Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan:win32/virtumonde.o (on My Work Computer)


  • Please log in to reply
2 replies to this topic

#1 jerzgirl23

jerzgirl23

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 20 July 2007 - 03:16 PM

I have windows defender and it has found: Trojan:win32/virtumonde.o

I ran SpyHunter (didn't buy it to remove) but copy/pasted this report log:

Please help!


###########################Runnning Processes DATA###########################
processName = SMSS.EXE File Size = 50688 File Path = \SystemRoot\System32\smss.exe ModuleMD5 = bd7fb0957c716f1a60333aee04de2178
processName = WINLOGON.EXE File Size = 502272 File Path = \??\C:\WINDOWS\system32\winlogon.exe ModuleMD5 = 01c3346c241652f43aed8e2149881bfe
processName = SERVICES.EXE File Size = 108032 File Path = C:\WINDOWS\system32\services.exe ModuleMD5 = c6ce6eec82f187615d1002bb3bb50ed4
processName = LSASS.EXE File Size = 13312 File Path = C:\WINDOWS\system32\lsass.exe ModuleMD5 = 84885f9b82f4d55c6146ebf6065d75d2
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\system32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = MSMPENG.EXE File Size = 13592 File Path = C:\Program Files\Windows Defender\MsMpEng.exe ModuleMD5 = f45dd1e1365d857dd08bc23563370d0e
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\System32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = SPOOLSV.EXE File Size = 57856 File Path = C:\WINDOWS\system32\spoolsv.exe ModuleMD5 = da81ec57acd4cdc3d4c51cf3d409af9f
processName = EXPLORER.EXE File Size = 1032192 File Path = C:\WINDOWS\Explorer.EXE ModuleMD5 = a0732187050030ae399b241436565e64
processName = TFSWCTRL.EXE File Size = 114741 File Path = C:\WINDOWS\system32\dla\tfswctrl.exe ModuleMD5 = 2bff8a443334a034df73d2c8d808d2a7
processName = PPTD40NT.EXE File Size = 45108 File Path = C:\Program Files\Scansoft\PaperPort\pptd40nt.exe ModuleMD5 = ab9e331fe3e967d0eadfad67ff783ddd
processName = OPWARE32.EXE File Size = 49152 File Path = C:\Program Files\ScanSoft\OmniPageSE\opware32.exe ModuleMD5 = b4e391ef14840323e23127b65a8e37cc
processName = PCCNTMON.EXE File Size = 467020 File Path = C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe ModuleMD5 = ef3a968c5cfa6844a3fe2d949c81416d
processName = TYPE32.EXE File Size = 172032 File Path = C:\Program Files\Microsoft IntelliType Pro\type32.exe ModuleMD5 = 05e10c2c3736e52fe33d16d2f9c73c04
processName = POINT32.EXE File Size = 204800 File Path = C:\Program Files\Microsoft IntelliPoint\point32.exe ModuleMD5 = d6c9858536249e31a5e9a1a4f3a08113
processName = MSASCUI.EXE File Size = 866584 File Path = C:\Program Files\Windows Defender\MSASCui.exe ModuleMD5 = 77c03bf23ae56b0a31ae4d5bb4b3d0ac
processName = MDM.EXE File Size = 322120 File Path = C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE ModuleMD5 = 11f714f85530a2bd134074dc30e99fca
processName = SQLSERVR.EXE File Size = 7544916 File Path = C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe ModuleMD5 = 1251256fefc2b00a7bd603578241f0ad
processName = POP3TRAP.EXE File Size = 565318 File Path = C:\Program Files\Trend Micro\OfficeScan Client\Pop3Trap.exe ModuleMD5 = a7f5f32ad6e4521edded0eb2cbc6603e
processName = NTRTSCAN.EXE File Size = 548948 File Path = C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe ModuleMD5 = bf8624529a98addc2bbe379d96ee72c0
processName = NVSVC32.EXE File Size = 73728 File Path = C:\WINDOWS\System32\nvsvc32.exe ModuleMD5 = 85a2a4ad01b86098317f8140b22c58b7
processName = TMLISTEN.EXE File Size = 364630 File Path = C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe ModuleMD5 = 4107665533a9e19d3a724b1ac48b12d1
processName = OFCDOG.EXE File Size = 135168 File Path = C:\Program Files\Trend Micro\OfficeScan Client\ofcdog.exe ModuleMD5 = 618207b7808e35aef561ebae97f44986
processName = PCCNTUPD.EXE File Size = 184320 File Path = C:\Program Files\Trend Micro\OfficeScan Client\pccntupd.exe ModuleMD5 = d33224a4c2ff31be1f2015b4953fd78b
processName = OUTLOOK.EXE File Size = 196368 File Path = C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE ModuleMD5 = 133584e0607a1c59c82bd23031597912
processName = WINWORD.EXE File Size = 12295008 File Path = C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE ModuleMD5 = e08c5b71a1d58ea923cf4af05ca2fb83
processName = RUNDLL32.EXE File Size = 33280 File Path = C:\WINDOWS\system32\rundll32.exe ModuleMD5 = da285490bbd8a1d0ce6623577d5ba1ff
processName = IEXPLORE.EXE File Size = 93184 File Path = C:\Program Files\Internet Explorer\iexplore.exe ModuleMD5 = e7484514c0464642be7b4dc2689354c8
processName = IEXPLORE.EXE File Size = 93184 File Path = C:\Program Files\Internet Explorer\iexplore.exe ModuleMD5 = e7484514c0464642be7b4dc2689354c8
processName = SPYHUNTER.EXE File Size = 2693248 File Path = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe ModuleMD5 = 106556f40e0366b98ff715462aa3c3e5
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=NvCplDaemon Data=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup FileSize = 4800512 MD5=e0963d6997baab1f30baa52c41b9e455
Name=dla Data=C:\WINDOWS\system32\dla\tfswctrl.exe FileSize = 114741 MD5=2bff8a443334a034df73d2c8d808d2a7
Name=PaperPort PTD Data=C:\Program Files\Scansoft\PaperPort\pptd40nt.exe FileSize = 45108 MD5=ab9e331fe3e967d0eadfad67ff783ddd
Name=IndexSearch Data=C:\Program Files\Scansoft\PaperPort\IndexSearch.exe FileSize = 36864 MD5=4aa60ffc5c6e10b9a43afe1666528e88
Name=Omnipage Data=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe FileSize = 49152 MD5=b4e391ef14840323e23127b65a8e37cc
Name=OfficeScanNT Monitor Data="C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow FileSize = 467020 MD5=ef3a968c5cfa6844a3fe2d949c81416d
Name=type32 Data="C:\Program Files\Microsoft IntelliType Pro\type32.exe" FileSize = 172032 MD5=05e10c2c3736e52fe33d16d2f9c73c04
Name=IntelliPoint Data="C:\Program Files\Microsoft IntelliPoint\point32.exe" FileSize = 204800 MD5=d6c9858536249e31a5e9a1a4f3a08113
Name=Windows Defender Data="C:\Program Files\Windows Defender\MSASCui.exe" -hide FileSize = 866584 MD5=77c03bf23ae56b0a31ae4d5bb4b3d0ac
Name=SpyHunter Data= FileSize = MD5=
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=Aim6 Data= FileSize = MD5=
Name=SpybotSD TeaTimer Data=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe FileSize = 1415824 MD5=70496eee0ddbe485f658693826f44d38
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\SHELL>
Explorer.exe FileSize = 1032192 MD5=a0732187050030ae399b241436565e64
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT>
C:\WINDOWS\system32\userinit.exe, FileSize = 24576 MD5=39b1ffb03c2296323832acbae50d2aff
#############################FILE MD5 DATA#############################
<C:\Documents and Settings\janineb\Start Menu\Programs\Startup>
File Path = C:\Documents and Settings\janineb\Start Menu\Programs\Startup\DESKTOP.INI File Size = 4096 md5=d6a6856702e3f0953e7246a9b4a9fe35
#############################SERVICES DATA#############################
Service Name = ALG Service Display Name = Application Layer Gateway Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\alg.exe Binary Size = 44544 Binary MD5 = f1958fbf86d5c004cf19a5951a9514b7
Service Name = AudioSrv Service Display Name = Windows Audio Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Browser Service Display Name = Computer Browser Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = CryptSvc Service Display Name = Cryptographic Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = DcomLaunch Service Display Name = DCOM Server Process Launcher Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k DcomLaunch Binary Size = 0 Binary MD5 =
Service Name = Dhcp Service Display Name = DHCP Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = dmserver Service Display Name = Logical Disk Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Dnscache Service Display Name = DNS Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k NetworkService Binary Size = 0 Binary MD5 =
Service Name = ERSvc Service Display Name = Error Reporting Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Eventlog Service Display Name = Event Log Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = EventSystem Service Display Name = COM+ Event System Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = helpsvc Service Display Name = Help and Support Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = HidServ Service Display Name = HID Input Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = lanmanserver Service Display Name = Server Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = lanmanworkstation Service Display Name = Workstation Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = LmHosts Service Display Name = TCP/IP NetBIOS Helper Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = MDM Service Display Name = Machine Debug Manager Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" Binary Size = 0 Binary MD5 =
Service Name = MSSQL$MICROSOFTBCM Service Display Name = MSSQL$MICROSOFTBCM Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe -sMICROSOFTBCM Binary Size = 0 Binary MD5 =
Service Name = Netlogon Service Display Name = Net Logon Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = Netman Service Display Name = Network Connections Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Nla Service Display Name = Network Location Awareness (NLA) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = ntrtscan Service Display Name = OfficeScanNT RealTime Scan Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe Binary Size = 548948 Binary MD5 = bf8624529a98addc2bbe379d96ee72c0
Service Name = NVSvc Service Display Name = NVIDIA Driver Helper Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\nvsvc32.exe Binary Size = 73728 Binary MD5 = 85a2a4ad01b86098317f8140b22c58b7
Service Name = PlugPlay Service Display Name = Plug and Play Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = PolicyAgent Service Display Name = IPSEC Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = ProtectedStorage Service Display Name = Protected Storage Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = RasMan Service Display Name = Remote Access Connection Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = RemoteRegistry Service Display Name = Remote Registry Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = RpcSs Service Display Name = Remote Procedure Call (RPC) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k rpcss Binary Size = 0 Binary MD5 =
Service Name = SamSs Service Display Name = Security Accounts Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = Schedule Service Display Name = Task Scheduler Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = seclogon Service Display Name = Secondary Logon Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SENS Service Display Name = System Event Notification Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SharedAccess Service Display Name = Windows Firewall/Internet Connection Sharing (ICS) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = ShellHWDetection Service Display Name = Shell Hardware Detection Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Spooler Service Display Name = Print Spooler Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\spoolsv.exe Binary Size = 57856 Binary MD5 = da81ec57acd4cdc3d4c51cf3d409af9f
Service Name = SSDPSRV Service Display Name = SSDP Discovery Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = TapiSrv Service Display Name = Telephony Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = TermService Service Display Name = Terminal Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost -k DComLaunch Binary Size = 0 Binary MD5 =
Service Name = Themes Service Display Name = Themes Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = tmlisten Service Display Name = OfficeScanNT Listener Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe Binary Size = 364630 Binary MD5 = 4107665533a9e19d3a724b1ac48b12d1
Service Name = TrkWks Service Display Name = Distributed Link Tracking Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = uploadmgr Service Display Name = Upload Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = w32time Service Display Name = Windows Time Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = WebClient Service Display Name = WebClient Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = WinDefend Service Display Name = Windows Defender Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Windows Defender\MsMpEng.exe" Binary Size = 0 Binary MD5 =
Service Name = winmgmt Service Display Name = Windows Management Instrumentation Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = wuauserv Service Display Name = Automatic Updates Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
#############################WINLOGON DATA#############################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY>
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain Filepath = C:\WINDOWS\system32\crypt32.dll File Size = 597504 File MD5 = efc958396a7a7ef7e6d4a52b97512e18
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet Filepath = C:\WINDOWS\system32\cryptnet.dll File Size = 63488 File MD5 = cad4aa32e7eca00c23cc39c0eb833f9d
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll Filepath = C:\WINDOWS\system32\cscdll.dll File Size = 101888 File MD5 = 587729679b4fe04ce06a5c61d6c56dcd
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\geeby Filepath = C:\WINDOWS\system32\geeby.dll File Size = 266336 File MD5 = afde9451e4e8ce286d114d92cf2e9a0d
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmkjg Filepath = C:\WINDOWS\system32\pmkjg.dll File Size = 266336 File MD5 = afde9451e4e8ce286d114d92cf2e9a0d
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy Filepath = C:\WINDOWS\system32\sclgntfy.dll File Size = 20992 File MD5 = d636fa41e50671160d838ea2dace3330
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn Filepath = C:\WINDOWS\system32\WlNotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqpo Filepath = C:\WINDOWS\system32\ssqpo.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtsqr Filepath = C:\WINDOWS\system32\vtsqr.dll File Size = 266336 File MD5 = afde9451e4e8ce286d114d92cf2e9a0d
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon Filepath = C:\WINDOWS\system32\WgaLogon.dll File Size = 236928 File MD5 = 627b55fad15c6b03b44198afbeebab1a
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyyyvs Filepath = C:\WINDOWS\system32\xxyyyvs.dll File Size = 31254 File MD5 = 1e491a96969c3284d1b40edb6f6259d3
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = File Size = 0 File MD5 =
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1494528 File MD5 = d5cf94dc9075a7b9acbf0874a3137d9b
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {32683183-48a0-441b-a342-7c2a440a9478} FilePath = File Size = 0 File MD5 =
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = File Size = 0 File MD5 =
CLSID = {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} FilePath = C:\WINDOWS\system32\SHELL32.dll File Size = 8453632 File MD5 = abfcbda41d2bd08baa1b0b2db558df03
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1494528 File MD5 = d5cf94dc9075a7b9acbf0874a3137d9b
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects>
CLSID = {23A00DAB-F498-408D-9920-92F456EBDD6D} FilePath = C:\WINDOWS\system32\vtsqr.dll File Size = 266336 File MD5 = afde9451e4e8ce286d114d92cf2e9a0d
CLSID = {53707962-6F74-2D53-2644-206D7942484F} FilePath = C:\PROGRA~1\SPYBOT~1\SDHelper.dll File Size = 853672 File MD5 = 250d787a5712d7768ddc133b3e477759
