Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Used The Winpfind Is Everything Ok?


  • Please log in to reply
1 reply to this topic

#1 JB20

JB20

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:07 PM

Posted 18 June 2006 - 11:23 AM

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

Windows OS and Versions
Product Name: Microsoft Windows XP Current Build: Service Pack 1 Current Build Number: 2600
Internet Explorer Version: 6.0.2800.1106

Checking Selected Standard Folders

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...
PEC2 2/2/2005 4:03:52 PM 534104 C:\Program Files\adboe reader.exe
PECompact2 2/2/2005 4:03:52 PM 534104 C:\Program Files\adboe reader.exe
UPX! 2/13/2005 5:28:38 PM 6017334 C:\Program Files\Thunderbird Setup 1.0.exe

Checking %WinDir% folder...
FSG! 11/12/2004 7:29:46 PM 10156943 C:\WINDOWS\avg70free_289a392.exe

Checking %System% folder...
PEC2 3/31/2003 8:00:00 AM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc
PEC2 10/26/2004 6:38:24 PM 716800 C:\WINDOWS\SYSTEM32\DivX.dll
PECompact2 10/26/2004 6:38:24 PM 716800 C:\WINDOWS\SYSTEM32\DivX.dll
Umonitor 3/31/2003 8:00:00 AM 631808 C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 3/31/2003 8:00:00 AM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...
UPX! 5/24/2006 8:16:22 AM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
FSG! 5/24/2006 8:16:22 AM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
PEC2 5/24/2006 8:16:22 AM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
aspack 5/24/2006 8:16:22 AM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
6/17/2006 4:48:14 PM S 2048 C:\WINDOWS\bootstat.dat
6/18/2006 11:30:54 AM H 54156 C:\WINDOWS\QTFont.qfn
4/27/2006 1:54:52 PM H 6838614 C:\WINDOWS\Media\Downloads\Led Zepplin - When The Levy Breaks.mp3
4/27/2006 1:21:00 PM H 3921398 C:\WINDOWS\Media\Downloads\Testament - Over The Wall.mp3
5/5/2006 1:20:42 PM HS 8192 C:\WINDOWS\Media\Music\Thumbs.db
4/25/2006 12:22:00 PM HS 3141 C:\WINDOWS\Media\Music\Downloads\AlbumArtSmall.jpg
4/20/2006 1:00:48 PM HS 6731 C:\WINDOWS\Media\Music\Downloads\AlbumArt_{800E6441-2918-4F69-BD9A-993EF4CDFA5C}_Large.jpg
4/20/2006 1:00:44 PM HS 1861 C:\WINDOWS\Media\Music\Downloads\AlbumArt_{800E6441-2918-4F69-BD9A-993EF4CDFA5C}_Small.jpg
4/25/2006 12:22:00 PM HS 16369 C:\WINDOWS\Media\Music\Downloads\AlbumArt_{DE89B412-6E8F-478D-958B-6300CCA5C9A3}_Large.jpg
4/25/2006 12:22:00 PM HS 3141 C:\WINDOWS\Media\Music\Downloads\AlbumArt_{DE89B412-6E8F-478D-958B-6300CCA5C9A3}_Small.jpg
4/24/2006 2:49:22 PM HS 11650 C:\WINDOWS\Media\Music\Downloads\AlbumArt_{E2BCE46E-A25C-4D36-B777-3D477BF55259}_Large.jpg
4/24/2006 2:49:22 PM HS 2680 C:\WINDOWS\Media\Music\Downloads\AlbumArt_{E2BCE46E-A25C-4D36-B777-3D477BF55259}_Small.jpg
4/25/2006 12:36:08 PM H 2856960 C:\WINDOWS\Media\Music\Downloads\Crosby, Stills, Nash, and Young - Ohio.mp3
4/28/2006 11:30:40 AM H 3502140 C:\WINDOWS\Media\Music\Downloads\David Allan Coe - Itty Bitty Titties.mp3
4/25/2006 12:22:02 PM HS 275 C:\WINDOWS\Media\Music\Downloads\desktop.ini
4/27/2006 2:37:12 PM H 5548954 C:\WINDOWS\Media\Music\Downloads\Dire Straits - Sultan Of Swing.mp3
4/28/2006 11:25:56 AM H 4592067 C:\WINDOWS\Media\Music\Downloads\Eagles - Life In The Fast Lane.mp3
4/27/2006 2:42:08 PM H 6134514 C:\WINDOWS\Media\Music\Downloads\Eagles - Lying Eyes.mp3
4/27/2006 2:43:40 PM H 4042880 C:\WINDOWS\Media\Music\Downloads\Eagles - Peaceful Easy Feeling.mp3
4/25/2006 12:22:00 PM HS 16369 C:\WINDOWS\Media\Music\Downloads\Folder.jpg
4/28/2006 12:00:26 PM H 7222842 C:\WINDOWS\Media\Music\Downloads\Metalingus.mp3
4/29/2006 6:28:56 PM H 757221740 C:\WINDOWS\Media\Music\Downloads\Monsters Of Rock 91 (Metallica, AC DC, Pantera) DVD-Rip VCD.mpg
4/27/2006 3:26:46 PM H 4033719 C:\WINDOWS\Media\Music\Downloads\Moody Blues - Nights In White Satin.mp3
4/25/2006 12:22:34 PM H 3820018 C:\WINDOWS\Media\Music\Downloads\Oleander - Why I'm Here.mp3
5/3/2006 7:25:46 AM H 820515120 C:\WINDOWS\Media\Music\Downloads\Pantera - Live in Seoul 05.06.01.mpg
4/22/2006 4:33:58 PM H 4689050 C:\WINDOWS\Media\Music\Downloads\red hot chili peppers - soul to squeeze.mp3
4/20/2006 1:10:52 PM H 8176472 C:\WINDOWS\Media\Music\Downloads\Sabbath, Bloody Sabbath.mp3
4/27/2006 2:31:52 PM H 3480345 C:\WINDOWS\Media\Music\Downloads\Steve Miller Band - The Joker.mp3
5/1/2006 3:12:06 PM HS 33464 C:\WINDOWS\Media\Music\Downloads\SThumbs.dat
4/27/2006 2:47:50 PM H 4382720 C:\WINDOWS\Media\Music\Downloads\The Band - The Weight (take a load off Annie).mp3
4/24/2006 2:37:22 PM H 6345163 C:\WINDOWS\Media\Music\Downloads\Theory Of A Deadman - No Suprise.mp3
4/27/2006 3:17:34 PM H 2789128 C:\WINDOWS\Media\Music\Downloads\Tom Petty - Life is a Highway.mp3
5/5/2006 11:52:54 AM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\10 Magnificent Blondes CD2 - Amber Michaels, Angelica Sin, Ava Vincent, Briana Banks, Devon, Gina Ly.mpg.xml
4/20/2006 12:33:14 PM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\BabyGotBoobs.com - Gianna Micheals [27m05s].mpg.xml
4/20/2006 9:01:12 PM H 182 C:\WINDOWS\Media\Music\Downloads\Metadata\BangBros - Assparade - gianna.mpeg.xml
4/21/2006 6:38:10 PM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\Beavis and Butthead - Bungholio Lord Of The Harvest.mpg.xml
4/22/2006 11:32:52 AM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\beavis and butthead - top o the mountain.mpg.xml
4/20/2006 8:34:18 PM H 233 C:\WINDOWS\Media\Music\Downloads\Metadata\Big Tits Round Asses - Naomi And Gianna - Double Stack.wmv.xml
4/28/2006 10:48:56 AM H 385 C:\WINDOWS\Media\Music\Downloads\Metadata\David Allan Coe - Itty Bitty Titties.mp3.xml
4/27/2006 2:37:12 PM H 296 C:\WINDOWS\Media\Music\Downloads\Metadata\Dire Straits - Sultan Of Swing.mp3.xml
4/27/2006 2:43:08 PM H 277 C:\WINDOWS\Media\Music\Downloads\Metadata\Eagles - Desperado.mp3.xml
4/27/2006 2:40:28 PM H 325 C:\WINDOWS\Media\Music\Downloads\Metadata\Eagles - Life In The Fast Lane.mp3.xml
4/27/2006 2:42:08 PM H 289 C:\WINDOWS\Media\Music\Downloads\Metadata\Eagles - Lying Eyes.mp3.xml
4/27/2006 2:51:46 PM H 323 C:\WINDOWS\Media\Music\Downloads\Metadata\Eagles - New Kid In Town.mp3.xml
4/27/2006 3:23:40 PM H 340 C:\WINDOWS\Media\Music\Downloads\Metadata\Eagles - One Of These Nights.mp3.xml
4/27/2006 2:43:40 PM H 347 C:\WINDOWS\Media\Music\Downloads\Metadata\Eagles - Peaceful Easy Feeling.mp3.xml
4/27/2006 3:29:44 PM H 291 C:\WINDOWS\Media\Music\Downloads\Metadata\Eagles-Dust In The Wind .mp3.xml
4/20/2006 9:02:42 PM H 290 C:\WINDOWS\Media\Music\Downloads\Metadata\MILF Hunter - Gianna.wmv.xml
4/29/2006 6:28:56 PM H 182 C:\WINDOWS\Media\Music\Downloads\Metadata\Monsters Of Rock 91 (Metallica, AC DC, Pantera) DVD-Rip VCD.mpg.xml
4/27/2006 3:26:46 PM H 428 C:\WINDOWS\Media\Music\Downloads\Metadata\Moody Blues - Nights In White Satin.mp3.xml
5/3/2006 7:25:48 AM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\Pantera - Live in Seoul 05.06.01.mpg.xml
4/29/2006 5:12:16 PM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\Pantera - Yesterday Don't Mean bleep (Live Ozzfest).mpg.xml
4/29/2006 3:44:58 PM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\Pantera- Cowboys From Hell (Live Ozzfest).mpg.xml
5/2/2006 3:14:48 PM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\Penthouse - Danni Ashe - Strip (greatquality).mpg.xml
5/1/2006 2:50:32 PM H 238 C:\WINDOWS\Media\Music\Downloads\Metadata\Pussyman's Big Tit Paradise 2 - ( Kianna, Taylor St. Claire, Tanya Danielle, Stevie, Tina Cherie, Amber Michaels, Nina Ferrarri, Adajja) (1of2)(1).mpg.xml
4/22/2006 1:38:40 PM H 229 C:\WINDOWS\Media\Music\Downloads\Metadata\red hot chili peppers - soul to squeeze.mp3.xml
4/27/2006 2:31:52 PM H 243 C:\WINDOWS\Media\Music\Downloads\Metadata\Steve Miller Band - The Joker.mp3.xml
4/20/2006 3:05:08 PM H 230 C:\WINDOWS\Media\Music\Downloads\Metadata\Theory Of A Deadman - No Suprise.mp3.xml
4/27/2006 3:17:34 PM H 288 C:\WINDOWS\Media\Music\Downloads\Metadata\Tom Petty - Life is a Highway.mp3.xml
5/3/2006 8:06:00 PM H 255 C:\WINDOWS\Media\Music\Downloads\Metadata\Veronica Zemanova - Danni Compilation.avi.xml
6/18/2006 12:06:00 PM H 1024 C:\WINDOWS\system32\config\default.LOG
6/17/2006 4:48:16 PM H 1024 C:\WINDOWS\system32\config\SAM.LOG
6/18/2006 11:48:24 AM H 1024 C:\WINDOWS\system32\config\SECURITY.LOG
6/18/2006 12:18:44 PM H 1024 C:\WINDOWS\system32\config\software.LOG
6/18/2006 12:18:54 PM H 1024 C:\WINDOWS\system32\config\system.LOG
5/14/2006 11:04:40 AM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\da32acda-df53-4cf4-994d-a38fe7a1102a
5/14/2006 11:04:40 AM HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
6/17/2006 4:48:18 PM H 6 C:\WINDOWS\Tasks\SA.DAT

Checking for CPL files...
5/25/2004 11:06:58 AM 417792 C:\WINDOWS\SYSTEM32\ac3filter.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 66048 C:\WINDOWS\SYSTEM32\access.cpl
Realtek Semiconductor Corp. 1/9/2004 6:53:58 AM 14204416 C:\WINDOWS\SYSTEM32\ALSNDMGR.CPL
Microsoft Corporation 3/31/2003 8:00:00 AM 578560 C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 129024 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 150016 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Intel Corporation 1/29/2004 10:13:06 PM 98304 C:\WINDOWS\SYSTEM32\igfxcpl.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 292352 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 121856 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 65536 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems 8/9/2004 6:02:06 PM 53352 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 187904 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 559616 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 256000 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 36864 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 109056 C:\WINDOWS\SYSTEM32\powercfg.cpl
Intel® Corporation 10/23/2002 1:06:36 PM 77824 C:\WINDOWS\SYSTEM32\PRApplet.cpl
Apple Computer, Inc. 1/6/2004 7:02:36 PM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 268288 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 3/31/2003 8:00:00 AM 90112 C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 8/3/2004 3:03:24 PM 167704 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
The Weather Channel Interactive8/4/2005 9:33:42 AM 3010560 C:\WINDOWS\SYSTEM32\wxfw.cpl

Checking Selected Startup Folders

Checking files in %ALLUSERSPROFILE%\Startup folder...
6/17/2003 11:01:36 PM 1540 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
8/9/2004 5:26:10 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
11/2/2004 7:44:42 PM 1730 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
8/9/2004 10:19:00 AM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
8/9/2004 5:26:10 PM HS 84 C:\Documents and Settings\Owner\Start Menu\Programs\Startup\desktop.ini
8/21/2005 2:07:16 PM 650 C:\Documents and Settings\Owner\Start Menu\Programs\Startup\SpywareGuard.lnk

Checking files in %USERPROFILE%\Application Data folder...
6/2/2006 9:40:54 PM 2091 C:\Documents and Settings\Owner\Application Data\AdobeDLM.log
8/9/2004 10:19:00 AM HS 62 C:\Documents and Settings\Owner\Application Data\desktop.ini
6/2/2006 9:40:54 PM 0 C:\Documents and Settings\Owner\Application Data\dm.ini
11/22/2004 7:15:26 PM 32408 C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
12/18/2005 8:55:48 AM 0 C:\Documents and Settings\Owner\Application Data\wklnhst.dat

Checking Selected Registry Keys

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
{81559C35-8464-49F7-BB0E-07A383BEF910} = C:\Program Files\SpywareGuard\spywareguard.dll

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AVG7 Shell Extension
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
=
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WS_FTP
{797F3885-5429-11D4-8823-0050DA59922B} = C:\Program Files\Ipswitch\WS_FTP Home\wsftpsi.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
=
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WS_FTP
{797F3885-5429-11D4-8823-0050DA59922B} = C:\Program Files\Ipswitch\WS_FTP Home\wsftpsi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
=

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}
SpywareGuardDLBLOCK.CBrowserHelper = C:\Program Files\SpywareGuard\dlprotect.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
= C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = %SystemRoot%\System32\shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
MenuText = :

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
Media Band = %SystemRoot%\System32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = :
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
{4982D40A-C53B-4615-B15B-B5B5E98D167C} = :
{2318C2B1-4965-11D4-9B18-009027A5CD4F} = :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
RemoteControl "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
SunKistEM C:\Program Files\Digital Media Reader\shwiconem.exe

HotKeysCmds C:\WINDOWS\System32\hkcmd.exe
SoundMan SOUNDMAN.EXE
BJCFD C:\Program Files\BroadJump\Client Foundation\CFD.exe
tgcmd "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
SSC_UserPrompt C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
AVG7_CC C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
KernelFaultCheck %systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
MSMSGS "C:\Program Files\Messenger\msmsgs.exe" /background
SpySweeper C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
DW4 "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
MoneyAgent "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
Shell = Explorer.exe
System =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs


Scan Complete
WinPFind v1.3.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 6/18/2006 12:19:35 PM

BC AdBot (Login to Remove)

 


#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:05:07 PM

Posted 18 June 2006 - 11:30 AM

Hi there and welcome to BleepingComputer.

I've been through the log and it seems to be in pretty good shape, just one file that i'm concerned about. I'm 99% sure it's bad, but it's better to be safe than sorry:

Please visit http://virusscan.jotti.org/
Click on Browse... and navigate to the following file: C:\Program Files\adboe reader.exe
Click Open
Please let me know the results.

Also, are you experiencing any problems.
David




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users