Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan.QQpass [CLOSED]


  • This topic is locked This topic is locked

#1
jonteeee

jonteeee

    New Member

  • Member
  • Pip
  • 5 posts
Cant get the malware to go away after trying a couple of adaware, avg programs.
Cant start the computer in SafeMode and cant get Hijacked to work either. Please helt me!
What to do?
  • 0

Advertisements


#2
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

Download WinPFind35U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind35u on your desktop.
  • Open the WinPFind35u folder and double-click on WinPFind35U.exe to start the program.
  • Under Additional Scans check the boxes beside Reg - Bot Check, Reg - Disabled MS Config Items, Reg - File Additional Folder Scans, File - Lop Check and File - Purity Scan.
  • Under Drivers change it to Non-Microsoft.
  • Check the box beside Scan All User Accounts at the top
  • Under Files Created Within and Files Modified Within change it to 90 days.
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and post the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.


Make sure you attach the report in your reply.
  • 0

#3
jonteeee

jonteeee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
[code=auto:0]WinPFind35 logfile created on: 2008-02-22 18:59:17
WinPFind35U Version 1.0.0.1 Folder = C:\Documents and Settings\jonte mattsson\Desktop\WinPFind35u
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd

383,36 Mb Total Physical Memory | 139,27 Mb Available Physical Memory | 36,33% Memory free
919,85 Mb Paging File | 620,40 Mb Available in Paging File | 67,45% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,88 Gb Total Space | 18,08 Gb Free Space | 32,35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JONTE
Current User Name: jonte mattsson
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users

[Processes - Non-Microsoft Only]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-09 22:29:40 | Attr = ]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-09 22:29:40 | Attr = ]
asghost.exe -> %ProgramFiles%\HPQ\IAM\Bin\asghost.exe -> Cognizance Corporation [Ver = 1.5.0.035 | Size = 43008 bytes | Modified Date = 2005-06-29 20:06:54 | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2008-02-21 22:00:48 | Attr = ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 2007-09-06 13:28:18 | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-30 13:31:10 | Attr = ]
hpqwmiex.exe -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 5 | Size = 98304 bytes | Modified Date = 2005-12-22 00:06:58 | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5160 | Size = 344064 bytes | Modified Date = 2005-08-09 21:05:00 | Attr = ]
winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309760 bytes | Modified Date = 2008-02-21 19:41:02 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aodun_server) aodun_server [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\aodun.exe -> File not found
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 2007-09-06 13:28:18 | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-09 22:29:40 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-30 13:31:10 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(hpqwmi) HP WMI Interface [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\HPQ\Shared\hpqwmi.exe -> Hewlett-Packard Development Company, L.P. [Ver = 1, 0, 5, 9 | Size = 94208 bytes | Modified Date = 2005-10-06 08:14:42 | Attr = ]
(hpqwmiex) hpqwmiex [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 5 | Size = 98304 bytes | Modified Date = 2005-12-22 00:06:58 | Attr = ]
(WmcCds) Windows Media Connect (WMC) [Win32_Own | Unknown | Stopped] -> -> File not found