CLSID = {96A9424F-2B89-44FB-B509-90A6F9A31E25} FilePath = C:\WINDOWS\system32\geeby.dll File Size = 266336 File MD5 = afde9451e4e8ce286d114d92cf2e9a0d
CLSID = {D91A20E7-1C8B-4E36-B2B2-670C9C89C4FA} FilePath = File Size = 0 File MD5 =
CLSID = {DC192567-65F9-4AB6-ADB7-E13575F81726} FilePath = C:\WINDOWS\system32\xxyyyvs.dll File Size = 31254 File MD5 = 1e491a96969c3284d1b40edb6f6259d3
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions>
CLSID = {92780B25-18CC-41C8-B9BE-3C9C571A8263} FilePath = File Size = 0 File MD5 =
CLSID = {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} FilePath = File Size = 0 File MD5 =
CLSID = {FB5F1910-F110-11d2-BB9E-00C04F795683} FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks>
CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1494528 File MD5 = d5cf94dc9075a7b9acbf0874a3137d9b Description =
CLSID = {EF99BD32-C1FB-11D2-892F-0090271D4F88} FilePath = File Size = 0 File MD5 = Description =
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler>
CLSID = {438755C2-A8BA-11D1-B96B-00A0C90312E1} FilePath = C:\WINDOWS\System32\browseui.dll File Size = 1023488 File MD5 = 77480544ba243a1ef05f7d6dae0a3e2e Description = Browseui preloader
CLSID = {8C7461EF-2B13-11d2-BE35-3078302C2030} FilePath = C:\WINDOWS\System32\browseui.dll File Size = 1023488 File MD5 = 77480544ba243a1ef05f7d6dae0a3e2e Description = Component Categories cache daemon
##########################LSP CHAIN DATA##########################
<HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS>
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 Filepath = C:\WINDOWS\system32\rsvpsp.dll File Size = 90112 File MD5 = 90491683abd587c702b16f181ab0d99d
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 Filepath = C:\WINDOWS\system32\rsvpsp.dll File Size = 90112 File MD5 = 90491683abd587c702b16f181ab0d99d
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
##########################UNINSTALL DATA##########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL>
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Atmosphere Player DisplayName = Adobe Atmosphere Player for Acrobat and Adobe Reader
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AIM_6.0 DisplayName = AIM 6.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Instant Messenger DisplayName = AOL Instant Messenger
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Dell Digital Jukebox Driver DisplayName = Dell Digital Jukebox Driver
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Media Converter_is1 DisplayName = Digital Media Converter 2.4 InstallLocation = C:\Program Files\Deskshare\Digital Media Converter\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DirectAnimation
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\dlatray.exe
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Great Plains 7.50 DisplayName = Microsoft Business Solutions-Great Plains 7.50
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Great Plains 8.0 DisplayName = Microsoft Business Solutions-Great Plains 8.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis DisplayName = HijackThis 2.0.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICW
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Image Retriever DisplayName = Image Retriever
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB834707 DisplayName = Windows XP Hotfix - KB834707
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB867282 DisplayName = Windows XP Hotfix - KB867282
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB870669 DisplayName = Microsoft Data Access Components KB870669
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873333 DisplayName = Windows XP Hotfix - KB873333
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873339 DisplayName = Windows XP Hotfix - KB873339
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB883939 DisplayName = Security Update for Windows XP (KB883939)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB884267
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885250 DisplayName = Windows XP Hotfix - KB885250
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885353
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885835 DisplayName = Windows XP Hotfix - KB885835
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885836 DisplayName = Windows XP Hotfix - KB885836
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886185 DisplayName = Windows XP Hotfix - KB886185
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886612
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887078
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887472 DisplayName = Windows XP Hotfix - KB887472
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887626
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887742 DisplayName = Windows XP Hotfix - KB887742
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888113 DisplayName = Windows XP Hotfix - KB888113
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888302 DisplayName = Windows XP Hotfix - KB888302
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888656
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB889858
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890046 DisplayName = Security Update for Windows XP (KB890046)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890047 DisplayName = Windows XP Hotfix - KB890047
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890175 DisplayName = Windows XP Hotfix - KB890175
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890859 DisplayName = Windows XP Hotfix - KB890859
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890923 DisplayName = Windows XP Hotfix - KB890923
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891122
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891781 DisplayName = Windows XP Hotfix - KB891781
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB892313
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893066 DisplayName = Windows XP Hotfix - KB893066
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893086 DisplayName = Windows XP Hotfix - KB893086
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893240
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893241
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893756 DisplayName = Security Update for Windows XP (KB893756)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803 DisplayName = Windows Installer 3.1 (KB893803)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803v2 DisplayName = Windows Installer 3.1 (KB893803)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB894391 DisplayName = Update for Windows XP (KB894391)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895181
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895316
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895572
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896358 DisplayName = Security Update for Windows XP (KB896358)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896422 DisplayName = Security Update for Windows XP (KB896422)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896423 DisplayName = Security Update for Windows XP (KB896423)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896424 DisplayName = Security Update for Windows XP (KB896424)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896428 DisplayName = Security Update for Windows XP (KB896428)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896727 DisplayName = Update for Windows XP (KB896727)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB897586
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898458 DisplayName = Security Update for Step By Step Interactive Training (KB898458)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898461 DisplayName = Update for Windows XP (KB898461)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898549
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899587 DisplayName = Security Update for Windows XP (KB899587)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899588 DisplayName = Security Update for Windows XP (KB899588)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899591 DisplayName = Security Update for Windows XP (KB899591)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900399
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900485 DisplayName = Update for Windows XP (KB900485)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900725 DisplayName = Security Update for Windows XP (KB900725)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901017 DisplayName = Security Update for Windows XP (KB901017)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901214 DisplayName = Security Update for Windows XP (KB901214)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB902344
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB902400 DisplayName = Security Update for Windows XP (KB902400)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB903235 DisplayName = Security Update for Windows XP (KB903235)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB904706 DisplayName = Security Update for Windows XP (KB904706)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905414 DisplayName = Security Update for Windows XP (KB905414)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905749 DisplayName = Security Update for Windows XP (KB905749)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB907658
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB908519 DisplayName = Security Update for Windows XP (KB908519)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB908531 DisplayName = Update for Windows XP (KB908531)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB910437 DisplayName = Update for Windows XP (KB910437)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911280 DisplayName = Update for Windows XP (KB911280)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911562 DisplayName = Security Update for Windows XP (KB911562)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911564 DisplayName = Security Update for Windows Media Player (KB911564)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911565
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911854
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911927 DisplayName = Security Update for Windows XP (KB911927)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB912919 DisplayName = Security Update for Windows XP (KB912919)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB913580 DisplayName = Security Update for Windows XP (KB913580)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914388 DisplayName = Security Update for Windows XP (KB914388)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914389 DisplayName = Security Update for Windows XP (KB914389)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB916595 DisplayName = Update for Windows XP (KB916595)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917344 DisplayName = Security Update for Windows XP (KB917344)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917422 DisplayName = Security Update for Windows XP (KB917422)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917953 DisplayName = Security Update for Windows XP (KB917953)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB918118 DisplayName = Security Update for Windows XP (KB918118)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB918439 DisplayName = Security Update for Windows XP (KB918439)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB919007 DisplayName = Security Update for Windows XP (KB919007)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920213 DisplayName = Security Update for Windows XP (KB920213)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920670 DisplayName = Security Update for Windows XP (KB920670)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920683 DisplayName = Security Update for Windows XP (KB920683)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920685 DisplayName = Security Update for Windows XP (KB920685)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920872 DisplayName = Update for Windows XP (KB920872)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB921883 DisplayName = Security Update for Windows XP (KB921883)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922582 DisplayName = Update for Windows XP (KB922582)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922819 DisplayName = Security Update for Windows XP (KB922819)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923191 DisplayName = Security Update for Windows XP (KB923191)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923414 DisplayName = Security Update for Windows XP (KB923414)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923694 DisplayName = Security Update for Windows XP (KB923694)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923723 DisplayName = Security Update for Step By Step Interactive Training (KB923723)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923980 DisplayName = Security Update for Windows XP (KB923980)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924191 DisplayName = Security Update for Windows XP (KB924191)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924270 DisplayName = Security Update for Windows XP (KB924270)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924496 DisplayName = Security Update for Windows XP (KB924496)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924667 DisplayName = Security Update for Windows XP (KB924667)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB925398_WMP64 DisplayName = Security Update for Windows Media Player 6.4 (KB925398)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB925902 DisplayName = Security Update for Windows XP (KB925902)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB926239 DisplayName = Hotfix for Windows XP (KB926239)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB926255 DisplayName = Security Update for Windows XP (KB926255)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB926436 DisplayName = Security Update for Windows XP (KB926436)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB927779 DisplayName = Security Update for Windows XP (KB927779)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB927802 DisplayName = Security Update for Windows XP (KB927802)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB927891 DisplayName = Update for Windows XP (KB927891)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB928090 DisplayName = Security Update for Windows XP (KB928090)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB928255 DisplayName = Security Update for Windows XP (KB928255)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB928843 DisplayName = Security Update for Windows XP (KB928843)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB929123 DisplayName = Security Update for Windows XP (KB929123)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB929399 DisplayName = Hotfix for Windows Media Format 11 SDK (KB929399)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB929969 DisplayName = Security Update for Windows XP (KB929969)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB930178 DisplayName = Security Update for Windows XP (KB930178)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB930916 DisplayName = Update for Windows XP (KB930916)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB931261 DisplayName = Security Update for Windows XP (KB931261)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB931784 DisplayName = Security Update for Windows XP (KB931784)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB931836 DisplayName = Update for Windows XP (KB931836)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB931906 DisplayName = Security Update for CAPICOM (KB931906)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB932168 DisplayName = Security Update for Windows XP (KB932168)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB933566 DisplayName = Security Update for Windows XP (KB933566)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB935839 DisplayName = Security Update for Windows XP (KB935839)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB935840 DisplayName = Security Update for Windows XP (KB935840)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB936357 DisplayName = Update for Windows XP (KB936357)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveReg DisplayName = LiveReg (Symantec Corporation) InstallLocation = C:\Program Files\Common Files\Symantec Shared\LiveReg
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdate DisplayName = LiveUpdate 1.80 (Symantec Corporation) InstallLocation = C:\Program Files\Symantec\LiveUpdate
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Lotus Notes 5.0 Connector DisplayName = Lotus Notes 5.0 Connector (remove only)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\M928366 DisplayName = Microsoft .NET Framework 1.1 Hotfix (KB928366)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1 (1033) DisplayName = Microsoft .NET Framework 1.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Great Plains Package Loader DisplayName = Microsoft Great Plains Package Loader 8.00
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Interactive Training
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft NetShow Player 2.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1 DisplayName = Microsoft Compression Client Pack 1.0 for Windows XP
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30a-KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-Beta
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-RC1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MsJavaVM
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA DisplayName = NVIDIA Windows 2000/XP Display Drivers
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\OfficeScanNT DisplayName = Trend Micro OfficeScan Client
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Pdf995 DisplayName = Pdf995
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PROSet DisplayName = Intel® PRO Network Adapters and Drivers
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime DisplayName = QuickTime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RecordNow.exe
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SGTRAY.EXE
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ShockwaveFlash DisplayName = Adobe Flash Player 9 ActiveX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1 DisplayName = Spybot - Search & Destroy 1.4 InstallLocation = C:\Program Files\Spybot - Search & Destroy\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer DisplayName = Viewpoint Media Player
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WGA DisplayName = Windows Genuine Advantage Validation Tool (KB892130)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WgaNotify DisplayName = Windows Genuine Advantage Notifications (KB905474)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinAVIVideoConverter_is1 DisplayName = WinAVIVideoConverter
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime DisplayName = Windows Media Format 11 runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player DisplayName = Windows Media Player 11
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack DisplayName = Windows XP Service Pack 2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip DisplayName = WinZip InstallLocation = C:\PROGRA~1\WINZIP\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMCSetup
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11 DisplayName = Windows Media Format 11 runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\wmp11 DisplayName = Windows Media Player 11
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000 DisplayName = Microsoft User-Mode Driver Framework Feature Pack 1.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{05F5C83E-F33A-4EB9-8A71-7B477BF7DCA3} DisplayName = Learn.com CoursePlayer InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{09DA4F91-2A09-4232-AB8C-6BC740096DE3} DisplayName = Sonic Update Manager InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} DisplayName = Security Update for CAPICOM (KB931906) InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{11B569C2-4BF6-4ED0-9D17-A4273943CB24} DisplayName = Adobe Photoshop Album 2.0 Starter Edition InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{11F1920A-56A2-4642-B6E0-3B31A12C9288} DisplayName = Dell Solution Center InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} DisplayName = Sonic DLA InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{1FEB495E-51AA-477C-BF43-62D96A7C8D8C} DisplayName = Microsoft Business Solutions-Great Plains Watson InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{2301BD10-1932-11D3-8D76-0010A4F5B9A1} DisplayName = Microsoft Business Solutions-Great Plains Project Accounting 8.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{2637C347-9DAD-11D6-9EA2-00055D0CA761} DisplayName = Dell Media Experience
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} DisplayName = WebFldrs XP InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF} DisplayName = Banctec Service Agreement InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BEED434-8D57-11D4-A3B6-008048EE5CCD} DisplayName = TurboProject v.4 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA} DisplayName = Microsoft IntelliType Pro 5.2 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{6249C22D-E6A8-407B-BA8B-40298848ED94} DisplayName = OmniPage SE InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{64635543-70E7-436D-8D6D-4A721595029E} DisplayName = Microsoft IntelliPoint 5.2 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{66563AD8-637B-407F-BCA7-0233A16891AB} DisplayName = Business Contact Manager for Outlook 2003 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{68D60342-7686-45C9-B8EB-40EF843D0460} DisplayName = Dell Networking Guide InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142000} DisplayName = Java 2 Runtime Environment, SE v1.4.2 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{8704D51E-25B7-4F23-81E7-AA4F54790210} DisplayName = Microsoft Streets and Trips 2004 InstallLocation = C:\Program Files\Microsoft Streets and Trips\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{8A42F680-2DD6-11D4-9A8C-0040F6982C20} InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF} DisplayName = URGE InstallLocation = C:\Program Files\MTV Networks\URGE\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BED6A90-E6EB-11D2-AA54-0008C7408A5A} DisplayName = VBA (2720) InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{90AD0409-6000-11D3-8CFE-0150048383C9} DisplayName = Microsoft Office PowerPoint 2003 Template Pack 3 InstallLocation = C:\Program Files\Microsoft Office\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{90D55A3F-1D99-4C94-A77E-46DC14F0BF08} DisplayName = Help and Support Customization InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{91110409-6000-11D3-8CFE-0150048383C9} DisplayName = Microsoft Office Professional Edition 2003 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{9541FED0-327F-4DF0-8B96-EF57EF622F19} DisplayName = Sonic RecordNow! InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B79DCB0-AAD7-456B-8D07-433C936FA24B} DisplayName = DS21Patch InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{A06275F4-324B-4E85-95E6-87B2CD729401} DisplayName = Windows Defender InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{A790BEB1-BCCF-4EC6-807B-5708B36E8A79} DisplayName = Intel® PROSet InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A70900000002} DisplayName = Adobe Reader 7.0.9 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234} DisplayName = PaperPort 8.0 SE InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} DisplayName = Microsoft .NET Framework 1.1 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0} DisplayName = Jasc Paint Shop Photo Album InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{DCB63CEC-C6A3-4963-A5D0-6C03EE0CC08F} DisplayName = CardScan 6.0.3 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5C511B5-B2E2-4ACE-AC14-AEE720CC4C6E} DisplayName = Microsoft Dexterity Shared Components InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE5B8E34-973C-4FBE-AC83-99F064009FC7} DisplayName = SpyHunter InstallLocation = C:\Program Files\Enigma Software Group\SpyHunter
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B} DisplayName = Banctec Service Agreement InstallLocation =

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,985 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:36 AM

Posted 20 July 2007 - 04:19 PM

Use Virtumundobegone
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Download VirtumundoBegone and save it to your desktop.
Now reboot into Safe Mode.
This can be done tapping the F8 key as soon as you start your computer
You will be brought to a menu where you can choose to boot into safe mode.

Select safe mode with networking using your arrow keys on the keyboard and then press enter.

When you computer reaches the desktop make sure you log in as the same user which you had performed the previous steps,

Once you are logged into safe mode, double-click VirtumundoBeGone.exe file you just downloaded and follow the instructions.
Exit when it has finished, and reboot back to normal mode.

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 jerzgirl23

jerzgirl23
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 21 July 2007 - 08:54 AM

I'll do this first thing monday morning! THANKS SO MUCH!!! Keep you posted.......




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users