe\AddVideo.htm -> File not found
&D&ownload all with BitComet -> %ProgramFiles%\BitComet\BitComet.exe\AddAllLink.htm -> File not found
&Define -> Reg Data - Value does not exist -> File not found
&Google Search -> Reg Data - Value does not exist -> File not found
&Search -> Reg Data - Value does not exist -> File not found
&Translate English Word -> Reg Data - Value does not exist -> File not found
Append to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm -> File not found
Backward Links -> Reg Data - Value does not exist -> File not found
Cached Snapshot of Page -> Reg Data - Value does not exist -> File not found
Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm -> File not found
Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm -> File not found
Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIECaptureSelLinks.htm -> File not found
Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIEAppendSelLinks.htm -> File not found
Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm -> File not found
Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm -> File not found
Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm -> File not found
Convert to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm -> File not found
Customize Menu -> Reg Data - Value does not exist -> File not found
Customize Menu &4 -> Reg Data - Value does not exist -> File not found
Fill Forms -> Reg Data - Value does not exist -> File not found
Fill Forms &] -> Reg Data - Value does not exist -> File not found
Save Forms -> Reg Data - Value does not exist -> File not found
Save Forms &[ -> Reg Data - Value does not exist -> File not found
Search &Dictionary -> Reg Data - Value does not exist -> File not found
Search &Thesaurus -> Reg Data - Value does not exist -> File not found
Similar Pages -> Reg Data - Value does not exist -> File not found
Translate into English -> Reg Data - Value does not exist -> File not found
Translate Page into English -> Reg Data - Value does not exist -> File not found
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
Avant Browser -> IEAK ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{5FE0BDAA-7C39-433C-94B7-27014E90EF90} -> 212.9.0.135,212.9.0.136 (3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible)) ->
< Default Protocols [HKCU] - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
shell -> shell protocol not assigned ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
vnd.ms.radio -> %System32%\msdxm.ocx -> [Ver = | Size = 844560 bytes | Modified Date = 30.03.2005 11:10:40 PM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{288C5F13-7E52-4ADA-A32E-F5BF9D125F98} -> - CodeBase = http://www.miniclip.com/bestfriends/retro64_loader.dll ->
{31435657-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab ->
{31564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/wmvax.cab ->
{41F17733-B041-4099-A042-B518BB6A408C} -> - CodeBase = http://appldnld.m7z.net/content.inf...W/win/019-0312.20050111.MmVrT/iTunesSetup.exe ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1189069139187 ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1189069608343 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F} -> - CodeBase = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37804.2427546296 ->
{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} -> Java Plug-in 1.4.0 - CodeBase = http://java.sun.com/update/1.4.0/jinstall-1_4_0-windows-i586.cab ->
{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} -> - CodeBase = ->
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} -> - CodeBase = ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> - CodeBase = ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab ->
{F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} -> - CodeBase = http://dictionary.reference.com/tools/toolbar/lexico.cab ->
DirectAnimation Java Classes -> - CodeBase = file://C:\WINNT\Java\classes\dajava.cab ->
Microsoft XML Parser for Java -> - CodeBase = ->
RaptisoftGameLoader -> - CodeBase = http://www.miniclip.com/haphazard/raptisoftgameloader.cab ->

continued
see next post
 
W

will2b

Thread Starter
Joined
Nov 5, 2007
Messages
4
continued

[Files/Folders - Created Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 05.11.2007 08:22:58 AM | Attr = HS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 535834624 bytes | Created Date = 01.01.1601 | Attr = HS]
Panasonic -> %SystemDrive%\Panasonic -> [Folder | Created Date = 15.10.2007 11:07:12 AM | Attr = ]
SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 02.11.2007 04:41:40 PM | Attr = ]
ERUNT -> %SystemRoot%\ERUNT -> [Folder | Created Date = 02.11.2007 04:53:35 PM | Attr = ]
zipinst.exe -> %SystemRoot%\zipinst.exe -> NirSoft [Ver = 1.21 | Size = 39424 bytes | Created Date = 01.11.2007 04:53:13 PM | Attr = ]
Spybot - Search & Destroy - Scheduled Task.job -> %SystemRoot%\tasks\Spybot - Search & Destroy - Scheduled Task.job -> [Ver = | Size = 238 bytes | Created Date = 02.11.2007 02:32:26 PM | Attr = ]
awvvv.dll -> %System32%\awvvv.dll -> [Ver = | Size = 310368 bytes | Created Date = 02.11.2007 10:30:45 AM | Attr = ]
COMDLG32.DEP -> %System32%\COMDLG32.DEP -> [Ver = | Size = 2494 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
COMDLG32.oca -> %System32%\COMDLG32.oca -> [Ver = | Size = 35840 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
default_user_class.dat -> %System32%\default_user_class.dat -> [Ver = | Size = 8192 bytes | Created Date = 02.11.2007 12:07:13 PM | Attr = ]
DocMgrMon.dll -> %System32%\DocMgrMon.dll -> Panasonic Communications Co., Ltd. [Ver = 3, 0, 0, 0 | Size = 20480 bytes | Created Date = 15.10.2007 11:07:49 AM | Attr = ]
inet4ap.dll -> %System32%\inet4ap.dll -> ?????????? (?) [Ver = 1, 0, 80, 10008 | Size = 275968 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
InstProc.dll -> %System32%\InstProc.dll -> [Ver = | Size = 38912 bytes | Created Date = 15.10.2007 11:07:55 AM | Attr = ]
killtrap.exe -> %System32%\killtrap.exe -> [Ver = | Size = 36864 bytes | Created Date = 15.10.2007 11:08:44 AM | Attr = ]
lfbmp10N.dll -> %System32%\lfbmp10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.022 | Size = 34304 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
LFCMP10N.DLL -> %System32%\LFCMP10N.DLL -> LEAD Technologies, Inc. [Ver = 10.0.0.024 | Size = 271360 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
lffax10N.dll -> %System32%\lffax10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.018 | Size = 78336 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
lfpng10N.dll -> %System32%\lfpng10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.024 | Size = 134144 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
lftif10N.dll -> %System32%\lftif10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.024 | Size = 122368 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
LTDIS10N.dll -> %System32%\LTDIS10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.024 | Size = 229888 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
ltefx10N.dll -> %System32%\ltefx10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.018 | Size = 221184 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
ltfil10N.DLL -> %System32%\ltfil10N.DLL -> LEAD Technologies, Inc. [Ver = 10.0.0.024 | Size = 108032 bytes | Created Date = 15.10.2007 11:08:40 AM | Attr = ]
ltimg10N.dll -> %System32%\ltimg10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.018 | Size = 114176 bytes | Created Date = 15.10.2007 11:08:40 AM | Attr = ]
ltkrn10N.dll -> %System32%\ltkrn10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.024 | Size = 297984 bytes | Created Date = 15.10.2007 11:08:40 AM | Attr = ]
LTOCX10N.OCX -> %System32%\LTOCX10N.OCX -> LEAD Technologies, Inc. [Ver = 10.0.0.019 | Size = 560640 bytes | Created Date = 15.10.2007 11:08:40 AM | Attr = ]
lttwn10N.dll -> %System32%\lttwn10N.dll -> LEAD Technologies, Inc. [Ver = 10.0.0.024 | Size = 37376 bytes | Created Date = 15.10.2007 11:08:40 AM | Attr = ]
MGCSInst.dll -> %System32%\MGCSInst.dll -> [Ver = | Size = 75776 bytes | Created Date = 15.10.2007 11:07:55 AM | Attr = ]
mgcstilm.dll -> %System32%\mgcstilm.dll -> Panasonic Communications Co., Ltd. [Ver = 1.06 | Size = 62464 bytes | Created Date = 15.10.2007 11:08:48 AM | Attr = ]
MSCOMCT2.DEP -> %System32%\MSCOMCT2.DEP -> [Ver = | Size = 2492 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
MSCOMCT2.oca -> %System32%\MSCOMCT2.oca -> [Ver = | Size = 134656 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
MSCOMCT2.SRG -> %System32%\MSCOMCT2.SRG -> [Ver = | Size = 111 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
MSCOMCTL.DEP -> %System32%\MSCOMCTL.DEP -> [Ver = | Size = 2494 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
MSCOMCTL.oca -> %System32%\MSCOMCTL.oca -> [Ver = | Size = 266240 bytes | Created Date = 15.10.2007 11:08:37 AM | Attr = ]
MSCOMCTL.SRG -> %System32%\MSCOMCTL.SRG -> [Ver = | Size = 111 bytes | Created Date = 15.10.2007 11:08:38 AM | Attr = ]
MSFLXGRD.DEP -> %System32%\MSFLXGRD.DEP -> [Ver = | Size = 2494 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
msflxgrd.oca -> %System32%\msflxgrd.oca -> [Ver = | Size = 76288 bytes | Created Date = 15.10.2007 11:08:38 AM | Attr = ]
MSMAPI32.DEP -> %System32%\MSMAPI32.DEP -> [Ver = | Size = 2496 bytes | Created Date = 15.10.2007 11:08:38 AM | Attr = ]
MSMAPI32.oca -> %System32%\MSMAPI32.oca -> [Ver = | Size = 43008 bytes | Created Date = 15.10.2007 11:08:38 AM | Attr = ]
pmnkkjh.dll -> %System32%\pmnkkjh.dll -> [Ver = | Size = 36352 bytes | Created Date = 02.11.2007 10:25:36 AM | Attr = ]
TABCTL32.DEP -> %System32%\TABCTL32.DEP -> [Ver = | Size = 2492 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
TABCTL32.oca -> %System32%\TABCTL32.oca -> [Ver = | Size = 43008 bytes | Created Date = 15.10.2007 11:08:39 AM | Attr = ]
vvvwa.bak1 -> %System32%\vvvwa.bak1 -> [Ver = | Size = 6465 bytes | Created Date = 02.11.2007 10:31:19 AM | Attr = HS]
vvvwa.bak2 -> %System32%\vvvwa.bak2 -> [Ver = | Size = 6505 bytes | Created Date = 05.11.2007 08:12:50 AM | Attr = HS]
vvvwa.ini -> %System32%\vvvwa.ini -> [Ver = | Size = 6968 bytes | Created Date = 02.11.2007 10:30:52 AM | Attr = HS]
3cisaadi.sys -> %System32%\dllcache\3cisaadi.sys -> U.S. Robotics, Inc. [Ver = 1.00.024 | Size = 792176 bytes | Created Date = 02.11.2007 01:19:55 PM | Attr = ]