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found
(Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found
(AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found
(AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.2.2 (dnsrv(wmbla).050120-1444) | Size = 36352 bytes | Modified Date = 2005-03-09 15:53:00 | Attr = ]
(amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found
(asc) asc [Kernel | Disabled | Stopped] -> -> File not found
(asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6561 | Size = 1273856 bytes | Modified Date = 2005-08-09 22:35:42 | Attr = ]
(ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ATSwpDrv.sys -> AuthenTec, Inc. [Ver = 6.29.2.0 | Size = 117010 bytes | Modified Date = 2005-07-12 17:40:00 | Attr = R ]
(AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 2007-05-30 13:10:42 | Attr = ]
(AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 2007-05-30 13:10:42 | Attr = ]
(b57w2k) Broadcom NetLink (TM) Gigabit Ethernet [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\b57xp32.sys -> Broadcom Corporation [Ver = 7.103.0.0 built by: WinDDK | Size = 128256 bytes | Modified Date = 2005-01-27 18:09:08 | Attr = R ]
(BCM43XX) Drivrutin för Broadcom 802.11 nätverksadapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\BCMWL5.SYS -> Broadcom Corporation [Ver = 3.100.65.1 built by: WinDDK | Size = 371712 bytes | Modified Date = 2005-05-11 10:20:38 | Attr = ]
(CAMCAUD) Conexant AMC Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\camc6aud.sys -> Conexant Systems Inc. [Ver = 6.14.10.0559 | Size = 38144 bytes | Modified Date = 2005-07-20 17:43:54 | Attr = R ]
(CAMCHALA) CAMCHALA [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\camc6hal.sys -> Conexant Systems Inc. [Ver = 6.14.10.0559 | Size = 346496 bytes | Modified Date = 2005-07-20 17:44:42 | Attr = R ]
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(ClntMgmt.sys) ClntMgmt.sys [Kernel | System | Running] -> %SystemRoot%\system32\drivers\clntmgmt.sys -> Hewlett-Packard [Ver = 2,1,2004,0219 | Size = 59044 bytes | Modified Date = 2004-02-20 10:35:28 | Attr = R ]
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found
(dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found
(DLABOIOM) DLABOIOM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLABOIOM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 25628 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLACDBHM) DLACDBHM [File_System | System | Running] -> %SystemRoot%\system32\drivers\DLACDBHM.SYS -> Sonic Solutions [Ver = 5.20.01a | Size = 5628 bytes | Modified Date = 2005-08-25 12:16:52 | Attr = ]
(DLADResN) DLADResN [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLADResN.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 2496 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAIFS_M.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 86524 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAOPIOM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 14684 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAPoolM) DLAPoolM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAPoolM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 6364 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLARTL_N) DLARTL_N [File_System | System | Running] -> %SystemRoot%\system32\drivers\DLARTL_N.SYS -> Sonic Solutions [Ver = 5.20.01a | Size = 22684 bytes | Modified Date = 2005-08-25 12:16:16 | Attr = ]
(DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAUDFAM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 94332 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAUDF_M.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 87036 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found
(DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\DRVMCDB.SYS -> Sonic Solutions [Ver = 3.30.03a | Size = 88752 bytes | Modified Date = 2005-08-30 03:30:00 | Attr = ]
(DRVNDDM) DRVNDDM [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\DRVNDDM.SYS -> Sonic Solutions [Ver = 5.20.00a | Size = 40544 bytes | Modified Date = 2005-08-12 05:20:00 | Attr = ]
(eabfiltr) eabfiltr [Kernel | System | Running] -> %SystemRoot%\system32\drivers\eabfiltr.sys -> Hewlett-Packard Development Company, L.P. [Ver = 4.20.01.04 | Size = 7936 bytes | Modified Date = 2005-05-05 10:04:08 | Attr = ]
(eabusb) eabusb [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\EabUsb.sys -> Hewlett-Packard Development Company, L.P. [Ver = 4.20.02.04 | Size = 5760 bytes | Modified Date = 2005-05-05 10:04:04 | Attr = ]
(ElbyCDFL) ElbyCDFL [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ElbyCDFL.sys -> SlySoft, Inc. [Ver = 5, 2, 1, 3 | Size = 34760 bytes | Modified Date = 2006-12-26 13:54:35 | Attr = ]
(ElbyCDIO) ElbyCDIO Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ElbyCDIO.sys -> Elaborate Bytes AG [Ver = 6, 0, 0, 1 | Size = 15440 bytes | Modified Date = 2006-12-26 13:54:34 | Attr = ]
(hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found
(HSFHWATI) HSFHWATI [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWATI.sys -> Conexant Systems, Inc. [Ver = 7.20.00.75 built by: WinDDK | Size = 200576 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> Conexant Systems, Inc. [Ver = 7.20.00.75 built by: WinDDK | Size = 1038336 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]
(i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found
(i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found
(ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found
(IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 13059 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found
(perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Modified Date = 2007-03-08 00:51:00 | Attr = ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found
(ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found
(s116bus) Sony Ericsson Device 116 driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116bus.sys -> MCCI Corporation [Ver = V4.40 | Size = 83336 bytes | Modified Date = 2007-04-03 13:57:42 | Attr = R ]
(s116mdfl) Sony Ericsson Device 116 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116mdfl.sys -> MCCI Corporation [Ver = V4.40 | Size = 15112 bytes | Modified Date = 2007-04-03 13:57:48 | Attr = R ]
(s116mdm) Sony Ericsson Device 116 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116mdm.sys -> MCCI Corporation [Ver = V4.40 | Size = 108680 bytes | Modified Date = 2007-04-03 13:57:48 | Attr = R ]
(s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116mgmt.sys -> MCCI Corporation [Ver = V4.40 | Size = 100488 bytes | Modified Date = 2007-04-03 13:57:50 | Attr = R ]
(s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116nd5.sys -> MCCI Corporation [Ver = V4.40 | Size = 23176 bytes | Modified Date = 2007-04-03 13:57:52 | Attr = R ]
(s116obex) Sony Ericsson Device 116 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116obex.sys -> MCCI Corporation [Ver = V4.40 | Size = 98696 bytes | Modified Date = 2007-04-03 13:57:52 | Attr = R ]
(s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116unic.sys -> MCCI Corporation [Ver = V4.40 | Size = 99080 bytes | Modified Date = 2007-04-03 13:57:54 | Attr = R ]
(SE27bus) Sony Ericsson Device 039 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27bus.sys -> MCCI [Ver = V4.34 | Size = 61600 bytes | Modified Date = 2006-04-28 17:24:42 | Attr = ]
(SE27mdfl) Sony Ericsson Device 039 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdfl.sys -> MCCI [Ver = V4.34 | Size = 9360 bytes | Modified Date = 2006-04-28 17:25:40 | Attr = ]
(SE27mdm) Sony Ericsson Device 039 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdm.sys -> MCCI [Ver = V4.34 | Size = 97184 bytes | Modified Date = 2006-04-28 17:25:44 | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [Ver = | Size = 685816 bytes | Modified Date = 2007-09-25 19:09:59 | Attr = ]
(symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 8.0.13 17Jun05 | Size = 190400 bytes | Modified Date = 2005-06-20 12:33:18 | Attr = ]
(tifm21) tifm21 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tifm21.sys -> Texas Instruments [Ver = 2.0.0.2 | Size = 162432 bytes | Modified Date = 2005-09-20 10:30:56 | Attr = ]
(TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found
(ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found
(ViaIde) ViaIde [Kernel | Disabled | Stopped] -> -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.20.00.75 built by: WinDDK | Size = 703488 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2008-02-21 22:00:48 | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< jonte mattsson Startup Folder > -> C:\Documents and Settings\jonte mattsson\Start Menu\Programs\Startup ->
< IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ ->
360rpt.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
360Safe.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
360tray.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
adam.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AgentSvr.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AppSvc32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
ArSwp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AST.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
autoruns.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avconsol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avgrssvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AvMonitor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avp.com -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
CCenter.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
ccSvcHst.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
EGHOST.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
FileDsty.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
FTCleanerShell.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
FYFireWall.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
HijackThis.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
IceSword.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
iparmo.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Iparmor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
isPwdSvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kabaload.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KaScrScn.SCR -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KASMain.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KASTask.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAV32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVDX.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVPF.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVPFW.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVSetup.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVStart.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KISLnchr.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KMailMon.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KMFilter.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KPFW32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KPFW32X.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KPfwSvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KRegEx.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KRepair.com -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KsLoader.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KWatch.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KWatch9x.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KWatchX.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVCenter.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvDetect.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvfwMcl.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVMonXP.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVMonXP_1.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvolself.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvReport.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVScan.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVSrvXP.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVStub.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvupload.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvwsc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvXP.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvXP_1.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
loaddll.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
MagicSet.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
mcconsol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
mmqczj.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
mmsk.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Navapsvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Navapw32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
nod32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
nod32krn.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
nod32kui.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
NPFMntor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
PFW.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
PFWLiveUpdate.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
QHSET.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
QQDoctor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
QQKav.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Ras.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Rav.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavMon.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavMonD.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavStub.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavTask.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RegClean.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rfwcfg.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rfwmain.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rfwsrv.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RsAgent.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Rsaupd.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rstrui.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
runiep.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
safelive.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
scan32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
shcfg32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
SmartUp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
SREng.EXE -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
symlcsvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
SysSafe.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
TrojanDetector.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Trojanwall.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
TrojDie.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UIHost.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxAgent.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxAttachment.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxCfg.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxFwHlp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxPol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
upiea.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UpLive.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
USBCleaner.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
webscanx.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
WoptiClean.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
vsstat.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 2007-05-30 13:29:58 | Attr = ]
{A93A4625-6216-499C-B360-BBD0A7C0D479} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Microsoft Shared\MSINFO\QQGS1.dll [] -> File not found
{D544C22D-1F70-4B1E-873D-D8DABEB26695} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Microsoft Shared\MSINFO\atmQQ2.dll [] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 46080 bytes | Modified Date = 2005-08-09 22:30:44 | Attr = ]
OneCard -> %ProgramFiles%\HPQ\IAM\Bin\AsWlnPkg.dll -> Cognizance Corporation [Ver = 1.5.0.037 | Size = 40960 bytes | Modified Date = 2005-07-25 19:41:50 | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://google.daemonsearch.com/se/ý ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: Main\\Start Page -> http://google.daemonsearch.com/se/ý ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Länkhjälp till Adobe PDF Reader] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 2006-10-22 23:08:42 | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> Sonic Solutions [Ver = 5.20.07a | Size = 110652 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 501384 bytes | Modified Date = 2007-09-14 18:24:27 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{DF21F1DB-80C6-11D3-9483-B03D0EC10000} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HPQ\IAM\Bin\ItIeAddIN.dll [HP Credential Manager for ProtectTools] -> Infineon Technologies AG [Ver = 1.01.069 | Size = 50688 bytes | Modified Date = 2005-03-03 03:35:00 | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_04\bin\NPJPI150_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.40.5 | Size = 69746 bytes | Modified Date = 2005-06-03 04:09:54 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 501384 bytes | Modified Date = 2007-09-14 18:24:27 | Attr = ]
{2670000A-7350-4f3c-8081-5663EE0C6C49}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Skicka till OneNote] -> File not found
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_04\bin\NPJPI150_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.40.5 | Size = 69746 bytes | Modified Date = 2005-06-03 04:09:54 | Attr = ]
CmdMapping\\{461CC20B-FB6E-4f16-8FE8-C29359DB100E} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0
  • 0

