heres my log
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 11:33:35 PM, 3/23/2006
+ Report-Checksum: 6AFAE933
+ Scan result:
HKU\S-1-5-21-1844237615-884357618-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Cleaned with backup
:mozilla.17:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.18:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.21:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.25:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.26:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.27:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.28:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.29:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.30:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.31:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.32:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.34:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.35:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.70:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.71:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.72:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.151:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.152:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.153:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.154:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.155:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.156:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.157:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.158:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.159:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.160:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.166:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.167:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.168:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.227:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Porntrack : Cleaned with backup
:mozilla.254:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.255:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.256:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.257:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.258:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.259:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.266:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.267:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.285:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.286:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.293:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.294:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.295:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.296:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.300:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.321:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.322:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.323:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.324:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.325:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.326:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.340:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.341:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.348:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.353:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.354:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.355:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.356:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.357:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.358:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.359:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.360:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.361:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.362:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned with backup
:mozilla.363:C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned with backup
C:\Documents and Settings\cosmic\Application Data\аssembly\javaw.exe -> Downloader.PurityScan.by : Cleaned with backup
C:\Documents and Settings\cosmic\Cookies\cosmic@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\cosmic\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\cosmic\My Documents\anti-spywares\backups\backup-20060323-214130-150.dll -> Adware.MediaTickets : Cleaned with backup
C:\Program Files\Common Files\Тasks\mshta.exe -> Downloader.PurityScan.w : Cleaned with backup
C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_434_0_0_446000.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_434_1_0_448600.gif -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_434_2_0_814200.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_434_2_0_815600.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_434_2_0_815900.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\ginuerep.dll -> Not-A-Virus.Hoax.Win32.Renos.bz : Cleaned with backup
C:\WINDOWS\system32\Μicrosoft\mmc.exe -> Downloader.PurityScan.by : Cleaned with backup
C:\WINDOWS\YAXUninst.exe -> Adware.MediaTickets : Cleaned with backup
::Report End
Incident Status Location
Potentially unwanted tool:Application/SpyFalcon Not disinfected C:\!KillBox\SpyFalcon\SpyFalcon.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\cosmic\Application Data\Mozilla\Firefox\Profiles\5m8oy3oi.default\Cache\3EFBEAA3d01[Process.exe]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\cosmic\Cookies\cosmic@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\cosmic\Cookies\
[email protected][2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\cosmic\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\cosmic\Desktop\smitRem.exe[Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\cosmic\My Documents\anti-spywares\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\cosmic\My Documents\anti-spywares\smitRem.exe[Process.exe]
Adware:Adware/EMediaCodec Not disinfected C:\WINDOWS\system32\dfrgsrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 7:28:55 AM, on 3/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\cosmic\My Documents\anti-spywares\HijackThis.exe
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: ㄏノ FlashGet 更 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 场ㄏノ FlashGet 更 - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) -
https://www.e-games....GamesPlugin.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1141571361171O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{F39E970A-EB63-490A-85F1-FAA903DFAAD0}: NameServer = 202.188.0.133 202.188.1.5
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
smitRem ?log file
version 2.8
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
The current date is: 03/23/2006 Thu
The current time is: 21:41:48.67
Running from
C:\Documents and Settings\cosmic\Desktop\smitRem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run SharedTask Export
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
1024 dir
ld****.tmp
ncompat.tlb
nvctrl.exe
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003
[email protected]Killing PID 888 'explorer.exe'
Starting registry repairs
Registry repairs complete
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SharedTask Export after registry fix
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deleting files
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN!