Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack This Logfile-please Help Diagnose


  • Please log in to reply
12 replies to this topic

#1 Nahmesh

Nahmesh

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 23 December 2006 - 11:31 AM

Hello. I am keep getting this Worm Stration pop-up. Supposedly people say this is a hacker? I am not too sure (not very good w/ computers and stuff). So can help me find out whats wrong and how to fix this? I tried system restore but my computer says "cannot restore"....Please help! Thanks!

Logfile of HijackThis v1.99.1
Scan saved at 11:42:56 PM, on 12/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Matthew Oh\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: vb5dmspo.dll e1.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: slbipsch - C:\WINDOWS\system32\slbipsch.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:49 AM

Posted 23 December 2006 - 11:59 AM

Hello Nahmesh and welcome to the BC HijackThis forum. I would like to try a different scanner and see what it shows us.

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
    • In the Files Created Within group click 30 days
    • In the Files Modified Within group select 30 days
    • In the File String Search group select Non-Microsoft
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 Nahmesh

Nahmesh
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 23 December 2006 - 06:13 PM

WinPFind3 logfile created on: 12/23/2006 5:29:05 PM
WinPFind3U by OldTimer - Version 1.0.1 Folder = C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)


[Processes - Non-Microsoft Only]
acrotray.exe -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe -> Adobe Systems Inc. [Ver = 6.0.0.2003051500 | Size = 217193 bytes | Modified Date = 5/15/2003 12:19:50 AM | Attr = ]
aolacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ]
aolsoftware.exe -> C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
bcmwltry.exe -> C:\WINDOWS\system32\BCMWLTRY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1200128 bytes | Modified Date = 12/19/2005 3:08:40 PM | Attr = ]
dlg.exe -> C:\Program Files\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = ]
dsagnt.exe -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 1, 121 | Size = 332800 bytes | Modified Date = 5/15/2005 2:04:12 AM | Attr = ]
dvdlauncher.exe -> C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 49152 bytes | Modified Date = 12/9/2005 8:29:52 PM | Attr = ]
googleupdater.exe -> C:\Program Files\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.0.711.37800.beta | Size = 124856 bytes | Modified Date = 12/21/2006 10:22:04 PM | Attr = ]
googleupdaterservice.exe -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 12/21/2006 10:22:04 PM | Attr = ]
googlewebaccclient.exe -> C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe -> [Ver = | Size = 1609728 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
googlewebaccwarden.exe -> C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe -> [Ver = | Size = 598016 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
hkcmd.exe -> C:\WINDOWS\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 11:41:08 PM | Attr = ]
igfxpers.exe -> C:\WINDOWS\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 11:45:00 PM | Attr = ]
igfxsrvc.exe -> C:\WINDOWS\system32\igfxsrvc.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 159744 bytes | Modified Date = 12/13/2005 11:41:00 PM | Attr = ]
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
netwaiting.exe -> C:\Program Files\NetWaiting\netWaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 2:24:00 AM | Attr = ]
nicconfigsvc.exe -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 7, 0, 9, 0 | Size = 380928 bytes | Modified Date = 12/6/2005 10:45:26 AM | Attr = ]
pccguide.exe -> C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 823362 bytes | Modified Date = 8/30/2005 4:47:38 PM | Attr = ]
pcctlcom.exe -> C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1019 | Size = 880722 bytes | Modified Date = 9/4/2006 7:54:44 PM | Attr = ]
qttask.exe -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 9, 0 | Size = 839680 bytes | Modified Date = 12/6/2005 10:45:14 AM | Attr = ]
reader_sl.exe -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/23/2005 10:05:26 PM | Attr = ]
stsystra.exe -> C:\WINDOWS\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4823.0 nd322 cp1 | Size = 397312 bytes | Modified Date = 11/16/2005 9:35:16 PM | Attr = ]
syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 11/29/2005 6:56:30 PM | Attr = ]
tfswctrl.exe -> C:\WINDOWS\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
tmas_oemon.exe -> C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.5.0.1119 | Size = 176201 bytes | Modified Date = 4/11/2006 6:39:22 PM | Attr = ]
tmntsrv.exe -> C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 290889 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
tmpfw.exe -> C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -> Trend Micro Inc. [Ver = 2.0.0.1135 | Size = 585792 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
tmproxy.exe -> C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -> Trend Micro Inc. [Ver = 1.0.0.1135 | Size = 262215 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
tsc.exe -> C:\Program Files\Trend Micro\Internet Security 12\TSC.EXE -> Trend Micro Inc. [Ver = 3.98.0.1012 | Size = 176709 bytes | Modified Date = 10/18/2005 10:25:20 AM | Attr = ]
winpfind3u.exe -> C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.1.0 | Size = 302592 bytes | Modified Date = 12/21/2006 8:20:08 PM | Attr = ]
wltray.exe -> C:\WINDOWS\system32\WLTRAY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1347584 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]
wltrysvc.exe -> C:\WINDOWS\system32\WLTRYSVC.EXE -> [Ver = | Size = 18944 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
(gusvc) Google Updater Service [Win32_Own | Auto | Running] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 12/21/2006 10:22:04 PM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
(NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 7, 0, 9, 0 | Size = 380928 bytes | Modified Date = 12/6/2005 10:45:26 AM | Attr = ]
(PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1019 | Size = 880722 bytes | Modified Date = 9/4/2006 7:54:44 PM | Attr = ]
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 290889 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -> Trend Micro Inc. [Ver = 2.0.0.1135 | Size = 585792 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -> Trend Micro Inc. [Ver = 1.0.0.1135 | Size = 262215 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Broadcom Wireless Manager UI -> C:\WINDOWS\system32\WLTRAY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1347584 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]
Dell QuickSet -> C:\Program Files\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 9, 0 | Size = 839680 bytes | Modified Date = 12/6/2005 10:45:14 AM | Attr = ]
dla -> C:\WINDOWS\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
DVDLauncher -> C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 49152 bytes | Modified Date = 12/9/2005 8:29:52 PM | Attr = ]
HostManager -> C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
igfxhkcmd -> C:\WINDOWS\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 11:41:08 PM | Attr = ]
igfxpers -> C:\WINDOWS\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 11:45:00 PM | Attr = ]
igfxtray -> C:\WINDOWS\system32\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 98304 bytes | Modified Date = 12/13/2005 11:44:18 PM | Attr = ]
IPHSend -> C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe -> America Online, Inc. [Ver = 1.0.12.1 | Size = 124520 bytes | Modified Date = 2/17/2006 11:59:48 AM | Attr = ]
ISUSPM Startup -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 249856 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
ISUSScheduler -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
iTunesHelper -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
MSPY2002 -> C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE -> [Ver = | Size = 59392 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
pccguide.exe -> C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 823362 bytes | Modified Date = 8/30/2005 4:47:38 PM | Attr = ]
QuickTime Task -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
ShowLOMControl -> -> File not found
SigmatelSysTrayApp -> C:\WINDOWS\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4823.0 nd322 cp1 | Size = 397312 bytes | Modified Date = 11/16/2005 9:35:16 PM | Attr = ]
SynTPEnh -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 11/29/2005 6:56:30 PM | Attr = ]
TkBellExe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
BitTorrent -> C:\Program Files\BitTorrent\bittorrent.exe -> File not found
DellSupport -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 1, 121 | Size = 332800 bytes | Modified Date = 5/15/2005 2:04:12 AM | Attr = ]
ModemOnHold -> C:\Program Files\NetWaiting\netWaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 2:24:00 AM | Attr = ]
OE_OEM -> C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.5.0.1119 | Size = 176201 bytes | Modified Date = 4/11/2006 6:39:22 PM | Attr = ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
vb5dmspo.dll -> C:\WINDOWS\system32\vb5dmspo.dll -> [Ver = | Size = 28672 bytes | Modified Date = 12/16/2006 8:52:08 PM | Attr = ]
e1.dll -> C:\WINDOWS\system32\e1.dll -> [Ver = | Size = 20480 bytes | Modified Date = 12/16/2006 8:52:14 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
igfxcui -> C:\WINDOWS\system32\igfxdev.dll -> Intel Corporation [Ver = 3.0.0.4446 | Size = 139264 bytes | Modified Date = 12/13/2005 11:40:12 PM | Attr = ]
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.dell.com ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.dell.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.dell.com/ ->
HKCU: URLSearchHooks\\{EA756889-2338-43DB-8F07-D1CA6FB9C90D} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOLTBSearch Class] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
online_musicmatch.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
{69A87B7D-DE56-4136-9655-716BA50C19C7} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [&Google Web Accelerator Helper] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar Launcher] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> c:\program files\Google\googletoolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
WebBrowser\\{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> 8196 - Reg Data - Value does not exist ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8195 - Reg Data - Value does not exist ->
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8193 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8197 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Data - Key not found [MenuText: Sun Java Console] ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> Reg Data - Value does not exist [ButtonText: AOL Toolbar] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&AOL Toolbar Search -> c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.htm -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{2F603045-309F-11CF-9774-0020AFD0CFF6} [HKLM] -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [Synaptics Control Panel] -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 6135899 bytes | Modified Date = 11/29/2005 6:44:38 PM | Attr = ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{771A9DA0-731A-11CE-993C-00AA004ADB6C} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\VBProp.dll [VBPropSheet] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 135239 bytes | Modified Date = 8/30/2005 4:47:48 PM | Attr = ]
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> C:\WINDOWS\system32\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll [Adobe.Acrobat.ContextMenu] -> Adobe Systems Inc. [Ver = 1.0.0.2003051500 | Size = 409687 bytes | Modified Date = 5/15/2003 12:41:08 AM | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> C:\Program Files\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2237 | Size = 49198 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll [Adobe.Acrobat.ContextMenu] -> Adobe Systems Inc. [Ver = 1.0.0.2003051500 | Size = 409687 bytes | Modified Date = 5/15/2003 12:41:08 AM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} [HKLM] -> C:\WINDOWS\system32\igfxpph.dll [igfxcui] -> Intel Corporation [Ver = 3.0.0.4446 | Size = 147456 bytes | Modified Date = 12/13/2005 11:44:02 PM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 2:20:02 AM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{397496ED-E294-492F-94F5-12FFABC41461} -> (1394 Net Adapter) ->
{5C95B2D1-8010-417F-BDE1-89DABA1875B8} -> (Broadcom 440x 10/100 Integrated Controller) ->
{7C201DED-69E6-49A9-92B7-B880D138E2E1} -> (Dell Wireless 1390 WLAN Mini-Card) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found


[Files - Created Wihin 30 days]
sz.xml -> C:\sz.xml -> [Ver = | Size = 4903 bytes | Created Date = 12/8/2006 4:41:59 PM | Attr = ]
atrc.dll -> C:\Program Files\Common Files\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.2567 | Size = 77889 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
cook.dll -> C:\Program Files\Common Files\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.1873 | Size = 65602 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
drv1.dll -> C:\Program Files\Common Files\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 102464 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
drv2.dll -> C:\Program Files\Common Files\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 176195 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
drvc.dll -> C:\Program Files\Common Files\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 266309 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
hxltcolor.dll -> C:\Program Files\Common Files\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.836 | Size = 241723 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
raac.dll -> C:\Program Files\Common Files\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.790 | Size = 553036 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
rv10.dll -> C:\Program Files\Common Files\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 49216 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv20.dll -> C:\Program Files\Common Files\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 57411 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv30.dll -> C:\Program Files\Common Files\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv40.dll -> C:\Program Files\Common Files\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
sipr.dll -> C:\Program Files\Common Files\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.2564 | Size = 106561 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
devices.ini -> C:\Program Files\Common Files\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Created Date = 12/21/2006 11:32:23 PM | Attr = ]
objb3201.dll -> C:\Program Files\Common Files\Real\Common\objb3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6391 | Size = 172077 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
pngu3267.dll -> C:\Program Files\Common Files\Real\Common\pngu3267.dll -> RealNetworks, Inc. [Ver = 6.7.0.2712 | Size = 421927 bytes | Created Date = 12/21/2006 11:32:06 PM | Attr = ]
rpun3260.dll -> C:\Program Files\Common Files\Real\Common\rpun3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2238 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Common\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
twebbrowse.dll -> C:\Program Files\Common Files\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1594 | Size = 81969 bytes | Created Date = 12/21/2006 11:32:09 PM | Attr = ]
barcontrol.dll -> C:\Program Files\Common Files\Real\GToolbar\barcontrol.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gdsapi.dll -> C:\Program Files\Common Files\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gdssetup.exe -> C:\Program Files\Common Files\Real\GToolbar\gdssetup.exe -> [Ver = | Size = 746600 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
googletoolbarinstaller.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
googletoolbarinstaller98.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller98.exe -> Google [Ver = 3, 0, 126, 3 | Size = 705704 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
aacff.dll -> C:\Program Files\Common Files\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.771 | Size = 69689 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
audplin.dll -> C:\Program Files\Common Files\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1207 | Size = 86075 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
authmgr.dll -> C:\Program Files\Common Files\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1429 | Size = 49207 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
cdda3260.dll -> C:\Program Files\Common Files\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2258 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
clbascauth.dll -> C:\Program Files\Common Files\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.978 | Size = 41023 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
clntxres.dll -> C:\Program Files\Common Files\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.3694 | Size = 53296 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
cont3260.dll -> C:\Program Files\Common Files\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.1897 | Size = 69677 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
fpsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Created Date = 12/21/2006 11:32:22 PM | Attr = ]
httpfsys.dll -> C:\Program Files\Common Files\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2779 | Size = 172084 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
hxsdp.dll -> C:\Program Files\Common Files\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 41006 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
hxxml.dll -> C:\Program Files\Common Files\Real\Plugins\hxxml.dll -> [Ver = | Size = 86065 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
imgrender.dll -> C:\Program Files\Common Files\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 528445 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
memfsys.dll -> C:\Program Files\Common Files\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.966 | Size = 77877 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
mp3fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2966 | Size = 45118 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp3metaff.dll -> C:\Program Files\Common Files\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.965 | Size = 65596 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp3render.dll -> C:\Program Files\Common Files\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 151614 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp4arender.dll -> C:\Program Files\Common Files\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.780 | Size = 127045 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mp4fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2699 | Size = 73790 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mp4wrtr.dll -> C:\Program Files\Common Files\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98366 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
mpgfformat.dll -> C:\Program Files\Common Files\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1174 | Size = 69694 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mpgrender.dll -> C:\Program Files\Common Files\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 172094 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
ntlmauth.dll -> C:\Program Files\Common Files\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 45116 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pacplin.dll -> C:\Program Files\Common Files\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 360501 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pdgenxferfsys.dll -> C:\Program Files\Common Files\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1430 | Size = 73783 bytes | Created Date = 12/21/2006 11:32:23 PM | Attr = ]
plusplin.dll -> C:\Program Files\Common Files\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 57398 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pxcb3210.dll -> C:\Program Files\Common Files\Real\Plugins\pxcb3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.3995 | Size = 41003 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
ramfformat.dll -> C:\Program Files\Common Files\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2223 | Size = 45118 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
ramrender.dll -> C:\Program Files\Common Files\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1889 | Size = 57406 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rarender.dll -> C:\Program Files\Common Files\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.986 | Size = 151618 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
recf3260.dll -> C:\Program Files\Common Files\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2863 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
rmfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1201 | Size = 176191 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rmwrtr.dll -> C:\Program Files\Common Files\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282684 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
rmxfpln.dll -> C:\Program Files\Common Files\Real\Plugins\rmxfpln.dll -> RealNetworks, Inc. [Ver = 1.0.3.2277 | Size = 65579 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
rmxrend.dll -> C:\Program Files\Common Files\Real\Plugins\rmxrend.dll -> RealNetworks, Inc. [Ver = 1.0.3.2330 | Size = 106538 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
rn5auth.dll -> C:\Program Files\Common Files\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1179 | Size = 45114 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rtfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1183 | Size = 110657 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
rtrender.dll -> C:\Program Files\Common Files\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 122942 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
rvrender.dll -> C:\Program Files\Common Files\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1370 | Size = 172096 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
sdpplin.dll -> C:\Program Files\Common Files\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45111 bytes | Created Date = 12/21/2006 11:32:16 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Plugins\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
smlfformat.dll -> C:\Program Files\Common Files\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1859 | Size = 61503 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smlrender.dll -> C:\Program Files\Common Files\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 528444 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smmrender.dll -> C:\Program Files\Common Files\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 57412 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smplfsys.dll -> C:\Program Files\Common Files\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1767 | Size = 69685 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
stubdrm.dll -> C:\Program Files\Common Files\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1381 | Size = 32818 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
swfformat.dll -> C:\Program Files\Common Files\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1184 | Size = 94274 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
swfrender.dll -> C:\Program Files\Common Files\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 614464 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
tfilesys.dll -> C:\Program Files\Common Files\Real\Plugins\tfilesys.dll -> RealNetworks, Inc. [Ver = 1.0.3.2238 | Size = 57389 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
vidplin.dll -> C:\Program Files\Common Files\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 167995 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
vidsite.dll -> C:\Program Files\Common Files\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 376881 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
vsrcplin.dll -> C:\Program Files\Common Files\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 135230 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
vsrlocal.dll -> C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 94270 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
wm9fformat.dll -> C:\Program Files\Common Files\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1088 | Size = 176128 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
wm9writer.dll -> C:\Program Files\Common Files\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1072 | Size = 28719 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
wmsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.407 | Size = 180224 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
zipf3260.dll -> C:\Program Files\Common Files\Real\Plugins\zipf3260.dll -> RealNetworks, Inc. [Ver = 6.0.8.2550 | Size = 172075 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
gct23201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gct23201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6324 | Size = 151597 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gema3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gema3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3815 | Size = 90158 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gemx3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gemx3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.5869 | Size = 438318 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
locd3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2132 | Size = 102441 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
rpcontrols1.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2234 | Size = 733230 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
rpcontrols2.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2234 | Size = 667694 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
sonr3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2330 | Size = 196667 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
uisy3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3832 | Size = 426027 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
xmlc3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\xmlc3201.dll -> RealNetworks, Inc. [Ver = 0.1.1.2240 | Size = 53294 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
faus3270.dll -> C:\Program Files\Common Files\Real\Update_OB\faus3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3206 | Size = 385063 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
pnmi3270.dll -> C:\Program Files\Common Files\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.1907 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
r1puninst.exe -> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.3996 | Size = 184366 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
realonemessagecenter.exe -> C:\Program Files\Common Files\Real\Update_OB\realonemessagecenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 69688 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
RealPlayer-log.txt -> C:\Program Files\Common Files\Real\Update_OB\RealPlayer-log.txt -> [Ver = | Size = 75033 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnad3201.dll -> C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 98347 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnms3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll -> RealNetworks, Inc. [Ver = 7.0.1.3334 | Size = 327719 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnqu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3818 | Size = 303147 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
rnup3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnup3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3084 | Size = 167979 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
rnxproc.exe -> C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.2855 | Size = 53291 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
setu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\setu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4369 | Size = 294955 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
upgr3270.dll -> C:\Program Files\Common Files\Real\Update_OB\upgr3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3735 | Size = 335917 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
upgrdhlp.exe -> C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe -> RealNetworks, Inc. [Ver = 7.0.0.3550 | Size = 127021 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
annabelle.rpv -> C:\Program Files\Common Files\Real\Visualizations\annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
cosmicbelt.rpv -> C:\Program Files\Common Files\Real\Visualizations\cosmicbelt.rpv -> [Ver = | Size = 80384 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
fire.rpv -> C:\Program Files\Common Files\Real\Visualizations\fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
freqbands.rpv -> C:\Program Files\Common Files\Real\Visualizations\freqbands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
nebula.rpv -> C:\Program Files\Common Files\Real\Visualizations\nebula.rpv -> [Ver = | Size = 69632 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
xmencmp3.dll -> C:\Program Files\Common Files\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
Uninstall.exe -> C:\Program Files\Common Files\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Created Date = 11/30/2006 11:10:44 PM | Attr = ]
coreres.xrs -> C:\Program Files\Common Files\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.3943 | Size = 65587 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
ath.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\ath.vs -> [Ver = | Size = 32395 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
default.png -> C:\Program Files\Common Files\Real\Update_OB\UI\default.png -> [Ver = | Size = 7484 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
default.smi -> C:\Program Files\Common Files\Real\Update_OB\UI\default.smi -> [Ver = | Size = 436 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
mirak.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\mirak.vs -> [Ver = | Size = 9101 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
msgoff.htm -> C:\Program Files\Common Files\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\msgui.vs -> [Ver = | Size = 55012 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnupgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\rnupgui.vs -> [Ver = | Size = 43572 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
real_logo_93x44.gif -> C:\Program Files\Common Files\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgdata.js -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgstyle.css -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgstyle.css -> [Ver = | Size = 991 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
b6iqdkku.scf -> C:\WINDOWS\b6iqdkku.scf -> [Ver = | Size = 0 bytes | Created Date = 12/16/2006 8:52:44 PM | Attr = ]
KB923694.log -> C:\WINDOWS\KB923694.log -> [Ver = | Size = 12092 bytes | Created Date = 12/15/2006 5:46:38 PM | Attr = ]
KB925398.log -> C:\WINDOWS\KB925398.log -> [Ver = | Size = 8209 bytes | Created Date = 12/16/2006 1:04:38 AM | Attr = ]
KB925454.log -> C:\WINDOWS\KB925454.log -> [Ver = | Size = 45528 bytes | Created Date = 12/15/2006 5:47:51 PM | Attr = ]
KB926255.log -> C:\WINDOWS\KB926255.log -> [Ver = | Size = 12283 bytes | Created Date = 12/15/2006 5:46:59 PM | Attr = ]
e1.dll -> C:\WINDOWS\System32\e1.dll -> [Ver = | Size = 20480 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = ]
slbipsch.dll -> C:\WINDOWS\System32\slbipsch.dll -> [Ver = | Size = 114688 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = ]
vb5dmspo.dll -> C:\WINDOWS\System32\vb5dmspo.dll -> [Ver = | Size = 28672 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = ]
cdr4_xp.sys -> C:\WINDOWS\System32\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Created Date = 12/21/2006 11:25:28 PM | Attr = ]
cdralw2k.sys -> C:\WINDOWS\System32\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Created Date = 12/21/2006 11:25:28 PM | Attr = ]

[Files - Modified Wihin 30 days]
hiberfil.sys -> C:\hiberfil.sys -> [Ver = | Size = 1063714816 bytes | Modified Date = 12/23/2006 5:24:20 PM | Attr = HS]
sz.xml -> C:\sz.xml -> [Ver = | Size = 4903 bytes | Modified Date = 12/8/2006 4:42:00 PM | Attr = ]
install.log -> C:\Program Files\Common Files\AOL\AOLDiag\install.log -> [Ver = | Size = 85448 bytes | Modified Date = 11/30/2006 11:10:28 PM | Attr = ]
tbunins.exe -> C:\Program Files\Common Files\AOL\AOLDiag\tbunins.exe -> AOL LLC [Ver = 3.3.11.1 | Size = 88673 bytes | Modified Date = 11/30/2006 11:10:28 PM | Attr = ]
IPH.BAK -> C:\Program Files\Common Files\AOL\IPHSend\IPH.BAK -> [Ver = | Size = 1507 bytes | Modified Date = 11/30/2006 11:11:34 PM | Attr = H ]
alunins.exe -> C:\Program Files\Common Files\AOL\Loader\alunins.exe -> AOL LLC [Ver = 9.3.1.1 | Size = 88495 bytes | Modified Date = 11/30/2006 11:10:26 PM | Attr = ]
install.log -> C:\Program Files\Common Files\AOL\Loader\install.log -> [Ver = | Size = 14946 bytes | Modified Date = 11/30/2006 11:10:28 PM | Attr = ]
atrc.dll -> C:\Program Files\Common Files\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.2567 | Size = 77889 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
cook.dll -> C:\Program Files\Common Files\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.1873 | Size = 65602 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
drv1.dll -> C:\Program Files\Common Files\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 102464 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
drv2.dll -> C:\Program Files\Common Files\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 176195 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
drvc.dll -> C:\Pr

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:49 AM

Posted 23 December 2006 - 09:58 PM

Hi Nahmesh. Ok, let's get started. First, please print these directions so they will be available to you (we will be rebooting into Safe Mode during the fix).

Next, Please follow the steps below in order:

Step #1

Download CCleaner and install it but do not run it yet.

Step #2

Download AVG anti-spyware from HERE and save that file to your desktop.
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need to run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen, under "How to act" select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

Step #3

Now start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Registry - Non-Microsoft Only]
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> BitTorrent -> C:\Program Files\BitTorrent\bittorrent.exe
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls
YY -> vb5dmspo.dll -> C:\WINDOWS\system32\vb5dmspo.dll
YY -> e1.dll -> C:\WINDOWS\system32\e1.dll
[Files - Created Wihin 30 days]
NY -> b6iqdkku.scf -> C:\WINDOWS\b6iqdkku.scf
NY -> e1.dll -> C:\WINDOWS\System32\e1.dll
NY -> slbipsch.dll -> C:\WINDOWS\System32\slbipsch.dll
NY -> vb5dmspo.dll -> C:\WINDOWS\System32\vb5dmspo.dll
[Reboot]


The fix should only take a very short time and then you will be asked if you want to reboot. Choose Yes.

Reboot into Safe Mode by doing the following:
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #4

Start CCleaner and click on the Run Cleaner button in the lower right-hand corner. When it is finished close CCleaner.

Step #5

Launch AVG Anti-Spyware by double-clicking the icon on your desktop.

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
    • IMake sure that Set all elements to: shows Quarantine, if not click on the link and choose Quarantine from the popup menu.
    • At the bottom of the window click on the "Apply all actions" button
    Note: Don't save the report before you hit the Apply action button.
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
Step #6

Post the following back here:
  • a new WinPFind3U report
  • the AVG Anti-Spyware report
  • the latest .log file from the WinPFind3u folder (it will have a name in the format mmddyyyy_hhmmss.log)
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#5 Nahmesh

Nahmesh
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 25 December 2006 - 12:45 AM

thanks so much for ur help so far!!!
well the worm message doesnt appear so thats good
i cannot locate my .log file....but here is my WinPFind3U report then my AVG Anti-Spyware report
thanks a bunch again!!! (can i submit another hijack file for my other comp??)
:D

WinPFind3 logfile created on: 12/25/2006 12:35:29 AM
WinPFind3U by OldTimer - Version 1.0.1 Folder = C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)


[Processes - Non-Microsoft Only]
acrotray.exe -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe -> Adobe Systems Inc. [Ver = 6.0.0.2003051500 | Size = 217193 bytes | Modified Date = 5/15/2003 12:19:50 AM | Attr = ]
aolacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ]
aolsoftware.exe -> C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
avgas.exe -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
bcmwltry.exe -> C:\WINDOWS\system32\BCMWLTRY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1200128 bytes | Modified Date = 12/19/2005 3:08:40 PM | Attr = ]
dlg.exe -> C:\Program Files\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = ]
dsagnt.exe -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 1, 121 | Size = 332800 bytes | Modified Date = 5/15/2005 2:04:12 AM | Attr = ]
dvdlauncher.exe -> C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 49152 bytes | Modified Date = 12/9/2005 8:29:52 PM | Attr = ]
ffmpeg.exe -> C:\Program Files\VideoraiPodConverter\apps\ffmpeg.exe -> [Ver = | Size = 3624960 bytes | Modified Date = 11/7/2005 9:42:16 AM | Attr = ]
googleupdater.exe -> C:\Program Files\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.0.711.37800.beta | Size = 124856 bytes | Modified Date = 12/21/2006 10:22:04 PM | Attr = ]
googleupdaterservice.exe -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 12/21/2006 10:22:04 PM | Attr = ]
googlewebaccclient.exe -> C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe -> [Ver = | Size = 1609728 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
googlewebaccwarden.exe -> C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe -> [Ver = | Size = 598016 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
guard.exe -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
hkcmd.exe -> C:\WINDOWS\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 11:41:08 PM | Attr = ]
igfxpers.exe -> C:\WINDOWS\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 11:45:00 PM | Attr = ]
igfxsrvc.exe -> C:\WINDOWS\system32\igfxsrvc.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 159744 bytes | Modified Date = 12/13/2005 11:41:00 PM | Attr = ]
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
launchpad.exe -> C:\Documents and Settings\Matthew Oh\Application Data\U3\0000051019013162\LaunchPad.exe -> [Ver = 1, 0, 4, 13 | Size = 3117056 bytes | Modified Date = 10/11/2005 3:25:10 PM | Attr = ]
netwaiting.exe -> C:\Program Files\NetWaiting\netWaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 2:24:00 AM | Attr = ]
nicconfigsvc.exe -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 7, 0, 9, 0 | Size = 380928 bytes | Modified Date = 12/6/2005 10:45:26 AM | Attr = ]
pccguide.exe -> C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 823362 bytes | Modified Date = 8/30/2005 4:47:38 PM | Attr = ]
pcctlcom.exe -> C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1019 | Size = 880722 bytes | Modified Date = 9/4/2006 7:54:44 PM | Attr = ]
qttask.exe -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 9, 0 | Size = 839680 bytes | Modified Date = 12/6/2005 10:45:14 AM | Attr = ]
reader_sl.exe -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/23/2005 10:05:26 PM | Attr = ]
stsystra.exe -> C:\WINDOWS\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4823.0 nd322 cp1 | Size = 397312 bytes | Modified Date = 11/16/2005 9:35:16 PM | Attr = ]
syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 11/29/2005 6:56:30 PM | Attr = ]
tfswctrl.exe -> C:\WINDOWS\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
tmas_oemon.exe -> C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.5.0.1119 | Size = 176201 bytes | Modified Date = 4/11/2006 6:39:22 PM | Attr = ]
tmntsrv.exe -> C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 290889 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
tmpfw.exe -> C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -> Trend Micro Inc. [Ver = 2.0.0.1135 | Size = 585792 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
tmproxy.exe -> C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -> Trend Micro Inc. [Ver = 1.0.0.1135 | Size = 262215 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
videoraipodconverter.exe -> C:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe -> [Ver = 1.0.2141.24358 | Size = 483328 bytes | Modified Date = 11/11/2005 1:32:36 PM | Attr = ]
winpfind3u.exe -> C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.1.0 | Size = 302592 bytes | Modified Date = 12/21/2006 8:20:08 PM | Attr = ]
wltray.exe -> C:\WINDOWS\system32\WLTRAY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1347584 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]
wltrysvc.exe -> C:\WINDOWS\system32\WLTRYSVC.EXE -> [Ver = | Size = 18944 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
(gusvc) Google Updater Service [Win32_Own | Auto | Running] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 12/21/2006 10:22:04 PM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
(NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 7, 0, 9, 0 | Size = 380928 bytes | Modified Date = 12/6/2005 10:45:26 AM | Attr = ]
(PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1019 | Size = 880722 bytes | Modified Date = 9/4/2006 7:54:44 PM | Attr = ]
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 290889 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -> Trend Micro Inc. [Ver = 2.0.0.1135 | Size = 585792 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -> Trend Micro Inc. [Ver = 1.0.0.1135 | Size = 262215 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
Broadcom Wireless Manager UI -> C:\WINDOWS\system32\WLTRAY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1347584 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]
Dell QuickSet -> C:\Program Files\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 9, 0 | Size = 839680 bytes | Modified Date = 12/6/2005 10:45:14 AM | Attr = ]
dla -> C:\WINDOWS\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
DVDLauncher -> C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 49152 bytes | Modified Date = 12/9/2005 8:29:52 PM | Attr = ]
HostManager -> C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
igfxhkcmd -> C:\WINDOWS\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 11:41:08 PM | Attr = ]
igfxpers -> C:\WINDOWS\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 11:45:00 PM | Attr = ]
igfxtray -> C:\WINDOWS\system32\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 98304 bytes | Modified Date = 12/13/2005 11:44:18 PM | Attr = ]
IPHSend -> C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe -> America Online, Inc. [Ver = 1.0.12.1 | Size = 124520 bytes | Modified Date = 2/17/2006 11:59:48 AM | Attr = ]
ISUSPM Startup -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 249856 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
ISUSScheduler -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
iTunesHelper -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
MSPY2002 -> C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE -> [Ver = | Size = 59392 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
pccguide.exe -> C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 823362 bytes | Modified Date = 8/30/2005 4:47:38 PM | Attr = ]
QuickTime Task -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
ShowLOMControl -> -> File not found
SigmatelSysTrayApp -> C:\WINDOWS\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4823.0 nd322 cp1 | Size = 397312 bytes | Modified Date = 11/16/2005 9:35:16 PM | Attr = ]
SynTPEnh -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 11/29/2005 6:56:30 PM | Attr = ]
TkBellExe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DellSupport -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 1, 121 | Size = 332800 bytes | Modified Date = 5/15/2005 2:04:12 AM | Attr = ]
ModemOnHold -> C:\Program Files\NetWaiting\netWaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 2:24:00 AM | Attr = ]
OE_OEM -> C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.5.0.1119 | Size = 176201 bytes | Modified Date = 4/11/2006 6:39:22 PM | Attr = ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
-> -> File not found
e1.dll -> e1.dll -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 9:13:28 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
igfxcui -> C:\WINDOWS\system32\igfxdev.dll -> Intel Corporation [Ver = 3.0.0.4446 | Size = 139264 bytes | Modified Date = 12/13/2005 11:40:12 PM | Attr = ]
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.theme ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.dell.com ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.dell.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.dell.com/ ->
HKCU: URLSearchHooks\\{EA756889-2338-43DB-8F07-D1CA6FB9C90D} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOLTBSearch Class] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
online_musicmatch.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
{69A87B7D-DE56-4136-9655-716BA50C19C7} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [&Google Web Accelerator Helper] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar Launcher] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> c:\program files\Google\googletoolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
WebBrowser\\{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> 8196 - Reg Data - Value does not exist ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8195 - Reg Data - Value does not exist ->
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8193 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8197 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Data - Key not found [MenuText: Sun Java Console] ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> Reg Data - Value does not exist [ButtonText: AOL Toolbar] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&AOL Toolbar Search -> c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.htm -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{2F603045-309F-11CF-9774-0020AFD0CFF6} [HKLM] -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [Synaptics Control Panel] -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 6135899 bytes | Modified Date = 11/29/2005 6:44:38 PM | Attr = ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{771A9DA0-731A-11CE-993C-00AA004ADB6C} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\VBProp.dll [VBPropSheet] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 135239 bytes | Modified Date = 8/30/2005 4:47:48 PM | Attr = ]
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> C:\WINDOWS\system32\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll [Adobe.Acrobat.ContextMenu] -> Adobe Systems Inc. [Ver = 1.0.0.2003051500 | Size = 409687 bytes | Modified Date = 5/15/2003 12:41:08 AM | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> C:\Program Files\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2237 | Size = 49198 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll [Adobe.Acrobat.ContextMenu] -> Adobe Systems Inc. [Ver = 1.0.0.2003051500 | Size = 409687 bytes | Modified Date = 5/15/2003 12:41:08 AM | Attr = ]
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 6:40:48 AM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 6:40:48 AM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} [HKLM] -> C:\WINDOWS\system32\igfxpph.dll [igfxcui] -> Intel Corporation [Ver = 3.0.0.4446 | Size = 147456 bytes | Modified Date = 12/13/2005 11:44:02 PM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 2:20:02 AM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{397496ED-E294-492F-94F5-12FFABC41461} -> (1394 Net Adapter) ->
{5C95B2D1-8010-417F-BDE1-89DABA1875B8} -> (Broadcom 440x 10/100 Integrated Controller) ->
{7C201DED-69E6-49A9-92B7-B880D138E2E1} -> (Dell Wireless 1390 WLAN Mini-Card) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found


[Files - Created Wihin 30 days]
hiberfil.sys -> C:\hiberfil.sys -> [Ver = | Size = 1063714816 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = HS]
sz.xml -> C:\sz.xml -> [Ver = | Size = 4903 bytes | Created Date = 12/8/2006 4:41:59 PM | Attr = ]
atrc.dll -> C:\Program Files\Common Files\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.2567 | Size = 77889 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
cook.dll -> C:\Program Files\Common Files\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.1873 | Size = 65602 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
drv1.dll -> C:\Program Files\Common Files\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 102464 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
drv2.dll -> C:\Program Files\Common Files\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 176195 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
drvc.dll -> C:\Program Files\Common Files\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 266309 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
hxltcolor.dll -> C:\Program Files\Common Files\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.836 | Size = 241723 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
raac.dll -> C:\Program Files\Common Files\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.790 | Size = 553036 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
rv10.dll -> C:\Program Files\Common Files\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 49216 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv20.dll -> C:\Program Files\Common Files\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 57411 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv30.dll -> C:\Program Files\Common Files\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv40.dll -> C:\Program Files\Common Files\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
sipr.dll -> C:\Program Files\Common Files\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.2564 | Size = 106561 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
devices.ini -> C:\Program Files\Common Files\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Created Date = 12/21/2006 11:32:23 PM | Attr = ]
objb3201.dll -> C:\Program Files\Common Files\Real\Common\objb3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6391 | Size = 172077 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
pngu3267.dll -> C:\Program Files\Common Files\Real\Common\pngu3267.dll -> RealNetworks, Inc. [Ver = 6.7.0.2712 | Size = 421927 bytes | Created Date = 12/21/2006 11:32:06 PM | Attr = ]
rpun3260.dll -> C:\Program Files\Common Files\Real\Common\rpun3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2238 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Common\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
twebbrowse.dll -> C:\Program Files\Common Files\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1594 | Size = 81969 bytes | Created Date = 12/21/2006 11:32:09 PM | Attr = ]
barcontrol.dll -> C:\Program Files\Common Files\Real\GToolbar\barcontrol.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gdsapi.dll -> C:\Program Files\Common Files\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gdssetup.exe -> C:\Program Files\Common Files\Real\GToolbar\gdssetup.exe -> [Ver = | Size = 746600 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
googletoolbarinstaller.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
googletoolbarinstaller98.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller98.exe -> Google [Ver = 3, 0, 126, 3 | Size = 705704 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
aacff.dll -> C:\Program Files\Common Files\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.771 | Size = 69689 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
audplin.dll -> C:\Program Files\Common Files\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1207 | Size = 86075 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
authmgr.dll -> C:\Program Files\Common Files\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1429 | Size = 49207 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
cdda3260.dll -> C:\Program Files\Common Files\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2258 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
clbascauth.dll -> C:\Program Files\Common Files\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.978 | Size = 41023 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
clntxres.dll -> C:\Program Files\Common Files\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.3694 | Size = 53296 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
cont3260.dll -> C:\Program Files\Common Files\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.1897 | Size = 69677 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
fpsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Created Date = 12/21/2006 11:32:22 PM | Attr = ]
httpfsys.dll -> C:\Program Files\Common Files\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2779 | Size = 172084 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
hxsdp.dll -> C:\Program Files\Common Files\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 41006 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
hxxml.dll -> C:\Program Files\Common Files\Real\Plugins\hxxml.dll -> [Ver = | Size = 86065 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
imgrender.dll -> C:\Program Files\Common Files\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 528445 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
memfsys.dll -> C:\Program Files\Common Files\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.966 | Size = 77877 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
mp3fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2966 | Size = 45118 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp3metaff.dll -> C:\Program Files\Common Files\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.965 | Size = 65596 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp3render.dll -> C:\Program Files\Common Files\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 151614 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp4arender.dll -> C:\Program Files\Common Files\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.780 | Size = 127045 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mp4fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2699 | Size = 73790 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mp4wrtr.dll -> C:\Program Files\Common Files\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98366 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
mpgfformat.dll -> C:\Program Files\Common Files\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1174 | Size = 69694 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mpgrender.dll -> C:\Program Files\Common Files\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 172094 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
ntlmauth.dll -> C:\Program Files\Common Files\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 45116 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pacplin.dll -> C:\Program Files\Common Files\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 360501 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pdgenxferfsys.dll -> C:\Program Files\Common Files\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1430 | Size = 73783 bytes | Created Date = 12/21/2006 11:32:23 PM | Attr = ]
plusplin.dll -> C:\Program Files\Common Files\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 57398 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pxcb3210.dll -> C:\Program Files\Common Files\Real\Plugins\pxcb3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.3995 | Size = 41003 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
ramfformat.dll -> C:\Program Files\Common Files\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2223 | Size = 45118 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
ramrender.dll -> C:\Program Files\Common Files\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1889 | Size = 57406 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rarender.dll -> C:\Program Files\Common Files\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.986 | Size = 151618 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
recf3260.dll -> C:\Program Files\Common Files\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2863 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
rmfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1201 | Size = 176191 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rmwrtr.dll -> C:\Program Files\Common Files\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282684 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
rmxfpln.dll -> C:\Program Files\Common Files\Real\Plugins\rmxfpln.dll -> RealNetworks, Inc. [Ver = 1.0.3.2277 | Size = 65579 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
rmxrend.dll -> C:\Program Files\Common Files\Real\Plugins\rmxrend.dll -> RealNetworks, Inc. [Ver = 1.0.3.2330 | Size = 106538 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
rn5auth.dll -> C:\Program Files\Common Files\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1179 | Size = 45114 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rtfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1183 | Size = 110657 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
rtrender.dll -> C:\Program Files\Common Files\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 122942 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
rvrender.dll -> C:\Program Files\Common Files\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1370 | Size = 172096 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
sdpplin.dll -> C:\Program Files\Common Files\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45111 bytes | Created Date = 12/21/2006 11:32:16 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Plugins\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
smlfformat.dll -> C:\Program Files\Common Files\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1859 | Size = 61503 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smlrender.dll -> C:\Program Files\Common Files\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 528444 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smmrender.dll -> C:\Program Files\Common Files\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 57412 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smplfsys.dll -> C:\Program Files\Common Files\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1767 | Size = 69685 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
stubdrm.dll -> C:\Program Files\Common Files\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1381 | Size = 32818 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
swfformat.dll -> C:\Program Files\Common Files\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1184 | Size = 94274 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
swfrender.dll -> C:\Program Files\Common Files\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 614464 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
tfilesys.dll -> C:\Program Files\Common Files\Real\Plugins\tfilesys.dll -> RealNetworks, Inc. [Ver = 1.0.3.2238 | Size = 57389 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
vidplin.dll -> C:\Program Files\Common Files\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 167995 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
vidsite.dll -> C:\Program Files\Common Files\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 376881 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
vsrcplin.dll -> C:\Program Files\Common Files\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 135230 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
vsrlocal.dll -> C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 94270 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
wm9fformat.dll -> C:\Program Files\Common Files\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1088 | Size = 176128 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
wm9writer.dll -> C:\Program Files\Common Files\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1072 | Size = 28719 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
wmsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.407 | Size = 180224 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
zipf3260.dll -> C:\Program Files\Common Files\Real\Plugins\zipf3260.dll -> RealNetworks, Inc. [Ver = 6.0.8.2550 | Size = 172075 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
gct23201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gct23201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6324 | Size = 151597 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gema3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gema3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3815 | Size = 90158 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gemx3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gemx3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.5869 | Size = 438318 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
locd3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2132 | Size = 102441 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
rpcontrols1.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2234 | Size = 733230 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
rpcontrols2.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2234 | Size = 667694 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
sonr3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2330 | Size = 196667 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
uisy3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3832 | Size = 426027 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
xmlc3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\xmlc3201.dll -> RealNetworks, Inc. [Ver = 0.1.1.2240 | Size = 53294 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
faus3270.dll -> C:\Program Files\Common Files\Real\Update_OB\faus3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3206 | Size = 385063 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
pnmi3270.dll -> C:\Program Files\Common Files\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.1907 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
r1puninst.exe -> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.3996 | Size = 184366 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
realonemessagecenter.exe -> C:\Program Files\Common Files\Real\Update_OB\realonemessagecenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 69688 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
RealPlayer-log.txt -> C:\Program Files\Common Files\Real\Update_OB\RealPlayer-log.txt -> [Ver = | Size = 75033 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnad3201.dll -> C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 98347 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnms3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll -> RealNetworks, Inc. [Ver = 7.0.1.3334 | Size = 327719 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnqu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3818 | Size = 303147 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
rnup3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnup3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3084 | Size = 167979 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
rnxproc.exe -> C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.2855 | Size = 53291 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
setu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\setu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4369 | Size = 294955 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
upgr3270.dll -> C:\Program Files\Common Files\Real\Update_OB\upgr3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3735 | Size = 335917 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
upgrdhlp.exe -> C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe -> RealNetworks, Inc. [Ver = 7.0.0.3550 | Size = 127021 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
annabelle.rpv -> C:\Program Files\Common Files\Real\Visualizations\annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
cosmicbelt.rpv -> C:\Program Files\Common Files\Real\Visualizations\cosmicbelt.rpv -> [Ver = | Size = 80384 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
fire.rpv -> C:\Program Files\Common Files\Real\Visualizations\fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
freqbands.rpv -> C:\Program Files\Common Files\Real\Visualizations\freqbands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
nebula.rpv -> C:\Program Files\Common Files\Real\Visualizations\nebula.rpv -> [Ver = | Size = 69632 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
xmencmp3.dll -> C:\Program Files\Common Files\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
Uninstall.exe -> C:\Program Files\Common Files\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Created Date = 11/30/2006 11:10:44 PM | Attr = ]
coreres.xrs -> C:\Program Files\Common Files\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.3943 | Size = 65587 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
ath.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\ath.vs -> [Ver = | Size = 32395 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
default.png -> C:\Program Files\Common Files\Real\Update_OB\UI\default.png -> [Ver = | Size = 7484 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
default.smi -> C:\Program Files\Common Files\Real\Update_OB\UI\default.smi -> [Ver = | Size = 436 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
mirak.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\mirak.vs -> [Ver = | Size = 9101 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
msgoff.htm -> C:\Program Files\Common Files\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\msgui.vs -> [Ver = | Size = 55012 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnupgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\rnupgui.vs -> [Ver = | Size = 43572 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
real_logo_93x44.gif -> C:\Program Files\Common Files\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgdata.js -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgstyle.css -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgstyle.css -> [Ver = | Size = 991 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
0.log -> C:\WINDOWS\0.log -> [Ver = | Size = 0 bytes | Created Date = 12/25/2006 12:30:45 AM | Attr = ]
ntbtlog.txt -> C:\WINDOWS\ntbtlog.txt -> [Ver = | Size = 121836 bytes | Created Date = 12/24/2006 9:30:27 PM | Attr = ]
SchedLgU.Txt -> C:\WINDOWS\SchedLgU.Txt -> [Ver = | Size = 238 bytes | Created Date = 12/25/2006 12

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:49 AM

Posted 25 December 2006 - 01:17 PM

Hi Nahmesh. It looks like the log is too big to fit into 1 post. Go to the WinPFind3u folder and open the WinPFind3.txt file in Notepad. Scroll down to the section named [Files - Created Wihin 30 days] and copy the information from that point to the end of the file back here. Also, copy your AVG Anti-Spyware report back here in an additional post so I can take a look at it.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#7 Nahmesh

Nahmesh
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 25 December 2006 - 03:25 PM

[Files - Created Wihin 30 days]
hiberfil.sys -> C:\hiberfil.sys -> [Ver = | Size = 1063714816 bytes | Created Date = 1/1/1601 5:00:00 AM | Attr = HS]
sz.xml -> C:\sz.xml -> [Ver = | Size = 4903 bytes | Created Date = 12/8/2006 4:41:59 PM | Attr = ]
atrc.dll -> C:\Program Files\Common Files\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.2567 | Size = 77889 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
cook.dll -> C:\Program Files\Common Files\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.1873 | Size = 65602 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
drv1.dll -> C:\Program Files\Common Files\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 102464 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
drv2.dll -> C:\Program Files\Common Files\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 176195 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
drvc.dll -> C:\Program Files\Common Files\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 266309 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
hxltcolor.dll -> C:\Program Files\Common Files\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.836 | Size = 241723 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
raac.dll -> C:\Program Files\Common Files\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.790 | Size = 553036 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
rv10.dll -> C:\Program Files\Common Files\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 49216 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv20.dll -> C:\Program Files\Common Files\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 57411 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv30.dll -> C:\Program Files\Common Files\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
rv40.dll -> C:\Program Files\Common Files\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
sipr.dll -> C:\Program Files\Common Files\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.2564 | Size = 106561 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
devices.ini -> C:\Program Files\Common Files\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Created Date = 12/21/2006 11:32:23 PM | Attr = ]
objb3201.dll -> C:\Program Files\Common Files\Real\Common\objb3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6391 | Size = 172077 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
pngu3267.dll -> C:\Program Files\Common Files\Real\Common\pngu3267.dll -> RealNetworks, Inc. [Ver = 6.7.0.2712 | Size = 421927 bytes | Created Date = 12/21/2006 11:32:06 PM | Attr = ]
rpun3260.dll -> C:\Program Files\Common Files\Real\Common\rpun3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2238 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Common\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
twebbrowse.dll -> C:\Program Files\Common Files\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1594 | Size = 81969 bytes | Created Date = 12/21/2006 11:32:09 PM | Attr = ]
barcontrol.dll -> C:\Program Files\Common Files\Real\GToolbar\barcontrol.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gdsapi.dll -> C:\Program Files\Common Files\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gdssetup.exe -> C:\Program Files\Common Files\Real\GToolbar\gdssetup.exe -> [Ver = | Size = 746600 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
googletoolbarinstaller.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
googletoolbarinstaller98.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller98.exe -> Google [Ver = 3, 0, 126, 3 | Size = 705704 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
aacff.dll -> C:\Program Files\Common Files\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.771 | Size = 69689 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
audplin.dll -> C:\Program Files\Common Files\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1207 | Size = 86075 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
authmgr.dll -> C:\Program Files\Common Files\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1429 | Size = 49207 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
cdda3260.dll -> C:\Program Files\Common Files\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2258 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
clbascauth.dll -> C:\Program Files\Common Files\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.978 | Size = 41023 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
clntxres.dll -> C:\Program Files\Common Files\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.3694 | Size = 53296 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
cont3260.dll -> C:\Program Files\Common Files\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.1897 | Size = 69677 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
fpsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Created Date = 12/21/2006 11:32:22 PM | Attr = ]
httpfsys.dll -> C:\Program Files\Common Files\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2779 | Size = 172084 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
hxsdp.dll -> C:\Program Files\Common Files\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 41006 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
hxxml.dll -> C:\Program Files\Common Files\Real\Plugins\hxxml.dll -> [Ver = | Size = 86065 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
imgrender.dll -> C:\Program Files\Common Files\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 528445 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
memfsys.dll -> C:\Program Files\Common Files\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.966 | Size = 77877 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
mp3fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2966 | Size = 45118 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp3metaff.dll -> C:\Program Files\Common Files\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.965 | Size = 65596 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp3render.dll -> C:\Program Files\Common Files\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 151614 bytes | Created Date = 12/21/2006 11:32:17 PM | Attr = ]
mp4arender.dll -> C:\Program Files\Common Files\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.780 | Size = 127045 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mp4fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2699 | Size = 73790 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mp4wrtr.dll -> C:\Program Files\Common Files\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98366 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
mpgfformat.dll -> C:\Program Files\Common Files\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1174 | Size = 69694 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
mpgrender.dll -> C:\Program Files\Common Files\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 172094 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
ntlmauth.dll -> C:\Program Files\Common Files\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 45116 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pacplin.dll -> C:\Program Files\Common Files\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 360501 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pdgenxferfsys.dll -> C:\Program Files\Common Files\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1430 | Size = 73783 bytes | Created Date = 12/21/2006 11:32:23 PM | Attr = ]
plusplin.dll -> C:\Program Files\Common Files\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 57398 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
pxcb3210.dll -> C:\Program Files\Common Files\Real\Plugins\pxcb3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.3995 | Size = 41003 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
ramfformat.dll -> C:\Program Files\Common Files\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2223 | Size = 45118 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
ramrender.dll -> C:\Program Files\Common Files\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1889 | Size = 57406 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rarender.dll -> C:\Program Files\Common Files\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.986 | Size = 151618 bytes | Created Date = 12/21/2006 11:32:12 PM | Attr = ]
recf3260.dll -> C:\Program Files\Common Files\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2863 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
rmfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1201 | Size = 176191 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rmwrtr.dll -> C:\Program Files\Common Files\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282684 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
rmxfpln.dll -> C:\Program Files\Common Files\Real\Plugins\rmxfpln.dll -> RealNetworks, Inc. [Ver = 1.0.3.2277 | Size = 65579 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
rmxrend.dll -> C:\Program Files\Common Files\Real\Plugins\rmxrend.dll -> RealNetworks, Inc. [Ver = 1.0.3.2330 | Size = 106538 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
rn5auth.dll -> C:\Program Files\Common Files\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1179 | Size = 45114 bytes | Created Date = 12/21/2006 11:32:03 PM | Attr = ]
rtfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1183 | Size = 110657 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
rtrender.dll -> C:\Program Files\Common Files\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 122942 bytes | Created Date = 12/21/2006 11:32:14 PM | Attr = ]
rvrender.dll -> C:\Program Files\Common Files\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1370 | Size = 172096 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
sdpplin.dll -> C:\Program Files\Common Files\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45111 bytes | Created Date = 12/21/2006 11:32:16 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Plugins\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
smlfformat.dll -> C:\Program Files\Common Files\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1859 | Size = 61503 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smlrender.dll -> C:\Program Files\Common Files\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 528444 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smmrender.dll -> C:\Program Files\Common Files\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 57412 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
smplfsys.dll -> C:\Program Files\Common Files\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1767 | Size = 69685 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
stubdrm.dll -> C:\Program Files\Common Files\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1381 | Size = 32818 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
swfformat.dll -> C:\Program Files\Common Files\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1184 | Size = 94274 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
swfrender.dll -> C:\Program Files\Common Files\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 614464 bytes | Created Date = 12/21/2006 11:32:13 PM | Attr = ]
tfilesys.dll -> C:\Program Files\Common Files\Real\Plugins\tfilesys.dll -> RealNetworks, Inc. [Ver = 1.0.3.2238 | Size = 57389 bytes | Created Date = 12/21/2006 11:32:21 PM | Attr = ]
vidplin.dll -> C:\Program Files\Common Files\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 167995 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
vidsite.dll -> C:\Program Files\Common Files\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 376881 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
vsrcplin.dll -> C:\Program Files\Common Files\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 135230 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
vsrlocal.dll -> C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 94270 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
wm9fformat.dll -> C:\Program Files\Common Files\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1088 | Size = 176128 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
wm9writer.dll -> C:\Program Files\Common Files\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1072 | Size = 28719 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
wmsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.407 | Size = 180224 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
zipf3260.dll -> C:\Program Files\Common Files\Real\Plugins\zipf3260.dll -> RealNetworks, Inc. [Ver = 6.0.8.2550 | Size = 172075 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
gct23201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gct23201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6324 | Size = 151597 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gema3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gema3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3815 | Size = 90158 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
gemx3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gemx3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.5869 | Size = 438318 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
locd3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2132 | Size = 102441 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
rpcontrols1.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2234 | Size = 733230 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
rpcontrols2.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2234 | Size = 667694 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
sonr3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2330 | Size = 196667 bytes | Created Date = 12/21/2006 11:32:19 PM | Attr = ]
uisy3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3832 | Size = 426027 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
xmlc3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\xmlc3201.dll -> RealNetworks, Inc. [Ver = 0.1.1.2240 | Size = 53294 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
faus3270.dll -> C:\Program Files\Common Files\Real\Update_OB\faus3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3206 | Size = 385063 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
pnmi3270.dll -> C:\Program Files\Common Files\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.1907 | Size = 36909 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
r1puninst.exe -> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.3996 | Size = 184366 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
realonemessagecenter.exe -> C:\Program Files\Common Files\Real\Update_OB\realonemessagecenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 69688 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
RealPlayer-log.txt -> C:\Program Files\Common Files\Real\Update_OB\RealPlayer-log.txt -> [Ver = | Size = 75033 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnad3201.dll -> C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 98347 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnms3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll -> RealNetworks, Inc. [Ver = 7.0.1.3334 | Size = 327719 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnqu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3818 | Size = 303147 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
rnup3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnup3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3084 | Size = 167979 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
rnxproc.exe -> C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.2855 | Size = 53291 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
setu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\setu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4369 | Size = 294955 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
upgr3270.dll -> C:\Program Files\Common Files\Real\Update_OB\upgr3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3735 | Size = 335917 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
upgrdhlp.exe -> C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe -> RealNetworks, Inc. [Ver = 7.0.0.3550 | Size = 127021 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
annabelle.rpv -> C:\Program Files\Common Files\Real\Visualizations\annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
cosmicbelt.rpv -> C:\Program Files\Common Files\Real\Visualizations\cosmicbelt.rpv -> [Ver = | Size = 80384 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
fire.rpv -> C:\Program Files\Common Files\Real\Visualizations\fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
freqbands.rpv -> C:\Program Files\Common Files\Real\Visualizations\freqbands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
nebula.rpv -> C:\Program Files\Common Files\Real\Visualizations\nebula.rpv -> [Ver = | Size = 69632 bytes | Created Date = 12/21/2006 11:32:18 PM | Attr = ]
xmencmp3.dll -> C:\Program Files\Common Files\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Created Date = 12/21/2006 11:32:20 PM | Attr = ]
Uninstall.exe -> C:\Program Files\Common Files\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Created Date = 11/30/2006 11:10:44 PM | Attr = ]
coreres.xrs -> C:\Program Files\Common Files\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.3943 | Size = 65587 bytes | Created Date = 12/21/2006 11:32:04 PM | Attr = ]
ath.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\ath.vs -> [Ver = | Size = 32395 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
default.png -> C:\Program Files\Common Files\Real\Update_OB\UI\default.png -> [Ver = | Size = 7484 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
default.smi -> C:\Program Files\Common Files\Real\Update_OB\UI\default.smi -> [Ver = | Size = 436 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
mirak.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\mirak.vs -> [Ver = | Size = 9101 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
msgoff.htm -> C:\Program Files\Common Files\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\msgui.vs -> [Ver = | Size = 55012 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
rnupgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\rnupgui.vs -> [Ver = | Size = 43572 bytes | Created Date = 12/21/2006 11:32:01 PM | Attr = ]
real_logo_93x44.gif -> C:\Program Files\Common Files\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgdata.js -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
msgstyle.css -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgstyle.css -> [Ver = | Size = 991 bytes | Created Date = 12/21/2006 11:32:02 PM | Attr = ]
0.log -> C:\WINDOWS\0.log -> [Ver = | Size = 0 bytes | Created Date = 12/25/2006 12:30:45 AM | Attr = ]
ntbtlog.txt -> C:\WINDOWS\ntbtlog.txt -> [Ver = | Size = 121836 bytes | Created Date = 12/24/2006 9:30:27 PM | Attr = ]
SchedLgU.Txt -> C:\WINDOWS\SchedLgU.Txt -> [Ver = | Size = 238 bytes | Created Date = 12/25/2006 12:30:12 AM | Attr = ]
WindowsUpdate.log -> C:\WINDOWS\WindowsUpdate.log -> [Ver = | Size = 1740 bytes | Created Date = 12/24/2006 9:55:43 PM | Attr = ]
AvgAsCln.sys -> C:\WINDOWS\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 12/24/2006 9:11:39 PM | Attr = ]
cdr4_xp.sys -> C:\WINDOWS\System32\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Created Date = 12/21/2006 11:25:28 PM | Attr = ]
cdralw2k.sys -> C:\WINDOWS\System32\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Created Date = 12/21/2006 11:25:28 PM | Attr = ]

[Files - Modified Wihin 30 days]
hiberfil.sys -> C:\hiberfil.sys -> [Ver = | Size = 1063714816 bytes | Modified Date = 12/25/2006 12:30:10 AM | Attr = HS]
sz.xml -> C:\sz.xml -> [Ver = | Size = 4903 bytes | Modified Date = 12/8/2006 4:42:00 PM | Attr = ]
install.log -> C:\Program Files\Common Files\AOL\AOLDiag\install.log -> [Ver = | Size = 85448 bytes | Modified Date = 11/30/2006 11:10:28 PM | Attr = ]
tbunins.exe -> C:\Program Files\Common Files\AOL\AOLDiag\tbunins.exe -> AOL LLC [Ver = 3.3.11.1 | Size = 88673 bytes | Modified Date = 11/30/2006 11:10:28 PM | Attr = ]
IPH.BAK -> C:\Program Files\Common Files\AOL\IPHSend\IPH.BAK -> [Ver = | Size = 1507 bytes | Modified Date = 11/30/2006 11:11:34 PM | Attr = H ]
alunins.exe -> C:\Program Files\Common Files\AOL\Loader\alunins.exe -> AOL LLC [Ver = 9.3.1.1 | Size = 88495 bytes | Modified Date = 11/30/2006 11:10:26 PM | Attr = ]
install.log -> C:\Program Files\Common Files\AOL\Loader\install.log -> [Ver = | Size = 14946 bytes | Modified Date = 11/30/2006 11:10:28 PM | Attr = ]
atrc.dll -> C:\Program Files\Common Files\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.2567 | Size = 77889 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
cook.dll -> C:\Program Files\Common Files\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.1873 | Size = 65602 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
drv1.dll -> C:\Program Files\Common Files\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 102464 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
drv2.dll -> C:\Program Files\Common Files\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 176195 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
drvc.dll -> C:\Program Files\Common Files\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 266309 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
hxltcolor.dll -> C:\Program Files\Common Files\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.836 | Size = 241723 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
raac.dll -> C:\Program Files\Common Files\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.790 | Size = 553036 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
rv10.dll -> C:\Program Files\Common Files\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 49216 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
rv20.dll -> C:\Program Files\Common Files\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.1899 | Size = 57411 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
rv30.dll -> C:\Program Files\Common Files\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
rv40.dll -> C:\Program Files\Common Files\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1466 | Size = 49221 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
sipr.dll -> C:\Program Files\Common Files\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.2564 | Size = 106561 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
devices.ini -> C:\Program Files\Common Files\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Modified Date = 12/21/2006 11:32:24 PM | Attr = ]
objb3201.dll -> C:\Program Files\Common Files\Real\Common\objb3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6391 | Size = 172077 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
pnen3260.dll -> C:\Program Files\Common Files\Real\Common\pnen3260.dll -> RealNetworks, Inc. [Ver = 10.0.0.1007 | Size = 1306675 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
pngu3267.dll -> C:\Program Files\Common Files\Real\Common\pngu3267.dll -> RealNetworks, Inc. [Ver = 6.7.0.2712 | Size = 421927 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
pnrs3260.dll -> C:\Program Files\Common Files\Real\Common\pnrs3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.4068 | Size = 28717 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
rjbviz.dll -> C:\Program Files\Common Files\Real\Common\rjbviz.dll -> RealNetworks, Inc. [Ver = 1.0.2.3892 | Size = 147497 bytes | Modified Date = 12/21/2006 11:32:18 PM | Attr = ]
rppr3260.dll -> C:\Program Files\Common Files\Real\Common\rppr3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2239 | Size = 28715 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
rpun3260.dll -> C:\Program Files\Common Files\Real\Common\rpun3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2238 | Size = 36909 bytes | Modified Date = 12/21/2006 11:32:24 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Common\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
twebbrowse.dll -> C:\Program Files\Common Files\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1594 | Size = 81969 bytes | Modified Date = 12/21/2006 11:32:10 PM | Attr = ]
barcontrol.dll -> C:\Program Files\Common Files\Real\GToolbar\barcontrol.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
gdsapi.dll -> C:\Program Files\Common Files\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
gdssetup.exe -> C:\Program Files\Common Files\Real\GToolbar\gdssetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
googletoolbarinstaller.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
googletoolbarinstaller98.exe -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller98.exe -> Google [Ver = 3, 0, 126, 3 | Size = 705704 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
aacff.dll -> C:\Program Files\Common Files\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.771 | Size = 69689 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
audplin.dll -> C:\Program Files\Common Files\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1207 | Size = 86075 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
authmgr.dll -> C:\Program Files\Common Files\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1429 | Size = 49207 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
cdda3260.dll -> C:\Program Files\Common Files\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2258 | Size = 36909 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
clbascauth.dll -> C:\Program Files\Common Files\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.978 | Size = 41023 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
clntxres.dll -> C:\Program Files\Common Files\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.3694 | Size = 53296 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
cont3260.dll -> C:\Program Files\Common Files\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.1897 | Size = 69677 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
fpsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Modified Date = 12/21/2006 11:32:24 PM | Attr = ]
httpfsys.dll -> C:\Program Files\Common Files\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2779 | Size = 172084 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
hxsdp.dll -> C:\Program Files\Common Files\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 41006 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
hxxml.dll -> C:\Program Files\Common Files\Real\Plugins\hxxml.dll -> [Ver = | Size = 86065 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
imgrender.dll -> C:\Program Files\Common Files\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 528445 bytes | Modified Date = 12/21/2006 11:32:16 PM | Attr = ]
memfsys.dll -> C:\Program Files\Common Files\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.966 | Size = 77877 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
mp3fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2966 | Size = 45118 bytes | Modified Date = 12/21/2006 11:32:18 PM | Attr = ]
mp3metaff.dll -> C:\Program Files\Common Files\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.965 | Size = 65596 bytes | Modified Date = 12/21/2006 11:32:18 PM | Attr = ]
mp3render.dll -> C:\Program Files\Common Files\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 151614 bytes | Modified Date = 12/21/2006 11:32:18 PM | Attr = ]
mp4arender.dll -> C:\Program Files\Common Files\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.780 | Size = 127045 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
mp4fformat.dll -> C:\Program Files\Common Files\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2699 | Size = 73790 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
mp4wrtr.dll -> C:\Program Files\Common Files\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98366 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
mpgfformat.dll -> C:\Program Files\Common Files\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1174 | Size = 69694 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
mpgrender.dll -> C:\Program Files\Common Files\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 172094 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
ntlmauth.dll -> C:\Program Files\Common Files\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.956 | Size = 45116 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
pacplin.dll -> C:\Program Files\Common Files\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 360501 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
pdgenxferfsys.dll -> C:\Program Files\Common Files\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1430 | Size = 73783 bytes | Modified Date = 12/21/2006 11:32:24 PM | Attr = ]
plusplin.dll -> C:\Program Files\Common Files\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 57398 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
pxcb3210.dll -> C:\Program Files\Common Files\Real\Plugins\pxcb3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.3995 | Size = 41003 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
ramfformat.dll -> C:\Program Files\Common Files\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2223 | Size = 45118 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
ramrender.dll -> C:\Program Files\Common Files\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1889 | Size = 57406 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
rarender.dll -> C:\Program Files\Common Files\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.986 | Size = 151618 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
recf3260.dll -> C:\Program Files\Common Files\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2863 | Size = 36909 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
rmfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1201 | Size = 176191 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
rmwrtr.dll -> C:\Program Files\Common Files\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282684 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
rmxfpln.dll -> C:\Program Files\Common Files\Real\Plugins\rmxfpln.dll -> RealNetworks, Inc. [Ver = 1.0.3.2277 | Size = 65579 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
rmxrend.dll -> C:\Program Files\Common Files\Real\Plugins\rmxrend.dll -> RealNetworks, Inc. [Ver = 1.0.3.2330 | Size = 106538 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
rn5auth.dll -> C:\Program Files\Common Files\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1179 | Size = 45114 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
rtfformat.dll -> C:\Program Files\Common Files\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1183 | Size = 110657 bytes | Modified Date = 12/21/2006 11:32:16 PM | Attr = ]
rtrender.dll -> C:\Program Files\Common Files\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 122942 bytes | Modified Date = 12/21/2006 11:32:16 PM | Attr = ]
rvrender.dll -> C:\Program Files\Common Files\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1370 | Size = 172096 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
sdpplin.dll -> C:\Program Files\Common Files\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45111 bytes | Modified Date = 12/21/2006 11:32:18 PM | Attr = ]
security.dll -> C:\Program Files\Common Files\Real\Plugins\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2268 | Size = 45103 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
smlfformat.dll -> C:\Program Files\Common Files\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1859 | Size = 61503 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
smlrender.dll -> C:\Program Files\Common Files\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 528444 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
smmrender.dll -> C:\Program Files\Common Files\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.976 | Size = 57412 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
smplfsys.dll -> C:\Program Files\Common Files\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1767 | Size = 69685 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
stubdrm.dll -> C:\Program Files\Common Files\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1381 | Size = 32818 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
swfformat.dll -> C:\Program Files\Common Files\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1184 | Size = 94274 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
swfrender.dll -> C:\Program Files\Common Files\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.977 | Size = 614464 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
tfilesys.dll -> C:\Program Files\Common Files\Real\Plugins\tfilesys.dll -> RealNetworks, Inc. [Ver = 1.0.3.2238 | Size = 57389 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
vidplin.dll -> C:\Program Files\Common Files\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.993 | Size = 167995 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
vidsite.dll -> C:\Program Files\Common Files\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.979 | Size = 376881 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
vsrcplin.dll -> C:\Program Files\Common Files\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 135230 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
vsrlocal.dll -> C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.906 | Size = 94270 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
wm9fformat.dll -> C:\Program Files\Common Files\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1088 | Size = 176128 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
wm9writer.dll -> C:\Program Files\Common Files\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1072 | Size = 28719 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
wmsechnd.dll -> C:\Program Files\Common Files\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.407 | Size = 180224 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
zipf3260.dll -> C:\Program Files\Common Files\Real\Plugins\zipf3260.dll -> RealNetworks, Inc. [Ver = 6.0.8.2550 | Size = 172075 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
gct23201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gct23201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6324 | Size = 151597 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
gema3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gema3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3815 | Size = 90158 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
gemx3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\gemx3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.5869 | Size = 438318 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
locd3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2132 | Size = 102441 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
rpcontrols1.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2234 | Size = 733230 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
rpcontrols2.dll -> C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2234 | Size = 667694 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
sonr3210.dll -> C:\Program Files\Common Files\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2330 | Size = 196667 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
uisy3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3832 | Size = 426027 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
xmlc3201.dll -> C:\Program Files\Common Files\Real\RCAPlugins\xmlc3201.dll -> RealNetworks, Inc. [Ver = 0.1.1.2240 | Size = 53294 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
faus3270.dll -> C:\Program Files\Common Files\Real\Update_OB\faus3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3206 | Size = 385063 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
pnmi3270.dll -> C:\Program Files\Common Files\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.1907 | Size = 36909 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
r1puninst.exe -> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.3996 | Size = 184366 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
realonemessagecenter.exe -> C:\Program Files\Common Files\Real\Update_OB\realonemessagecenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 69688 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
RealPlayer-log.txt -> C:\Program Files\Common Files\Real\Update_OB\RealPlayer-log.txt -> [Ver = | Size = 75033 bytes | Modified Date = 12/21/2006 11:32:34 PM | Attr = ]
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
rnad3201.dll -> C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 98347 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
rnms3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll -> RealNetworks, Inc. [Ver = 7.0.1.3334 | Size = 327719 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
rnqu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3818 | Size = 303147 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
rnup3270.dll -> C:\Program Files\Common Files\Real\Update_OB\rnup3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3084 | Size = 167979 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
rnxproc.exe -> C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.2855 | Size = 53291 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
setu3270.dll -> C:\Program Files\Common Files\Real\Update_OB\setu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4369 | Size = 294955 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
upgr3270.dll -> C:\Program Files\Common Files\Real\Update_OB\upgr3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3735 | Size = 335917 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
upgrdhlp.exe -> C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe -> RealNetworks, Inc. [Ver = 7.0.0.3550 | Size = 127021 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
annabelle.rpv -> C:\Program Files\Common Files\Real\Visualizations\annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
cosmicbelt.rpv -> C:\Program Files\Common Files\Real\Visualizations\cosmicbelt.rpv -> [Ver = | Size = 80384 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
fire.rpv -> C:\Program Files\Common Files\Real\Visualizations\fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
freqbands.rpv -> C:\Program Files\Common Files\Real\Visualizations\freqbands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
nebula.rpv -> C:\Program Files\Common Files\Real\Visualizations\nebula.rpv -> [Ver = | Size = 69632 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
xmencmp3.dll -> C:\Program Files\Common Files\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Modified Date = 12/21/2006 11:32:22 PM | Attr = ]
ocpiman.ini -> C:\Program Files\Common Files\AOL\1146929070\ee\ocpiman.ini -> [Ver = | Size = 416 bytes | Modified Date = 11/30/2006 11:10:44 PM | Attr = ]
Uninstall.exe -> C:\Program Files\Common Files\Nullsoft\ActiveX\2.6\Uninstall.exe -> [Ver = | Size = 32675 bytes | Modified Date = 11/30/2006 11:10:46 PM | Attr = ]
coreres.xrs -> C:\Program Files\Common Files\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.3943 | Size = 65587 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
ath.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\ath.vs -> [Ver = | Size = 32395 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
default.png -> C:\Program Files\Common Files\Real\Update_OB\UI\default.png -> [Ver = | Size = 7484 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
default.smi -> C:\Program Files\Common Files\Real\Update_OB\UI\default.smi -> [Ver = | Size = 436 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
mirak.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\mirak.vs -> [Ver = | Size = 9101 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
msgoff.htm -> C:\Program Files\Common Files\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
msgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\msgui.vs -> [Ver = | Size = 55012 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
rnupgui.vs -> C:\Program Files\Common Files\Real\Update_OB\UI\rnupgui.vs -> [Ver = | Size = 43572 bytes | Modified Date = 12/21/2006 11:32:02 PM | Attr = ]
real_logo_93x44.gif -> C:\Program Files\Common Files\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
msgdata.js -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
msgstyle.css -> C:\Program Files\Common Files\Real\Update_OB\UI\loc\msgstyle.css -> [Ver = | Size = 991 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
0.log -> C:\WINDOWS\0.log -> [Ver = | Size = 0 bytes | Modified Date = 12/25/2006 12:30:46 AM | Attr = ]
atid.ini -> C:\WINDOWS\atid.ini -> [Ver = | Size = 29 bytes | Modified Date = 11/30/2006 11:03:52 PM | Attr = ]
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 12/25/2006 12:30:12 AM | Attr = S]
ModemLog_Conexant HDA D110 MDC V.92 Modem.txt -> C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt -> [Ver = | Size = 4608 bytes | Modified Date = 12/25/2006 12:30:16 AM | Attr = ]
ntbtlog.txt -> C:\WINDOWS\ntbtlog.txt -> [Ver = | Size = 121836 bytes | Modified Date = 12/24/2006 11:44:40 PM | Attr = ]
SchedLgU.Txt -> C:\WINDOWS\SchedLgU.Txt -> [Ver = | Size = 238 bytes | Modified Date = 12/25/2006 12:30:14 AM | Attr = ]
WindowsUpdate.log -> C:\WINDOWS\WindowsUpdate.log -> [Ver = | Size = 1740 bytes | Modified Date = 12/25/2006 12:29:18 AM | Attr = ]
pncrt.dll -> C:\WINDOWS\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Modified Date = 12/21/2006 11:32:06 PM | Attr = ]
pndx5016.dll -> C:\WINDOWS\System32\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
pndx5032.dll -> C:\WINDOWS\System32\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
rmoc3260.dll -> C:\WINDOWS\System32\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2318 | Size = 176167 bytes | Modified Date = 12/21/2006 11:32:14 PM | Attr = ]
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 12/22/2006 11:33:40 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
aspack , -> C:\Program Files\Common Files\AOL\1146929070\ee\ocpinst.log -> [Ver = | Size = 92871 bytes | Modified Date = 10/27/2006 5:11:42 PM | Attr = ]
aspack , -> C:\Program Files\Common Files\AOL\1146929070\ee\services\boxelyToolkit\ver1_5_11_4\content\gadgets.box -> [Ver = | Size = 1962 bytes | Modified Date = 6/22/2006 5:41:04 PM | Attr = ]
aspack , -> C:\Program Files\Common Files\AOL\1146929070\ee\services\boxelyToolkit\ver1_5_11_4\content\extrasPack\extraGadgets.box -> [Ver = | Size = 2408 bytes | Modified Date = 6/22/2006 5:41:06 PM | Attr = ]
Thawte Consulting , -> C:\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\core3.zip -> [Ver = | Size = 4648893 bytes | Modified Date = 11/19/2003 10:50:24 PM | Attr = ]
UPX! , UPX0 , -> C:\Program Files\Common Files\Nullsoft\Video\ActiveX\plugins\nsvplayx_vp5_mp3.dll -> * * * [Ver = 1, 0, 0, 98 | Size = 177152 bytes | Modified Date = 9/1/2004 11:56:56 AM | Attr = ]
PEC2 , PECompact2 , -> C:\Program Files\Common Files\Real\GToolbar\gdssetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
PEC2 , PECompact2 , -> C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Modified Date = 12/21/2006 11:32:20 PM | Attr = ]
UPX! , UPX0 , -> C:\WINDOWS\System32\avisynth.dll -> The Public [Ver = 2, 5, 6, 0 | Size = 308224 bytes | Modified Date = 10/7/2005 12:14:52 PM | Attr = ]
PEC2 , -> C:\WINDOWS\System32\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
winsync , -> C:\WINDOWS\System32\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
WSUD , UPX0 , -> C:\WINDOWS\System32\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
UPX! , aspack , -> C:\WINDOWS\System32\drivers\VsapiNT.sys -> Trend Micro Inc. [Ver = 8.320-1003 | Size = 1051456 bytes | Modified Date = 9/6/2006 7:09:34 PM | Attr = ]

< End of report >


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:28:21 AM 12/25/2006

+ Scan result:



C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP20\A0009222.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned with backup (quarantined).
C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\MovedFiles\slbipsch.dll -> Worm.Warezov.eq : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025300.exe -> Worm.Warezov.eq : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025346.exe -> Worm.Warezov.eq : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025408.exe -> Worm.Warezov.eq : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025470.exe -> Worm.Warezov.eq : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025497.exe -> Worm.Warezov.eq : Cleaned with backup (quarantined).
C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\MovedFiles\e1.dll -> Worm.Warezov.et : Cleaned with backup (quarantined).
C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\MovedFiles\vb5dmspo.dll -> Worm.Warezov.et : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025296.exe -> Worm.Warezov.et : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025334.pif -> Worm.Warezov.et : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025506.dll -> Worm.Warezov.et : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP39\A0025297.exe -> Worm.Warezov.hw : Cleaned with backup (quarantined).


::Report end

#8 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:49 AM

Posted 25 December 2006 - 08:08 PM

Hi Nahmesh. That looks pretty good. Let's do a little final cleanup.

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Registry - Non-Microsoft Only]
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls
YN -> e1.dll -> e1.dll
[ Extra Files ]
c:\windows\system32\brwconf.exe
c:\windows\system32\brwmgr32.dll
c:\windows\system32\brwperf.exe
c:\windows\system32\brwprf32.dll
c:\windows\system32\brwstat.dll
c:\windows\system32\confbrw.dll
c:\windows\system32\slbipsch.dll
c:\windows\system32\slbipsch.exe
c:\windows\system32\mcd3mscm.dll
c:\windows\system32\rdpwmsjt.exe
c:\windows\system32\vb5dmspo.dll
c:\windows\system32\MSPRADME.EXE
c:\windows\system32\AIS32.EXE
c:\windows\system32\E1.DLL
c:\windows\system32\WNET.32
[Reboot]


The fix should only take a very short time and then you will be asked if you want to reboot. Choose Yes.

After the reboot, start WinPFind3u and do a scan. Just use the default options (I do not need any of the file scan options).

Post the following back here:
  • a new WinPFind3U report
  • the latest .log file from the WinPFind3u folder (it will have a name in the format mmddyyyy_hhmmss.log)
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#9 Nahmesh

Nahmesh
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 25 December 2006 - 11:58 PM

WinPFind3 logfile created on: 12/25/2006 11:55:22 PM
WinPFind3U by OldTimer - Version 1.0.1 Folder = C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)


[Processes - Non-Microsoft Only]
acrotray.exe -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe -> Adobe Systems Inc. [Ver = 6.0.0.2003051500 | Size = 217193 bytes | Modified Date = 5/15/2003 12:19:50 AM | Attr = ]
aolacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ]
aolsoftware.exe -> C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
bcmwltry.exe -> C:\WINDOWS\system32\BCMWLTRY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1200128 bytes | Modified Date = 12/19/2005 3:08:40 PM | Attr = ]
dlg.exe -> C:\Program Files\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 2:06:00 AM | Attr = ]
dsagnt.exe -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 1, 121 | Size = 332800 bytes | Modified Date = 5/15/2005 2:04:12 AM | Attr = ]
dvdlauncher.exe -> C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 49152 bytes | Modified Date = 12/9/2005 8:29:52 PM | Attr = ]
googlewebaccclient.exe -> C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe -> [Ver = | Size = 1609728 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
googlewebaccwarden.exe -> C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe -> [Ver = | Size = 598016 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
hkcmd.exe -> C:\WINDOWS\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 11:41:08 PM | Attr = ]
igfxpers.exe -> C:\WINDOWS\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 11:45:00 PM | Attr = ]
igfxsrvc.exe -> C:\WINDOWS\system32\igfxsrvc.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 159744 bytes | Modified Date = 12/13/2005 11:41:00 PM | Attr = ]
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
netwaiting.exe -> C:\Program Files\NetWaiting\netWaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 2:24:00 AM | Attr = ]
nicconfigsvc.exe -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 7, 0, 9, 0 | Size = 380928 bytes | Modified Date = 12/6/2005 10:45:26 AM | Attr = ]
pccguide.exe -> C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 823362 bytes | Modified Date = 8/30/2005 4:47:38 PM | Attr = ]
pcctlcom.exe -> C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1019 | Size = 880722 bytes | Modified Date = 9/4/2006 7:54:44 PM | Attr = ]
qttask.exe -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 9, 0 | Size = 839680 bytes | Modified Date = 12/6/2005 10:45:14 AM | Attr = ]
reader_sl.exe -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/23/2005 10:05:26 PM | Attr = ]
stsystra.exe -> C:\WINDOWS\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4823.0 nd322 cp1 | Size = 397312 bytes | Modified Date = 11/16/2005 9:35:16 PM | Attr = ]
syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 11/29/2005 6:56:30 PM | Attr = ]
tfswctrl.exe -> C:\WINDOWS\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
tmas_oemon.exe -> C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.5.0.1119 | Size = 176201 bytes | Modified Date = 4/11/2006 6:39:22 PM | Attr = ]
tmntsrv.exe -> C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 290889 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
tmpfw.exe -> C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -> Trend Micro Inc. [Ver = 2.0.0.1135 | Size = 585792 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
tmproxy.exe -> C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -> Trend Micro Inc. [Ver = 1.0.0.1135 | Size = 262215 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
winpfind3u.exe -> C:\Documents and Settings\Matthew Oh\Desktop\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.1.0 | Size = 302592 bytes | Modified Date = 12/21/2006 8:20:08 PM | Attr = ]
wltray.exe -> C:\WINDOWS\system32\WLTRAY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1347584 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]
wltrysvc.exe -> C:\WINDOWS\system32\WLTRYSVC.EXE -> [Ver = | Size = 18944 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.US.1 | Size = 1135728 bytes | Modified Date = 4/7/2004 12:07:32 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 12/21/2006 10:22:04 PM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
(NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 7, 0, 9, 0 | Size = 380928 bytes | Modified Date = 12/6/2005 10:45:26 AM | Attr = ]
(PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1019 | Size = 880722 bytes | Modified Date = 9/4/2006 7:54:44 PM | Attr = ]
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 290889 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -> Trend Micro Inc. [Ver = 2.0.0.1135 | Size = 585792 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -> Trend Micro Inc. [Ver = 1.0.0.1135 | Size = 262215 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
(wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Broadcom Wireless Manager UI -> C:\WINDOWS\system32\WLTRAY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1347584 bytes | Modified Date = 12/19/2005 3:08:42 PM | Attr = ]
Dell QuickSet -> C:\Program Files\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 9, 0 | Size = 839680 bytes | Modified Date = 12/6/2005 10:45:14 AM | Attr = ]
dla -> C:\WINDOWS\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
DVDLauncher -> C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 49152 bytes | Modified Date = 12/9/2005 8:29:52 PM | Attr = ]
HostManager -> C:\Program Files\Common Files\AOL\1146929070\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.3.1 | Size = 50760 bytes | Modified Date = 5/9/2006 7:24:16 PM | Attr = ]
igfxhkcmd -> C:\WINDOWS\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 11:41:08 PM | Attr = ]
igfxpers -> C:\WINDOWS\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 11:45:00 PM | Attr = ]
igfxtray -> C:\WINDOWS\system32\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 98304 bytes | Modified Date = 12/13/2005 11:44:18 PM | Attr = ]
IPHSend -> C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe -> America Online, Inc. [Ver = 1.0.12.1 | Size = 124520 bytes | Modified Date = 2/17/2006 11:59:48 AM | Attr = ]
ISUSPM Startup -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 249856 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
ISUSScheduler -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ]
iTunesHelper -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
MSPY2002 -> C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE -> [Ver = | Size = 59392 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
pccguide.exe -> C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 823362 bytes | Modified Date = 8/30/2005 4:47:38 PM | Attr = ]
QuickTime Task -> C:\Program Files\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
ShowLOMControl -> -> File not found
SigmatelSysTrayApp -> C:\WINDOWS\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4823.0 nd322 cp1 | Size = 397312 bytes | Modified Date = 11/16/2005 9:35:16 PM | Attr = ]
SynTPEnh -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 761947 bytes | Modified Date = 11/29/2005 6:56:30 PM | Attr = ]
TkBellExe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Modified Date = 12/21/2006 11:32:04 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DellSupport -> C:\Program Files\Dell Support\DSAgnt.exe -> Gteko Ltd. [Ver = 1, 1, 1, 121 | Size = 332800 bytes | Modified Date = 5/15/2005 2:04:12 AM | Attr = ]
ModemOnHold -> C:\Program Files\NetWaiting\netWaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 2:24:00 AM | Attr = ]
OE_OEM -> C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.5.0.1119 | Size = 176201 bytes | Modified Date = 4/11/2006 6:39:22 PM | Attr = ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
-> -> File not found
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
igfxcui -> C:\WINDOWS\system32\igfxdev.dll -> Intel Corporation [Ver = 3.0.0.4446 | Size = 139264 bytes | Modified Date = 12/13/2005 11:40:12 PM | Attr = ]
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.dell.com ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.dell.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.dell.com/ ->
HKCU: URLSearchHooks\\{EA756889-2338-43DB-8F07-D1CA6FB9C90D} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOLTBSearch Class] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
online_musicmatch.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
{69A87B7D-DE56-4136-9655-716BA50C19C7} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [&Google Web Accelerator Helper] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar Launcher] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> c:\program files\Google\googletoolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> c:\program files\Google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 12/19/2006 10:36:28 PM | Attr = R ]
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [Ver = | Size = 147456 bytes | Modified Date = 5/15/2003 12:03:46 AM | Attr = ]
WebBrowser\\{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> [Ver = | Size = 237568 bytes | Modified Date = 12/14/2006 3:33:48 PM | Attr = ]
WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:06 PM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> 8196 - Reg Data - Value does not exist ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8195 - Reg Data - Value does not exist ->
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8193 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8197 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Data - Key not found [MenuText: Sun Java Console] ->
{3369AF0D-62E9-4bda-8103-B4C75499B578} -> Reg Data - Value does not exist [ButtonText: AOL Toolbar] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&AOL Toolbar Search -> c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.htm -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{2F603045-309F-11CF-9774-0020AFD0CFF6} [HKLM] -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [Synaptics Control Panel] -> Synaptics, Inc. [Ver = 8.2.4.3 29Nov05 | Size = 6135899 bytes | Modified Date = 11/29/2005 6:44:38 PM | Attr = ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 1:05:00 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{771A9DA0-731A-11CE-993C-00AA004ADB6C} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\VBProp.dll [VBPropSheet] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 135239 bytes | Modified Date = 8/30/2005 4:47:48 PM | Attr = ]
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> C:\WINDOWS\system32\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll [Adobe.Acrobat.ContextMenu] -> Adobe Systems Inc. [Ver = 1.0.0.2003051500 | Size = 409687 bytes | Modified Date = 5/15/2003 12:41:08 AM | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> C:\Program Files\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2237 | Size = 49198 bytes | Modified Date = 12/21/2006 11:32:08 PM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll [Adobe.Acrobat.ContextMenu] -> Adobe Systems Inc. [Ver = 1.0.0.2003051500 | Size = 409687 bytes | Modified Date = 5/15/2003 12:41:08 AM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} [HKLM] -> C:\WINDOWS\system32\igfxpph.dll [igfxcui] -> Intel Corporation [Ver = 3.0.0.4446 | Size = 147456 bytes | Modified Date = 12/13/2005 11:44:02 PM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{48F45200-91E6-11CE-8A4F-0080C81A28D4} [HKLM] -> C:\Program Files\Trend Micro\Internet Security 12\Tmdshell.dll [TMD Shell Extension] -> Trend Micro Incorporated. [Ver = 12.70.0.1017 | Size = 131147 bytes | Modified Date = 8/30/2005 4:47:46 PM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 2:20:02 AM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{397496ED-E294-492F-94F5-12FFABC41461} -> (1394 Net Adapter) ->
{5C95B2D1-8010-417F-BDE1-89DABA1875B8} -> (Broadcom 440x 10/100 Integrated Controller) ->
{7C201DED-69E6-49A9-92B7-B880D138E2E1} -> (Dell Wireless 1390 WLAN Mini-Card) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found


< End of report >

thanks once again oldtimer
just quick question.....did my whole computer history erase too?

#10 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:49 AM

Posted 26 December 2006 - 12:13 AM

Hi Nahmesh. that looks fine. Good job!

By your "whole history" do you mean your restore points? I am not sure what happened with those. Let's see if we can set a new one.

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.

Let me know if this worked to set a new restore point.

Cheers.

OT

Edited by OldTimer, 26 December 2006 - 12:15 AM.

I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#11 Nahmesh

Nahmesh
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 31 December 2006 - 11:14 PM

Thanks so muchhhh!!!!

#12 Nahmesh

Nahmesh
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 31 December 2006 - 11:18 PM

Hey OldTimer.
Do you think you can look at a new logfile for my other computer??
Thanks

Logfile of HijackThis v1.99.1
Scan saved at 11:12:09 PM, on 12/31/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDserv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\AOL\1130384823\ee\AOLSoftware.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe
C:\Program Files\Dell Photo AIO Printer 944\memcard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\dlcdcoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Matthew Oh\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Blingo Toolbar - {EEE1A699-C438-486B-8B23-347A37F77328} - C:\Program Files\Blingo Toolbar\blingobar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbuA850\morpheustoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1130384823\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Mercora] "C:\Program Files\Mercora\MercoraClient.exe" -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [DLCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlcdmon.exe] "C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 944\memcard.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\hydwksom.dll",setvm
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [moof] c:\stub_113_4_0_4_0.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Startup: Zeno.lnk = C:\WINDOWS\SYSTEM32\nwinssap.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbuA850\morpheustoolbar.dll
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbuA850\morpheustoolbar.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {2A510DC8-C9B5-4269-B9BA-E5B04D47D981} (CPlayFirstDDSonicControl Object) - http://www.shockwave.com/content/dinerdash...ic.1.0.0.92.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1137809770640
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/180solutio...e/bridge-c9.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...5/installer.exe
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/games/web_...inematycoon.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/b...9e2a8f7bf4ca3f5
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popc...aploader_v6.cab
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DLCDCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\DLCDserv.exe
O23 - Service: dlcd_device - - C:\WINDOWS\System32\dlcdcoms.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\scvhost.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ventrilo - Unknown owner - C:\Program Files\VentSrv\ventrilo_svc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Thanks so much

#13 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:12:49 AM

Posted 01 January 2007 - 10:09 AM

Hi Nahmesh. Yeah, that machine has a few problems on it.

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
    • In the Files Created Within group click 30 days
    • In the Files Modified Within group select 30 days
    • In the File String Search group select Non-Microsoft
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users