#4
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Can you attach the report please
  • 0

#5
jonteeee

jonteeee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
[codebox][code=auto:0]WinPFind35 logfile created on: 2008-02-22 19:20:08
WinPFind35U Version 1.0.0.1 Folder = C:\Documents and Settings\jonte mattsson\Desktop\WinPFind35u
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = )
Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd

383,36 Mb Total Physical Memory | 123,41 Mb Available Physical Memory | 32,19% Memory free
919,85 Mb Paging File | 609,00 Mb Available in Paging File | 66,21% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,88 Gb Total Space | 18,06 Gb Free Space | 32,33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JONTE
Current User Name: jonte mattsson
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users

[Processes - Non-Microsoft Only]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-09 22:29:40 | Attr = ]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-09 22:29:40 | Attr = ]
asghost.exe -> %ProgramFiles%\HPQ\IAM\Bin\asghost.exe -> Cognizance Corporation [Ver = 1.5.0.035 | Size = 43008 bytes | Modified Date = 2005-06-29 20:06:54 | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2008-02-21 22:00:48 | Attr = ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 2007-09-06 13:28:18 | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-30 13:31:10 | Attr = ]
hpqwmiex.exe -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 5 | Size = 98304 bytes | Modified Date = 2005-12-22 00:06:58 | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5160 | Size = 344064 bytes | Modified Date = 2005-08-09 21:05:00 | Attr = ]
winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309760 bytes | Modified Date = 2008-02-21 19:41:02 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aodun_server) aodun_server [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\aodun.exe -> File not found
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 2007-09-06 13:28:18 | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-09 22:29:40 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-30 13:31:10 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(hpqwmi) HP WMI Interface [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\HPQ\Shared\hpqwmi.exe -> Hewlett-Packard Development Company, L.P. [Ver = 1, 0, 5, 9 | Size = 94208 bytes | Modified Date = 2005-10-06 08:14:42 | Attr = ]
(hpqwmiex) hpqwmiex [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 5 | Size = 98304 bytes | Modified Date = 2005-12-22 00:06:58 | Attr = ]
(WmcCds) Windows Media Connect (WMC) [Win32_Own | Unknown | Stopped] -> -> File not found

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found
(Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found
(AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found
(AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.2.2 (dnsrv(wmbla).050120-1444) | Size = 36352 bytes | Modified Date = 2005-03-09 15:53:00 | Attr = ]
(amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found
(asc) asc [Kernel | Disabled | Stopped] -> -> File not found
(asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6561 | Size = 1273856 bytes | Modified Date = 2005-08-09 22:35:42 | Attr = ]
(ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ATSwpDrv.sys -> AuthenTec, Inc. [Ver = 6.29.2.0 | Size = 117010 bytes | Modified Date = 2005-07-12 17:40:00 | Attr = R ]
(AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 2007-05-30 13:10:42 | Attr = ]
(AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 2007-05-30 13:10:42 | Attr = ]
(b57w2k) Broadcom NetLink (TM) Gigabit Ethernet [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\b57xp32.sys -> Broadcom Corporation [Ver = 7.103.0.0 built by: WinDDK | Size = 128256 bytes | Modified Date = 2005-01-27 18:09:08 | Attr = R ]
(BCM43XX) Drivrutin för Broadcom 802.11 nätverksadapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\BCMWL5.SYS -> Broadcom Corporation [Ver = 3.100.65.1 built by: WinDDK | Size = 371712 bytes | Modified Date = 2005-05-11 10:20:38 | Attr = ]
(CAMCAUD) Conexant AMC Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\camc6aud.sys -> Conexant Systems Inc. [Ver = 6.14.10.0559 | Size = 38144 bytes | Modified Date = 2005-07-20 17:43:54 | Attr = R ]
(CAMCHALA) CAMCHALA [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\camc6hal.sys -> Conexant Systems Inc. [Ver = 6.14.10.0559 | Size = 346496 bytes | Modified Date = 2005-07-20 17:44:42 | Attr = R ]
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(ClntMgmt.sys) ClntMgmt.sys [Kernel | System | Running] -> %SystemRoot%\system32\drivers\clntmgmt.sys -> Hewlett-Packard [Ver = 2,1,2004,0219 | Size = 59044 bytes | Modified Date = 2004-02-20 10:35:28 | Attr = R ]
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found
(dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found
(DLABOIOM) DLABOIOM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLABOIOM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 25628 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLACDBHM) DLACDBHM [File_System | System | Running] -> %SystemRoot%\system32\drivers\DLACDBHM.SYS -> Sonic Solutions [Ver = 5.20.01a | Size = 5628 bytes | Modified Date = 2005-08-25 12:16:52 | Attr = ]
(DLADResN) DLADResN [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLADResN.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 2496 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAIFS_M.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 86524 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAOPIOM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 14684 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAPoolM) DLAPoolM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAPoolM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 6364 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLARTL_N) DLARTL_N [File_System | System | Running] -> %SystemRoot%\system32\drivers\DLARTL_N.SYS -> Sonic Solutions [Ver = 5.20.01a | Size = 22684 bytes | Modified Date = 2005-08-25 12:16:16 | Attr = ]
(DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAUDFAM.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 94332 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAUDF_M.SYS -> Sonic Solutions [Ver = 5.20.07a | Size = 87036 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found
(DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\DRVMCDB.SYS -> Sonic Solutions [Ver = 3.30.03a | Size = 88752 bytes | Modified Date = 2005-08-30 03:30:00 | Attr = ]
(DRVNDDM) DRVNDDM [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\DRVNDDM.SYS -> Sonic Solutions [Ver = 5.20.00a | Size = 40544 bytes | Modified Date = 2005-08-12 05:20:00 | Attr = ]
(eabfiltr) eabfiltr [Kernel | System | Running] -> %SystemRoot%\system32\drivers\eabfiltr.sys -> Hewlett-Packard Development Company, L.P. [Ver = 4.20.01.04 | Size = 7936 bytes | Modified Date = 2005-05-05 10:04:08 | Attr = ]
(eabusb) eabusb [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\EabUsb.sys -> Hewlett-Packard Development Company, L.P. [Ver = 4.20.02.04 | Size = 5760 bytes | Modified Date = 2005-05-05 10:04:04 | Attr = ]
(ElbyCDFL) ElbyCDFL [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ElbyCDFL.sys -> SlySoft, Inc. [Ver = 5, 2, 1, 3 | Size = 34760 bytes | Modified Date = 2006-12-26 13:54:35 | Attr = ]
(ElbyCDIO) ElbyCDIO Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ElbyCDIO.sys -> Elaborate Bytes AG [Ver = 6, 0, 0, 1 | Size = 15440 bytes | Modified Date = 2006-12-26 13:54:34 | Attr = ]
(hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found
(HSFHWATI) HSFHWATI [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWATI.sys -> Conexant Systems, Inc. [Ver = 7.20.00.75 built by: WinDDK | Size = 200576 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> Conexant Systems, Inc. [Ver = 7.20.00.75 built by: WinDDK | Size = 1038336 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]
(i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found
(i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found
(ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found
(IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 13059 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found
(perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Modified Date = 2007-03-08 00:51:00 | Attr = ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found
(ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found
(s116bus) Sony Ericsson Device 116 driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116bus.sys -> MCCI Corporation [Ver = V4.40 | Size = 83336 bytes | Modified Date = 2007-04-03 13:57:42 | Attr = R ]
(s116mdfl) Sony Ericsson Device 116 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116mdfl.sys -> MCCI Corporation [Ver = V4.40 | Size = 15112 bytes | Modified Date = 2007-04-03 13:57:48 | Attr = R ]
(s116mdm) Sony Ericsson Device 116 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116mdm.sys -> MCCI Corporation [Ver = V4.40 | Size = 108680 bytes | Modified Date = 2007-04-03 13:57:48 | Attr = R ]
(s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116mgmt.sys -> MCCI Corporation [Ver = V4.40 | Size = 100488 bytes | Modified Date = 2007-04-03 13:57:50 | Attr = R ]
(s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116nd5.sys -> MCCI Corporation [Ver = V4.40 | Size = 23176 bytes | Modified Date = 2007-04-03 13:57:52 | Attr = R ]
(s116obex) Sony Ericsson Device 116 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116obex.sys -> MCCI Corporation [Ver = V4.40 | Size = 98696 bytes | Modified Date = 2007-04-03 13:57:52 | Attr = R ]
(s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s116unic.sys -> MCCI Corporation [Ver = V4.40 | Size = 99080 bytes | Modified Date = 2007-04-03 13:57:54 | Attr = R ]
(SE27bus) Sony Ericsson Device 039 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27bus.sys -> MCCI [Ver = V4.34 | Size = 61600 bytes | Modified Date = 2006-04-28 17:24:42 | Attr = ]
(SE27mdfl) Sony Ericsson Device 039 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdfl.sys -> MCCI [Ver = V4.34 | Size = 9360 bytes | Modified Date = 2006-04-28 17:25:40 | Attr = ]
(SE27mdm) Sony Ericsson Device 039 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdm.sys -> MCCI [Ver = V4.34 | Size = 97184 bytes | Modified Date = 2006-04-28 17:25:44 | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 2004-08-08 06:00:00 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [Ver = | Size = 685816 bytes | Modified Date = 2007-09-25 19:09:59 | Attr = ]
(symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 8.0.13 17Jun05 | Size = 190400 bytes | Modified Date = 2005-06-20 12:33:18 | Attr = ]
(tifm21) tifm21 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tifm21.sys -> Texas Instruments [Ver = 2.0.0.2 | Size = 162432 bytes | Modified Date = 2005-09-20 10:30:56 | Attr = ]
(TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found
(ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found
(ViaIde) ViaIde [Kernel | Disabled | Stopped] -> -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.20.00.75 built by: WinDDK | Size = 703488 bytes | Modified Date = 2005-04-18 02:00:06 | Attr = R ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2008-02-21 22:00:48 | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< jonte mattsson Startup Folder > -> C:\Documents and Settings\jonte mattsson\Start Menu\Programs\Startup ->
< IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ ->
360rpt.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
360Safe.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
360tray.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
adam.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AgentSvr.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AppSvc32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
ArSwp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AST.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
autoruns.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avconsol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avgrssvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
AvMonitor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avp.com -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
avp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
CCenter.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
ccSvcHst.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
EGHOST.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
FileDsty.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
FTCleanerShell.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
FYFireWall.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
HijackThis.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
IceSword.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
iparmo.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Iparmor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
isPwdSvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kabaload.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KaScrScn.SCR -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KASMain.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KASTask.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAV32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVDX.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVPF.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVPFW.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVSetup.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KAVStart.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KISLnchr.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KMailMon.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KMFilter.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KPFW32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KPFW32X.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KPfwSvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KRegEx.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KRepair.com -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KsLoader.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KWatch.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KWatch9x.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KWatchX.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVCenter.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvDetect.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvfwMcl.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVMonXP.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVMonXP_1.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvolself.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvReport.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVScan.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVSrvXP.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KVStub.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvupload.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
kvwsc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvXP.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
KvXP_1.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
loaddll.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
MagicSet.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
mcconsol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
mmqczj.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
mmsk.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Navapsvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Navapw32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
nod32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
nod32krn.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
nod32kui.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
NPFMntor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
PFW.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
PFWLiveUpdate.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
QHSET.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
QQDoctor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
QQKav.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Ras.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Rav.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavMon.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavMonD.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavStub.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RavTask.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RegClean.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rfwcfg.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rfwmain.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rfwsrv.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
RsAgent.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Rsaupd.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
rstrui.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
runiep.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
safelive.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
scan32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
shcfg32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
SmartUp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
SREng.EXE -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
symlcsvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
SysSafe.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
TrojanDetector.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
Trojanwall.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
TrojDie.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UIHost.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxAgent.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxAttachment.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxCfg.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxFwHlp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UmxPol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
upiea.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
UpLive.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
USBCleaner.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
webscanx.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
WoptiClean.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
vsstat.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 2007-05-30 13:29:58 | Attr = ]
{A93A4625-6216-499C-B360-BBD0A7C0D479} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Microsoft Shared\MSINFO\QQGS1.dll [] -> File not found
{D544C22D-1F70-4B1E-873D-D8DABEB26695} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Microsoft Shared\MSINFO\atmQQ2.dll [] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 46080 bytes | Modified Date = 2005-08-09 22:30:44 | Attr = ]
OneCard -> %ProgramFiles%\HPQ\IAM\Bin\AsWlnPkg.dll -> Cognizance Corporation [Ver = 1.5.0.037 | Size = 40960 bytes | Modified Date = 2005-07-25 19:41:50 | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://google.daemonsearch.com/se/ý ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: Main\\Start Page -> http://google.daemonsearch.com/se/ý ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Länkhjälp till Adobe PDF Reader] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 2006-10-22 23:08:42 | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> Sonic Solutions [Ver = 5.20.07a | Size = 110652 bytes | Modified Date = 2005-08-31 05:20:00 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 501384 bytes | Modified Date = 2007-09-14 18:24:27 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{DF21F1DB-80C6-11D3-9483-B03D0EC10000} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HPQ\IAM\Bin\ItIeAddIN.dll [HP Credential Manager for ProtectTools] -> Infineon Technologies AG [Ver = 1.01.069 | Size = 50688 bytes | Modified Date = 2005-03-03 03:35:00 | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_04\bin\NPJPI150_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.40.5 | Size = 69746 bytes | Modified Date = 2005-06-03 04:09:54 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.0.105 | Size = 501384 bytes | Modified Date = 2007-09-14 18:24:27 | Attr = ]
{2670000A-7350-4f3c-8081-5663EE0C6C49}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Skicka till OneNote] -> File not found
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_04\bin\NPJPI150_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.40.5 | Size = 69746 bytes | Modified Date = 2005-06-03 04:09:54 | Attr = ]
CmdMapping\\{461CC20B-FB6E-4f16-8FE8-C29359DB100E} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AA
  • 0

#6
jonteeee

jonteeee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
how do i find the report? thought that was the one i posted?
  • 0

#7
jonteeee

jonteeee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
feel like a sucker. sry

Attached Files


  • 0

#8
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
No problem

  • 1 - Flash Drive Disinfector
    Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.




Backup Your Registry with ERUNT
  • Please use the following link and scroll down to ERUNT and download it.
    http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe



Start WinPFind35U. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Unregister Dlls]
[Registry - Non-Microsoft Only]
< IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
YY -> AgentSvr.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> ArSwp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> AST.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> autoruns.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> EGHOST.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> FileDsty.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> FTCleanerShell.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> FYFireWall.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> iparmo.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> Iparmor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> kabaload.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KaScrScn.SCR -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KASMain.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KASTask.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KAV32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KAVDX.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KAVPF.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KAVPFW.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KAVSetup.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KAVStart.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KISLnchr.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KMailMon.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KMFilter.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KPFW32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KPFW32X.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KPfwSvc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KRegEx.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KRepair.com -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KsLoader.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KWatch.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KWatch9x.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KWatchX.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KVCenter.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KvDetect.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KvfwMcl.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KVMonXP.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KVMonXP_1.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> kvol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> kvolself.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KvReport.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KVScan.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KVSrvXP.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KVStub.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> kvupload.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> kvwsc.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KvXP.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> KvXP_1.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> loaddll.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> MagicSet.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> mmqczj.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> mmsk.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> PFW.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> PFWLiveUpdate.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> QHSET.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> QQDoctor.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> QQKav.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> Ras.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> Rav.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> RavMon.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> RavMonD.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> RavStub.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> RavTask.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> rfwcfg.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> rfwmain.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> rfwsrv.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> RsAgent.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> Rsaupd.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> safelive.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> scan32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> shcfg32.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> SmartUp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> SREng.EXE -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> TrojanDetector.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> Trojanwall.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> TrojDie.kxp -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> UIHost.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> UmxAgent.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> UmxAttachment.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> UmxCfg.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> UmxFwHlp.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> UmxPol.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> upiea.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> UpLive.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> USBCleaner.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> webscanx.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
YY -> WoptiClean.exe -> %CommonProgramFiles%\Microsoft Shared\jkihbgh.exe [Debugger]
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
YY -> {A93A4625-6216-499C-B360-BBD0A7C0D479} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Microsoft Shared\MSINFO\QQGS1.dll []
YY -> {D544C22D-1F70-4B1E-873D-D8DABEB26695} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Microsoft Shared\MSINFO\atmQQ2.dll []
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
YN -> {2670000A-7350-4f3c-8081-5663EE0C6C49}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Skicka till OneNote]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{461CC20B-FB6E-4f16-8FE8-C29359DB100E} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-1004336348-1085031214-1801674531-1003\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{461CC20B-FB6E-4f16-8FE8-C29359DB100E} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
YN -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.]
YN -> msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.]
[Registry - Additional Scans - Non-Microsoft Only]
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\
YN -> C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DVD Check.lnk -> %SystemDrive%\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe
[Files/Folders - Created Within 90 days]
YY -> 2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
YY -> 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
[Files Created - Additional Folder Scans - Non-Microsoft Only]
YY -> @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
[Files/Folders - Modified Within 90 days]
YY -> 2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
YY -> 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
YY -> 278 C:\Documents and Settings\jonte mattsson\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\jonte mattsson\Local Settings\Temp\*.tmp
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
YY -> @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
[File - Lop Check: Additional Folder Scans - Non-Microsoft Only]
YY -> @Alternate Data Stream - 107 bytes -> %AllUsersProfile%\Application Data\TEMP:0A8E2C33
[Extra Files]
Purity
[Empty Temp Folders]
[Start Explorer]
[Reboot]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.



Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

  • 0

#9
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP