Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

im so confused on the directions.

Started by ckangaroo , Nov 01 2006 04:14 PM

  • Please log in to reply

#1
ckangaroo
Posted 01 November 2006 - 04:14 PM

ckangaroo

    New Member

  • Member
  • Pip
  • 9 posts
HP_Owner - 06-11-01 17:07:09.87 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\HP_Owner\Desktop"

((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))

REGISTRY ENTRIES REMOVED:

[HKEY_CLASSES_ROOT\clsid\{23C937D5-5D3B-448D-BF89-317E9C94C984}]
@=""

[HKEY_CLASSES_ROOT\clsid\{23C937D5-5D3B-448D-BF89-317E9C94C984}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{23C937D5-5D3B-448D-BF89-317E9C94C984}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{23C937D5-5D3B-448D-BF89-317E9C94C984}\InprocServer32]
@="C:\\WINDOWS\\system32\\lb32.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{17F6AFE9-581E-408F-8677-CCA0C3FFE719}]
@=""

[HKEY_CLASSES_ROOT\clsid\{17F6AFE9-581E-408F-8677-CCA0C3FFE719}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{17F6AFE9-581E-408F-8677-CCA0C3FFE719}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{17F6AFE9-581E-408F-8677-CCA0C3FFE719}\InprocServer32]
@="C:\\WINDOWS\\system32\\PvrtableDeviceWMDRM.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{4E97A870-76F0-4221-86CD-5DEB1BD7C3E8}]
@=""

[HKEY_CLASSES_ROOT\clsid\{4E97A870-76F0-4221-86CD-5DEB1BD7C3E8}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{4E97A870-76F0-4221-86CD-5DEB1BD7C3E8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{4E97A870-76F0-4221-86CD-5DEB1BD7C3E8}\InprocServer32]
@="C:\\WINDOWS\\system32\\kldsp.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{73553975-F615-4ED2-9B00-C94A5998D1A0}]
@=""

[HKEY_CLASSES_ROOT\clsid\{73553975-F615-4ED2-9B00-C94A5998D1A0}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{73553975-F615-4ED2-9B00-C94A5998D1A0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{73553975-F615-4ED2-9B00-C94A5998D1A0}\InprocServer32]
@="C:\\WINDOWS\\system32\\kdduzb.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{5D5F50C2-29BC-4166-BFD8-EFD65AD6576C}]
@=""

[HKEY_CLASSES_ROOT\clsid\{5D5F50C2-29BC-4166-BFD8-EFD65AD6576C}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{5D5F50C2-29BC-4166-BFD8-EFD65AD6576C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{5D5F50C2-29BC-4166-BFD8-EFD65AD6576C}\InprocServer32]
@="C:\\WINDOWS\\system32\\ghiplus.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{D54701DA-93FA-4E68-BBB3-EDEE7F362CDE}]
@=""

[HKEY_CLASSES_ROOT\clsid\{D54701DA-93FA-4E68-BBB3-EDEE7F362CDE}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{D54701DA-93FA-4E68-BBB3-EDEE7F362CDE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{D54701DA-93FA-4E68-BBB3-EDEE7F362CDE}\InprocServer32]
@="C:\\WINDOWS\\system32\\IHIresizeA6.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{9E3784CC-1EAC-4620-8177-CB01D46C65B6}]
@=""

[HKEY_CLASSES_ROOT\clsid\{9E3784CC-1EAC-4620-8177-CB01D46C65B6}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{9E3784CC-1EAC-4620-8177-CB01D46C65B6}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{9E3784CC-1EAC-4620-8177-CB01D46C65B6}\InprocServer32]
@="C:\\WINDOWS\\system32\\kydhept.dll"
"ThreadingModel"="Apartment"

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


FILES REMOVED:

