|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
06-18-2008, 11:03 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2008
Posts: 1
OS: Windows Vista Ultimate
|
Infected :( Here are scan results.
Here's my DSS log and extra.txt attached hopefully. I didn't get a confirmation it was attached. I'm unable to run the panda scan. I keep getting an error when trying to load it. The symptoms I get are pop up saying my system is infected with a virus, and ads on web pages are replaced by the ads asking to run system scan and things of that nature.
Deckard's System Scanner v20071014.68 Run by michael.walden on 2008-06-18 11:07:18 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 13: 2008-06-18 11:49:42 UTC - RP890 - Scheduled Checkpoint 12: 2008-06-17 04:00:39 UTC - RP888 - Scheduled Checkpoint 11: 2008-06-16 06:04:12 UTC - RP886 - Scheduled Checkpoint 10: 2008-06-15 04:00:25 UTC - RP884 - Scheduled Checkpoint 9: 2008-06-14 04:00:37 UTC - RP882 - Scheduled Checkpoint -- First Restore Point -- 1: 2008-06-08 04:37:38 UTC - RP866 - Scheduled Checkpoint Backed up registry hives. Performed disk cleanup. Total Physical Memory: 1022 MiB (1024 MiB recommended). -- HijackThis (run as michael.walden.exe) -------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:11:08 AM, on 6/18/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\rundll32.exe C:\Program Files\Dell\Dell Laser MFP 1815\NetworkScan\DNSCST .exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\explorer.exe C:\Program Files\DNA\btdna .exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Windows\System32\notepad.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\System32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\System32\notepad.exe C:\Windows\System32\notepad.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\System32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\System32\notepad.exe C:\Windows\System32\notepad.exe C:\Program Files\Microsoft Office\Office12\EXCEL.EXE C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\System32\notepad.exe C:\Users\michael.walden\Desktop\dss.exe C:\Program Files\SSH Communications Security\SSH Secure Shell\SshClient.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\michael.walden.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F3 - REG:win.ini: load=C:\Windows\system32\sstqr.exe O1 - Hosts: ::1 localhost O2 - BHO: {26cc7804-1645-d3db-7a64-ff7862149425} - {52494126-87ff-46a7-bd3d-54614087cc62} - C:\Windows\system32\mqsqntnk.dll O2 - BHO: (no name) - {796C420C-B565-4587-A779-9975F2161F29} - C:\Windows\system32\sstqr.dll O2 - BHO: (no name) - {84B4AE06-E42C-4D5B-8DC1-CA7D55C94338} - C:\Windows\system32\sstqr.dll O2 - BHO: (no name) - {CA4308C4-8834-4D3A-8928-4D6D6D7D4091} - C:\Windows\system32\sstqr.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto O4 - HKLM\..\Run: [DellNSCST_GRNCH] "C:\Program Files\Dell\Dell Laser MFP 1815\NetworkScan\DNSCST.exe" /HIDEUI O4 - HKLM\..\Run: [BM3711c021] Rundll32.exe "C:\Windows\system32\knshwhyu.dll",s O4 - HKLM\..\Run: [3422f3bd] rundll32.exe "C:\Windows\system32\sasvfubv.dll",b O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna .exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O15 - Trusted IP range: http://75.60.168.213 O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = consultech.local O17 - HKLM\Software\..\Telephony: DomainName = consultech.local O17 - HKLM\System\CCS\Services\Tcpip\..\{6A81E73E-2ED7-4B63-8791-0AC4ECC54447}: NameServer = 12.2.42.124 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: jfwmltzd - jfwmltzd.dll (file missing) O20 - Winlogon Notify: wzcmyysw - wzcmyysw.dll (file missing) O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Apache2.2 - Apache Software Foundation - C:\OTRS\Apache2\bin\httpd.exe O23 - Service: Cron Service (CRONw) (CRON) - ActiveState - C:\OTRS\Perl\bin\perl.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MySQL - Unknown owner - C:\OTRS\mysql\bin\mysqld-nt.exe O23 - Service: SonicWall VPN Client Service (RampartSvc) - SonicWALL, Inc. - C:\Program Files\SonicWALL\SonicWALL Global VPN Client\RampartSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Tenable Nessus - Tenable Network Security - C:\Program Files\Tenable\Nessus\nessusd.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe -- End of file - 8197 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R2 VMnetBridge (VMware Bridge Protocol) - c:\windows\system32\drivers\vmnetbridge.sys <Not Verified; VMware, Inc.; VMware bridge driver (32-bit)> R2 VMnetuserif (VMware Network Application Interface) - \??\c:\windows\system32\drivers\vmnetuserif.sys R2 vmx86 (VMware vmx86) - \??\c:\windows\system32\drivers\vmx86.sys S1 RCFOX (SonicWALL IPsec Driver) - \??\c:\windows\system32\drivers\rcfox.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Apache2.2 - "c:\otrs\apache2\bin\httpd.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server> R2 CRON (Cron Service (CRONw)) - c:\otrs\perl\bin\perl.exe "c:\otrs\cronw\cronservice.pl" --crontab="c:\otrs\cronw\crontab.txt" <Not Verified; ActiveState; ActivePerl> R2 MySQL - c:\otrs\mysql\bin\mysqld-nt.exe --defaults-file=c:\otrs\mysql\my.ini mysql R2 Tenable Nessus - "c:\program files\tenable\nessus\nessusd.exe" <Not Verified; Tenable Network Security; Nessus Security Scanner> R2 VMAuthdService (VMware Authorization Service) - c:\program files\vmware\vmware server\vmware-authd.exe <Not Verified; VMware, Inc.; VMware Server> R2 VMnetDHCP (VMware DHCP Service) - c:\windows\system32\vmnetdhcp.exe <Not Verified; VMware, Inc.; VMware Server> R2 vmserverdWin32 (VMware Registration Service) - c:\program files\vmware\vmware server\vmserverdwin32.exe <Not Verified; VMware, Inc.; VMware Server> R2 VMware NAT Service - c:\windows\system32\vmnat.exe <Not Verified; VMware, Inc.; VMware Server> S3 RampartSvc (SonicWall VPN Client Service) - c:\program files\sonicwall\sonicwall global vpn client\rampartsvc.exe <Not Verified; SonicWALL, Inc.; RampartSvc Module> S3 VundoFixSvc (VundoFix Service) - vundofixsvc.exe <Not Verified; Atribune.org; Vundofix Service> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318} Description: Creative SB Live! Series (WDM) Device ID: PCI\VEN_1102&DEV_0002&SUBSYS_80611102&REV_07\4&1AC52E81&0&28F0 Manufacturer: Creative Name: Creative SB Live! Series (WDM) PNP Device ID: PCI\VEN_1102&DEV_0002&SUBSYS_80611102&REV_07\4&1AC52E81&0&28F0 Service: emu10k Class GUID: Description: Device ID: PCI\VEN_1102&DEV_7002&SUBSYS_00201102&REV_07\4&1AC52E81&0&29F0 Manufacturer: Name: PNP Device ID: PCI\VEN_1102&DEV_7002&SUBSYS_00201102&REV_07\4&1AC52E81&0&29F0 Service: Class GUID: Description: Device ID: ACPI\ABT2005\3&2411E6FE&0 Manufacturer: Name: PNP Device ID: ACPI\ABT2005\3&2411E6FE&0 Service: Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Deterministic Network Enhancer Miniport Device ID: ROOT\DNI_DNEMP\0000 Manufacturer: Deterministic Networks Name: D-Link AirPlus Xtreme G DWL-G132 Wireless USB Adapter(rev.A) - Deterministic Network Enhancer Miniport PNP Device ID: ROOT\DNI_DNEMP\0000 Service: DNE Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Deterministic Network Enhancer Miniport Device ID: ROOT\DNI_DNEMP\0002 Manufacturer: Deterministic Networks Name: WAN Miniport (IP) - Deterministic Network Enhancer Miniport PNP Device ID: ROOT\DNI_DNEMP\0002 Service: DNE Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Deterministic Network Enhancer Miniport Device ID: ROOT\DNI_DNEMP\0003 Manufacturer: Deterministic Networks Name: WAN Miniport (IPv6) - Deterministic Network Enhancer Miniport PNP Device ID: ROOT\DNI_DNEMP\0003 Service: DNE Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: VMware Virtual Ethernet Adapter for VMnet1 Device ID: ROOT\VMWARE\0000 Manufacturer: VMware, Inc. Name: VMware Virtual Ethernet Adapter for VMnet1 PNP Device ID: ROOT\VMWARE\0000 Service: VMnetAdapter Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: VMware Virtual Ethernet Adapter for VMnet8 Device ID: ROOT\VMWARE\0001 Manufacturer: VMware, Inc. Name: VMware Virtual Ethernet Adapter for VMnet8 PNP Device ID: ROOT\VMWARE\0001 Service: VMnetAdapter -- Scheduled Tasks ------------------------------------------------------------- 2008-06-17 20:42:15 436 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{C9512C5A-F3E9-48BD-918F-B1948BA0C396}.job -- Files created between 2008-05-18 and 2008-06-18 ----------------------------- 2008-06-17 11:50:29 0 d-------- C:\Users\All Users\TEMP 2008-06-17 11:50:02 0 d-------- C:\Program Files\SpywareBlaster 2008-06-17 08:51:25 0 d-------- C:\Program Files\Panda Security 2008-06-16 01:30:05 335360 --a------ C:\Windows\system32\sstqr.exe 2008-06-15 19:19:33 102464 --a------ C:\Windows\system32\mqsqntnk.dll 2008-06-15 19:19:31 94272 --a------ C:\Windows\system32\sasvfubv.dll 2008-06-15 19:17:16 101952 --a------ C:\Windows\system32\knshwhyu.dll 2008-06-13 12  21 0 d-------- C:\Program Files\Trend Micro2008-06-13 08:42:16 102976 --a------ C:\Windows\system32\hbnyruao.dll 2008-06-13 08:42:08 95808 --a------ C:\Windows\system32\cejjemtm.dll 2008-06-13 08:42:00 104000 --a------ C:\Windows\system32\lekflcfw.dll 2008-06-12 08:40:21 104000 --a------ C:\Windows\system32\arpdekpa.dll 2008-06-12 08:40:06 101440 --a------ C:\Windows\system32\wuhpyjty.dll 2008-06-11 08:40:21 103488 --a------ C:\Windows\system32\ilpoqfaf.dll 2008-06-11 08:40:13 103488 --a------ C:\Windows\system32\pcbttjtc.dll 2008-06-10 08:46:12 103488 --a------ C:\Windows\system32\usnromut.dll 2008-06-10 08:37:55 103488 --a------ C:\Windows\system32\jcihhnsr.dll 2008-06-10 08:37:12 703160 --ahs---- C:\Windows\system32\rqtss.ini2 2008-06-09 19:51:19 0 d-------- C:\Users\All Users\Avg7 2008-05-28 15:59:54 0 d-------- C:\Program Files\AutoIt3 -- Find3M Report --------------------------------------------------------------- 2008-06-18 11:05:54 0 d-------- C:\Users\michael.walden\AppData\Roaming\DNA 2008-06-16 01:29:59 0 d-------- C:\Program Files\DNA 2008-06-09 18:48:36 0 d-------- C:\Program Files\Windows Live Safety Center 2008-06-04 16:58:22 0 d-------- C:\Program Files\Microsoft Silverlight 2008-05-29 10:23:57 0 d-------- C:\Users\michael.walden\AppData\Roaming\SSH 2008-05-16 15:55:03 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-05-16 15:54:34 0 d-------- C:\Program Files\Tenable 2008-05-15 10:37:05 0 d-------- C:\Program Files\Dell 2008-05-07 16:24:44 0 d-------- C:\Users\michael.walden\AppData\Roaming\BitTorrent 2008-05-05 13:55:28 0 d-------- C:\Program Files\BitTorrent -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{52494126-87ff-46a7-bd3d-54614087cc62}] 06/15/2008 07:19 PM 102464 --a------ C:\Windows\system32\mqsqntnk.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{796C420C-B565-4587-A779-9975F2161F29}] 12/20/2007 01:06 PM 331776 --a------ C:\Windows\system32\sstqr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84B4AE06-E42C-4D5B-8DC1-CA7D55C94338}] 12/20/2007 01:06 PM 331776 --a------ C:\Windows\system32\sstqr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CA4308C4-8834-4D3A-8928-4D6D6D7D4091}] 12/20/2007 01:06 PM 331776 --a------ C:\Windows\system32\sstqr.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/11/2007 10:51 AM] "NvSvc"="C:\Windows\system32\nvsvc.dll" [07/06/2007 08:15 PM] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [07/06/2007 08:15 PM] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [06/16/2008 01:29 AM] "MSConfig"="C:\Windows\system32\msconfig.exe" [11/02/2006 05:45 AM] "DellNSCST_GRNCH"="C:\Program Files\Dell\Dell Laser MFP 1815\NetworkScan\DNSCST.exe" [06/16/2008 01:30 AM] "BM3711c021"="C:\Windows\system32\knshwhyu.dll" [06/15/2008 07:17 PM] "3422f3bd"="C:\Windows\system32\sasvfubv.dll" [06/15/2008 07:19 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/14/2008 04:51 PM] "WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" [] "BitTorrent DNA"="C:\Program Files\DNA\btdna .exe" [06/16/2008 01:29 AM] C:\Users\michael.walden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [8/24/2007 5:45:42 AM] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableLUA"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jfwmltzd] jfwmltzd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wzcmyysw] wzcmyysw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\Windows\system32\sstqr [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3422f3bd] rundll32.exe "C:\Windows\system32\dvcbquvh.dll",b [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM3711c021] Rundll32.exe "C:\Windows\system32\fcfmtyhr.dll",s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] iissvcs w3svc was [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ada28746-3528-11dc-8485-005056c00008}] AutoRun\command- G:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-06-18 11:13:29 ------------ |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
| Thread Tools | |
|
|
