1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijack Daniel

Discussion in 'Virus & Other Malware Removal' started by coachessonny, Oct 13, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. coachessonny

    coachessonny Thread Starter

    Joined:
    Feb 14, 2006
    Messages:
    59
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:15:33 AM, on 10/13/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17080)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228797730812
    O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15106/CTPID.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    --
    End of file - 3725 bytes

    DDS (Ver_09-09-29.01) - NTFSx86
    Run by Daniel at 11:16:52.29 on Wed 10/13/2010
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.210 [GMT -7:00]

    AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Daniel\Desktop\dds.com

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mPolicies-explorer: <NO NAME> =
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228797730812
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
    DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15106/CTPID.cab
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

    ============= SERVICES / DRIVERS ===============

    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-2-20 11608]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 67656]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-2-20 135336]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-2-20 267432]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-1 60936]
    S2 Ca50xav;Digital Blue DMC2 Video Device;c:\windows\system32\drivers\Ca50xav.sys [2008-12-9 508304]
    S2 Ca536av;Icatch(VII) Video Camera Device;c:\windows\system32\drivers\Ca536av.sys [2010-1-3 514859]
    S3 idmc1aud;Intel(r) Play(tm) USB Audio Filter (WDM);c:\windows\system32\drivers\idmc1aud.sys [2010-10-7 15188]
    S3 IDMC1Blk;Intel Play DMC Download Driver;c:\windows\system32\drivers\IDMC1Blk.sys [2010-10-7 14628]
    S3 IDMC1Vxp;Intel(r) Play(tm) DMC Camera;c:\windows\system32\drivers\idmc1vme.sys [2010-10-7 416564]
    S3 nenum13E;nenum13E;\??\c:\docume~1\daniel\locals~1\temp\nenum13e.sys --> c:\docume~1\daniel\locals~1\temp\nenum13E.sys [?]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-5-28 14896]
    S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
    S3 USBCamera;Icatch(VII) Still Camera Device;c:\windows\system32\drivers\Bulk536.sys [2010-1-3 11048]
    S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-20 135664]
    S4 RoxLiveShare10;LiveShare P2P Server 10;"c:\program files\common files\roxio shared\10.0\sharedcom\roxliveshare10.exe" --> c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [?]
    S4 SessionLauncher;SessionLauncher;c:\docume~1\daniel\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\daniel\locals~1\temp\dx9\SessionLauncher.exe [?]
    S4 wwEngineSvc;Window Washer Engine;c:\program files\webroot\washer\WasherSvc.exe [2008-12-10 598856]

    =============== Created Last 30 ================

    2010-10-12 14:56 <DIR> --d----- c:\docume~1\daniel\applic~1\CometPlayer
    2010-10-07 10:03 <DIR> --d----- c:\windows\DMC1
    2010-10-04 14:31 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
    2010-10-04 14:31 12,160 a------- c:\windows\system32\drivers\mouhid.sys
    2010-10-03 12:29 14,592 ac------ c:\windows\system32\dllcache\kbdhid.sys
    2010-10-03 12:29 14,592 a------- c:\windows\system32\drivers\kbdhid.sys
    2010-10-03 12:29 10,368 ac------ c:\windows\system32\dllcache\hidusb.sys
    2010-10-03 12:29 10,368 a------- c:\windows\system32\drivers\hidusb.sys
    2010-09-25 15:31 200 a------- c:\windows\WININIT.INI

    ==================== Find3M ====================

    2010-08-17 06:17 58,880 -------- c:\windows\system32\spoolsv.exe
    2010-07-22 08:49 590,848 -------- c:\windows\system32\rpcrt4.dll
    2010-07-21 22:57 5,120 -------- c:\windows\system32\xpsp4res.dll
    2010-05-14 22:18 75 a------- c:\documents and settings\daniel\jagex_runescape_preferences2.dat
    2010-05-14 22:16 42 a------- c:\documents and settings\daniel\jagex_runescape_preferences.dat
    2010-05-14 22:10 0 a------- c:\documents and settings\daniel\jagex__preferences3.dat
    2009-09-10 12:39 2,901 a------- c:\program files\uninstal.log
    2008-12-13 18:05 774,144 a------- c:\program files\RngInterstitial.dll

    ============= FINISH: 11:17:18.39 ===============
    GMER 1.0.15.15315 - http://www.gmer.net
    Rootkit scan 2010-10-13 13:33:38
    Windows 5.1.2600 Service Pack 3
    Running: 7rw0vt5h.exe; Driver: C:\DOCUME~1\Daniel\LOCALS~1\Temp\uwliqpog.sys


    ---- System - GMER 1.0.15 ----

    SSDT F8B66026 ZwCreateKey
    SSDT F8B6601C ZwCreateThread
    SSDT F8B6602B ZwDeleteKey
    SSDT F8B66035 ZwDeleteValueKey
    SSDT spfc.sys ZwEnumerateKey [0xF8433CA4]
    SSDT spfc.sys ZwEnumerateValueKey [0xF8434032]
    SSDT F8B6603A ZwLoadKey
    SSDT spfc.sys ZwOpenKey [0xF84150C0]
    SSDT F8B66008 ZwOpenProcess
    SSDT F8B6600D ZwOpenThread
    SSDT spfc.sys ZwQueryKey [0xF843410A]
    SSDT spfc.sys ZwQueryValueKey [0xF8433F8A]
    SSDT F8B66044 ZwReplaceKey
    SSDT F8B6603F ZwRestoreKey
    SSDT F8B66030 ZwSetValueKey

    INT 0x63 ? 82153BF8
    INT 0x63 ? 82153BF8
    INT 0x82 ? 82371BF8
    INT 0x83 ? 82371BF8
    INT 0xA4 ? 82153BF8
    INT 0xB4 ? 82153BF8

    ---- Kernel code sections - GMER 1.0.15 ----

    ? spfc.sys The system cannot find the file specified. !
    .text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xF7BB3360, 0x37388D, 0xE8000020]
    .text USBPORT.SYS!DllUnload F7B938AC 5 Bytes JMP 821531D8

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxIndirectParamW 7E432072 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E352076 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E351FF7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E35203B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E351F83 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E351FBD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3520B1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E201772 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3380] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E352273 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs 823701F8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{7DD8A627-09AC-4118-8245-FE5CB6C5AA43} 820C61F8
    Device \Driver\usbuhci \Device\USBPDO-0 821521F8
    Device \Driver\usbuhci \Device\USBPDO-1 821521F8
    Device \Driver\usbuhci \Device\USBPDO-2 821521F8
    Device \Driver\usbuhci \Device\USBPDO-3 821521F8
    Device \Driver\usbehci \Device\USBPDO-4 821251F8
    Device \Driver\prodrv06 \Device\ProDrv06 E1A0DC30
    Device \Driver\Ftdisk \Device\HarddiskVolume1 823DF1F8
    Device \Driver\Cdrom \Device\CdRom0 8210C1F8
    Device \Driver\Cdrom \Device\CdRom1 8210C1F8
    Device \Driver\atapi \Device\Ide\IdePort0 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdePort1 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\prohlp02 \Device\ProHlp02 E1014A58
    Device \Driver\NetBT \Device\NetBt_Wins_Export 820C61F8
    Device \Driver\NetBT \Device\NetbiosSmb 820C61F8
    Device \Driver\usbuhci \Device\USBFDO-0 821521F8
    Device \Driver\usbuhci \Device\USBFDO-1 821521F8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 817AD1F8
    Device \Driver\usbuhci \Device\USBFDO-2 821521F8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector 817AD1F8
    Device \Driver\usbuhci \Device\USBFDO-3 821521F8
    Device \Driver\usbehci \Device\USBFDO-4 821251F8
    Device \Driver\Ftdisk \Device\FtControl 823DF1F8
    Device \FileSystem\Cdfs \Cdfs 820AB500

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCC 0x69 0x2D 0x65 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCC 0x69 0x2D 0x65 ...

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. coachessonny

    coachessonny Thread Starter

    Joined:
    Feb 14, 2006
    Messages:
    59
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/955994