C:\WINDOWS\system32\btowselc.dll
C:\WINDOWS\system32\digeng.dll
C:\WINDOWS\system32\en0ql1d51.dll
C:\WINDOWS\system32\f6l0lg3m16.dll
C:\WINDOWS\system32\g2402chmgf4a2.dll
C:\WINDOWS\system32\h4l2le3o1h.dll
C:\WINDOWS\system32\hp4023hmg.dll
C:\WINDOWS\system32\i2jqlc151f.dll
C:\WINDOWS\system32\i2nm0c51ef.dll
C:\WINDOWS\system32\i4420ehoeh4c0.dll
C:\WINDOWS\system32\ibaapi.dll
C:\WINDOWS\system32\IBIresizeM6.dll
C:\WINDOWS\system32\IHIresizeA6.dll
C:\WINDOWS\system32\ir28l5fu1.dll
C:\WINDOWS\system32\ir6ul5j91.dll
C:\WINDOWS\system32\irp0l57m1.dll
C:\WINDOWS\system32\isxsap.dll
C:\WINDOWS\system32\jt6607jse.dll
C:\WINDOWS\system32\k8440ihqe84e0.dll
C:\WINDOWS\system32\LDBMP70N.DLL
C:\WINDOWS\system32\lv2409fqe.dll
C:\WINDOWS\system32\lv6209joe.dll
C:\WINDOWS\system32\mv08l9du1.dll
C:\WINDOWS\system32\mvp4l97q1.dll
C:\WINDOWS\system32\mvpml9711.dll
C:\WINDOWS\system32\n2n60c5sef.dll
C:\WINDOWS\system32\nmtmsg.dll
C:\WINDOWS\system32\sfcpack.dll
C:\WINDOWS\system32\sri_ci.dll
C:\WINDOWS\system32\u6rulg9916.dll


Granting sedebugprivilege to Administrators ... successful


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\uni_ehhhh.exe
C:\WINDOWS\uninst104.exe
C:\WINDOWS\system32\aaa00000.sys
C:\Program Files\batty2
C:\Program Files\Common Files\{05A97B25-088C-1033-1014-050507190001}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Program Files\CURITY~1
C:\QooBox\Purity\Program Files\CURITY~1\bak
C:\QooBox\Purity\Program Files\CURITY~1\spoolsv.exe
C:\QooBox\Purity\Program Files\CURITY~1\??curity
C:\QooBox\Purity\WINDOWS\YMANTE~1
C:\QooBox\Purity\WINDOWS\YMANTE~1\w?auboot.exe


((((((((((((((((((((((((((((((( Files Created from 2006-10-01 to 2006-11-01 ))))))))))))))))))))))))))))))))))


2006-10-31 17:44 49,428 --a------ C:\WINDOWS\system32\bvfctopd.dll
2006-10-26 15:36 49,428 --a------ C:\WINDOWS\system32\aqftpbrb.dll
2006-10-25 19:39 397,312 --a------ C:\WINDOWS\cfg32p.dll
2006-10-25 15:57 27,648 --a------ C:\WINDOWS\system32\drivers\MpFilter.sys
2006-10-25 15:56 82,944 --a------ C:\WINDOWS\system32\drivers\msfwdrv.sys
2006-10-25 15:56 108,032 --a------ C:\WINDOWS\system32\drivers\msfwhlpr.sys
2006-10-25 15:36 122,900 --a------ C:\WINDOWS\system32\krycqfbt.dll
2006-10-24 15:03 8,464 --a------ C:\WINDOWS\system32\sporder.dll
2006-10-24 14:57 2 --a------ C:\WINDOWS\system32\wintit.exe
2006-10-24 14:57 131,072 --a------ C:\WINDOWS\system32\kyjarn.dll
2006-10-24 14:36 49,664 --a------ C:\WINDOWS\system32\instcat.dll
2006-10-24 14:36 160,768 --a------ C:\WINDOWS\system32\belhiq.dll
2006-10-24 14:35 94,208 --a------ C:\WINDOWS\system32\cjallkc.dll
2006-10-24 14:35 73,216 --a------ C:\WINDOWS\system32\mxdhcb.dll
2006-10-24 14:35 167,936 --ah----- C:\WINDOWS\system32\gtool.dll
2006-10-24 14:34 956 --a------ C:\WINDOWS\system32\winpfg32.sys
2006-10-24 14:34 6,687 --a------ C:\WINDOWS\system32\ldcore.dll
2006-10-24 14:34 26,112 --a------ C:\WINDOWS\system32\rpcc.dll
2006-10-24 14:34 1,259 --a------ C:\WINDOWS\system32\cfj4e47e.sys
2006-10-23 20:47 192 --a------ C:\WINDOWS\system32\ggg.bat
2006-10-23 20:47 16,384 --a------ C:\WINDOWS\system32\dr.exe
2006-10-23 20:46 20,480 --a------ C:\WINDOWS\system32\setup9X.exe
2006-10-23 20:46 0 --a------ C:\WINDOWS\system32\taskkill.exe
2006-10-06 17:11 65,536 --a------ C:\WINDOWS\system32\Winwcd.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-01 17:10 6907 --ahs---- C:\Documents and Settings\HP_Owner\Application Data\5E41BDC33E9B4A7DADED969491FFC466.sta
2006-11-01 17:10 23326 --ahs---- C:\Documents and Settings\HP_Owner\Application Data\5E41BDC33E9B4A7DADED969491FFC466.rul
2006-11-01 17:07 -------- d-------- C:\Program Files\Common Files
2006-11-01 16:57 -------- d-------- C:\Program Files\Microsoft Windows OneCare Live
2006-10-27 22:59 -------- d-------- C:\Program Files\SmartClose
2006-10-27 16:24 -------- d-------- C:\Program Files\Lavasoft
2006-10-27 16:24 -------- d-------- C:\Documents and Settings\HP_Owner\Application Data\Lavasoft
2006-10-26 14:58 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-26 14:25 -------- d-------- C:\Program Files\interMute
2006-10-26 14:25 -------- d-------- C:\Documents and Settings\HP_Owner\Application Data\InterMute
2006-10-26 14:00 3645 --a------ C:\WINDOWS\viassary-hp.reg
2006-10-25 16:43 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-10-25 16:39 -------- d-------- C:\Program Files\IntelliMover Data Transfer Demo
2006-10-25 16:39 -------- d-------- C:\Program Files\Incomplete
2006-10-25 16:03 -------- d-------- C:\Program Files\Movie Maker
2006-10-25 15:58 -------- d-------- C:\Program Files\Windows Defender
2006-10-25 15:56 -------- d-------- C:\Program Files\MSXML 4.0
2006-10-25 15:46 -------- d-------- C:\Program Files\Internet Explorer
2006-10-24 15:31 -------- d-------- C:\Program Files\Easy Internet signup
2006-10-24 14:45 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-10-24 14:34 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-10-24 14:32 -------- d-------- C:\Documents and Settings\HP_Owner\Application Data\Symantec
2006-10-24 14:31 -------- d-------- C:\Program Files\Symantec
2006-10-23 15:29 -------- d-------- C:\Program Files\Apple Software Update
2006-10-23 15:25 -------- d-------- C:\Program Files\iTunes
2006-10-23 15:25 -------- d-------- C:\Program Files\iPod
2006-10-23 15:24 -------- d-------- C:\Program Files\QuickTime
2006-10-21 21:51 -------- d-------- C:\Program Files\AIM
2006-10-18 19:59 -------- d-------- C:\Program Files\Windows Media Player
2006-10-15 17:42 -------- d-------- C:\Documents and Settings\HP_Owner\Application Data\WildTangent
2006-10-07 23:02 -------- d-------- C:\Documents and Settings\HP_Owner\Application Data\Snapfish
2006-09-21 15:42 618328 --a------ C:\WINDOWS\system32\WINSSWEBAGENT.DLL
2006-09-15 16:21 53248 --a------ C:\WINDOWS\uninst108.exe
2006-09-15 16:16 53248 --a------ C:\WINDOWS\uni_e6h.exe
2006-09-07 16:49 -------- d-------- C:\Program Files\AOD
2006-09-04 21:24 -------- d-------- C:\Program Files\VideoraiPodConverter
2006-09-04 21:24 -------- d-------- C:\Program Files\Messenger
2006-09-04 20:22 -------- d-------- C:\Program Files\Plaxo
2006-09-01 12:57 -------- d-------- C:\Program Files\Google
2006-08-24 21:42 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-08-24 21:42 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-08-24 21:30 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-08-24 21:30 990208 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-08-24 21:30 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-08-24 21:30 8337920 --a------ C:\WINDOWS\system32\wmploc.dll
2006-08-24 21:30 790016 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-08-24 21:30 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-08-24 21:30 7168 --a------ C:\WINDOWS\system32\asferror.dll
2006-08-24 21:30 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-08-24 21:30 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-08-24 21:30 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-08-24 21:30 611840 --------- C:\WINDOWS\system32\wmpmde.dll
2006-08-24 21:30 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-08-24 21:30 537600 --a------ C:\WINDOWS\system32\blackbox.dll
2006-08-24 21:30 532992 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-08-24 21:30 428032 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-08-24 21:30 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-08-24 21:30 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-08-24 21:30 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-08-24 21:30 349184 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-08-24 21:30 347648 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-08-24 21:30 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-08-24 21:30 320512 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-08-24 21:30 316928 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-08-24 21:30 314368 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-08-24 21:30 305152 --------- C:\WINDOWS\system32\MSDelta.dll
2006-08-24 21:30 295424 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-08-24 21:30 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-08-24 21:30 276480 --a------ C:\WINDOWS\system32\audiodev.dll
2006-08-24 21:30 27648 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-08-24 21:30 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-08-24 21:30 2589184 --------- C:\WINDOWS\system32\WpdShext.dll
2006-08-24 21:30 258560 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-08-24 21:30 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-08-24 21:30 242176 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-08-24 21:30 228352 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-08-24 21:30 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2006-08-24 21:30 222208 --a------ C:\WINDOWS\system32\WMASF.dll
2006-08-24 21:30 211968 --------- C:\WINDOWS\system32\MFPLAT.dll
2006-08-24 21:30 210432 --a------ C:\WINDOWS\system32\qasf.dll
2006-08-24 21:30 204800 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-08-24 21:30 198144 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-08-24 21:30 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-08-24 21:30 175104 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-08-24 21:30 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-08-24 21:30 1660416 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-08-24 21:30 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-08-24 21:30 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-08-24 21:30 1539584 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-08-24 21:30 1532416 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-08-24 21:30 1392128 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-08-24 21:30 133120 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-08-24 21:30 1327616 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-08-24 21:30 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-08-24 21:30 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-08-24 21:30 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-08-24 21:30 1118208 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-08-24 21:30 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-08-24 19:31 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-08-24 19:27 249344 --------- C:\WINDOWS\system32\drmupgds.exe
2006-08-24 19:26 95288 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-08-24 19:26 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-08-24 18:19 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-08-24 18:19 145920 --------- C:\WINDOWS\system32\WudfHost.exe
2006-08-24 18:18 56320 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-08-24 18:18 168448 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-08-11 19:14 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-08-07 10:17 61440 --a------ C:\WINDOWS\system32\BattyRun2.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Aim6"=""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"PCDrProfiler"=""
"SMSERIAL"="sm56hlpr.exe"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1133705909\\ee\\AOLHostManager.exe"
"IPHSend"="C:\\Program Files\\Common Files\\AOL\\IPHSend\\IPHSend.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"cjallkc.dll"="C:\\WINDOWS\\system32\\rundll32.exe C:\\WINDOWS\\system32\\cjallkc.dll,gvzpkg"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"OneCareUI"="\"C:\\Program Files\\Microsoft Windows OneCare Live\\winssnotify.exe\""
"UserFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,\
6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,75,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{FA010552-4A27-4cb1-A1BB-3E2D697F1639}"="SpySubtract Shell Extension"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
"oxAQpLIk"="{05A97B26-AF03-D18C-F641-512C4C6AC065}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nutdvd

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Easy Internet Sign-up.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

Completion time: 06-11-01 17:11:17.25
C:\ComboFix.txt ... 06-11-01 17:11
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP