|
hi! thanks for replying ^^
Fixwareout ver 1.003
Last edited 07/1/2006
Post this report in the forums please
Reg Entries that were deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}51410FC90C8C-F3A8-31C4-966E-E10F5970{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}C1E247A8B380-9CEA-55E4-FD2F-83AA36C9{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\mrgmd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\1trap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\2trap
...
Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM
"dmgrm.exe"=-
...
PLEASE NOTE, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Example ipsec6.exe is legitimate
遙遙?Search by size and names...
Invalid keyboard code specified
C:\WINDOWS\SYSTEM32\IPSEC6.EXE
遙遙?Misc files
遙遙?Checking for older varients covered by the Rem3 tool
遙遙?
Search five digit cs, dm and jb files
This WILL/CAN also list Legit Files, Submit them at Virustotal
Other suspects
Directory of C:\WINDOWS\system32
|