« previous next »
Pages: [1] 2   Go Down

Author Topic: nic's problem  (Read 10841 times)

0 Members and 4 Guests are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
nic's problem
« on: January 02, 2008, 09:44:24 PM »
Here you go if you could do the following for me I will help you out, by keeping them in seperate threads Oldman will not get confused  :D  ???

Download ComboFix from Here or Here to your Desktop.
  • Double click combofix.exe and follow the prompts.
  • When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Logged

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: nic's problem
« Reply #1 on: January 02, 2008, 09:47:16 PM »
Quote
Here you go if you could do the following for me I will help you out, by keeping them in seperate threads Oldman will not get confused   

And that's easily done  :D ;)

Thnaks essexboy
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #2 on: January 02, 2008, 10:34:28 PM »
Thank You Very Much. Here is the Log that was produced by ComboFix:

ComboFix 08-01-03.3 - Owner 2008-01-02 14:10:22.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.220 [GMT -7:00]
Running from: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\7IN5XP3N\ComboFix[1].exe
 * Created a new restore point
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\adsn.dll
C:\WINDOWS\system32\drivers\ibhwjwkv.dat
D:\Autorun.inf.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   ))))))))))))))))))))))))))))))))))))))))))))))))).
-------\LEGACY_DJGPMJKO
-------\djgpmjko
(((((((((((((((((((((((((   Files Created from 2007-12-03 to 2008-01-03  )))))))))))))))))))))))))))))))

2008-01-02 14:09 . 2000-08-31 08:00   51,200   --a------   C:\WINDOWS\NirCmd.exe
2007-12-14 09:30 . 2007-12-04 05:54   95,608   --a------   C:\WINDOWS\system32\AvastSS.scr
2007-12-14 09:30 . 2007-12-04 07:51   42,912   --a------   C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-14 09:30 . 2007-12-04 07:49   26,624   --a------   C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-14 09:30 . 2007-12-04 07:53   23,152   --a------   C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-14 09:29 . 2007-12-14 09:29   <DIR>   d--------   C:\Program Files\Alwil Software
2007-12-14 09:29 . 2007-12-04 06:04   837,496   --a------   C:\WINDOWS\system32\aswBoot.exe
2007-12-14 09:29 . 2004-01-09 02:13   380,928   --a------   C:\WINDOWS\system32\actskin4.ocx
2007-12-14 09:29 . 2007-12-04 07:55   94,544   --a------   C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-14 09:29 . 2007-12-04 07:56   93,264   --a------   C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 13:41 . 2007-12-04 14:17   <DIR>   d-a------   C:\Documents and Settings\All Users\Application Data\TEMP
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.2007-11-13 10:25   20,480   ----a-w   C:\WINDOWS\system32\drivers\secdrv.sys
2005-01-21 03:33   0   --sha-w   C:\WINDOWS\SMINST\HPCD.sys
.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
..
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:24 1694208]
"BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2004-01-09 01:34 32768]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 07:59 224248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 09:22 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 13:46 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 14:04 40960]
"SetDefPrt"="C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe" [2004-05-25 08:16 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 08:34 851968]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-10-18 11:58 278528]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-16 23:31 155648]
"tgcmd"="C:\Program Files\Support.com\bin\tgcmd.exe" [2005-11-18 22:33 1851392]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-08-02 05:49 185632]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 07:59 224248]
"NoteBurner"="C:\Program Files\NoteBurner\VTBurnerGUI.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 06:00 79224]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
MySurvey Messenger.lnk - C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe [2007-07-02 14:46:10]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2006-06-12 12:39:36]
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2005-08-06 15:11:11]
S0 ntcdrdrv;ntcdrdrv;C:\WINDOWS\system32\DRIVERS\ntcdrdrv.sys []
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS [2001-08-17 15:11]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2003-12-19 20:15]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys [2004-06-12 04:27]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys [2004-01-10 03:28]
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 21:41].
Contents of the 'Scheduled Tasks' folder
"2006-07-08 16:12:04 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.**************************************************************************catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-03 14:17:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************.
Completion time: 2008-01-03 14:21:39 - machine was rebooted
ComboFix-quarantined-files.txt  2008-01-03 21:21:30.
2007-12-21 03:21:26   --- E O F ---  [/i] [/i]

Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #3 on: January 02, 2008, 10:37:11 PM »
Hijack This log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:31:15 PM, on 1/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe"
O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NoteBurner] C:\Program Files\NoteBurner\VTBurnerGUI.exe /silence
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BackupNotify] "c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - Startup: MySurvey Messenger.lnk = C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 7842 bytes
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: nic's problem
« Reply #4 on: January 02, 2008, 10:52:14 PM »
Not a great deal apparent there what symptoms are you experiencing ?

I can do a deeper search

Download WinPFind3u.exe  to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • Under Additional Scans click the checkboxes in front of the following items to select them:
      Reg - BotCheck

  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #5 on: January 02, 2008, 11:01:42 PM »
Not a great deal apparent there what symptoms are you experiencing ? <~~~essexboy

I'm not experiencing any problems that I know of. But,I would like this trojan off of my machine since there's no telling what it's up to and what's being stolen...if anything. As an aside, I ran AVG AND Webroot and they didn't find it.  Not a very reassuring sign. So, what do the logs indicate?
Again,thank you very much.
Logged

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: nic's problem
« Reply #6 on: January 02, 2008, 11:10:25 PM »
Nic_1

The adsn.dll is gone. Let essexboy know what, if any other symptoms, you are experiecing. He has offered to do a very deep scan of your system. Take him up on it.  :)
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #7 on: January 03, 2008, 12:56:37 PM »
After another scheduled scan, I was able to place the trojan into the chest. This time with no message telling me 'Access Denied'. Do you still recommend a deeper scan w/WinPFind3u . Sorry it's taking me a while to respond, work sometimes gets in the way. ::)
Logged

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: nic's problem
« Reply #8 on: January 03, 2008, 02:26:51 PM »
Yes, it's a deeper scan that should reveal the problem.
Logged

Spiritsongs

  • Guest
Re: nic's problem
« Reply #9 on: January 03, 2008, 05:38:46 PM »
 :)  Hi "Nic" :

      Just a side Note : your Sun Java program is WAY-out-of-date and a very
      serious security risk ; should uninstall ALL versions of this program.
      The latest version is available at www.java.com .

       And there is recent news of a serious Vulnerability discovered in "Real
       Player" ; not sure if it is currently "patchable" !? Perhaps you should
       consider an "alternative" & many of us here recommend "RealAlternate" .
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #10 on: January 03, 2008, 06:25:33 PM »
Thank You Essexboy,Oldman,and Spiritsong for all of your help.
This is the log from WinPFind3U in several parts since it doesn't fit:


WinPFind3 logfile created on: 1/4/2008 10:11:40 AM
WinPFind3U by OldTimer - Version 1.0.44   Folder = C:\Documents and Settings\Owner\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
 
503.48 Mb Total Physical Memory | 267.28 Mb Available Physical Memory | 53.09% Memory free
1.20 Gb Paging File | 0.98 Gb Available in Paging File | 81.66% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30.94 Gb Total Space | 10.68 Gb Free Space | 34.51% Space Free
Drive D: | 6.31 Gb Total Space | 2.38 Gb Free Space | 37.74% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: YOUR-46E94OWX6A
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 12/4/2007 6:00:24 AM | Attr =    ]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 12/4/2007 5:59:54 AM | Attr =    ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 12/4/2007 6:00:16 AM | Attr =    ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 12/4/2007 5:59:02 AM | Attr =    ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 12/4/2007 7:36:34 AM | Attr =    ]
brmfrmps.exe -> %System32%\Brmfrmps.exe -> Brother Industries, Ltd. [Ver = 1.10.10.144 | Size = 65536 bytes | Modified Date = 5/5/2003 6:30:22 PM | Attr =    ]
brss01a.exe -> %System32%\brss01a.exe -> brother Industries Ltd [Ver = 1.004 | Size = 45056 bytes | Modified Date = 12/12/2001 11:01:00 PM | Attr =    ]
brsvc01a.exe -> %System32%\brsvc01a.exe -> brother Industries Ltd [Ver = 1, 0, 0, 3 | Size = 57344 bytes | Modified Date = 4/11/2002 11:00:00 PM | Attr =    ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.1.3 | Size = 323584 bytes | Modified Date = 10/18/2005 11:58:40 AM | Attr =    ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.1.3 | Size = 278528 bytes | Modified Date = 10/18/2005 11:58:54 AM | Attr =    ]
mysurveymessenger.exe -> %ProgramFiles%\MySurvey Messenger\MySurveyMessenger.exe ->  [Ver = 1, 0, 0, 1 | Size = 651264 bytes | Modified Date = 7/2/2007 2:46:10 PM | Attr =    ]
pptd40nt.exe -> %ProgramFiles%\ScanSoft\PaperPort\pptd40nt.exe -> ScanSoft, Inc. [Ver = 9.0 | Size = 57393 bytes | Modified Date = 4/14/2004 1:46:50 PM | Attr =    ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.4081 | Size = 185632 bytes | Modified Date = 8/2/2007 5:49:04 AM | Attr =    ]
searchprotection.exe -> %ProgramFiles%\Yahoo!\Search Protection\SearchProtection.exe -> Yahoo! Inc. [Ver = 2007, 6, 8, 1 | Size = 224248 bytes | Modified Date = 6/8/2007 7:59:38 AM | Attr =    ]
sonytray.exe -> %ProgramFiles%\Sony Corporation\Image Transfer\SonyTray.exe ->  [Ver =  | Size = 73728 bytes | Modified Date = 10/16/2002 7:20:20 PM | Attr =    ]
tgcmd.exe -> %ProgramFiles%\Support.com\bin\tgcmd.exe -> Qwest [Ver = 5,5,726,0 | Size = 1851392 bytes | Modified Date = 11/18/2005 10:33:00 PM | Attr = R  ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.44.0 | Size = 371200 bytes | Modified Date = 11/21/2007 9:19:46 AM | Attr =    ]
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #11 on: January 03, 2008, 06:28:43 PM »
[Win32 Services - Non-Microsoft Only]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 12/4/2007 7:36:34 AM | Attr =    ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 12/4/2007 6:00:16 AM | Attr =    ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 12/4/2007 5:59:54 AM | Attr =    ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 12/4/2007 5:59:02 AM | Attr =    ]
(brmfrmps) Brother Popup Suspend service for Resource manager [Win32_Own | Auto | Running] -> %System32%\Brmfrmps.exe -> Brother Industries, Ltd. [Ver = 1.10.10.144 | Size = 65536 bytes | Modified Date = 5/5/2003 6:30:22 PM | Attr =    ]
(Brother XP spl Service) BrSplService [Win32_Own | Auto | Running] -> %System32%\brsvc01a.exe -> brother Industries Ltd [Ver = 1, 0, 0, 3 | Size = 57344 bytes | Modified Date = 4/11/2002 11:00:00 PM | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr =    ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr =    ]
(iPodService) iPodService [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.1.3 | Size = 323584 bytes | Modified Date = 10/18/2005 11:58:40 AM | Attr =    ]
(SymWSC) SymWMI Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\Security Center\SymWSC.exe -> Symantec Corporation [Ver = 2005.1.2.20 | Size = 316544 bytes | Modified Date = 11/2/2004 7:59:50 PM | Attr =    ]
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #12 on: January 03, 2008, 06:29:41 PM »
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 5/11/2007 2:06:32 AM | Attr =    ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 12/4/2007 6:00:24 AM | Attr =    ]
ControlCenter2.0 -> %ProgramFiles%\Brother\ControlCenter2\brctrcen.exe -> Brother Industries, Ltd. [Ver = 2, 0, 8, 0 | Size = 851968 bytes | Modified Date = 7/20/2004 8:34:28 AM | Attr =    ]
IndexSearch -> %ProgramFiles%\ScanSoft\PaperPort\IndexSearch.exe -> ScanSoft, Inc. [Ver = 9.0 | Size = 40960 bytes | Modified Date = 4/14/2004 2:04:12 PM | Attr =    ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.1.3 | Size = 278528 bytes | Modified Date = 10/18/2005 11:58:54 AM | Attr =    ]
NoteBurner -> %ProgramFiles%\NoteBurner\VTBurnerGUI.exe -> File not found
PaperPort PTD -> %ProgramFiles%\ScanSoft\PaperPort\pptd40nt.exe -> ScanSoft, Inc. [Ver = 9.0 | Size = 57393 bytes | Modified Date = 4/14/2004 1:46:50 PM | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.0.3 | Size = 155648 bytes | Modified Date = 11/16/2005 11:31:26 PM | Attr =    ]
SetDefPrt -> %ProgramFiles%\Brother\Brmfl04a\BrStDvPt.exe -> Brother Industories, Ltd. [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 5/25/2004 8:16:56 AM | Attr =    ]
SSBkgdUpdate -> %CommonProgramFiles%\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -> Scansoft, Inc. [Ver = 1, 0, 0, 6 | Size = 155648 bytes | Modified Date = 10/14/2003 9:22:30 AM | Attr = R  ]
tgcmd -> %ProgramFiles%\Support.com\bin\tgcmd.exe -> Qwest [Ver = 5,5,726,0 | Size = 1851392 bytes | Modified Date = 11/18/2005 10:33:00 PM | Attr = R  ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.4081 | Size = 185632 bytes | Modified Date = 8/2/2007 5:49:04 AM | Attr =    ]
YSearchProtection -> %ProgramFiles%\Yahoo!\Search Protection\SearchProtection.exe -> Yahoo! Inc. [Ver = 2007, 6, 8, 1 | Size = 224248 bytes | Modified Date = 6/8/2007 7:59:38 AM | Attr =    ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
BackupNotify -> %ProgramFiles%\HP\Digital Imaging\bin\backupnotify.exe -> Hewlett-Packard Company [Ver = 2004.01.08.0 | Size = 32768 bytes | Modified Date = 1/9/2004 1:34:10 AM | Attr =    ]
YSearchProtection -> %ProgramFiles%\Yahoo!\Search Protection\SearchProtection.exe -> Yahoo! Inc. [Ver = 2007, 6, 8, 1 | Size = 224248 bytes | Modified Date = 6/8/2007 7:59:38 AM | Attr =    ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\Image Transfer.lnk -> %ProgramFiles%\Sony Corporation\Image Transfer\SonyTray.exe ->  [Ver =  | Size = 73728 bytes | Modified Date = 10/16/2002 7:20:20 PM | Attr =    ]
%AllUsersStartup%\Status Monitor.lnk -> %ProgramFiles%\Brother\Brmfcmon\BrMfcWnd.exe -> Brother Industries, Ltd. [Ver = 1, 0, 5, 4 | Size = 819200 bytes | Modified Date = 3/26/2004 6:30:12 PM | Attr =    ]
< User Startup > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
%UserStartup%\MySurvey Messenger.lnk -> %ProgramFiles%\MySurvey Messenger\MySurveyMessenger.exe ->  [Ver = 1, 0, 0, 1 | Size = 651264 bytes | Modified Date = 7/2/2007 2:46:10 PM | Attr =    ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.3889 | Size = 344064 bytes | Modified Date = 8/20/2004 6:50:54 PM | Attr =    ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ ->  ->
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #13 on: January 03, 2008, 06:30:32 PM »
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1       localhost ->  ->
< Internet Explorer Settings > ->  ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://www.yahoo.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop ->
HKCU: Local Page -> C:\WINDOWS\System32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Start Page -> http://www.yahoo.com ->
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn3\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 8, 22, 1 | Size = 816912 bytes | Modified Date = 8/22/2007 6:30:18 PM | Attr =    ]
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> localhost ->
Logged

Nic_1

  • Guest
Re: nic's problem
« Reply #14 on: January 03, 2008, 06:32:40 PM »
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn3\yt.dll [&Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2007, 8, 22, 1 | Size = 816912 bytes | Modified Date = 8/22/2007 6:30:18 PM | Attr =    ]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 10:08:42 PM | Attr =    ]
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> RealPlayer [Ver = 1.0.0.333 | Size = 279928 bytes | Modified Date = 8/2/2007 5:49:18 AM | Attr =    ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
 [HKLM] -> Reg Data - Key not found [Reg Data - Value does not exist] -> File not found
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] -> %ProgramFiles%\HP\digital imaging\bin\hpdtlk02.dll [HP view] -> Hewlett-Packard Company [Ver = 1.0.0.7 | Size = 98304 bytes | Modified Date = 11/21/2003 12:26:26 PM | Attr =    ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn3\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 8, 22, 1 | Size = 816912 bytes | Modified Date = 8/22/2007 6:30:18 PM | Attr =    ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] -> %ProgramFiles%\HP\digital imaging\bin\hpdtlk02.dll [HP view] -> Hewlett-Packard Company [Ver = 1.0.0.7 | Size = 98304 bytes | Modified Date = 11/21/2003 12:26:26 PM | Attr =    ]
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] -> %ProgramFiles%\HP\digital imaging\bin\hpdtlk02.dll [HP view] -> Hewlett-Packard Company [Ver = 1.0.0.7 | Size = 98304 bytes | Modified Date = 11/21/2003 12:26:26 PM | Attr =    ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn3\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 8, 22, 1 | Size = 816912 bytes | Modified Date = 8/22/2007 6:30:18 PM | Attr =    ]
Logged
Pages: [1] 2   Go Up
« previous next »