hi excal,
I beleive I got the wildtangent file deleted now. Here is the scan of WinPfind.
Look forward to the next entry. Thanks Mamawatta
»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 1 Current Build Number: 2600
Internet Explorer Version: 6.0.2800.1106
»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»
Checking %SystemDrive% folder...
UPX! 8/11/2005 9:33:06 PM 280583 C:\l2mfix.exe
Checking %ProgramFilesDir% folder...
Checking %WinDir% folder...
ad-w-a-r-e.com 2/26/2005 1:50:14 AM 1050456 C:\WINDOWS\setupapi.log.1.old
Checking %System% folder...
PEC2 8/18/2001 7:00:00 AM 41397 C:\WINDOWS\SYSTEM32\DFRG.MSC
aspack 10/21/2003 7:52:12 PM 691010 C:\WINDOWS\SYSTEM32\Halloween.scr
Umonitor 5/15/2002 6:09:14 PM 324096 C:\WINDOWS\SYSTEM32\ipebase11.dll
UPX! 1/13/2005 9:41:48 PM 11254 C:\WINDOWS\SYSTEM32\locate.com
PECompact2 8/4/2005 9:31:38 PM 1449304 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 8/4/2005 9:31:38 PM 1449304 C:\WINDOWS\SYSTEM32\MRT.exe
Umonitor 8/29/2002 6:41:10 AM 631808 C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 8/18/2001 7:00:00 AM 1309184 C:\WINDOWS\SYSTEM32\WBDBASE.DEU
Checking %System%\Drivers folder and sub-folders...
Items found in C:\WINDOWS\SYSTEM32\drivers\ETC\hosts
Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
S 8/20/2005 11:34:16 PM 2048 C:\WINDOWS\BOOTSTAT.DAT
H 6/30/2005 1:34:14 PM 0 C:\WINDOWS\INF\oem61.inf
H 8/18/2005 11:08:54 AM 0 C:\WINDOWS\INF\oem63.inf
H 8/20/2005 11:31:12 PM 0 C:\WINDOWS\LastGood\INF\oem65.inf
H 8/20/2005 11:31:12 PM 0 C:\WINDOWS\LastGood\INF\oem65.PNF
SH 8/13/2005 5:59:00 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_100.cab
SH 8/13/2005 5:59:02 PM 26320 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_101.cab
SH 8/13/2005 5:59:02 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_102.cab
SH 8/13/2005 5:59:02 PM 26284 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_103.cab
SH 8/13/2005 5:59:02 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_104.cab
SH 8/13/2005 5:59:02 PM 26290 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_105.cab
SH 8/13/2005 5:59:04 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_106.cab
SH 8/13/2005 5:59:04 PM 26126 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_107.cab
SH 8/13/2005 5:59:04 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_108.cab
SH 8/13/2005 5:58:40 PM 26173 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_62.cab
SH 8/13/2005 5:58:46 PM 25959 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_63.cab
SH 8/13/2005 5:58:46 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_64.cab
SH 8/13/2005 5:58:48 PM 25566 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_65.cab
SH 8/13/2005 5:58:48 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_66.cab
SH 8/13/2005 5:58:48 PM 25530 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_67.cab
SH 8/13/2005 5:58:48 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_68.cab
SH 8/13/2005 5:58:48 PM 26317 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_69.cab
SH 8/13/2005 5:58:48 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_70.cab
SH 8/13/2005 5:58:50 PM 26387 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_71.cab
SH 8/13/2005 5:58:50 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_72.cab
SH 8/13/2005 5:58:50 PM 26657 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_73.cab
SH 8/13/2005 5:58:50 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_74.cab
SH 8/13/2005 5:58:50 PM 26652 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_75.cab
SH 8/13/2005 5:58:52 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_76.cab
SH 8/13/2005 5:58:52 PM 26255 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_77.cab
SH 8/13/2005 5:58:52 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_78.cab
SH 8/13/2005 5:58:52 PM 26108 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_79.cab
SH 8/13/2005 5:58:52 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_80.cab
SH 8/13/2005 5:58:54 PM 26449 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_81.cab
SH 8/13/2005 5:58:54 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_82.cab
SH 8/13/2005 5:58:54 PM 25853 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_83.cab
SH 8/13/2005 5:58:54 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_84.cab
SH 8/13/2005 5:58:54 PM 26290 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_85.cab
SH 8/13/2005 5:58:56 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_86.cab
SH 8/13/2005 5:58:56 PM 26383 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_87.cab
SH 8/13/2005 5:58:56 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_88.cab
SH 8/13/2005 5:58:56 PM 26291 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_89.cab
SH 8/13/2005 5:58:56 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_90.cab
SH 8/13/2005 5:58:58 PM 25896 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_91.cab
SH 8/13/2005 5:58:58 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_92.cab
SH 8/13/2005 5:58:58 PM 26494 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_93.cab
SH 8/13/2005 5:58:58 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_94.cab
SH 8/13/2005 5:58:58 PM 26229 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_95.cab
SH 8/13/2005 5:59:00 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_96.cab
SH 8/13/2005 5:59:00 PM 26467 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_97.cab
SH 8/13/2005 5:59:00 PM 10470 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_98.cab
SH 8/13/2005 5:59:00 PM 26283 C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_99.cab
S 7/19/2005 8:18:46 PM 1168 C:\WINDOWS\SYSTEM32\TBPS.ini
S 7/19/2005 5:11:14 PM 17860 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896727-IE6SP1-20050719.165959.cat
S 6/30/2005 2:21:10 PM 11084 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899588.cat
H 8/20/2005 11:34:08 PM 8192 C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG
H 8/20/2005 11:34:36 PM 1024 C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG
H 8/20/2005 11:34:22 PM 20480 C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG
H 8/20/2005 11:37:10 PM 98304 C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG
H 8/20/2005 11:34:24 PM 954368 C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG
H 8/11/2005 10:43:02 PM 1024 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG
SH 8/12/2005 1:03:06 AM 67 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D6X7PX4O\desktop.ini
SH 8/12/2005 1:03:06 AM 67 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\VGJUQTLV\desktop.ini
SH 8/12/2005 1:03:06 AM 67 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\W16781U3\desktop.ini
SH 8/12/2005 1:03:06 AM 67 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\XORU0O9P\desktop.ini
SH 8/11/2005 10:44:10 PM 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\6376fd7d-cc55-4e85-85dc-7b1684bc72da
SH 8/13/2005 8:27:46 PM 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\c7df2743-1eee-4e62-9c4b-e18f016a77dc
SH 8/11/2005 10:44:10 PM 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\Preferred
SH 8/18/2005 11:09:04 AM 13698 C:\WINDOWS\SYSTEM32\Restore\filelist.xml
H 8/20/2005 11:32:16 PM 6 C:\WINDOWS\Tasks\SA.DAT
Checking for CPL files...
Microsoft Corporation 8/18/2001 7:00:00 AM 66048 C:\WINDOWS\SYSTEM32\ACCESS.CPL
Microsoft Corporation 8/29/2002 6:41:28 AM 578560 C:\WINDOWS\SYSTEM32\appwiz.cpl
Logitech Inc. 8/29/2003 2:19:16 PM 151552 C:\WINDOWS\SYSTEM32\CamCpl.cpl
Microsoft Corporation 8/29/2002 6:41:28 AM 129024 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 8/18/2001 7:00:00 AM 150016 C:\WINDOWS\SYSTEM32\HDWWIZ.CPL
Intel Corporation 3/26/2002 10:24:48 PM 94208 C:\WINDOWS\SYSTEM32\igfxcpl.cpl
Microsoft Corporation 8/29/2002 6:41:28 AM 292352 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 8/29/2002 6:41:28 AM 121856 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 8/29/2002 6:41:28 AM 65536 C:\WINDOWS\SYSTEM32\joy.cpl
Microsoft Corporation 8/18/2001 7:00:00 AM 187904 C:\WINDOWS\SYSTEM32\MAIN.CPL
Microsoft Corporation 8/18/2001 7:00:00 AM 559616 C:\WINDOWS\SYSTEM32\MMSYS.CPL
Microsoft Corporation 8/18/2001 7:00:00 AM 35840 C:\WINDOWS\SYSTEM32\NCPA.CPL
Microsoft Corporation 8/18/2001 7:00:00 AM 256000 C:\WINDOWS\SYSTEM32\NUSRMGR.CPL
Microsoft Corporation 8/18/2001 7:00:00 AM 36864 C:\WINDOWS\SYSTEM32\ODBCCP32.CPL
Microsoft Corporation 8/18/2001 7:00:00 AM 109056 C:\WINDOWS\SYSTEM32\POWERCFG.CPL
Apple Computer, Inc. 1/6/2004 5:02:36 PM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 8/29/2002 6:41:28 AM 268288 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 8/18/2001 7:00:00 AM 28160 C:\WINDOWS\SYSTEM32\TELEPHON.CPL
Microsoft Corporation 8/18/2001 7:00:00 AM 90112 C:\WINDOWS\SYSTEM32\TIMEDATE.CPL
Microsoft Corporation 5/26/2005 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Intel Corporation 3/26/2002 10:24:48 PM 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0000\DriverFiles\igfxcpl.cpl
»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»
Checking files in %ALLUSERSPROFILE%\Startup folder...
5/21/2002 12:47:08 AM 1757 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
Checking files in %ALLUSERSPROFILE%\Application Data folder...
Checking files in %USERPROFILE%\Startup folder...
Checking files in %USERPROFILE%\Application Data folder...
5/21/2002 12:44:08 AM 1528 C:\Documents and Settings\Martha\Application Data\AdobeDLM.log
5/21/2002 12:44:08 AM 0 C:\Documents and Settings\Martha\Application Data\dm.ini
1/11/2005 12:17:50 AM 56952 C:\Documents and Settings\Martha\Application Data\GDIPFONTCACHEV1.DAT
»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
{0A288102-AD8B-431E-9CD5-A115E8D132A8} = C:\WINDOWS\system32\RWND.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido\security suite\context.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\contmenu.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail
{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{CFC7205E-2792-4378-9591-3879CC6C9022}
= c:\progra~1\mcafee.com\vso\mcvsshl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\contmenu.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{CFC7205E-2792-4378-9591-3879CC6C9022}
= c:\progra~1\mcafee.com\vso\mcvsshl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido\security suite\context.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\TrojanHunter
{EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.2\contmenu.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}
= C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
= C:\PROGRA~1\SPYBOT~1\SDHelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
&Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = %SystemRoot%\System32\shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
Real.com = C:\WINDOWS\System32\Shdocvw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{BA52B914-B692-46c4-B683-905236F6F655} = McAfee VirusScan : c:\progra~1\mcafee.com\vso\mcvsshl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
ButtonText = Messenger :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4982D40A-C53B-4615-B15B-B5B5E98D167C}
ButtonText = AOL Toolbar :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
ButtonText = AIM : C:\Program Files\AIM95\aim.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
ButtonText = Real.com :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E023F504-0C5A-4750-A1E7-A9046DEA8A21}
ButtonText = MoneySide :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ButtonText = Messenger : C:\Program Files\Messenger\MSMSGS.EXE
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
Media Band = %SystemRoot%\System32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
&Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{9404901D-06DA-4B23-A0EE-3EA4F64EC9B3}
MoneySide = C:\Program Files\Microsoft Money\System\mnyviewer.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
Explorer Band = %SystemRoot%\System32\shdocvw.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{339BB23F-A864-48C0-A59F-29EA915965EC} = :
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
MMTray C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
AOL Spyware Protection C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
VSOCheckTask "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
VirusScan Online "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
MCAgentExe c:\PROGRA~1\mcafee.com\agent\mcagent.exe
MCUpdateExe C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
Pure Networks Port Magic "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
MPFExe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
AOLDialer C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
THGuard "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Microsoft Works Update Detection \WkDetect.exe
AOL Fast Start "C:\Program Files\America Online 9.0\AOL.EXE" -b
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
Shell = explorer.exe
System =
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui
= igfxsrvc.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs
»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.3.0 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 8/20/2005 11:51:20 PM
This topic is locked
Please help a computer beginner. I have 3 icons on my lower taskbar of the WinFix 2005, which I never accepted from the stupid pop up that came up in the first place. However, the program seems to be not downloaded. It is not listed on added program files. How do I get rid of this stupid program? 
I'm getting jammed up on the internet and having to reboot and my printer is on the fritz. Please help me as simple and as many laymens terms as possible 
....THANK YOU!
Sign In
Create Account
