1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

16 bit MS-DOS Subsystem error please help

Discussion in 'Virus & Other Malware Removal' started by bannostookaylo, Jan 25, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. bannostookaylo

    bannostookaylo Thread Starter

    Joined:
    Jan 25, 2007
    Messages:
    7
    the other day i went to start>run>cmd so that i could get my ip address to fix an internet issue.... anyway when i did it i get this error

    C:\WINDOWS\system32\cmd.com
    THE NTVDM CPU has encountered an illegal instruction.
    CS:0dfb IP:001e OP:ff ff ff ff ff Choose 'Close' to terminate the application

    so i choose ignore and it just keep throwing up the same error

    except the where is says CS:... and IP:... the value after of IP: changes...

    anyway im not the greatest when it comes to the whole IT thing i was hoping someone here could help me... i had a roommate that was very good with IT and im scared he may have messed up my computer really badly....

    any and all help would be very appreciated... thank you so much
     
  2. bonk

    bonk Banned

    Joined:
    Sep 8, 2005
    Messages:
    11,097
    Welcome,

    Try this fix

    XP FIX.EXE

    Then re Start your PC and try
     
  3. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    I believe you need Security help and will move the thread to the Security forum. Cmd.com is malware. You probably have others as well.
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    go to here and download 'Hijack This!' self installer. Save it to the desktop or other suitable place. DO NOT just press run from the website Double click on the file and it will install to C:\program files\hijackthis and create an entry in the start menu and an optional shortcut on desktop.
    Click on the entry in start menu or on the desktop to run HijackThis
    Click the "Scan" button, when the scan is finished the scan button will become "Save Log" click that and save the log.
    Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.
    It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required,
    so do NOT fix anything yet.
    Someone here will be happy to help you analyze the results.
     
  5. bannostookaylo

    bannostookaylo Thread Starter

    Joined:
    Jan 25, 2007
    Messages:
    7
    Logfile of HijackThis v1.99.1
    Scan saved at 7:53:08 AM, on 1/26/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\slserv.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\LOGI_MWX.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmail.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [svdhost] "C:\WINDOWS\system32\1031\svdhost.lnk"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJfox000
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {B743A289-E589-4DDE-8FF1-8C906856F28D} - http://secure5.trustcast.com/history_installers/trustcast_installer.dll
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
     
  6. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    • Download WinPFind
    • Right Click the Zip Folder and Select "Extract All"
    • Extract it somewhere you will remember like the Desktop
    • Dont do anything with it yet!

    Reboot into Safe Mode
    Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

    Doubleclick WinPFind.exe
    • Click " Configure Scan Options"
    • Select " Run Add ONs" and then select ALL the options in the box below it, Press Apply
    • Now Click "Start Scan"
    • It will scan the entire System, so please be patient!
    • Once the Scan is Complete
      • Reboot back to Normal Mode!
      • Go to the WinPFind folder
      • Locate WinPFind.txt
      • Place those results in the next post!. It will be too big to post so you will need to attach it to your reply
     
  7. bannostookaylo

    bannostookaylo Thread Starter

    Joined:
    Jan 25, 2007
    Messages:
    7
    i clicked your link to get winpfind and when i click on the download link it give me an error

    404 Not Found
    The requested URL '/oldtimer/WinPFind.zip' was not found on this server.
     
  8. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
    • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
      • In the Processes group click All
      • In the Win32 Services group click Non-Microsoft
      • In the Driver Services group click Non-Microsoft
      • In the Registry group click Non-Microsoft
      • In the Files Created Within group click 60 days Make sure Non-Microsoft only is UNCHECKED
      • In the Files Modified Within group select 30 days Make sure Non-Microsoft only is CHECKED
      • In the File String Search group select Non-Microsoft
    • Now click the Run Scan button on the toolbar.
    • When the scan is complete Notepad will open with the report file loaded in it.
    • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
    Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in.
     
  9. bannostookaylo

    bannostookaylo Thread Starter

    Joined:
    Jan 25, 2007
    Messages:
    7
    WinPFind3 logfile created on: 1/24/2007 5:07:46 AM
    WinPFind3U by OldTimer - Version 1.0.11 Folder = C:\Documents and Settings\Banno\Desktop\WinPFind3u\
    Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
    Internet Explorer (Version = 7.0.5346.5)

    1047920 Kb Total Physical Memory | 673332 Kb Available Physical Memory | 64.25% Memory free
    2519248 Kb Paging File | 2271236 Kb Available in Paging File | 90.16% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 78148160 Kb Total Space | 38484056 Kb Free Space | 49.24% Space Free
    Drive D: | 13250 Kb Total Space | 0 Kb Free Space | 0.00% Space Free
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded


    [Processes - All]
    smss.exe -> %System32%\smss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 50688 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    csrss.exe -> %System32%\csrss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6144 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    winlogon.exe -> %System32%\winlogon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 502272 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    services.exe -> %System32%\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    lsass.exe -> %System32%\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4152 | Size = 430080 bytes | Modified Date = 11/21/2006 9:18:38 PM | Attr = ]
    svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\rpcss.dll [DcomLaunch] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 10:39:50 PM | Attr = ]
    -> %System32%\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\rpcss.dll [RpcSs] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 10:39:50 PM | Attr = ]
    svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\appmgmts.dll [AppMgmt] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 167936 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\audiosrv.dll [AudioSrv] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42496 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\qmgr.dll [BITS] -> Microsoft Corporation [Ver = 6.6.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 382464 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\cryptsvc.dll [CryptSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60416 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\dhcpcsvc.dll [Dhcp] -> Microsoft Corporation [Ver = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) | Size = 111616 bytes | Modified Date = 5/19/2006 6:59:42 AM | Attr = ]
    -> %System32%\dmserver.dll [dmserver] -> Microsoft Corp. [Ver = 2600.2180.503.0 | Size = 23552 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\ersvc.dll [ERSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 23040 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\es.dll [EventSystem] -> Microsoft Corporation [Ver = 2001.12.4414.308 | Size = 243200 bytes | Modified Date = 7/25/2005 10:39:46 PM | Attr = ]
    -> %System32%\shsvcs.dll [FastUserSwitchingCompatibility] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll [helpsvc] -> File not found
    -> %System32%\hidserv.dll [HidServ] -> File not found
    -> %System32%\irmon.dll [Irmon] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 27136 bytes | Modified Date = 8/3/2004 6:56:44 PM | Attr = ]
    -> %System32%\srvsvc.dll [lanmanserver] -> Microsoft Corporation [Ver = 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729) | Size = 96768 bytes | Modified Date = 12/7/2004 1:32:34 PM | Attr = ]
    -> %System32%\netman.dll [Netman] -> Microsoft Corporation [Ver = 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525) | Size = 197632 bytes | Modified Date = 8/22/2005 12:29:46 PM | Attr = ]
    -> %System32%\mswsock.dll [Nla] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\ntmssvc.dll [NtmsSvc] -> Microsoft Corporation [Ver = 5.1.2400.2180 | Size = 435200 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\rasauto.dll [RasAuto] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 89088 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\rasmans.dll [RasMan] -> Microsoft Corporation [Ver = 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343) | Size = 181248 bytes | Modified Date = 5/14/2006 2:44:08 AM | Attr = ]
    -> %System32%\mprdim.dll [RemoteAccess] -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 49152 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\schedsvc.dll [Schedule] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 190976 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\seclogon.dll [seclogon] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 18944 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\sens.dll [SENS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 38912 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\ipnathlp.dll [SharedAccess] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\shsvcs.dll [ShellHWDetection] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\srsvc.dll [srservice] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 170496 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\tapisrv.dll [TapiSrv] -> Microsoft Corporation [Ver = 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657) | Size = 249344 bytes | Modified Date = 7/8/2005 10:27:56 AM | Attr = ]
    -> %System32%\shsvcs.dll [Themes] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\trkwks.dll [TrkWks] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 90624 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\w32time.dll [W32Time] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 174592 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\wbem\WMIsvc.dll [winmgmt] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 144896 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\MsPMSNSv.dll [WmdmPmSN] -> Microsoft Corporation [Ver = 11.0.5705.5043 | Size = 27648 bytes | Modified Date = 8/24/2006 9:30:20 PM | Attr = ]
    -> %System32%\advapi32.dll [Wmi] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 616960 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\wscsvc.dll [wscsvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 81408 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\wuauserv.dll [wuauserv] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\wzcsvc.dll [WZCSVC] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 359936 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\xmlprov.dll [xmlprov] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\dnsrslvr.dll [Dnscache] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 45568 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    svchost.exe -> %System32%\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\lmhsvc.dll [LmHosts] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13824 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\regsvc.dll [RemoteRegistry] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\ssdpsrv.dll [SSDPSRV] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 71680 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\upnphost.dll [upnphost] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 185344 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    -> %System32%\webclnt.dll [WebClient] -> Microsoft Corporation [Ver = 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536) | Size = 68096 bytes | Modified Date = 1/3/2006 9:35:06 PM | Attr = ]
    ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4152 | Size = 430080 bytes | Modified Date = 11/21/2006 9:18:38 PM | Attr = ]
    spoolsv.exe -> %System32%\spoolsv.exe -> Microsoft Corporation [Ver = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) | Size = 57856 bytes | Modified Date = 6/10/2005 5:53:32 PM | Attr = ]
    aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 8/5/2006 9:10:10 AM | Attr = ]
    ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 1/15/2007 11:28:52 AM | Attr = ]
    slserv.exe -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    viewpointservice.exe -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 3:38:10 PM | Attr = ]
    explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1032192 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 1/15/2007 11:28:32 AM | Attr = ]
    ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 1/15/2007 11:27:52 AM | Attr = ]
    alg.exe -> %System32%\alg.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 44544 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    syntplpr.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.8.9 20Nov03 | Size = 98304 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.8.9 20Nov03 | Size = 499712 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 1/15/2007 11:28:58 AM | Attr = ]
    jusched.exe -> %ProgramFiles%\Java\jre1.5.0_07\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.70.3 | Size = 36975 bytes | Modified Date = 5/3/2006 1:56:56 AM | Attr = ]
    logi_mwx.exe -> %SystemRoot%\LOGI_MWX.EXE -> Logitech Inc. [Ver = 9.79.024 | Size = 19968 bytes | Modified Date = 12/17/2003 9:50:00 AM | Attr = ]
    msmsgs.exe -> %ProgramFiles%\Messenger\msmsgs.exe -> Microsoft Corporation [Ver = 4.7.3001 | Size = 1694208 bytes | Modified Date = 10/13/2004 10:24:38 AM | Attr = ]
    viewmgr.exe -> %ProgramFiles%\Viewpoint\Viewpoint Manager\ViewMgr.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 112336 bytes | Modified Date = 1/4/2007 3:38:20 PM | Attr = ]
    jucheck.exe -> %ProgramFiles%\Java\jre1.5.0_07\bin\jucheck.exe -> Sun Microsystems, Inc. [Ver = 5.0.70.3 | Size = 237679 bytes | Modified Date = 5/3/2006 1:56:56 AM | Attr = ]
    realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Modified Date = 5/7/2006 3:54:08 AM | Attr = ]
    winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 | Size = 306176 bytes | Modified Date = 1/18/2007 6:01:14 PM | Attr = ]

    [Win32 Services - Non-Microsoft Only]
    (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 11/28/2005 5:38:56 PM | Attr = ]
    (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 8/5/2006 9:10:10 AM | Attr = ]
    (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4152 | Size = 430080 bytes | Modified Date = 11/21/2006 9:18:38 PM | Attr = ]
    (ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 11/22/2006 10:52:00 AM | Attr = ]
    (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 1/15/2007 11:28:52 AM | Attr = ]
    (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 1/15/2007 11:28:32 AM | Attr = ]
    (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 1/15/2007 11:27:52 AM | Attr = ]
    (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 2:41:10 AM | Attr = ]
    (Macromedia Licensing Service) Macromedia Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macromedia Shared\Service\Macromedia Licensing.exe -> Macromedia [Ver = 2.65.010 | Size = 69632 bytes | Modified Date = 4/9/2006 11:21:46 PM | Attr = ]
    (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %System32%\HPZipm12.exe -> HP [Ver = 8, 0, 0, 0 | Size = 65536 bytes | Modified Date = 3/18/2004 4:55:48 PM | Attr = ]
    (SLService) SmartLinkService [Win32_Own | Auto | Running] -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (Viewpoint Manager Service) Viewpoint Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 3:38:10 PM | Attr = ]

    [Driver Services - Non-Microsoft Only]
    (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.892.0 | Size = 31560 bytes | Modified Date = 12/20/2006 5:51:58 PM | Attr = ]
    (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
    (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found
    (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found
    (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found
    (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found
    (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found
    (ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXSENS.SYS -> Sensaura Ltd [Ver = 5.10.00.3511D | Size = 391424 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5490 | Size = 610988 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found
    (AmdK8) AMD Athlon64 Processor Driver [Kernel | System | Running] -> %System32%\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.1.0 built by: dnsrv(wmbla) | Size = 35840 bytes | Modified Date = 5/8/2004 12:21:44 PM | Attr = ]
    (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found
    (ASAPIW2K) ASAPIW2K [Kernel | On_Demand | Stopped] -> %System32%\Drivers\asapiW2k.sys -> File not found
    (asc) asc [Kernel | Disabled | Stopped] -> -> File not found
    (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found
    (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found
    (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.892.0 | Size = 94424 bytes | Modified Date = 12/20/2006 5:56:00 PM | Attr = ]
    (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 23352 bytes | Modified Date = 1/15/2007 11:26:08 AM | Attr = ]
    (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 43176 bytes | Modified Date = 1/15/2007 11:25:24 AM | Attr = ]
    (atapi) Standard IDE/ESDI Hard Disk Controller [Kernel | Boot | Running] -> %System32%\drivers\atapi.sys -> [Ver = | Size = 95360 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
    (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %System32%\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6652 | Size = 2829824 bytes | Modified Date = 11/21/2006 9:25:10 PM | Attr = ]
    (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found
    (Changer) Changer [Kernel | System | Stopped] -> -> File not found
    (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found
    (CONAN) CONAN [Kernel | On_Demand | Running] -> %System32%\drivers\o2mmb.sys -> O2 Micro [Ver = 1, 0, 7, 1 | Size = 191092 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found
    (d346bus) d346bus [Kernel | Boot | Running] -> %System32%\drivers\d346bus.sys -> [Ver = 3.46.0.0 built by: WinDDK | Size = 156800 bytes | Modified Date = 3/13/2004 12:41:28 AM | Attr = ]
    (d346prt) d346prt [Kernel | Boot | Running] -> %System32%\drivers\d346prt.sys -> [Ver = 3.46.0.0 built by: WinDDK | Size = 5248 bytes | Modified Date = 3/13/2004 12:41:42 AM | Attr = ]
    (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found
    (dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (dmload) dmload [Kernel | Boot | Running] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found
    (Hiptop) Hiptop [Kernel | On_Demand | Stopped] -> %System32%\drivers\Hiptop.sys -> Danger, Inc. [Ver = 1.00 | Size = 90148 bytes | Modified Date = 2/10/2003 3:58:00 PM | Attr = R ]
     
  10. bannostookaylo

    bannostookaylo Thread Starter

    Joined:
    Jan 25, 2007
    Messages:
    7
    (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found
    (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found
    (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found
    (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found
    (IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found
    (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
    (M2500) 802.11g Wireless Network Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\M2500.sys -> Ralink Technology Inc. [Ver = 2.02.01.0000 built by: WinDDK | Size = 104448 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (MarvinBus) Pinnacle Marvin Bus [Kernel | On_Demand | Running] -> %System32%\drivers\MarvinBus.sys -> Pinnacle Systems GmbH [Ver = 2.1.23.0 | Size = 171008 bytes | Modified Date = 6/2/2005 7:28:38 PM | Attr = ]
    (MbxStby) MbxStby [Kernel | On_Demand | Stopped] -> %System32%\drivers\MbxStby.sys -> O2 Micro [Ver = 1, 0, 0, 6 | Size = 6100 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found
    (Mtlmnt5) Mtlmnt5 [Kernel | On_Demand | Running] -> %System32%\drivers\mtlmnt5.sys -> [Ver = 3.60.03RC | Size = 226288 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (Mtlstrm) Mtlstrm [Kernel | On_Demand | Stopped] -> %System32%\drivers\mtlstrm.sys -> [Ver = Nov 4 2003 17:11:08 | Size = 1299976 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (NPPTNT2) NPPTNT2 [Kernel | System | Running] -> %System32%\npptNT2.sys -> INCA Internet Co., Ltd. [Ver = 2005, 1, 5, 1 | Size = 4682 bytes | Modified Date = 1/4/2005 12:43:08 PM | Attr = ]
    (NSCIRDA) NSC Infrared Device Driver [Kernel | On_Demand | Running] -> %System32%\drivers\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Modified Date = 8/3/2004 5:00:52 PM | Attr = ]
    (NtMtlFax) NtMtlFax [Kernel | On_Demand | Stopped] -> %System32%\drivers\ntmtlfax.sys -> [Ver = 3.60.03RC | Size = 180368 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
    (PCLEPCI) PCLEPCI [Kernel | System | Running] -> %System32%\drivers\Pclepci.sys -> Pinnacle Systems GmbH [Ver = 1.06 | Size = 14165 bytes | Modified Date = 2/9/2005 12:59:00 PM | Attr = ]
    (Pcouffin) Low level access layer for CD devices [Kernel | On_Demand | Stopped] -> System32\Drivers\Pcouffin.sys -> File not found
    (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
    (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
    (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
    (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
    (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found
    (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found
    (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found
    (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found
    (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found
    (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found
    (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found
    (RecAgent) RecAgent [Kernel | Boot | Running] -> %System32%\drivers\RecAgent.sys -> [Ver = 3.60.03RC | Size = 14160 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (Secdrv) Secdrv [Kernel | Auto | Running] -> %System32%\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.00.060 | Size = 163644 bytes | Modified Date = 2/2/2004 9:18:02 PM | Attr = ]
    (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
    (SISAGP) SiS AGP Filter [Kernel | Boot | Running] -> %System32%\drivers\SISAGPX.SYS -> Silicon Integrated Systems Corporation [Ver = 7.2.0.1170 built by: WinDDK | Size = 36992 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (SISNIC) SiS PCI Fast Ethernet Adapter Driver [Kernel | On_Demand | Running] -> %System32%\drivers\sisnic.sys -> SiS Corporation [Ver = 1.16.00.00 built by: WinDDK | Size = 32256 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (Slntamr) SmartLink AMR_PCI Driver [Kernel | On_Demand | Running] -> %System32%\drivers\slntamr.sys -> [Ver = Nov 9 2003 08:52:41 | Size = 566256 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (SlNtHal) SlNtHal [Kernel | On_Demand | Stopped] -> %System32%\drivers\slnthal.sys -> [Ver = 3.60.03RC | Size = 87656 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (SlWdmSup) SlWdmSup [Kernel | On_Demand | Running] -> %System32%\drivers\slwdmsup.sys -> [Ver = 3.60.03RC | Size = 15712 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (SONYPVU1) Sony USB Filter Driver (SONYPVU1) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SONYPVU1.SYS -> Sony Corporation [Ver = 1.3.0526.0 (XPClient.010817-1148) | Size = 7552 bytes | Modified Date = 8/17/2001 3:56:16 PM | Attr = ]
    (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found
    (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found
    (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found
    (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found
    (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found
    (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %System32%\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 7.8.9 20Nov03 | Size = 178528 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    (tj2kunic) Terayon Cable Modem (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\tj2kunic.sys -> MCCI [Ver = V3.21 | Size = 69680 bytes | Modified Date = 10/13/2002 11:40:24 PM | Attr = R ]
    (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found
    (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found
    (ViaIde) ViaIde [Kernel | Disabled | Stopped] -> -> File not found
    (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found

    [Registry - Non-Microsoft Only]
    < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 1/15/2007 11:28:58 AM | Attr = ]
    Logitech Utility -> %SystemRoot%\LOGI_MWX.EXE -> Logitech Inc. [Ver = 9.79.024 | Size = 19968 bytes | Modified Date = 12/17/2003 9:50:00 AM | Attr = ]
    QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.0.4 | Size = 155648 bytes | Modified Date = 3/7/2006 3:44:54 PM | Attr = ]
    SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_07\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.70.3 | Size = 36975 bytes | Modified Date = 5/3/2006 1:56:56 AM | Attr = ]
    svdhost -> %System32%\1031\svdhost.lnk -> [Ver = | Size = 668 bytes | Modified Date = 1/23/2006 2:05:04 AM | Attr = ]
    SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.8.9 20Nov03 | Size = 499712 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.8.9 20Nov03 | Size = 98304 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3510 | Size = 180269 bytes | Modified Date = 5/7/2006 3:54:08 AM | Attr = ]
    < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    MySpaceIM -> %ProgramFiles%\MySpace\IM\MySpaceIM.exe -> [Ver = 1.0.594.0 | Size = 4898816 bytes | Modified Date = 1/8/2007 6:04:44 PM | Attr = ]
    < Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    %AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 29696 bytes | Modified Date = 12/14/2004 6:44:06 AM | Attr = ]
    < User Startup > -> C:\Documents and Settings\Banno\Start Menu\Programs\Startup
    %UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 3/16/2005 9:16:50 PM | Attr = ]
    < Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
    HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 5/12/2004 3:18:56 PM | Attr = ]
    HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Company [Ver = 2, 0, 39, 0 | Size = 49152 bytes | Modified Date = 2/12/2004 1:38:56 PM | Attr = ]
    NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 1:50:42 PM | Attr = ]
    QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.0.4 | Size = 155648 bytes | Modified Date = 3/7/2006 3:44:54 PM | Attr = ]
    SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.24 | Size = 65024 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_05\bin\jusched.exe -> File not found
    UserFaultCheck -> -> File not found
    Yahoo -> %System32%\1031\start.lnk -> [Ver = | Size = 672 bytes | Modified Date = 1/23/2006 2:05:04 AM | Attr = ]
    < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
    < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
    Control_RunDLL -> -> File not found
    < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    < Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
    < Policy Settings [HKLM] > ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoActiveDesktopChanges -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
    < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
    -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
    < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
    0 -> [Key] ->
    0 -> FriendlyName = My Current Home Page ->
    0 -> Source = About:Home ->
    0 -> SubscribedURL = About:Home ->
    < HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
    192.168.1.100 HP000D9D050E98 -> ->
    < Internet Explorer Settings > ->
    HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=54729 ->
    HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
    HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} ->
    HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
    HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
    HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
    HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
    HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
    HKCU: Start Page -> http://www.gmail.com/ ->
    HKCU: ProxyEnable -> 0 ->
    < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    msn.com [ - ] -> ->
    < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 12/14/2004 3:56:50 AM | Attr = ]
    {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> File not found
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_07\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.70.3 | Size = 434279 bytes | Modified Date = 5/3/2006 2:14:38 AM | Attr = ]
    < Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
    {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> %SystemDrive%\PROGRA~1\Yahoo!\Common\yhexbmesus.dll [&Yahoo! Messenger] -> File not found
    < Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
    {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> %SystemDrive%\PROGRA~1\Yahoo!\Common\yhexbmesus.dll [&Yahoo! Messenger] -> File not found
    < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
    WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar] -> File not found
    < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
    {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -> 8193 - Reg Data - Value does not exist ->
    {92848C13-5482-49CB-B31C-CA8D74EFF508} -> 8196 - Reg Data - Key not found ->
    {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> 8194 - Reg Data - Value does not exist ->
    {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8195 - Windows Messenger ->
    NextId -> 8197 ->
    < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_07\bin\npjpi150_07.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.70.3 | Size = 69746 bytes | Modified Date = 5/3/2006 2:14:38 AM | Attr = ]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_07\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.70.3 | Size = 434279 bytes | Modified Date = 5/3/2006 2:14:38 AM | Attr = ]
    {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -> Reg Data - Value does not exist [ButtonText: Yahoo! Services] -> File not found
    {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> %ProgramFiles%\AIM\aim.exe [ButtonText: AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 8/1/2006 2:35:36 PM | Attr = ]
    < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
    &Search -> http:\edits.mywebsearch.com\toolbaredits\menusearch.jht -> File not found
    &Yahoo! Search -> %ProgramFiles%\Yahoo!\Common\ycsrch.htm -> File not found
    Yahoo! &Dictionary -> %ProgramFiles%\Yahoo!\Common\ycdict.htm -> File not found
    Yahoo! &Maps -> %ProgramFiles%\Yahoo!\Common\ycmap.htm -> File not found
    Yahoo! &SMS -> %ProgramFiles%\Yahoo!\Common\ycsms.htm -> File not found
    < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
    {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
    {2F603045-309F-11CF-9774-0020AFD0CFF6} [HKLM] -> %ProgramFiles%\Synaptics\SynTP\SynTPCpl.dll [Synaptics Control Panel] -> Synaptics, Inc. [Ver = 7.8.9 20Nov03 | Size = 5509120 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    {42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
    {472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 1/15/2007 11:23:14 AM | Attr = ]
    {5E2121EE-0300-11D4-8D3B-444553540000} [HKLM] -> %ProgramFiles%\ATI Technologies\ATI.ACE\atiacmxx.dll [Catalyst Context Menu extension] -> [Ver = 1, 0, 0, 1 | Size = 73728 bytes | Modified Date = 8/16/2005 1:35:44 PM | Attr = ]
    {764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
    {79BC0345-1015-11D2-A299-006008312725} [HKLM] -> %ProgramFiles%\Pinnacle\Studio 10\programs\BlueShellExt.dll [blue.shell] -> File not found
    {7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
    {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
    {88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    {9DED7A30-D572-4D21-8D82-6945EA697400} [HKLM] -> %ProgramFiles%\Macromedia\FlashPaper 2\FlashPaperContextMenu.dll [Macromedia FlashPaper Context Menu] -> [Ver = 2.01.2283.0 | Size = 167936 bytes | Modified Date = 8/12/2004 7:25:36 AM | Attr = ]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 5:05:32 PM | Attr = ]
    {EFA24E61-B078-11d0-89E4-00C04FC9E26E} [HKLM] -> Reg Data - Key not found [Favorites Band] -> File not found
    {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2237 | Size = 49198 bytes | Modified Date = 5/7/2006 3:54:18 AM | Attr = ]
    < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
    {472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 1/15/2007 11:23:14 AM | Attr = ]
    {9DED7A30-D572-4D21-8D82-6945EA697400} [HKLM] -> %ProgramFiles%\Macromedia\FlashPaper 2\FlashPaperContextMenu.dll [Macromedia.FlashPaper.ContextMenu] -> [Ver = 2.01.2283.0 | Size = 167936 bytes | Modified Date = 8/12/2004 7:25:36 AM | Attr = ]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 5:05:32 PM | Attr = ]
    < ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 5:05:32 PM | Attr = ]
    < ContextMenuHandlers - Directory\Background [HKLM] > ->
     