3cisati.sys -> %System32%\dllcache\3cisati.sys -> U.S. Robotics, Inc. [Ver = 2.60.002 | Size = 774928 bytes | Created Date = 02.11.2007 01:19:56 PM | Attr = ]
3cpciadi.sys -> %System32%\dllcache\3cpciadi.sys -> U.S. Robotics, Inc. [Ver = 1.00.028 | Size = 801072 bytes | Created Date = 02.11.2007 01:19:57 PM | Attr = ]
3cwmcru.sys -> %System32%\dllcache\3cwmcru.sys -> 3Com, Inc. [Ver = 1.44.008.0020 | Size = 763024 bytes | Created Date = 02.11.2007 01:19:52 PM | Attr = ]
a1base.sys -> %System32%\dllcache\a1base.sys -> AVM Berlin [Ver = 2.0 | Size = 387536 bytes | Created Date = 02.11.2007 01:20:58 PM | Attr = ]
amb8002.sys -> %System32%\dllcache\amb8002.sys -> AmbiCom, Inc. [Ver = v3.03 | Size = 17168 bytes | Created Date = 02.11.2007 01:20:03 PM | Attr = ]
atibt829.sys -> %System32%\dllcache\atibt829.sys -> [Ver = | Size = 42192 bytes | Created Date = 02.11.2007 01:20:05 PM | Attr = ]
atitvsnd.sys -> %System32%\dllcache\atitvsnd.sys -> [Ver = | Size = 16976 bytes | Created Date = 02.11.2007 01:20:04 PM | Attr = ]
brzwlan.sys -> %System32%\dllcache\brzwlan.sys -> BreezeCOM [Ver = 4.4.1.17 | Size = 31888 bytes | Created Date = 02.11.2007 01:20:05 PM | Attr = ]
cb325.sys -> %System32%\dllcache\cb325.sys -> Silicom Ltd. [Ver = 4.106.24 | Size = 39680 bytes | Created Date = 02.11.2007 01:20:06 PM | Attr = ]
digidbp.dll -> %System32%\dllcache\digidbp.dll -> Digi International Inc. [Ver = 3.4 | Size = 107280 bytes | Created Date = 02.11.2007 01:20:10 PM | Attr = ]
digifwrk.dll -> %System32%\dllcache\digifwrk.dll -> Digi International Inc. [Ver = 3.4 | Size = 203024 bytes | Created Date = 02.11.2007 01:20:11 PM | Attr = ]
digihlc.dll -> %System32%\dllcache\digihlc.dll -> Digi International Inc. [Ver = 3.4 | Size = 61712 bytes | Created Date = 02.11.2007 01:20:11 PM | Attr = ]
digiinf.dll -> %System32%\dllcache\digiinf.dll -> Digi International Inc. [Ver = 3.4 | Size = 52496 bytes | Created Date = 02.11.2007 01:20:12 PM | Attr = ]
digiisdn.dll -> %System32%\dllcache\digiisdn.dll -> Digi International Inc. [Ver = 3.4 | Size = 27408 bytes | Created Date = 02.11.2007 01:20:13 PM | Attr = ]
digiview.exe -> %System32%\dllcache\digiview.exe -> Digi International Inc. [Ver = 3.4 | Size = 598800 bytes | Created Date = 02.11.2007 01:20:13 PM | Attr = ]
dlh5xnd5.sys -> %System32%\dllcache\dlh5xnd5.sys -> D-Link Corporation [Ver = v1.00.05 | Size = 23216 bytes | Created Date = 02.11.2007 01:20:08 PM | Attr = ]
e100isa4.sys -> %System32%\dllcache\e100isa4.sys -> Intel Corporation [Ver = 5.0.4.0 | Size = 19824 bytes | Created Date = 02.11.2007 01:20:15 PM | Attr = ]
e100snt5.sys -> %System32%\dllcache\e100snt5.sys -> Intel Corporation [Ver = 2.30.00.0000 | Size = 51472 bytes | Created Date = 02.11.2007 01:20:16 PM | Attr = ]
eccommdd.sys -> %System32%\dllcache\eccommdd.sys -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 100432 bytes | Created Date = 02.11.2007 01:20:16 PM | Attr = ]
ecdtrace.sys -> %System32%\dllcache\ecdtrace.sys -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 7648 bytes | Created Date = 02.11.2007 01:20:17 PM | Attr = ]
eclandd.sys -> %System32%\dllcache\eclandd.sys -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 23664 bytes | Created Date = 02.11.2007 01:20:19 PM | Attr = ]
ecnb.sys -> %System32%\dllcache\ecnb.sys -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 38464 bytes | Created Date = 02.11.2007 01:20:21 PM | Attr = ]
ecpagex.dll -> %System32%\dllcache\ecpagex.dll -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 33792 bytes | Created Date = 02.11.2007 01:20:20 PM | Attr = ]
ecpinst.dll -> %System32%\dllcache\ecpinst.dll -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 21680 bytes | Created Date = 02.11.2007 01:20:17 PM | Attr = ]
ecsnadd.sys -> %System32%\dllcache\ecsnadd.sys -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 8960 bytes | Created Date = 02.11.2007 01:20:18 PM | Attr = ]
ecvbus.sys -> %System32%\dllcache\ecvbus.sys -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 7648 bytes | Created Date = 02.11.2007 01:20:18 PM | Attr = ]
ecwandd.sys -> %System32%\dllcache\ecwandd.sys -> Eicon Technology Corporation [Ver = 5.1 (Build 70) | Size = 17856 bytes | Created Date = 02.11.2007 01:20:20 PM | Attr = ]
el515.sys -> %System32%\dllcache\el515.sys -> 3Com Corporation [Ver = 1.07.03 | Size = 45840 bytes | Created Date = 02.11.2007 01:20:19 PM | Attr = ]
forehe.sys -> %System32%\dllcache\forehe.sys -> FORE Systems, Inc. [Ver = 5.00.00.06 | Size = 32528 bytes | Created Date = 02.11.2007 01:20:21 PM | Attr = ]
ibmexmp.sys -> %System32%\dllcache\ibmexmp.sys -> IBM Corp. [Ver = 3.14.00.0000 | Size = 28944 bytes | Created Date = 02.11.2007 01:20:23 PM | Attr = ]
ibmsgnet.dll -> %System32%\dllcache\ibmsgnet.dll -> IBM Corporation [Ver = 1.00.00.0000 | Size = 7680 bytes | Created Date = 02.11.2007 01:20:23 PM | Attr = ]
ibmtok.sys -> %System32%\dllcache\ibmtok.sys -> IBM Corporation [Ver = 12.23.01.0050 | Size = 100112 bytes | Created Date = 02.11.2007 01:20:24 PM | Attr = ]
ibmtrp.sys -> %System32%\dllcache\ibmtrp.sys -> IBM Corporation [Ver = 5.27.00.0050 | Size = 104720 bytes | Created Date = 02.11.2007 01:20:24 PM | Attr = ]
icam3.sys -> %System32%\dllcache\icam3.sys -> Intel Corporation [Ver = 0.00.000000 | Size = 140016 bytes | Created Date = 02.11.2007 01:20:28 PM | Attr = ]
icam3ext.dll -> %System32%\dllcache\icam3ext.dll -> Intel Corporation [Ver = 1.0.0.51 | Size = 27408 bytes | Created Date = 02.11.2007 01:20:29 PM | Attr = ]
jt1nd5.sys -> %System32%\dllcache\jt1nd5.sys -> Level One Communications [Ver = 1.02.00.000 | Size = 35856 bytes | Created Date = 02.11.2007 01:20:29 PM | Attr = ]
lit220p.sys -> %System32%\dllcache\lit220p.sys -> Litronic Industries [Ver = 1 | Size = 15952 bytes | Created Date = 02.11.2007 01:20:30 PM | Attr = ]
lvui32.dll -> %System32%\dllcache\lvui32.dll -> Logitech Inc. [Ver = 1.00.1363 | Size = 15120 bytes | Created Date = 02.11.2007 01:20:31 PM | Attr = ]
lvui32rc.dll -> %System32%\dllcache\lvui32rc.dll -> Logitech Inc. [Ver = 1.00.1363 | Size = 24848 bytes | Created Date = 02.11.2007 01:20:31 PM | Attr = ]
lwadihid.sys -> %System32%\dllcache\lwadihid.sys -> Logitech, Inc. [Ver = 5.00.0000.1050 | Size = 18576 bytes | Created Date = 02.11.2007 01:20:33 PM | Attr = ]
lwusbhid.sys -> %System32%\dllcache\lwusbhid.sys -> Logitech, Inc. [Ver = 5.00.0000.1063 | Size = 19408 bytes | Created Date = 02.11.2007 01:20:33 PM | Attr = ]
netflx3.sys -> %System32%\dllcache\netflx3.sys -> Compaq Computer Corporation [Ver = 5.0.1.8 | Size = 91216 bytes | Created Date = 02.11.2007 01:20:41 PM | Attr = ]
ngrpci.sys -> %System32%\dllcache\ngrpci.sys -> NETGEAR Corporation. [Ver = 4.54 | Size = 30992 bytes | Created Date = 02.11.2007 01:20:42 PM | Attr = ]
otceth5.sys -> %System32%\dllcache\otceth5.sys -> Ositech Communications, Inc. [Ver = 1.02.010.1 | Size = 43792 bytes | Created Date = 02.11.2007 01:20:42 PM | Attr = ]
pca200e.sys -> %System32%\dllcache\pca200e.sys -> FORE Systems, Inc. [Ver = 5.00.00.47613 | Size = 30064 bytes | Created Date = 02.11.2007 01:20:43 PM | Attr = ]
pinball.exe -> %System32%\dllcache\pinball.exe -> Cinematronics [Ver = 5.00.2134.1 | Size = 302352 bytes | Created Date = 02.11.2007 01:20:43 PM | Attr = ]
rnbo3531.sys -> %System32%\dllcache\rnbo3531.sys -> Rainbow Technologies Inc. [Ver = 1.00.26 | Size = 13680 bytes | Created Date = 02.11.2007 01:20:44 PM | Attr = ]
rtl8029.sys -> %System32%\dllcache\rtl8029.sys -> REALTEK Semiconductor Corp. [Ver = 5.29.98.1230 | Size = 18704 bytes | Created Date = 02.11.2007 01:20:44 PM | Attr = ]
rtl8139.sys -> %System32%\dllcache\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.366.0818.1999 | Size = 18704 bytes | Created Date = 02.11.2007 01:20:45 PM | Attr = ]
sis6306p.sys -> %System32%\dllcache\sis6306p.sys -> Silicon Integrated Systems Corporation [Ver = 4.11.01.1070 | Size = 71280 bytes | Created Date = 02.11.2007 01:20:49 PM | Attr = ]
sis6306v.dll -> %System32%\dllcache\sis6306v.dll -> Silicon Integrated Systems Corporation [Ver = 4.11.01.1070 | Size = 179792 bytes | Created Date = 02.11.2007 01:20:50 PM | Attr = ]
sisv.sys -> %System32%\dllcache\sisv.sys -> Silicon Integrated Systems Corporation [Ver = 4.11.01.1300 | Size = 49904 bytes | Created Date = 02.11.2007 01:20:50 PM | Attr = ]
sisv256.dll -> %System32%\dllcache\sisv256.dll -> Silicon Integrated Systems Corporation [Ver = 4.11.01.1300 | Size = 188688 bytes | Created Date = 02.11.2007 01:20:50 PM | Attr = ]
skfpwin.sys -> %System32%\dllcache\skfpwin.sys -> SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH. [Ver = 5.11 | Size = 104656 bytes | Created Date = 02.11.2007 01:20:50 PM | Attr = ]
spxports.dll -> %System32%\dllcache\spxports.dll -> Specialix International Ltd. [Ver = 1.0.0.0008 | Size = 420624 bytes | Created Date = 02.11.2007 01:20:51 PM | Attr = ]
stlnata.sys -> %System32%\dllcache\stlnata.sys -> Stallion Technologies [Ver = 5.5.13 | Size = 280912 bytes | Created Date = 02.11.2007 01:20:52 PM | Attr = ]
stlnprop.dll -> %System32%\dllcache\stlnprop.dll -> Stallion Technologies [Ver = 5.5.12 | Size = 176400 bytes | Created Date = 02.11.2007 01:20:52 PM | Attr = ]
tos4mo.sys -> %System32%\dllcache\tos4mo.sys -> TOSHIBA Corporation [Ver = 2.13 | Size = 28432 bytes | Created Date = 02.11.2007 01:20:54 PM | Attr = ]
tsbmce.sys -> %System32%\dllcache\tsbmce.sys -> Toshiba Corp. [Ver = Version 5.0.2 | Size = 17712 bytes | Created Date = 02.11.2007 01:20:53 PM | Attr = ]
w840nd.sys -> %System32%\dllcache\w840nd.sys -> Winbond Electronics Corporation [Ver = 2.40 | Size = 19728 bytes | Created Date = 02.11.2007 01:20:55 PM | Attr = ]
winacisa.sys -> %System32%\dllcache\winacisa.sys -> Rockwell [Ver = 2,0,2,111 | Size = 771824 bytes | Created Date = 02.11.2007 01:20:56 PM | Attr = ]

[Files/Folders - Modified Within 30 days]
BACKUPS -> %SystemDrive%\BACKUPS -> [Folder | Modified Date = 01.11.2007 01:00:02 PM | Attr = ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 05.11.2007 08:27:04 AM | Attr = HS]
Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 23.10.2007 10:36:14 AM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 535834624 bytes | Modified Date = 05.11.2007 08:27:08 AM | Attr = HS]
Panasonic -> %SystemDrive%\Panasonic -> [Folder | Modified Date = 15.10.2007 11:07:50 AM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 05.11.2007 08:23:00 AM | Attr = ]
SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 02.11.2007 05:04:32 PM | Attr = ]
temp -> %SystemDrive%\temp -> [Folder | Modified Date = 17.10.2007 02:43:44 PM | Attr = ]
WINNT -> %SystemRoot% -> [Folder | Modified Date = 02.11.2007 04:53:36 PM | Attr = ]
ccolwiz.ini -> %SystemRoot%\ccolwiz.ini -> [Ver = | Size = 170 bytes | Modified Date = 31.10.2007 04:45:44 PM | Attr = ]
crackpdf.INI -> %SystemRoot%\crackpdf.INI -> [Ver = | Size = 446 bytes | Modified Date = 10.10.2007 03:33:24 PM | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 05.11.2007 08:27:58 AM | Attr = ]
ERUNT -> %SystemRoot%\ERUNT -> [Folder | Modified Date = 02.11.2007 04:53:40 PM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 15.10.2007 11:21:32 AM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 05.11.2007 08:23:10 AM | Attr = HS]
Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 05.11.2007 08:46:56 AM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 202 bytes | Modified Date = 01.11.2007 04:19:46 PM | Attr = ]
render.ini -> %SystemRoot%\render.ini -> [Ver = | Size = 35 bytes | Modified Date = 30.10.2007 11:51:00 AM | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 05.11.2007 08:25:14 AM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 05.11.2007 08:28:42 AM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 02.11.2007 03:17:28 PM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 05.11.2007 08:28:46 AM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1162 bytes | Modified Date = 18.10.2007 11:41:14 AM | Attr = ]
winsxs -> %SystemRoot%\winsxs -> [Folder | Modified Date = 05.11.2007 08:23:00 AM | Attr = ]
zipinst.exe -> %SystemRoot%\zipinst.exe -> NirSoft [Ver = 1.21 | Size = 39424 bytes | Modified Date = 01.11.2007 04:53:14 PM | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 02.11.2007 03:17:28 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 02.11.2007 03:17:28 PM | Attr = H ]
Spybot - Search & Destroy - Scheduled Task.job -> %SystemRoot%\tasks\Spybot - Search & Destroy - Scheduled Task.job -> [Ver = | Size = 238 bytes | Modified Date = 02.11.2007 02:33:00 PM | Attr = ]
awvvv.dll -> %System32%\awvvv.dll -> [Ver = | Size = 310368 bytes | Modified Date = 02.11.2007 10:30:48 AM | Attr = ]
default_user_class.dat -> %System32%\default_user_class.dat -> [Ver = | Size = 8192 bytes | Modified Date = 02.11.2007 12:07:20 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 05.11.2007 08:23:56 AM | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 05.11.2007 08:27:22 AM | Attr = ]
HPANT.DAT -> %System32%\HPANT.DAT -> [Ver = | Size = 2563 bytes | Modified Date = 05.11.2007 08:25:12 AM | Attr = ]
NtmsData -> %System32%\NtmsData -> [Folder | Modified Date = 01.11.2007 07:21:36 AM | Attr = ]
oodbs.lor -> %System32%\oodbs.lor -> [Ver = | Size = 239574 bytes | Modified Date = 05.11.2007 08:27:04 AM | Attr = ]
pmnkkjh.dll -> %System32%\pmnkkjh.dll -> [Ver = | Size = 36352 bytes | Modified Date = 02.11.2007 10:25:38 AM | Attr = ]
vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 353248 bytes | Modified Date = 05.11.2007 08:29:06 AM | Attr = H ]
vvvwa.bak1 -> %System32%\vvvwa.bak1 -> [Ver = | Size = 6465 bytes | Modified Date = 02.11.2007 10:31:20 AM | Attr = HS]
vvvwa.bak2 -> %System32%\vvvwa.bak2 -> [Ver = | Size = 6505 bytes | Modified Date = 05.11.2007 08:12:52 AM | Attr = HS]
vvvwa.ini -> %System32%\vvvwa.ini -> [Ver = | Size = 6968 bytes | Modified Date = 05.11.2007 08:28:36 AM | Attr = HS]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 02.11.2007 04:54:28 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 408 bytes -> %SystemDrive%\ama.logoemboss.bmp:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\ama.logoemboss.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
UPX! , UPX0 , -> %SystemRoot%\dbplugin.ocx -> [Ver = 6, 1, 0, 8 | Size = 2682965 bytes | Modified Date = 16.11.2006 02:44:20 PM | Attr = ]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\MusicMatch Wallpaper.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 6.810-1005 | Size = 965632 bytes | Modified Date = 19.12.2003 01:02:08 PM | Attr = ]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\winnt.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 0 bytes -> %SystemRoot%\winnt256.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
UPX! , UPX0 , -> %SystemRoot%\zipinst.exe -> NirSoft [Ver = 1.21 | Size = 39424 bytes | Modified Date = 01.11.2007 04:53:14 PM | Attr = ]
PEC2 , -> %System32%\flt1chk2.dll -> [Ver = | Size = 31744 bytes | Modified Date = 15.07.2003 12:57:20 AM | Attr = ]
@Alternate Data Stream - 0 bytes -> %System32%\getstart.gif:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 1908 bytes -> %System32%\n2k.bmp:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %System32%\n2k.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 1256 bytes -> %System32%\ntimage.gif:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %System32%\ntimage.gif:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
aspack , -> %System32%\Selfupdate.exe -> Alexis Ríos Negrón [Ver = 2.1.0.12 | Size = 188928 bytes | Modified Date = 17.12.2001 09:56:02 AM | Attr = ]
aspack , -> %System32%\ShellPicture.dll -> BAxBEx Software [Ver = 1.6.1.0 | Size = 134656 bytes | Modified Date = 03.06.2002 02:49:12 AM | Attr = ]
@Alternate Data Stream - 2936 bytes -> %System32%\SpoonUninstall-Ogg Vorbis CLI.bmp:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %System32%\SpoonUninstall-Ogg Vorbis CLI.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 2188 bytes -> %System32%\SpoonUninstall-Shutdown.bmp:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %System32%\SpoonUninstall-Shutdown.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 8348 bytes -> %System32%\sppic.bmp:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %System32%\sppic.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 1900 bytes -> %System32%\tunes.bmp:Q30lsldxJoudresxAaaqpcawXc ->
@Alternate Data Stream - 0 bytes -> %System32%\tunes.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
aspack , -> %System32%\Webupdate2.dll -> [Ver = | Size = 215552 bytes | Modified Date = 02.01.2002 10:42:28 AM | Attr = ]
aspack , -> %System32%\WebUpdate2.exe -> Alexis Ríos Negrón [Ver = 2.1.9.388 | Size = 316928 bytes | Modified Date = 03.01.2002 02:09:02 PM | Attr = ]
qoologic , PTech , SAHAgent , abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\HOSTS.MVP -> [Ver = | Size = 640176 bytes | Modified Date = 21.09.2007 03:41:34 AM | Attr = ]
qoologic , PTech , SAHAgent , abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\HOSTS01 -> [Ver = | Size = 498133 bytes | Modified Date = 30.10.2006 12:39:20 AM | Attr = ]

< End of report >
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Total: 409 (members: 2, guests: 407)
Top