  11. bannostookaylo

    bannostookaylo Thread Starter

    Joined:
    Jan 25, 2007
    Messages:
    7
    HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
    {5E2121EE-0300-11D4-8D3B-444553540000} [HKLM] -> %ProgramFiles%\ATI Technologies\ATI.ACE\atiacmxx.dll [ACE] -> [Ver = 1, 0, 0, 1 | Size = 73728 bytes | Modified Date = 8/16/2005 1:35:44 PM | Attr = ]
    < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
    {472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 1/15/2007 11:23:14 AM | Attr = ]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 5:05:32 PM | Attr = ]
    < ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
    {F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 4:20:02 AM | Attr = ]
    < User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
    SV1 -> ->
    < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
    {2F3B8CB0-BDAC-438C-B02A-A40C0F965590} -> (1394 Net Adapter) ->
    {A49C2A2A-F6D5-4BEB-92C2-88CE824E6B49} -> (802.11g MiniPCI Wireless Network Adapter) ->
    {ABEBBC5F-ABD9-46AD-9834-EC3F98EBAF54} -> (SiS 900-Based PCI Fast Ethernet Adapter) ->
    < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
    cetihpz -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll -> Hewlett-Packard Company [Ver = 2.1.5 | Size = 81920 bytes | Modified Date = 5/12/2004 3:18:56 PM | Attr = ]
    ipp -> Reg Data - Key not found -> File not found
    msdaipp -> Reg Data - Key not found -> File not found
    < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
    {14B87622-7E19-4EA8-93B3-97215F77A6BC} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab ->
    {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -> YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll ->
    {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_07 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab ->
    {B743A289-E589-4DDE-8FF1-8C906856F28D} -> - CodeBase = http://secure5.trustcast.com/history_installers/trustcast_installer.dll ->
    {B8BE5E93-A60C-4D26-A2DC-220313175592} -> ZoneIntro Class - CodeBase = http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab ->
    {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
    {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_07 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab ->
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_07 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab ->
    {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->


    [Files - Created Within 60 days]
    langv5.dat -> %CommonProgramFiles%\Scanner\langv5.dat -> [Ver = | Size = 7332 bytes | Created Date = 12/9/2006 10:59:26 AM | Attr = ]
    lfinfo.dat -> %CommonProgramFiles%\Scanner\lfinfo.dat -> [Ver = | Size = 104 bytes | Created Date = 12/9/2006 11:00:45 AM | Attr = ]
    ppclean.exe -> %CommonProgramFiles%\Scanner\ppclean.exe -> Computer Associates Int'l [Ver = 5.0.0.6 | Size = 486826 bytes | Created Date = 12/9/2006 11:00:44 AM | Attr = ]
    ppctl.dll -> %CommonProgramFiles%\Scanner\ppctl.dll -> CA [Ver = 5.6.9.2 | Size = 800272 bytes | Created Date = 12/9/2006 10:59:26 AM | Attr = ]
    ppfile.dat -> %CommonProgramFiles%\Scanner\ppfile.dat -> [Ver = | Size = 4263198 bytes | Created Date = 12/9/2006 10:59:26 AM | Attr = ]
    ppinfo.dat -> %CommonProgramFiles%\Scanner\ppinfo.dat -> [Ver = | Size = 983942 bytes | Created Date = 12/9/2006 10:59:26 AM | Attr = ]
    pploc.dat -> %CommonProgramFiles%\Scanner\pploc.dat -> [Ver = | Size = 617334 bytes | Created Date = 12/9/2006 10:59:26 AM | Attr = ]
    ppsrindex.dat -> %CommonProgramFiles%\Scanner\ppsrindex.dat -> [Ver = | Size = 30546 bytes | Created Date = 12/9/2006 11:00:44 AM | Attr = ]
    ppupdstub.exe -> %CommonProgramFiles%\Scanner\ppupdstub.exe -> [Ver = | Size = 69632 bytes | Created Date = 12/9/2006 11:00:44 AM | Attr = ]
    CdlsHand.exe -> %CommonProgramFiles%\Logitech\CdlsHand\CdlsHand.exe -> Logitech Inc. [Ver = 1.23.0 | Size = 139776 bytes | Created Date = 12/9/2006 11:38:35 AM | Attr = ]
    CdlsHdps.dll -> %CommonProgramFiles%\Logitech\CdlsHand\CdlsHdps.dll -> Logitech Inc. [Ver = 1, 0, 0, 0 | Size = 28672 bytes | Created Date = 12/9/2006 11:38:35 AM | Attr = ]
    Cdlsres.dll -> %CommonProgramFiles%\Logitech\CdlsHand\Cdlsres.dll -> Logitech Inc. [Ver = 1.11.0 | Size = 17408 bytes | Created Date = 12/9/2006 11:38:35 AM | Attr = ]
    LGMSGHK.DLL -> %CommonProgramFiles%\Logitech\Scrolling\LGMSGHK.DLL -> Logitech Inc. [Ver = 1.1.0 | Size = 24064 bytes | Created Date = 12/9/2006 11:38:35 AM | Attr = ]
    ScrSplCs.ini -> %CommonProgramFiles%\Logitech\Scrolling\ScrSplCs.ini -> [Ver = | Size = 351 bytes | Created Date = 12/9/2006 11:38:35 AM | Attr = ]
    ie7_main.log -> %SystemRoot%\ie7_main.log -> [Ver = | Size = 1423 bytes | Created Date = 1/24/2007 4:43:14 AM | Attr = ]
    KB923694.log -> %SystemRoot%\KB923694.log -> [Ver = | Size = 14581 bytes | Created Date = 12/15/2006 9:29:21 PM | Attr = ]
    KB925398.log -> %SystemRoot%\KB925398.log -> [Ver = | Size = 7036 bytes | Created Date = 12/17/2006 3:01:35 AM | Attr = ]
    KB926255.log -> %SystemRoot%\KB926255.log -> [Ver = | Size = 13845 bytes | Created Date = 12/15/2006 9:29:31 PM | Attr = ]
    LOGI_MWX.EXE -> %SystemRoot%\LOGI_MWX.EXE -> Logitech Inc. [Ver = 9.79.024 | Size = 19968 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 1/2/2007 9:21:18 AM | Attr = ]
    QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 1/2/2007 9:21:18 AM | Attr = H ]
    RMTOOLS.DLL -> %SystemRoot%\RMTOOLS.DLL -> [Ver = | Size = 136448 bytes | Created Date = 12/9/2006 11:08:44 AM | Attr = ]
    Thumbs.db -> %SystemRoot%\Thumbs.db -> [Ver = | Size = 7680 bytes | Created Date = 11/30/2006 1:25:48 AM | Attr = HS]
    @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable ->
    tlknw18.ini -> %SystemRoot%\tlknw18.ini -> [Ver = | Size = 619 bytes | Created Date = 12/5/2006 11:36:09 PM | Attr = ]
    autoexec.nt.bak -> %System32%\autoexec.nt.bak -> [Ver = | Size = 1688 bytes | Created Date = 1/27/2007 2:02:08 AM | Attr = ]
    command.com.bak -> %System32%\command.com.bak -> [Ver = | Size = 50620 bytes | Created Date = 1/27/2007 2:02:08 AM | Attr = ]
    COMNCTR.DLL -> %System32%\COMNCTR.DLL -> Logitech Inc. [Ver = 9.79.025 | Size = 104960 bytes | Created Date = 12/9/2006 11:38:34 AM | Attr = ]
    config.nt.bak -> %System32%\config.nt.bak -> [Ver = | Size = 2577 bytes | Created Date = 1/27/2007 2:02:08 AM | Attr = ]
    d3dx9_24.dll -> %System32%\d3dx9_24.dll -> Microsoft Corporation [Ver = 9.05.132.0000 | Size = 2222800 bytes | Created Date = 12/26/2006 8:26:01 PM | Attr = ]
    d3dx9_26.dll -> %System32%\d3dx9_26.dll -> Microsoft Corporation [Ver = 9.07.239.0000 | Size = 2297552 bytes | Created Date = 12/26/2006 8:26:06 PM | Attr = ]
    d3dx9_28.dll -> %System32%\d3dx9_28.dll -> Microsoft Corporation [Ver = 9.10.455.0000 | Size = 2323664 bytes | Created Date = 12/26/2006 8:26:09 PM | Attr = ]
    d3dx9_29.dll -> %System32%\d3dx9_29.dll -> Microsoft Corporation [Ver = 9.11.519.0000 | Size = 2332368 bytes | Created Date = 12/26/2006 8:26:10 PM | Attr = ]
    d3dx9_30.dll -> %System32%\d3dx9_30.dll -> Microsoft Corporation [Ver = 9.12.589.0000 | Size = 2388176 bytes | Created Date = 12/26/2006 8:26:12 PM | Attr = ]
    LCOINST.DLL -> %System32%\LCOINST.DLL -> Logitech, Inc. [Ver = 9.79.24.0 | Size = 23375 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    LGUICOM.DLL -> %System32%\LGUICOM.DLL -> Logitech Inc. [Ver = 9.79.025 | Size = 97792 bytes | Created Date = 12/9/2006 11:38:34 AM | Attr = ]
    lmoufrc.dll -> %System32%\lmoufrc.dll -> Logitech Inc. [Ver = 9.41.0 | Size = 152064 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    LMOUSE16.DLL -> %System32%\LMOUSE16.DLL -> Logitech, Inc. [Ver = 9.79.25.0 | Size = 3568 bytes | Created Date = 12/9/2006 11:38:34 AM | Attr = ]
    LMOUSE32.DLL -> %System32%\LMOUSE32.DLL -> Logitech, Inc. [Ver = 9.79.25.0 | Size = 16896 bytes | Created Date = 12/9/2006 11:38:34 AM | Attr = ]
    x3daudio1_0.dll -> %System32%\x3daudio1_0.dll -> Microsoft Corporation [Ver = 9.11.519.0000 built by: mmbuild | Size = 14032 bytes | Created Date = 12/26/2006 8:26:11 PM | Attr = ]
    xactengine2_0.dll -> %System32%\xactengine2_0.dll -> Microsoft Corporation [Ver = 9.11.519.0000 built by: mmbuild | Size = 230096 bytes | Created Date = 12/26/2006 8:26:11 PM | Attr = ]
    xactengine2_1.dll -> %System32%\xactengine2_1.dll -> Microsoft Corporation [Ver = 9.12.589.0000 built by: mmbuild | Size = 229584 bytes | Created Date = 12/26/2006 8:26:38 PM | Attr = ]
    xactengine2_2.dll -> %System32%\xactengine2_2.dll -> Microsoft Corporation [Ver = 9.13.644.0000 built by: mmbuild | Size = 230168 bytes | Created Date = 12/26/2006 8:26:40 PM | Attr = ]
    xinput1_1.dll -> %System32%\xinput1_1.dll -> Microsoft Corporation [Ver = 9.12.589.0000 built by: mmbuild | Size = 62672 bytes | Created Date = 12/26/2006 8:26:39 PM | Attr = ]
    xinput9_1_0.dll -> %System32%\xinput9_1_0.dll -> Microsoft Corporation [Ver = 9.10.455.0000 built by: mmbuild | Size = 61136 bytes | Created Date = 12/26/2006 8:26:08 PM | Attr = ]
    L8042PR2.SYS -> %System32%\drivers\L8042PR2.SYS -> Logitech, Inc. [Ver = 9.79.24.0 | Size = 51729 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    LCCFLTR.SYS -> %System32%\drivers\LCCFLTR.SYS -> Logitech, Inc. [Ver = 9.79.200.0 | Size = 14095 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    LHIDFLT2.SYS -> %System32%\drivers\LHIDFLT2.SYS -> Logitech, Inc. [Ver = 9.79.24.0 | Size = 25505 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    LHIDUSB.SYS -> %System32%\drivers\LHIDUSB.SYS -> Logitech, Inc. [Ver = 9.79.200.0 | Size = 37887 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    lmouflt2.sys -> %System32%\drivers\lmouflt2.sys -> Logitech, Inc. [Ver = 9.79.24.0 | Size = 70801 bytes | Created Date = 12/9/2006 11:38:33 AM | Attr = ]
    tj2kcr.sys -> %System32%\drivers\tj2kcr.sys -> MCCI [Ver = V3.21 | Size = 3904 bytes | Created Date = 1/9/2007 7:18:56 PM | Attr = R ]
    tj2kunic.sys -> %System32%\drivers\tj2kunic.sys -> MCCI [Ver = V3.21 | Size = 69680 bytes | Created Date = 1/9/2007 7:18:56 PM | Attr = R ]
    tj2kwh.sys -> %System32%\drivers\tj2kwh.sys -> MCCI [Ver = V3.21 | Size = 5712 bytes | Created Date = 1/9/2007 7:18:56 PM | Attr = R ]

    [Files - Modified Within 30 days]
    AdobeFnt10.lst -> %CommonProgramFiles%\Adobe\Fonts\Reqrd\CMaps\AdobeFnt10.lst -> [Ver = | Size = 40537 bytes | Modified Date = 1/17/2007 10:02:26 PM | Attr = ]
    IDriver.exe -> %CommonProgramFiles%\InstallShield\Driver\10\Intel 32\IDriver.exe -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 761856 bytes | Modified Date = 1/6/2007 10:47:22 AM | Attr = ]
    iGdiCnv.dll -> %CommonProgramFiles%\InstallShield\Driver\10\Intel 32\iGdiCnv.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 180224 bytes | Modified Date = 1/6/2007 10:47:26 AM | Attr = ]
    IScrCnv.dll -> %CommonProgramFiles%\InstallShield\Driver\10\Intel 32\IScrCnv.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 266240 bytes | Modified Date = 1/6/2007 10:47:24 AM | Attr = ]
    ISRT.dll -> %CommonProgramFiles%\InstallShield\Driver\10\Intel 32\ISRT.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 409600 bytes | Modified Date = 1/6/2007 10:47:24 AM | Attr = ]
    IUserCnv.dll -> %CommonProgramFiles%\InstallShield\Driver\10\Intel 32\IUserCnv.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 172032 bytes | Modified Date = 1/6/2007 10:47:24 AM | Attr = ]
    objpscnv.dll -> %CommonProgramFiles%\InstallShield\Driver\10\Intel 32\objpscnv.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 32768 bytes | Modified Date = 1/6/2007 10:47:24 AM | Attr = ]
    _ISRES1033.dll -> %CommonProgramFiles%\InstallShield\Driver\10\Intel 32\_ISRES1033.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 540772 bytes | Modified Date = 1/6/2007 10:47:22 AM | Attr = ]
    NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 1/21/2007 9:35:48 PM | Attr = ]
    ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 1/25/2007 7:54:06 AM | Attr = ]
    QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 1/2/2007 9:21:20 AM | Attr = ]
    QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 1/27/2007 2:05:52 AM | Attr = H ]
    system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 435 bytes | Modified Date = 12/31/2006 12:05:50 AM | Attr = ]
    aswBoot.exe -> %System32%\aswBoot.exe -> [Ver = 4, 7, 936, 0 | Size = 689280 bytes | Modified Date = 1/15/2007 11:32:08 AM | Attr = ]
    AVASTSS.scr -> %System32%\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 90112 bytes | Modified Date = 1/15/2007 11:23:20 AM | Attr = ]
    FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 124520 bytes | Modified Date = 1/9/2007 12:58:36 PM | Attr = ]
    perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 62746 bytes | Modified Date = 1/22/2007 8:15:28 AM | Attr = ]
    perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 401632 bytes | Modified Date = 1/22/2007 8:15:28 AM | Attr = ]
    PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 471326 bytes | Modified Date = 1/22/2007 8:15:28 AM | Attr = ]
    aswRdr.sys -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 23352 bytes | Modified Date = 1/15/2007 11:26:08 AM | Attr = ]
    aswTdi.sys -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 43176 bytes | Modified Date = 1/15/2007 11:25:24 AM | Attr = ]

    [File String Scan - Non-Microsoft Only]
    PTech , -> %CommonProgramFiles%\Adobe\Linguistics\Providers\Proximity\cze108.lex -> [Ver = | Size = 3916800 bytes | Modified Date = 3/16/2005 9:15:32 PM | Attr = ]
    PEC2 , PECompact2 , -> %CommonProgramFiles%\Adobe\Updater\AdobeUpdaterApp.dll -> Adobe Systems Incorporated [Ver = 4, 0, 0, 44 | Size = 743936 bytes | Modified Date = 3/16/2005 9:16:40 PM | Attr = ]
    Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core
    PHP:
    [PHP][PHP][PHP][PHP]
    [/PHP][/PHP][/PHP][/PHP]3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 3/2/2006 5:18:34 PM | Attr = ]
    WSUD , -> %CommonProgramFiles%\Microsoft Shared\SpeechEngines\TTS\female.vce -> [Ver = | Size = 2053632 bytes | Modified Date = 1/12/1999 10:29:28 AM | Attr = ]
    PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 5/7/2006 3:54:42 AM | Attr = ]
    PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 126, 3 | Size = 559784 bytes | Modified Date = 5/7/2006 3:54:42 AM | Attr = ]
    qoologic , SAHAgent , -> %CommonProgramFiles%\Scanner\ppsrindex.dat -> [Ver = | Size = 30546 bytes | Modified Date = 12/9/2006 11:00:22 AM | Attr = ]
    UPX! , UPX0 , -> %SystemRoot%\daemon.dll -> [Ver = 3.46.0.0 | Size = 69120 bytes | Modified Date = 3/15/2004 9:28:50 PM | Attr = ]
    WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.20 | Size = 14225408 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    UPX! , UPX0 , -> %System32%\aswBoot.exe -> [Ver = 4, 7, 936, 0 | Size = 689280 bytes | Modified Date = 1/15/2007 11:32:08 AM | Attr = ]
    PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    aspack , -> %System32%\lame_enc.dll -> [Ver = | Size = 120832 bytes | Modified Date = 3/19/2002 6:18:54 AM | Attr = ]
    aspack , -> %System32%\NCTAudioFile.dll -> NCT Company [Ver = 1, 7, 6, 0 | Size = 491520 bytes | Modified Date = 12/3/2002 2:02:58 AM | Attr = ]
    aspack , -> %System32%\NCTTextToAudio.dll -> NCT Company [Ver = 1, 7, 6, 0 | Size = 158208 bytes | Modified Date = 12/3/2002 2:10:08 AM | Attr = ]
    winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]
    PTech , -> %System32%\drivers\mtlstrm.sys -> [Ver = Nov 4 2003 17:11:08 | Size = 1299976 bytes | Modified Date = 7/8/2005 6:00:00 AM | Attr = ]

    < End of report >
     
  12. bannostookaylo

    bannostookaylo Thread Starter

    Joined:
    Jan 25, 2007
    Messages:
    7
    i hope i did all of that right i am really sorry if i didnt but thank you so much for helping me out really
     
  13. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    first do this bit as it looks like you have incoprrect versions of soem vital system files
    If you get an error similar to:
    C:\windows\system32\autoexec.nt the system file is not suitable for running ms-dos and microsoft windows applications. choose close to terminate the application...etc etc'
    Go here and use the appropriate fix for your system
    http://www.tech-forums.net/computer/topic/29806.html

    then

    Download AlcanShorty_en.exe
    to your desktop

    double click the alcanShorty.exe file and follow prompts. It will make a folder on desktop called Alcan Shorty
    Open the folder & double click the run.bat

    This will download a file called BFU.exe and a BFU script. If your firewall asks for permission to connect then allow it

    a message box will pop up saying complete. Press OK
    Then BFU.exe will open.

    select the option to show log at completion

    Execute the script by clicking the Execute button.
    Note that you should see a progress bar while the script is being executed.

    If you have any questions about the use of BFU please read here:
    http://metallica.geekstogo.com/BFUinstructions.html


    when the script has finished press copy & that will make a copy of the report in your clipboard. paste that log back here

    along with a new HJT log please
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/538224

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice